Jason Antman’s Blog

In my daily reading of Tom Limoncelli’s blog, I happened by a post with a link to an article, “Geek behaviors present during conversations” by Phillip Guo. The article is quite interesting, and describes quite a few phenomena that can be noticed when conversing with a geek. One of the parts that immediately stuck out in my mind, though, was:

Using technical terms without checking for understanding

When geeks try to teach non-geeks about technical matters, they often
make heavy use of technical terminology because it’s the most concise
and accurate way to convey their thoughts. Unfortunately, many
non-geeks cannot understand such jargon and thus grow confused or
frustrated.

Non-geeks might perceive geeks as being snooty and elitist by talking to
them using cryptic ‘geek-speak’, but in fact, I suspect that their
intentions are more innocent: Geeks often don’t remember what it was
like not to have an understanding of technical concepts, especially
related to their area of expertise such as computers or electronic
gadgets. Thus, when communicating with non-geeks, they often throw
around technical terms without first tactfully checking to see whether
listeners know what these terms mean. In the geek’s mind, technical
jargon (e.g., router, dongle) and especially acronyms (e.g., DVI,
TCP/IP, SQL) sound as natural and colloquial as regular English
words. “How could anyone NOT know what these words mean?”

While I’m definitely guilty of throwing jargon into explanations when I’m at least half-conscious that the other party doesn’t understand it, I’d say that it’s usually (for me and many who I know) for a different reason. Or, more accurately, a combination of reasons that I’ll call “the expectation of effort” and “the Google effect”. Firstly, among most geeks (and definitely those of us in the open source world) there’s an expectation that people are interested, are curious, and will research something that they don’t know about when they hear it. The second part is what I call “the Google effect”; most of us geeks do most of our communication (especially about technical things) at a computer, whether via email, IM, forums, or chat. Therefore, there’s usually an expectation that if someone doesn’t understand a term, the answer is as easy as Ctrl+T and typing the term into Google.

I also must take exception to one other item in the article:

Favoring complexity and detail over simplicity in descriptions

When a geek is describing his latest pet project, he often tries to make
his descriptions sound complicated and detailed, in order to convey
the sophistication of his technical prowess.

I’ve described plenty of my projects to plenty of people, and yes, my descriptions are generally very detailed. But it’s not out of any desire to convey sophistication or prowess – my description may be the same whether I’m telling it to someone who can’t operate a computer or someone of much greater skill than my own. It’s simply the burning need to be accurate and complete. Put as simply and generally as possible, if I’m describing a project, I don’t want whoever I’m talking to to ask questions when I’m done describing it. It’s like documentation – if I were writing a man page, whoever reads it shouldn’t be left with major questions to ask when they finish.

Miscellaneous Geek Stuff geek, interaction, jargon, social

Interesting Links for Tuesday, January 26^th 2010

• Jan. 25, 1979: Robot Kills Human
• Lawyers Challenge $54,000 P2P Fine As Unconstitutional
• Verizon Terminating Copyright Infringers’ Internet Access
• Linux performance: is Linux becoming just too slow and bloated?
• Mr. Edison’s Kindle: Fifteen amazing gadget ideas that were way, way ahead of their time (though, I must say, the author of this blog is really looking at things from a modern-day perspective, and his commentary seems to miss how truly brilliant these ideas were at the time)
• EFF: Blogging ACTA Across the Globe: CIPPIC’s David Fewer on What ACTA Means for Canadian Citizens
• Clarifying SourceForge.net’s denial of site access for certain persons in accordance with US law
• EFF: Clinton on Internet Freedom, and Principled Stands

And, most importantly… Report: Linux Gains Ground, Windows Stumbles. Apparently, according to Net Applications, Linux’s market share rose from 1 to 1.02 percent in December 2009, a small but hopeful increase. Windows marketshare fell from 92.52% to 92.21%.

Like any statistic, there are always multiple sources. The W3Counter.com reports are a bit brighter for Linux:

If this is accurate, it shows Linux with a sifnigicant 1-month gain in marketshare. Also notable is that in December, Android showed up for the first time, at 0.08%. In all reasonabless, that can be added to the Linux row.

Also of interest are W3Counter’s browser stats:

Also worth noting on the Browser front is that IE8’s market share rose from 21.21% (November) to 22.43% (December) while Firefox 3.5’s share jumped from 20.49% in November to 22.18% in December, a very significant stride for the brand new Firefox version. While IE8 has been out considerably longer than Firefox 3.5, they’re already almost tied in market share (and if another jump like that happens, Firefox 3.5 will be in the lead next month).

Interesting Links and Resources

Being a volunteer EMT, and at times an outdoorsy-type person, I occasionally get emails from friends about disaster-related topics. Especially in the post-9/11 days. Recently, I got an email asking me if I’d seen the Department of Homeland Security’s disaster preparedness site, ready.gov. I’d heard a bit about it, but hadn’t really looked around. The site’s main premise is to educate people about how to prepare for a disaster – “get a kit”, “make a plan”, “be informed”.

The site’s own About page states that it is “designed to educate and empower Americans to prepare for and respond to emergencies including natural and man-made disasters. The goal of the campaign is to get the public involved and ultimately to increase the level of basic preparedness across the nation.”

The first step on the site, “Get a Kit”, includes a list of supplies to have on hand as a basic disaster kit. The introduction to the page reads:

You may need to survive on your own after an emergency. This means having your own food, water, and other supplies in sufficient quantity to last for at least three days. Local officials and relief workers will be on the scene after a disaster, but they cannot reach everyone immediately. You could get help in hours, or it might take days. In addition, basic services such as electricity, gas, water, sewage treatment, and telephones may be cut off for days, or even a week or longer.

.

I will admit, I assumed this would be geared more towards urbanites, not those of us in the suburbs or rural America (the latter generally being more accustomed to self-sufficiency), so I adjusted my expectations accordingly. At first glance, it seems to include most of the things that the EMT in me would want it to:

• Food and water
• First aid kit
• Wrench or pliers to turn off gas line
• Prescription medications
• Bleach (as a disinfectant and for water purification)
• Fire extinguisher
• Matches

However, I found a number of things obviously missing. Sure, some are minor – matches but no mention of fuel, bleach but not even coffee filters to remove particulate matter from water. I also find it comical that so many years after the Cold War “Duck and Cover” approach to nuclear safety, the government is now telling people to Shelter-In-Place in the event of a biological attack – by covering their doors and windows with plastic sheeting!

But by far the most egregious omission from the list – something learned by man at least 5,000 years ago, and taught to every Boy Scout – is the simplest tool: a knife. Yup, that’s right, the Disaster Kit list doesn’t include any variety of cutting implement. I don’t know if whoever wrote up the list is just scared of getting sued when little Bobby finds the knife and kills himself, or whether they’re really that stupid. But I, for one, never leave my house without some variety of the oldest real tool devised by man, and can’t imagine anyone thrown into any sort of “survival” situation without at least a rudimentary way to cut, scrape, pry, etc. I’d say that if I were without utilities or organized public safety for “at least three days”, I’d sure want to be able to make simple repairs, fashion simple tools, or perhaps cut something.

On another (albeit less important) note, there are still many, many Americans, not just in rural areas, who have a fireplace or wood stove. What about a few days’ worth of wood?

EMS, Non-Technical Commentary disaster, EMS, government, preparedness

So, I updated my Droid to Android 2.0.1 today. I’ll be honest that it didn’t work the way I’d hoped. When I woke up this morning (December 10^th 2009) I had an alert dialog on screen telling me that an update was ready. It gave me three options: “Install Now”, “Install Later” and “More Info”. The More Info screen didn’t show me anything useful. Well, I clicked the “Later” option, figuring that when I got home tonight I’d turn on WiFi, do a packet capture on the router, and save all of the traffic (specifically including the name of the update server). Well, it kept reminding me all day at annoyingly short intervals – probably about every 10 minutes or so. Finally, when I was home and had the WiFi setup, I went to try it again and… yup… when I clicked on the “System Update” button in Settings, the only option I had was “Reboot and Install”.

So… first big bitch about the Droid… Verizon pushed out the update without my consent. I kept hitting “Later” because that was the only way to get the popup to go away. Apparently. after X times of hitting Later (and each time your only real options are Later or Now) it will download the update by itself. Once the update is downloaded, I’m assuming that it *may* just automatically install on the next reboot. That would be a bitch thing to do.

Anyway, the “More Info” screen, which provides (as far as I can tell) the only release notes for the update, states:

This software update includes enhancements to your DROID by Motorola. Approximate install time: 6-10 Mins. You will be unable to use your device or make emergency calls for the duration of the install. The software updates automatically, and your DROID will power off and on as part of this software update. For more information please visit: www.verizonwireless.com/droidsupport

Not too helpful. And pretty cryptic.

Immediately when the phone turned back on, the first thing I noticed is that the spin-style unlock button has been replaced with an iPhone-style slide button, and the same for the mute feature. Maybe it’s just me, but I also noticed that the on screen keyboard seems to react better to quick keypresses – perhaps they’ve enabled multitouch for this?

Unfortunately, I wasn’t able to find much release documentation from Google other than the API changes – no full release notes or changelog like I’d like. And not even a summary of changes that I could find.

At the VZW droid support site, I found a link to a PDF of “Why to Update” (local copy). This sheet lists the enhancements made by the update (”AP:ESD56/BP:C_01.3E.01P”, build ESD56) as:

• OS stability is improved.
• Battery life is improved.
• Camera auto focus functionality is improved, and time between shots is reduced.
• Enhancements for three-way calling.
• Audio for incoming calls is improved.
• When receiving a call on call waiting, the speakerphone now remains on.
• Bluetooth functionality is improved; background echo is eliminated.
• Improved Bluetooth phone book transfer of contacts to in-vehicle Bluetooth solutions.
• After closing a GPS application, the GPS icon will now automatically be removed from the notification panel.
• Users can now receive SMS and MMS messages after an EMS message is received.
• SMS and MMS may now be sent to seven-digit addresses.
• Google contact merging has been updated to accommodate seven-digit numbers.
• Visual Voice Mail notices now arrive instantaneously.
• The corporate calendar widget user interface is updated.

This tiny one-page (and very styish – looks like and in-store advertising piece) sheet obviously isn’t anything that could pass for release notes, especially from Google. It doesn’t even mention anything about the changed unlock button!

I’ll keep looking around to find a real feature summary/release notes/changelog, but here’s my running list (I’ll update) of what I’ve found:

• Changed the unlock slider to a straight line.
• On screen keyboard typing seems faster.
• Photo taking is considerably faster, though it’s still painfully slow – it used to take about 10 seconds from shutter button to ready to capture next image, it’s now about 5 seconds.
• The UI seems to be a bit more responsive overall.
• I haven’t checked yet, but I’ve seen some forum posts about lost contacts and Facebook sync issues.

android android, droid, google, motorola, verizon

Last week I happened to find a Barnes & Noble gift card in my wallet, with $75 left on it. What a wonderful discovery! One of the pile of books that I ordered was The Future of the Internet–And How to Stop It by Jonathan Zittrain. I’d fully intended to read the book cover-to-cover, perhaps even digest the content a little, before throwing my thoughts out there (presumably to get lost into the vast sea of crap that makes up the “blogosphere”). But I just have to get some thoughts down on paper…err…LCD.

First off, when I found out that Zittrain is a professor of Internet Law at Harvard, it immediately told me two things. First, that he probably sides with content producers and/or Big ‘Net a bit too much. Second, that he probably doesn’t really understand what the hell he’s talking about, or why people made the choices they have. The fact that the first chapter of the book, which talks about history, doesn’t seem to mention ARPAnet once only confirms this. But, the B&N summary sounded like the book has a healthy dash of iPhone bashing, so I figured it’s be a good read. It was also written in 2008, so I figured that the ideas would be relatively current.

Well, I’m just under a quarter of the way into the book, and given the vast mass of notes I’ve penned in the margins, I think Mr/ Zittrain and I wouldn’t get along too well on a desert island. But I’ll try to contain my commentary – and attacks upon the author – until I’m done with the book. The thought currently in my mind is a very specific one:

Many technologically savvy people think that bad code is simply a Microsoft Windows issue. They believe that the Windows OS and the Internet Explorer browser are particularly poorly designed, and that “better” counterparts (Linux and MacOS, or the Firefox and Opera browsers) can help protect a user. This is not much added protection. Not only do these alternative OSes and browsers have their own vulnerabilities, but the fundamental problem is that the point of a PC – regardless of its OS – is that its users can easily reconfigure it to run new software from anywhere.

To be sure, Microsoft Windows has been the target of malware infections for years, but this in part reflects Microsoft’s dominant market share.

Oh, wow, is it 2004 again? I thought we’d given up on the “market share” argument. When Apache had 10% of the market share of web servers, people said it wasn’t attacked as often because of low market share. Well, Apache currently has a 47% share of the market, compared to Microsoft’s 21%, and it’s still more secure, more stable, and has fewer critical vulnerabilities*. The same market share argument was made about Firefox when it had 5% market share. Now, the share is projected between 31.85% and 47%, and it still has less serious vulnerabilities (ones that can actually damage your computer) than Windows). I thought this “market share” argument was done with.

Most important is the thing that most Microsoft-biased pundits (and, of course, Microsoft themselves) don’t ever talk about: an amazingly large number of servers run Linux. Especially e-commerce servers which house loads of personal information and credit card numbers. Estimates for big e-commerce sites put non-Windows OSes at 30-50%, and they’re quite popular among small sites that probably don’t have well-trained SysAdmins. So, if Windows wasn’t really less secure, wouldn’t we see e-commerce servers getting compromised left and right?

But there’s a more important point here. It’s about curtailing the stupidity of users. I know, in Microsoft’s defense, that Windows Vista and Windows 7 are supposed to be better with this. But, at least in the past, Windows had virtually no privilege separation. With a little code, you could effect the whole system from an arbitrary binary – or worse, with ActiveX, through the browser. I was dumbfounded that any user could install a system-wide application. The real issue here, at least with older Windows (I don’t know much about the new ones) is that Windows, from the beginning, wasn’t written to be secure. Heck, it wasn’t even designed to be attached to a real network.

Linux does have real security advantages over Windows, and not just because it has low market share. First is an actual, true implementation of privilege separation. No matter what I do in my desktop web browser, no matter what I run, even if I installed a Firefox plugin that wanted to destroy my machine, it couldn’t happen. No matter what I let some random code do, it simply can’t escape the confines of my user account.

Ok, ok, I know what you’re all saying right now. I can hear it from here: “but what if the moron does everything as root? what if they just sudo anything that they’re asked about?” Well, I have answers to that, too. My own distro of choice, OpenSuSE greatly upset me when I went to install 11.1, and the installer showed a default of one user account, automatic login, and the same password for the user and root. That’s just stupid. In fact, it’s braindead, plain and simple. I don’t care how wonderful it would be to get Linux on every desktop in the world, if we have to destroy every advantage that Linux has over other OSes, it will be worthless.

I digress. In the end, it boils down to user education. And, in some respects, I think that Linux has become too dumbed-down. There are certain things that simply shouldn’t be put in a GUI. Excuse my elitism, but if you can’t figure out how to configure Apache correctly from the command line, you have no business running an Apache installation. The same goes for countless other services and applications. So, what’s my solution? Well, here’s what I do when I install Linux for non-technical friends. Some of these things are training items, others are things that I do in terms of configuration and, IMHO, should be OS/distro defaults (unless you know some esoteric hidden switch to change them).

• Disable graphical login as root. This enforces proper use of sudo, and also prevents a user from becoming lazy and operating as root on a regular basis.
• Pick a good, strong root password. Write it down on a post-it note and keep it somewhere near the computer. (Yes, I know what you’re thinking. But if it’s a home computer, anyone already in the house either is trusted, or will own the computer one way or another. I’d rather have everyone in the house have access to the box, than a password that a remote attacker can easily brute force.)
• Disable caching of sudo passwords in the desktop manager, if it already isn’t done. This is a *very* bad idea, IMHO, and effectively defeats privilege separation. If someone needs to use sudo *that* often, they’re either a knowledgeable user, or they’re doing something wrong.
• Set the package manager to use the strictest key verification settings.
• Provide the user with extensive documentation (can be a list of links to helpful sites) that includes – this is of paramount importance – a list of common Windows (or whatever OS they’re coming from) programs and their closest Linux equivalents. This is another measure to try and dissuade the user from searching for and installing arbitrary code.
• Give the user a good, simple explanation of what sudo is, what root is, and why they should be worried. One of my analogies – if I have time to explain it – is to think of the computer’s security like a jewlery store. Your user account is the front door; only people who look honest are buzzed in, but they still can’t do much damage. The root password is the combination to the vault; only very trusted people can get in, and they only open it when they absolutely have to.
• Enable a wide range of trusted repositories by default. The more likely the user is to find a package in the repos already cached, the less likely they are to download arbitrary code.
• Explain to the user that when you install software (as root), you’re essentially giving the developer access to your system. Software should be screened by someone who knows what they’re doing (i.e. the community) before you install it.
• I always tell people to *only* install software from the repositories I enable. If there’s something they need and it isn’t available, ask me (or ask the community) and I’ll make a package and upload it to a suitable repository. The key here – and the most difficult part – is to conquer the Windows habit of installing software from disparate sources, and train the user that only software from their repositories, or other community-standard repositories, can be trusted.
• Show the user the correct patch/update procedure for their system. Depending on skill level and the level of attention you’re willing to give them, it might be advisable to enable automatic updates (if the OS doesn’t have a way to do it, then via cron).
• If the user is a developer or needs to run any services, even just for development – i.e. Apache, MySQL, Postfix, etc. – properly secure them and give an overview and links to the proper security procedures.
• Setup a second user account. Explain to the user that this is only to be used for banking and other sensitive activities. Lock it down, make sure it’s in a different group from the main user, don’t install any Firefox plugins.

Unfotunately, a lot of this is just breaking the bad administration and security habits shared by most Windows users.

While we’re on the topic, a word about package managers. I’m a Linux sysadmin, and I believe in ‘eating your own dog food’. I’ve used Linux on all of my servers, desktops, and laptops for over 4 years now. I haven’t used Windows on a regular basis in ages. I’d say I touch a Windows box for about 5 minutes a month, and usually just to use a browser. A few weeks ago, I was asked to install Windows on a desktop for someone. I did. I then attempted to install Firefox. Using what I remembered of Windows, I navigated to the “Control Panel” and clicked (err… double clicked) on “Add and Remove Programs”. Seems logical enough. I then stared at the screen for about 30 seconds, trying to find the Search box, where I could type in “Firefox”. Finally, I literally began laughing out loud, when I remembered that Windows doesn’t have unified package management, and I’d need to manually find the Firefox binary on their web site, download it, and run whatever installer program Firefox chooses to use. Same issue with updating software. I’m utterly perplexed, being a Linux user, that Windows and Mac people still search through Google or multiple web sites just to find new software. I’m even more perplexed that the OS update/patch program doesn’t also update all of the software on the system. It seems like the stone ages.

In my opinion, one of the biggest failings of modern Linux package management is the assumption (derived from multi-user systems) that all software should be installed system-wide. Granted, it doesn’t do a whole lot to actually protect a single user if they install malicious software available to just themselves (especially since most desktop installs these days are probably used as single-user systems), but I really feel that distros (especially desktop-oriented distros) should have an option to easily install packages for just the current user, and possibly do this by default.

* I can’t find the link right now, but I did find an interesting article on Microsoft’s old anti-Linux campaign (”get the facts”). One of the things mentioned was that when Microsoft compared “vulnerability counts”, they were actually comparing: 1) entire Linux distros vs just the core Windows OS, and 2) counting individual patches in Linux versus patch sets released by MS. So, not only was MS literally counting apples and oranges, but they were totally ignoring unfixed vulnerabilities. Given Microsoft’s habit of not fixing vulnerabilities – especially in “unsupported” products – it’s no wonder how they got the numbers to look so good.

So, here’s a thought. People are used to paying for an OS and for software. Start a Linux vendor that sells a desktop, newbie-oriented Linux distro. Charge a per-user flat rate for the distro and a bunch of base packages, that includes X hours of telephone support. Charge per hour/minute/whatever for additional support. Bundle in secure VNC, secure remote access, etc. in a way that will allow support to remotely access the computer, but preserve the privacy and security of the user (perhaps an app that allows the user to initiate a reverse VNC or SSH session to support). Lock down root access – allow the user to do it, but remind them every time that, outside of a specified set of commands, their actions will be logged and won’t get full support. Then figure out a way for support to write a shell script that’s sent to the user to perform administrative actions, which will all be listed in relatively simple terms for the user to examine and approve. Finally, have a *giant* package repo, all of which is free or comes with paid support. Any F/OSS packages that aren’t already in the repo can be requested by a customer, and for a flat fee for the first requesting customer (say, $10) will be examined, approved, packaged, and added to the repo.

Reviews book, freedom, internet

This is a follow-up to my Making maps from GIS data with Inkscape post. After playing around with Inkscape for quite a while, and coming up with the dismal results seen in that post, I decided there has to be an easier way. A little Googling turned up this video tutorial on how to print large scale maps from Google Maps. It turns out that the Google Maps API will honor almost any pixel resolution that it’s passed. The Screengrab add-on for Firefox has the wonderful capability of being able to capture a screengrab of page content, at actual resolution, regardless of screen resolution. So load up a 5000×5000 pixel Google Map, use the Screengrab addon, and end up with a full 5000×5000 pixel image file.

After testing this a bit, I decided to go the Google Maps route. This also has a lot of other added bonuses – I can store my overlay data in simple XML files, add and remove layers on-the-fly, and also make it available online (and, theoretically, to any Google Maps-equipped device used by responders). This even opens up the possibility of using paper maps as a last resort, and providing the Fire Department with live hydrant maps on GPS-enabled handheld devices and phones.

The quirks, however, may need some serious photoshopping (err, rather, gimping) to fix:

1. With all of the background color, how will this look when printed?
2. How do I make the town borders easily defined? It would be a lot of raster editing to remove the background color of areas outside of town.
3. How do I overlay a grid for a street name index?

The first step was to setup a large Google Map to develop with. I used PHP and Monte Ohrt’s GoogleMapAPI PHP wrapper class. It was simple enough to setup a big (3300×5100px) map, zoom out in Firefox, and start adding some stuff. My examples and development pages, if you want to take a peek at the code, are here.

The first step was to draw a polygon for the outline of the town. I found some very detailed information on how to get zip code boundary lines on Matt Cutts’ blog. Apparently, he’s a Google software engineer, heading up their webspam team. I grabbed the files from the Census, as described, and came up with the boundary for my zip code looking like:

        60      -0.741427638843858E+02       0.409963180802469E+02
      -0.741375870000000E+02       0.410075970000000E+02
      -0.741308870000000E+02       0.410061970000000E+02
      -0.741308870000000E+02       0.410061970000000E+02
      -0.741307260000000E+02       0.410032600000000E+02
      -0.741326870000000E+02       0.409955970000000E+02
      -0.741278870000000E+02       0.409943970000000E+02
      -0.741280870000000E+02       0.409938970000000E+02
      -0.741327870000000E+02       0.409853970000000E+02
      -0.741352870000000E+02       0.409830970000000E+02
      -0.741369600000000E+02       0.409818620000000E+02
      -0.741410520000000E+02       0.409821940000000E+02
      -0.741412870000000E+02       0.409826970000000E+02
      -0.741412870000000E+02       0.409826970000000E+02
      -0.741417870000000E+02       0.409847970000000E+02
      -0.741427870000000E+02       0.409863970000000E+02
      -0.741482870000000E+02       0.409868970000000E+02
      -0.741536880000000E+02       0.409899970000000E+02
      -0.741510880000000E+02       0.409929970000000E+02
      -0.741531880000000E+02       0.409965970000000E+02
      -0.741571880000000E+02       0.409988970000000E+02
      -0.741557880000000E+02       0.410013970000000E+02
      -0.741461870000000E+02       0.410018970000000E+02
      -0.741400870000000E+02       0.410065970000000E+02
 
      -0.741375870000000E+02       0.410075970000000E+02
END

As per Matt’s instructions, I stripped off the first and last lines, converted everything to normal decimal notation, and built it into a PHP array:

$MP_boundary = array();
$MP_boundary[] = array(-74.137587, 41.007597);
$MP_boundary[] = array(-74.130887, 41.006197);
$MP_boundary[] = array(-74.130887, 41.006197);
$MP_boundary[] = array(-74.130726, 41.003260);
$MP_boundary[] = array(-74.132687, 40.995597);
$MP_boundary[] = array(-74.127887, 40.994397);
$MP_boundary[] = array(-74.128087, 40.993897);
$MP_boundary[] = array(-74.132787, 40.985397);
$MP_boundary[] = array(-74.135287, 40.983097);
$MP_boundary[] = array(-74.136960, 40.981862);
$MP_boundary[] = array(-74.141052, 40.982194);
$MP_boundary[] = array(-74.141287, 40.982697);
$MP_boundary[] = array(-74.141287, 40.982697);
$MP_boundary[] = array(-74.141787, 40.984797);
$MP_boundary[] = array(-74.142787, 40.986397);
$MP_boundary[] = array(-74.148287, 40.986897);
$MP_boundary[] = array(-74.153688, 40.989997);
$MP_boundary[] = array(-74.151088, 40.992997);
$MP_boundary[] = array(-74.153188, 40.996597);
$MP_boundary[] = array(-74.157188, 40.998897);
$MP_boundary[] = array(-74.155788, 41.001397);
$MP_boundary[] = array(-74.146187, 41.001897);
$MP_boundary[] = array(-74.140087, 41.006597);
$MP_boundary[] = array(-74.137587, 41.007597);

Though this data doesn’t seem exactly 100% accurate (at least by my knowledge of the town, and every map I can find) it’s quite close and a very good start.

I’ll update later this week when I have some more done…

Tech HowTos catrography, emergency, EMS, google, maps, PHP

NOTE- I more or less dropped this project, in favor of a more precise approach, as outlined in Using Google Maps to produce usable, printable maps. This is being left just to give other people ideas.

Background

I was recently asked by one of the officers of our volunteer fire department if I could come up with a good map of our town that could be laminated and put in the trucks. We currently have a really simple PDF map of our town, but it was done by a for-profit entity and is only available as the single-size PDF. The map itself looks like:

Data

With a little research, I was able to find quite a lot of GIS data on the NJ Department of Environmental Protection GIS site. While the GIS viewer software by ESRI seems to be the usual choice, I found that the GPL’ed Quantum GIS project (available in the OpenSuSE Application:Geo repository) displayed the data quite nicely. The only major issue was with street names – there was no way to label lines with two fields from the metadata (the TIGER/Line files have separate fields for the street name and the st/rd/ln suffix). More importantly, I needed something that both looked nice and included overlays (specifically of the fire department’s hydrant map).

SVG

A little research led me to the shptosvg perl script that converts a shapefile to SVG. As the streets within our town won’t change any time soon, I figured it was the most logical solution, when producing a map for print where I would need to re-scale and edit overlay layers – to just get the data I needed into SVG and do the rest there. I was able to export both the county roads shapefile and the state municipal boundaries shapefile to an SVG drawing, and then open that in Inkscape. To export them, I used:

perl shptosvg.pl -x3300 -y5100 -p1 -d0.5 berrds00.shp muni_boundaries/nj_munis.shp > test2.svg

where berrds00.shp is the TIGER/Line roads shapefile for our county (from the 2000 census) and muni_boundaries/nj_munis.shp is the shapefile for the NJ municipal boundaries. The x and y sizes (3300px and 5100px, respectively) were based on an 11×17″ sheet printed at 300dpi.

Initial Work

The initial work was a real pain. I moved each group of objects (the municipal boundaries and the county road lines) to a separate layer and then ungrouped them. Next, I began the painstaking process of deleting all of the objects outside of our town boundary, except the roads directly around our town. Once this was done, I used File -> Document Properties -> Fit to Page Selection to “crop” the canvas to the remaining objects. Thanks to the nature of SVG, I was able to crop the page down and then scale it up again to 11×17″ without any loss of data or quality. I then moved the roads outside of our town (luckily, most of the roads from the TIGER data ended up being made up of a series of line segments, with most of them having a break at the town boundary) to another layer, so that they could be easily given a light gray color. I also gave the down boundary a nice red color. Finally, as I neglected to include a railroad shapefile when I did the original conversion to SVG, and adding one would obviously not jive with the massive deletion and re-scaling I’d done, I drew in the one railroad line running through town by hand, and gave it a nice dashed line type.

At this point, I ended up with something that looked like:

Cleaning Up

I now had the following tasks to perform:

1. Find a nicer way to show the street lines. The ideal would be a line made up of 1-2px lines on either side, with a white center. Second best would just be thinner lines.
2. Cleanup the roads around the town boundary – make sure they’re black within the town and gray outside. If need be. delete some lines and re-draw them to split at the town boundary.
3. Add labels for the bordering towns.
4. The big one – add street name labels.
5. Perhaps add in icons/labels/boxes for churches, schools, municipal buildings, etc.
6. Add in, once I get a copy of the map, the fire department hydrant locations as another layer.

And the added bonuses that I’d like to do:

1. Add house numbering on a block level for each street.
2. Add a grid overlay, with an index of streets by grid square on the back.

As of right now (about 9AM on November 25, 2009) this is where I stand. I’ll update a bit more when I get farther along.

Tech HowTos gis, inkscape, map, shapefile, svg

If you’ve used Google search from an Android device to search for a business, you’ve probably noticed the two interesting “buttons” to the right of the search listing – “Get Directions” and a button for the phone number. It turns out, these are pretty easy to implement.

The “Get Directions” link is a simple link to Google Maps like This One. The links are actually pretty simple:

<a href="http://maps.google.com/maps?daddr=42+Pierce+Ave%2C+Midland+Park%2C+NJ+07432">Get Directions</a>

It just uses a regular Google Maps URL, with the destination address encoded. When the link is clicked in the Android browser, a dialog pops up asking the user whether he wants to open it with the browser or the Maps application. If Maps is selected, it automatically opens with the address from the URL in the destination input box, the phone’s current location as the start input, and gives easy access to directions and navigation.

The telephone links are a bit more interesting. Apparently, the Android browser uses the Phone app to handle the “tel” scheme, as defined by RFC 3966.Therefore, clicking a link like:

<a href="tel:2015555555">201-555-5555</a>

on Android will bring up the Phone app and pre-enter the digits for 2015555555. Luckily, it doesn’t automatically dial the number. If you want to give it a try and are using Android: 201-555-5555.

The final step is how to implement this. I don’t know if most mobile browsers (Blackberry? iPhone?) also support the “tel” URI scheme, or how they’ll handle Google Maps links. But if you’re looking to include Android-specific content, the user agent string from my Motorola Droid (Android 2.0) looks like:

Mozilla/5.0 (Linux; U;Android 2.0; en-us; Droid Build/ESD20) AppleWebKit/530.17 (KHTML, like Gecko) Version/4.0 Mobile Safari/530.17

I know that there are a number of PHP classes out there to detect browsers (like Chris Schuld’s browser.php) and some things to detect mobile device capabilities (like WURFL or Tera WURFL, both using the WURFL data). However, if you just need to know whether your user is on Android or not, I’d personally recommend just checking the user agent string for “Linux”, “Android” and “WebKit” until a better browser identification system is found, as these are not likely to change in the near future.

Uncategorized android, google, html

At work we have a Cyclades ACS16 console server (running Cyclades-ACS16-Linux V_3.2.0 (Jan/04/08)). While the docs claim all sorts of LDAP features, there’s nothing (either in the web GUI or the CLI configuration tool) to setup LDAP with TLS or required group membership. I tried modifying the /etc/ldap.conf and /etc/nsswitch.conf files, running saveconf and runconf and even rebooting, but no luck. It was apparent that I needed root on the box. Unfortunately, they don’t give you root, and their sudo command is locked down. But, I figured, if sudo would let me and chown and cat and mv (enough to switch out the ldap.conf and nsswitch.conf files), root should be pretty easy.

The failing of Cyclades’ sudo lockdown is that it allows sudo execution of a few random shell scripts, and also allows `mv`.

The /etc/sudoers:

# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#
 
# User alias specification
 
# Runas alias specification
 
# Host alias specification
 
# Cmnd alias specification
Cmnd_Alias     SH_CMDS = /bin/cp,\
                         /bin/chown,\
                         /bin/egrep,\
                         /bin/grep,\
                         /bin/cat,\
                         /bin/tar,\
                         /bin/kill,\
                         /bin/mkdir,\
                         /bin/mv,\
                         /bin/rm,\
                         /bin/sed,\
                         /bin/touch,\
                         /sbin/reboot,\
                         /usr/bin/killall,\
                         /usr/bin/w,\
                         /bin/w_cas,\
                         /bin/sess_mngt,\
                         /sbin/route,\
                         /bin/what
 
Cmnd_Alias     CONF_FILES = /bin/vi /etc/network/st_routes,\
                            /bin/vi /etc/portslave/pslave.conf,\
                            /bin/vi /etc/resolv.conf
 
Cmnd_Alias     APPLICATIONS = /bin/pmCommand,\
                              /bin/saveconf,\
                              /bin/restoreconf,\
                              /bin/runconf,\
                              /bin/daemon.sh,\
                              /bin/manageService.sh,\
                              /bin/dsviewKillAdmin, \
                              /bin/pmfwupgrade, \
                              /bin/adsap2_clear, \
                              /bin/upgrade_power.sh, \
                              /bin/signal_ras
 
# User privilege specification
# root can run any command on any host as any user.
root    ALL = (ALL) ALL
 
# admin user group command specification.
%admin      ALL = NOPASSWD: SH_CMDS, CONF_FILES, APPLICATIONS

So, /bin/upgrade_power.sh doesn’t look like we’re using it too much. Here’s our root procedure. Before doing this, create the /home/admin/foo.sh script.

sudo cp /bin/upgrade_power.sh /bin/upgrade_power.sh.SAVE
sudo chown root:root /home/admin/foo.sh
sudo mv /home/admin/foo.sh /bin/upgrade_power.sh
sudo /bin/upgrade_power.sh
sudo cat /etc/sudoers # just to verify that it worked
sudo mv /bin/upgrade_power.sh.SAVE /bin/upgrade_power.sh # set things back to the way they were

And the key to all of it is the simple /home/admin/foo.sh script:

#!/bin/bash
 
chmod u+w /etc/sudoers
echo "%admin      ALL = NOPASSWD: ALL" >> /etc/sudoers
chmod u-w /etc/sudoers

That’s it!

Tech HowTos acs, cyclades, gettingroot

Gizmodo – The Real Reason the Droid’s Camera Fixed Itself.

Well, it’s definitely good news to know that the problem with the camera on my beautiful new Droid is only a software issue. However it’s not too reassuring to know that Google (or could it have been Motorola devs?) let code out which obviously has a bit of an issue with a… rather predictable… value.

android android, droid, motorola