Boring Programming Stuff

I was asked to write a linked list in C++ at a job interview today. Immediately I started working on classes and methods and whatnot, but I didn’t have enough time to get it fully working. I gave a poor impression and had to explain inserting into and deleting from linked lists on paper. Afterwards, I realized my interviewer didn’t want a heavy object-oriented linked list. He wanted to make sure I knew the concept (and pointers in C++). A simple struct node and a couple of loops would have done the job.

When I got home, I was compelled to finish what I started. I made the linked list anyway to prove to myself I could do it. Here’s the Xcode project and everything else that’s necessary. Obviously you don’t need Xcode. Compiling main.cpp should do the trick on pretty much any system.

The linked list only has an AddToFront, DeleteFromFront, Next, and GoBackToFront methods, since that’s about all you can do with a singly linked list. I used templates so the thing could actually be useful if not for the total lack of documentation and testing. (Not to mention the fact that everyone writes one of these.) It does have an educational purpose though: Since I made it spit output when nodes are added and deleted, you can see how the destructor is implicitly called once the test object is out of scope. (In this case it’s when the program ends.) Writing this really took me back to my data structures class. I guess I’ve become soft since most languages come with nice data structures.

While I was waiting to board the plane from Hawaii to Seattle, I noticed an open wifi network. Of course it was your typical $5 for 2 hours deal that a lot of airports have, so I opened up snort to find a MAC address I could spoof to get free access. After about two minutes some traffic went by that made me do a double-take: I thought I saw my name fly by in plain text. Luckily I was logging all traffic to my hard drive, so I replayed the data and ran in through grep. Lo and behold, my name WAS in there. Hawaiian Airlines was using the open wireless network to transfer passenger information. What’s worse is that their protocol was extremely simple. Passengers on flights are listed as last name, first name, followed by seat number. I searched for some nearby seat numbers and then asked the people if their names were X.

I didn’t have much time to log data and go through it, but stuff like this makes me wonder just how much more information Hawaiian Airlines is sending out on the airwaves. If anyone wants to sift through the logs, you can get them (in tcpdump format) here. Oh, and I also noticed one of the computers on the network was running MSSQL, but I didn’t have time to check it out.

It’s just sad how many people (and companies) are totally clueless about computer security.

Some guy on The Awful Forums made a JavaScript clone of Windows Minesweeper a while back. It didn’t detect right-clicks properly and had some bugs in Safari, but I fixed it and made it into a widget (yet another instance of me standing on some else’s shoulders). Anyway anyone who wants it can click here.

Since the original Windows graphics are used, there’s probably some copyright infringement going on. Oh well, this screenshot makes it worth it.

Compiling wget for Windows is not a difficult task, but there is almost no good documentation out there to help. This guy has a decent guide. I use Visual Studio 2005, but Microsoft gives away a free version that will work just as well for this purpose. Wget depends on openssl (to connect to secure http servers) and openssl requires perl to build. You can skip the whole installing ActivePerl step and grab a pre-compiled version. (You’ll want to get the zipped precompiled copy of OpenSSL linked to on that page.)

After figuring this out, I compiled evil wget for Windows. You’ll need the OpenSSL DLLs in the same directory. Also, evil wget is improved. Now it fakes its User Agent to pretend to be IE 6. This means that clever admins who block by user agent are out of luck. Blocking by IP is always an option though. Source is here. There are also binaries for OS X and Linux. Both depend on OpenSSL.

By the way, anyone using wget to retrieve files from a web server with password authentication should be careful. Wget tries using basic authentication, then digest auth if that fails. Even if your web server is properly configured to use digest authentication, wget will send your password out base64 encoded first. Most sniffers will recognize the string is base64 encoded and automatically decode the username and password. Think first before telling wget to use authentication as your credentials will be sent out for anyone to sniff. Use something like curl (http://curl.haxx.se/) instead.

By default OS X Terminal doesn’t have colored output enabled for ls. Some people love colors in ls (me), others hate them. I like them, but the default colors aren’t very useful. Directories are blue, meaning they blend in very well with a black terminal background. It’s even worse if you’re using a blue background (such as the default Aqua background) and a translucent terminal. OS X uses a different format for its LSCOLORS environment variable than Linux, so it’s hard to figure out how to change the default colors and googling doesn’t help much. I threw together a JavaScript LSCOLORS generator as an exercise. It probably works on most modern browsers (I’ve tested it in Safari and IE 7) but I make no guarantees. I included a preview of what the colors will look like in a terminal. The colors aren’t perfect, but it’s not bad for toying around. Also, a note about why I have a bold checkbox for background colors: bolding the background causes the color to be lighter (bold brown is yellow in most terminals). This is not reflected in the preview, mostly because I don’t know all the quirks about bold backgrounds.

If I’m particularly interested, I might add Linux LS_COLORS to this also. The options are much more complicated (colors for any file extension, blinking, underlining, and other formatting options) so it would probably take me longer.

Oh yeah, here’s a link to the thing.

So I noticed the site Wikipedia Watch keeps public chat-logs of #wikipedia on Freenode, and I couldn’t help myself. I wrote a short perl script that scrambles my xchat logs so that it’s impossible to tell who said what or even when any person was in the channel or not. The time-stamps are still consistent, but everything else is changed. Usernames and content are pseudo-randomly mixed up. Even join/part messages are in the wrong places, making for a completely useless log (at least for the person reading it). Still, a cursory glance of the logs doesn’t raise any red flags. It almost looks like there are 5-10 conversations going on at once and it’s hard to figure out what’s going on. So I scrambled a copy of my logs since January and sent them over to Wikipedia Watch, since they don’t have anything from before April. The guy I emailed didn’t take the bait. He found out by monitoring #wikipedia, where I mentioned my plan. He also threw me on his hate list, which is basically as much information he can find by googling someone’s screenname along with some made-up stuff. He even took the copyrighted image from my user page on Wikipedia.

My script probably has quite a few bugs in it, since I only coded it for my own Xchat logs. I haven’t commented the code (or even properly indented it), so don’t email me if you have questions. By next week I’ll probably stumble on this thing and wonder, “What idiot wrote this?” before realizing it’s my own code. Anyway, download it here.

I got tired of wget obeying robots.txt, so I got rid of a lines of code in the source and recompiled. It took me all of 5 minutes, and most of that was waiting for evil wget to compile. So to save others 5 minutes I’ve thrown the new source and binaries up.