Archive for October, 2009

Music Section is Live

Friday, October 23rd, 2009

After months of having a tantalizing-looking ‘Music’ link in this site’s main navigation but no payoff after the click, I’m happy to tell the world that the music section is live. There isn’t too much up now, aside from some free MP3s and an archive of music news, but there will be more content when I have more time. I would like to include some info about the lovely Why?-Fi Studio and how I record a song, but those will require a lot of work. I also plan to have an ‘upcoming albums’ section, but that might be unrealistic, as I would feel obligated to give all the projects I’m working on actual deadlines, then would feel the need to meet those deadlines. You see my dilemma.

Someday I’ll have an online store. The plan includes physical copies of CDs as well as digital downloads, initially in mp3 but probably in FLAC eventually. What’s going to be neat is that the digital downloads will feature a ‘Pay What You Like’ option (yeah, yeah, “Simpsons Radiohead did it”), which will go all the way down to free if that’s what people want to pay. I’m having a little trouble with the logistics of the whole project because I would like to include cover songs (I’ve recorded a lot of cover songs, my Christmas albums are almost all covers, and even The Suckers recorded a full-album cover of the Ramones’ first record), but I have to deal with the nasty reality of licensing, which looks to be as much negative fun as making the songs in the first place was. So the covers are going to have a minimum price so I don’t wind up losing money on the venture.

Tags: , , ,
Posted in Music, Recording, Recording News, Tech | No Comments »

Ben Folds: Missoula, MT

Thursday, October 22nd, 2009

Holy cow! What a show. The opening act was awesome, and the piano man himself did not disappoint. Carrie and I bought some ear plugs (after the hearing damage we got from the Dragonforce concert in the spring), but we didn’t even need them, which was a nice change. I’m getting old enough that I can’t afford to damage my hearing anymore if I want to continue to make and enjoy music. My dad and my sister went to the concert in Bellingham two days before we did, so we kind of knew what to expect, but it was still an awesome time. They also missed out on the opening act — Kate Miller-Heidke, who blew us away, and whose album is currently sitting pretty in Australia.

The only disappointment I felt was after it was over, and I realized he would not be playing “Fred Jones, Part II.” That’s another beautiful song I wanted to hear.

The opening act was amazing. It was just Kate and her husband, Keir Nuttall. We bought their CD, but it definitely had a fuller sound than the live act. Their performance had a great feeling of intimacy: just a guy with a guitar and a gal singing. And what a voice! She did all sorts of operatic vocal acrobatics. There’s a little bit of that on the album, but in concert you could definitely tell that she’s had some classical training. The intimacy was mostly missing from the CD, but I need to give it a few more listens to evaluate it fully. It’s a fun listen and I’m not saying I dislike it, just that the contrast between the live performance and the studio recording are quite marked and unexpected.

Photos

These kind of suck, because the lighting was bad, I didn’t want to use the flash that much, and I didn’t want to get closer to the stage.

Ticket envelope.
Full-Size (2048×1536)		 Ben Folds at piano.
Full-Size (2048×1536)		 Ben and fan.
Full-Size (2048×1536)
Ben Folds at piano.
Full-Size (2048×1536)

Setlist

  1. Free Coffee
  2. Annie Waits
  3. Sentimental Guy
  4. Eddit Walker
  5. Effington — “This song was written on a stage in Normal, Illinois. That’s why it pretty much has one chord.”
  6. Jesusland
  7. The Luckiest — This song was by special request from someone else, and I really enjoyed it because it’s my and Carrie’s wedding song.
  8. Song for the Dumped — Ben told the story of how he learned a complicated-sounding lick at the piano when he was a kid, and was trying to work it into a song. On the tour van, he was working on “One Angry Dwarf and 200 Solemn Faces” when Darren Jessee asked to see it, said it was rubbish, and scribbled out the lyrics to “Song for the Dumped”, which Ben was able to integrate the piano lick into.
  9. Gone
  10. Picture Window — One of the two Nick Hornby collaborations he played.
  11. Levi Johnston’s Blues — After this one, he was going to play another one, but decided it wasn’t ready, said the song “wasn’t under copyright yet”, and tossed the sheet of paper (presumably with the lyrics) into the audience.
  12. You Don’t Know Me — Kate Miller-Heidke performed Regina Spektor’s part, and Keir Nuttall accompanied on acoustic guitar. She added a nice, operatic touch to the part.
  13. Kate
  14. Still Fighting It
  15. You to Thank
  16. Landed
  17. Dr. Yang — Ben said that some people describe this song as “snarky.” That’s a word he prefer to leave the lexicon. Along with “OMG.” After this song, he asked if there was any song that anyone wanted to hear, and of course everybody shouted out a different name.
  18. Hiro’s Song — He went to get a Cajón for this one, which he played instead of the piano.
  19. Zak and Sara
  20. Bitches Ain’t Shit — He had a guy from the audience come up to sing the second verse. He first tried to get the audience to sing it, but that didn’t work out.
  21. Army — We kind of failed at the horn part.
  22. Rock This Bitch — Elaborations on the theme of a girl named Suzy who had a birthday.
  23. Gracie
  24. Not the Same — With some awesome conducting for the ‘drunken chorus.’
  25. And of course, the obligatory encore break…
  26. Evaporated — I was psyched for this one, as I think it’s very beautiful. The a capella version is also pretty.
  27. Rockin’ the Suburbs

Tags: , , , , , ,
Posted in Music, Photos | No Comments »

If It’s Too Good to Be True…

Friday, October 16th, 2009

Eating lunch today, I found my yogurt flavor is “Blackberry and Açaí.” Not knowing what the hell açaí is, I looked it up on Wikipedia. It’s a berry, but also a big dietary supplement component. According to the article:

“Marketers of these products… make unverified claims that açaí provides increased energy levels, improved sexual performance, improved digestion, detoxification, high fiber content, improved skin appearance, improved heart health, improved sleep, and reduction of cholesterol levels.”

Yeah … That sounds legit. It also whitens your teeth and makes people like you by altering your pheromones! People who sell this stuff prey upon people, but they quickly run into a problem: as soon as their product becomes the next big thing, others decide to hop on the bandwagon and start hawking the crap, too. Pretty soon, they have to keep adding supposed health benefits to ‘get ahead’ of the other guys, and you wind up with a list so long it puts snake oil salesmen to shame. I’m pretty sure most reasonable people can smell the bull, but obviously enough people are wooed by all the promises to keep some of these shysters in business.

It was a pretty tasty cup of yogurt. Still, it was surprising to see some Google Ads-worthy product featured on a big-league company like Yoplait’s product.

Tags: , , ,
Posted in Journal | No Comments »

Organizing The Music

Monday, October 12th, 2009

So I’ve begun the process of manually merging my music collection. It’s a mess, quite frankly. I’ve got MP3s I’ve ripped or purchased on four different computers, spread throughout many directories. Compounding this is my iPod, which usually carries the latest tracks that I’ve added. Here’s how I’m organizing things. The fun part is that I got to write a Python script to help out.

First Steps

I’ve got one folder that was my primary music folder throughout my time in school. It rests on my file server. It generally contains all my music and is the most authoratative ‘source.’ In addition, it was the initial source, the ‘seed’ if you will, for the tracks on the iPod. At one point in the distant past, my iPod contained the tracks from this folder and nothing else. This is what I’m going to start with. To really drive home the point of my fresh start, I creates a share on my file server and started anew. These tracks wound up in a folder called ‘library.’

This is already a good start. I’ve been pretty meticulous in organizing my music library, essentially by artist then by album. The /library/ folder is going to be my new, massively-integrated library, as soon as I get finished organzing.

The iPod

Since my iPod contains several albums that never made it to the music share for one reason or another, it can also be considered ‘authoratative.’ So I ripped its contents to another folder in the new music shared, called /iPod/. I used the excellent tool SharePod to do this, as it allowed me to rip the tracks to artist/album folders with very little hastle.

Other Sources

I then rounded up all my other music, and put it into an ‘unsorted’ directory. This is stuff I would go through item by item, once the two primary sources were sorted out, and include or not include depending on if it wound up on my iPod or not. I have yet to get all the way through this step.

The Script

This is the important bit. I wrote a Python script to crawl through the two directories in parallel, and note any missing files or directories. This way, I’ll know what I need to copy from the /iPod/ folder to the /library/ folder. It’s a fairly simple command-line script, used like this:

compare.py left right outfile [filter1,filter2...]

left is the first directory, right is the second. outfile is a text file that the differences will be written to, and the [filter]s allow me to specify a whitelist of file types I care about. In this case, the whitelist would be restricted to audio file types. Here is the command I wound up running (drive Y:\ is the share I set up):

compare.ph Y:\library\ Y:\iPod\ Y:\results.txt mp3,m4a

This ran the Python script, comparing the /library/ and /iPod/ directories (and, recursively, their children), saving the log of all the differences to results.txt at the root of the share. Additionally, the program ignored any files except mp3 or m4a files (and directories, obviously). I wound up with a list of all the folders and files unique to the initial library and the one copied from my iPod. Then it was a simple matter to copy the iPod-unique folders to the library. I could even use it to update my iPod if I really wanted to, although it’s running pretty close to full now.

Of course, there’s still a lot of work to do: I’ve got to tag the /unsorted/ files. Have I mentioned how meticulous I am about my music library?

Source Code

import os # for files and paths
import sys # for command line arguments
 
def matches (path, fileName, filter):
    """Returns true if the given file matches the filter or is a directory, false otherwise.
    path - the directory the file resides in
    fileName - the name of the file in question
    filter - Either None to indicate no filtering should be applied, or a list of allowed extensions."""
    if filter == None:
        return True
    else:
        # if it's a directory, return true
        if (os.path.isdir(os.path.join(path, fileName))):
            return True
        ext = fileName.split(".").pop()
        return (ext in filter)
 
 
def compareDirectories (leftPath, rightPath, uniqueLeft, uniqueRight, filter = None):
    """Recursive function to compare the contents of two given directories. Two lists are
supplied to keep track of the unique files. An optional filter is allowed.
    leftPath - The path to the first directory.
    rightPath - The path to the second directory.
    uniqueLeft - A master list of files unique to the left directory tree.
    uniqueRight - A master list of files unique to the right directory tree.
    filter - Either None, or a list of allowed (whitelist) extensions for files. A unique file in
            either the left or right directory will not be counted as unique if its extension
            does not match one of the filter items."""
 
    # get contents of directories
    left = sorted(os.listdir(leftPath));
    right = sorted(os.listdir(rightPath));
 
    # without a filter, just add all unique files
    if (filter == None):
        # append unique files by using a list comprehension to get all files on one side
        # that are not on the other side
        uniqueLeft[len(uniqueLeft):] = [os.path.join(rightPath, fileName) for fileName in right if fileName not in left]
        uniqueRight[len(uniqueRight):] = [os.path.join(leftPath, fileName) for fileName in left if fileName not in right]
    # otherwise, use the filter function
    else:
        # same as above, but also checks to see that the files match the given filters
        uniqueLeft[len(uniqueLeft):] = [os.path.join(rightPath, fileName) for fileName in right
                                        if fileName not in left and matches(rightPath, fileName, filter)]
        uniqueRight[len(uniqueRight):] = [os.path.join(leftPath, fileName) for fileName in left
                                          if fileName not in right and matches(leftPath, fileName, filter)]
 
    # get a list of files in both directores. Since they by definition must be in both,
    # we can pull them from either side using a list comprehension to check that they're
    # in the other.
    both = [fileName for fileName in left if fileName in right]
 
    # now go through and recursively call the function for any directories in both parent directories
    for fileName in both:
        leftChild = os.path.join(leftPath, fileName)
        rightChild = os.path.join(rightPath, fileName)
        if (os.path.isdir(leftChild) and os.path.isdir(rightChild)):
            compareDirectories(leftChild, rightChild, uniqueLeft, uniqueRight, filter)
 
def usage ():
    print "\n\ncompare.py"
    print "Compares two directories recursively and lists files or folders unique to each one.\n"
    print "compare.py left right outfile [filter1,filter2...]"
    print "\tleft\tFirst directory to compare"
    print "\tright\tSecond directory to compare"
    print "\toutfile\tText file that results are written to"
    print "\t[filter1,filter2]\tOptional comma-separated whitelist"
    print" \t\t\t\tof extensions for files"
    exit()
 
if __name__ == "__main__":
    # slice off name of program from args
    args = sys.argv[1:]
 
    # if there's an incorrect number of parameters, print the usage
    if len(args) < 3 or len(args) > 4:
        usage()
 
    # set up filter whitelist, if any
    filter = None
    if len(args) == 4:
        filter = args[3].split(",")
 
    # set up lists of unique files on both sides
    uniqueRight = list();
    uniqueLeft = list();
 
    # do the comparison recursively
    compareDirectories(args[0], args[1], uniqueLeft, uniqueRight, filter)
 
    # write to the file
    out = open(args[2], 'w')
 
    out.write("UNIQUE TO LEFT:\n")
    for fileName in uniqueLeft:
        out.write(fileName + "\n")
 
    out.write("\nUNIQUE TO RIGHT:\n")
    for fileName in uniqueRight:
       out.write(fileName + "\n")
 
    out.close()

Tags: , , , , ,
Posted in Computing, Media, Music, Programming | No Comments »

Wherin Crackers Strike

Monday, October 12th, 2009

Sometimes, even the best of us can get a good lesson in security.

Last week, I found out that my website was attacked by crackers. Notice I use the word ‘crackers,’ not ‘hackers’, because hackers are not crackers, and it’s important to maintain the distinction. From what they left I can tell that they clearly fall in the black-hat camp. If I’d gotten a warning e-mail or a message on my site to tighten my security, I would take it as a reminder to batten down the hatches. But since they just left a juicy payload, I can assume that they’re up to no good.

From looking at the files they left, I can tell they wanted continuing access to the shell account on my web host, and they wanted to do so in secret. Since I work in web programming, I’ve seen my share of more-conspicuous payloads. These are usually surreptitious JavaScript files, plopped at the end of legit PHP scripts to do nasty things. Most of what I’ve seen have been little snippets of code that act as drive-by downloaders, trying to pull malicious executables onto hapless users’ computers. The only thing that my attacker’s payload did was grant PHP execution and shell access. Not damaging to anyone who happens across a compromised site, but potentially damanging to me — it essentially gave them free reign of my SHH account.

I could speculate about what they wanted to do. There are a lot of ways to do nasty things on the web. PHP is web-aware enough to allow them to do as they please and ( assuming they’ve covered their track properly) not get caught, either. But I doubt they were able to get much nastiness accomplished, because they executed their attack sloppily: they dropped their payload in the wrong directory. They put their files one level above my web root, meaning that the scripts were inaccessible over the web. At first I thought they may have found an exploit in my framework to allow access to anything on the filesystem, but after reviewing their code, I can see that this is not the case. I guess they wanted to get in, drop off the files, and get out. They may have even made a second attempt after determining that the first one didn’t work; I found two files with exactly the same code.

How did they do it? I’m not certain, but I have an idea. The only web app I use is WordPress, and I’m updated to the current version, so this is an unlikely point-of-entry. They would have to know about an exploit that’s not been reported yet, which is possible, but doubtful.

Much more likely is that they managed to guess or sniff my password. I’m the guilty one here, as I was using a simple password that I’ve been using for years, which had little variation, was dictionary-based, and was much too short. In addition to that, I’ve got a webcam at home that posts images fairly frequently (at regular intervals), and it used the same account as my main FTP/Shell account. As you may know, FTP passwords are sent in cleartext, so this was definitely a potential point of entry. Assuming that the password was the point of failure, I’m lucky that they didn’t do more damage, as I used the same password for shell access, MySQL, and even my web control panel, so they theoretically could have locked me out of everything. I’m hypothesizing here, but I’d guess such an attack would be counterproductive; I think they just wanted another remote-control node on the web to carry out any dirty business they happened to think up.

Of course, I took steps to ensure that things are more locked down, starting with changing every password associated with this site. I did this as soon as I found out, and before anything else, to sever any venues they might have had to retaliate against me. Then I checked WordPress for updates, just in case there might have been an exploit I missed. Next, I updated how my webcam saves the periodic images and created a new account specifically for it. Finally, I did a quick review of my code base, making sure they hadn’t left another way to re-gain access. Basically, I pulled down my whole site and did a global search for any of the crackers’ friend functions: eval(), the base64 functions, system() and friends, and file-related functions. I’ve still got to re-upload all the code to feel 100% safe again, but I’m pretty certain that nothing slipped by.

Stay tuned, because after I’ve further reviewed what they left and when I’ve done a bit more research, I’ll post an analysis of the code itself.

Tags: , , , ,
Posted in Computing, Programming | No Comments »

Let It Snow! (early)

Friday, October 9th, 2009

Holy cow! I’m used to snow in Montana, especially earlier than you’d expect, but the earliest I remember seeing it was about a week before Halloween. Usually it’s merely a few light flakes here and there. Imagine my surprise this morning when I was eating breakfast and thought the pattern thrown on our lawn by the porch light was a bit too bright and white. I looked out the window and — sure enough! — there was a blanket of snow covering everything.

I grabbed some quick pictures after the sun came up because I wanted to try Carrie’s camera at full size (so very close to 8 megapixels). I think they came out okay. These were taken during our rush to work, so I didn’t try to do anything artsy. I just wanted to capture the moment. And what a moment! I’m going to have fun shoveling tonight…

Click the thumbnails below for a bigger view. I’ve also included links to the huge (about 3 MB) full-size images.

Snowy streetcorner.
Full-Size (3264×2448)		 Branches weighed down with snow.
Full-Size (3264×2448)		 Porchlight with icicles.
Full-Size (3264×2448)

Tags: , , , ,
Posted in Journal, Montana | No Comments »

Dear NBC: Please Don’t Ruin Next Week’s “The Office”

Monday, October 5th, 2009

The Office premiered a few weeks ago, and it’s been a pretty good run so far this season. But there’s a ‘special event’ coming up this week *mdash; Jim and Pam’s wedding — and I’ve got a certain feeling of dread thinking about it. Let’s face it: TV networks love to let us down. So I’m asking you, NBC, from the bottom of my fanboy heart, not to ruin what should otherwise be an enjoyable and eventful episode of your fine show. I realize that the show is already in the bag, but I want to complain anyway, so I will. Got that?

Please, no drama. The Office is a comedy, after all. Drama can be good every once in a while, but you don’t need to inject it into every damn episode. This week’s show is a big one, and it would be nice if, just for once, everything could go off without a hitch. Can you imagine that? A fun episode through and through, with no cold feet or misunderstandings about such-and-such or reappearances of sketchy former boyfriends to install a feeling of doubt or any of those other tired, old wedding clichés… it would be refreshing.

The trend over the last decade or so has been to inject drama into sitcoms, and it’s worked pretty well in general. But… there’s always to danger of too much of a good thing. Just because it can make a certain series interesting and engaging (Scrubs comes immediately to mind, ditto Pushing Daisies) doesn’t mean that every episode ever needs it. Sometimes, I just want to laugh. There once was a time when adding a bit of emotion into an otherwise funny show was a rare thing and something to be admired. But then it became a fad, and everyone started doing it. I blame Friends, and Ross and Rachel. But as it has become the norm instead of the exception, it’s become a bit old. And now we’ve come half a circle, NBC, and you can do the new and different thing by not injecting some sort of crisis or epiphany or disaster into this week’s episode.

I’ve been pulling for Jim and Pam for a long time, NBC. After all, Jim is a guy I can relate to, and Pam is smokin’ hot. I just want them to be happy. The best moments on the show are the ones where we see them as a pair, happy and glad of each others’ company and relating like human beings. Yes, their drama worked early on and even drew me into the show, but now is the time for smiles and celebration. I want to see Michael be an idiot, and Dwight show some of that weird, off-putting ‘expert’ charm, and Andy fail with the ladies. I want to see all those things. But I also want to see Jim and Pam smiling and happy at the end of the episode, without some formulaic romantic comedy grade BS to foul up the hour. Is that too much to ask?

The biggest surprise of all, NBC, would be if you were to surprise me with no surprises. Just let things happen the way they should. I want a sense of finality when I turn the show off, not some lingering cloud of doom over the characters’ (and my own) heads.

Tags: , , , , , ,
Posted in Rants, TV | No Comments »