Post Archive
"Blind Spot" Festival Run
Blind Spot, a short film by Matt Nayman and I, has been accepted to a number of festivals to screen in the near future!
So far it will be screening on:
- October 22nd in Austin, TX at the Austin Film Festival
- October 25th in Toronto, ON at the Toronto After Dark Film Festival (which I will be attending)
- At some point from November 3 to November 20 in Leeds, UK at the Leeds International Film Festival
After the film's premier I will finally be able to publicly show the film (I will post it here) and make long overdue updates to my VFX demo reel. [edit: no longer the case]
You can watch the film on its website!
RoboHash and Gravatar
I recently discovered a charming web service called RoboHash which returns an image of a robot deterministically as a function of some input text. Take a gander at a smattering of random robots:
These would make an awesome fallback as an avatar for those without a Gravatar set up, since it will always give you the same robot if you enter the same email address. So of course I implemented it for this site!
Canon XF100 to Apple ProRes
As lossless as I can manage it.
I have finally figured out a way to process my raw Canon XF100 video files into Apple ProRes. I'm not satisfied with Final Cut Pro's log-and-transfer function, because that seems to require the footage to be transfered directly from the camera/card. I want to hold on to the original MXF files and be able to process them at my leisure.
The many hidden versions in Dropbox

Dropbox has a lovely feature in which they retain multiple versions of your files in case you want to revert some recent changes you have made. When you log into their website they let you pick from approximately all of last month's versions of a given file. However, if you look at URL of the version previews they offer, there is something to notice; they look roughly like:
https://dl-web.dropbox.com/get/path/to/your/file.txt?w=abcdef&sjid=123456
The w=abcdef
is the ID of your file, and the sjid=123456
is the version of that file. Even though the web interface only shows a limited number of versions, since the version numbers appear to start counting at 1 you can simply contruct your own URLs to grab versions that they would not normally allow.
If you are especially careful and copy your browser cookies you can even automate this process to grab all versions of a given file!
OATH-Toolkit 1.10 on OS X: UPDATE
It turns out the issues I was having compiling OATH-Toolkit was due to a slight change to the build process introduced in version 1.8.1. It is something to do with autoreconf, but I wasn't able to properly diagnose the problem. Ergo my workaround was to simply build only the parts that I needed:
1 2 3 4 5 6 7 8 | wget http://download.savannah.gnu.org/releases/oath-toolkit/oath-toolkit-1.10.2.tar.gz
tar -xzf oath-toolkit-1.10.2.tar.gz
cd oath-toolkit-1.10.2
./configure
make -C liboath
make -C pam_oath
make -C liboath install
make -C pam_oath install
|
And now I have time-based one-time-passwords on my Mac as well. The next thing to do is figure out how to get it to check against hashed passwords so I can get back to using a single prompt...
New Cards
Finally about to send my new cards off to the printer. First take a look at the front:
The background and the words on it are both black. The words, however, are rich black, so they should appear glossy on the flat background. The templates I'm giving the printer has ~20 cards on it so I get a slight variation on what words are actually on each one as well.
The back is more interesting:
Every card has a unique code on it, and a QR code that can be scanned with a phone. Should be useful whenever I give someone a card to contact me with a purpose, as I can customize what is displayed to them when they go to that link. I spent way too much time designing a lovely crypto system to drive the codes, until I decided to simply randomly generate them and keep track. There are ~35 trillion codes of this size, and I'll at most use a couple thousand so as long as I do a little bit of rate limiting on the website (say about an hour of delay if you enter 10 wrong codes) then nobody should ever be able to guess them.
One Time Passwords for SSH on Ubuntu and OS X
I have been meaning to beef up the security on my various servers for a while. Everything was configured in a way that was relatively closed, but ultimately I decided that convenience outweighed absolute security. To that end, my passwords are not as good as they could be (ie. I can remember them easily and type them quickly (although they were designed to be...)), SSH continues to serve from the default port, and one could SSH to root just with its (enormous) password.
Walking home from the train yesterday I decided to finally fix this. My original idea was to setup a pluggable authentication module (PAM) for Steve Gibson's "Perfect Paper Passwords", but I soon discovered the (slightly more official) Initiative for Open Authentication (OATH). OATH provides specifications for two types of one time passwords (OTPs): event based (HOTP) or time based (TOTP).
Event based OTPs are generated from a counter that increments every time you ask for a password. The servers keep track of the current counter so they will never accept previous passwords again (eg. if someone watches over your shoulder or there is a key logger). Time based OTPs do much the same, except they are based off of the current time and so are only valid for the current 30 second block.
These sorts of two-factor authentication schemes often rely upon proprietary hardware and expensive service plans, but the openness of OATH allows for free apps for iOS, Android, and many more. Another open source project, OATH Toolkit, provides the server side code including a PAM.
There are no more posts.