Jeff Sexton

Wednesday, December 12, 2012

Google+ Communities


https://plus.google.com/communities/112334653322946592345

https://plus.google.com/communities/102507796610000516744

https://plus.google.com/communities/105032863651771032397

https://plus.google.com/communities/113808348632587763981

Don't be left out!

Thursday, December 06, 2012

Getting Netflix on the Big Screen, With Sound

This is an experiment in streaming Netflix to my TV, with audio going through the home theater speakers.  Lots of devices can stream Netflix of course, but I happen to be fresh out of working solutions.  So I'm going to use my phone.

The phone is a Samsung Galaxy SIII.  An adapter is available for this phone that outputs an ordinary HDMI signal path, from the phone's USB jack.

Warning...  Samsung used a non-standard pin layout on the port on the SIII.  To do this, one must buy the Samsung HDMI device, specifically for the SIII.  Others will not work.  And the SIII device will not work with other Samsung phones.  Apparently Samsung needed some extra funds for the executive Christmas party.

There are adapters for the SII from Samsung and other vendors, less expensive naturally.



First, there is a problem.  I want the audio to go to my receiver, not to my TV.  My TV has HDMI inputs, but my older receiver does not.  I could use the TV speakers, but where's the fun in that?  Enter this device.

This photo shows one end of a nifty little box that splits off the multi-channel audio from a digital HDMI signal to analog.  On this end we see an HDMI input, a mode selection switch and the power input.


A word of warning.  HDMI is a copy-protected format (for your protection).  Not all boxes that claim to split the signal in this way will actually pass through the video (for your own good).  This box worked for me, and my SIII, with Netflix.  That's about all I can claim.


Here is the other end.  The outputs are four stereo mini-jacks providing all the signals for 7.1 audio.  There is also an optical output.  And at the left end is the HDMI output for video to my TV.











Here's the cables I used.  These have a mini-jack at one end, and RCA jacks on the other.  Four of these get you to 8 channels, for 7.1 sound.

I'm going to connect the optical cable as well.












All set.
















Next, here is the Samsung HDMI adapter.  This connect to the phone at the small end, and provides a female HDMI port at the large end.

Note that this means I need another HDMI cable.  I should have thought of that...

Also, this device will not work unless it is powered.  It has a USB jack on it, just like the phone and is designed to be connected to the phone's charger.



It works!

A few things though...

The video signal from Netflix on the TV looked terrible, unwatchable in fact, for a couple minutes or more.  Then apparently it realized it could use more bandwidth and stepped it up to something not too bad.

Also this setup might be a little flaky.  It took awhile for the video signal to appear on the screen, although connecting the phone directly to the TV worked fine.  The splitter box seems to have some trouble kicking in.  It dropped out on me for a few seconds once too.

And of course Netflix is not pushing down multi-channel audio, but for old TV shows, that's OK.

All in all, so far so good.  This looks like a usable setup for now.

Wednesday, August 08, 2012

HTTPS in jBoss 6

In setting up a jBoss 6 server for SSL, I found quite a bit of information was not readily available and there were several unexpected issues.  Here's the long and short...

First, the server will need a keystore with a self-signed certificate.  Use keytool, and an alias of "tomcat".  I'll gloss over some of these general certificate steps because they are well covered in other places.

keytool -genkey -alias tomcat -keyalg RSA -keystore somekeyfile -validity 9999

In the first question, for first and last name, use the name that this server will be refereed to as, in client calls; "localhost", a hostname or an IP address.  Use "changeit" for the passwords.

Next, extract the certificate just created from this file and set it aside.

keytool -export -keystore mykey -storepass changeit -alias tomcat -file tomcat.crt

I'm going to ultimately use this same store as both the key store and the trust store, so I re-import this certificate with the alias that the machine will be referred to.  For example:

keytool -import -alias 192.168.0.8 -file tomcat.crt -keystore somekeyfile -storepass changeit

Now the file has the self-signed certificate, which the server will hand to clients making requests, and the same certificate, with the different alias, that clients will compare the server's certificate to, when making calls to this host.

Edit the follow file to enable the use of this keystore.

[server directory]/server/default/deploy/jbossweb.sar/server.xml

You can set the SSL port here too, like this.

<!-- SSL/TLS Connector configuration using the admin devl guide keystore --   
           port="8643" address="${jboss.bind.address}"
           scheme="https" secure="true" clientAuth="false" 
           keystoreFile="${jboss.server.home.dir}/conf/somekeyfile"
           keystorePass="changeit" 
           truststoreFile="${jboss.server.home.dir}/conf/somekeyfile"
           truststorePass="changeit" 
           sslProtocol = "TLS" />

As an aside, I am using a port set that is supposed to add 200 to all my puts.  This did not work for the SSL port, so I set it to the normal port + 200 as above, is server.xml.

Note that "truststore" properties are specified above, and some documentation indicates that this works.  It does not.  The keystore specification works however.  The server will use the "tomacat" aliased certificate in the given file as it's own.  I don't believe setting "truststoreFile" in server.xml has any impact.

For the truststore, clients will actually use the JRE's system trust store file.  If nothing else is done but the above, to continue this example, then when this server attempts to access https://192.168.0.8:8643/something/ an exception will be thrown.

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

This happens because the server certificate, the "tomcat" certificate provided by the server on the initial handshake, can't be found in the JRE truststore file.  I added it to the somekeyfile above, but this file it not being checked.  Options...

1. Add the certificate to the Jave truststore file, with the proper alias.

keytool -import -alias iws03qa5 -file tomcat.crt -keystore /opt/jdk1.6.0_30/jre/lib/security/cacerts -storepass changeit

2.  Use properties set at the Java command line to specify a truststore location.

-Djavax.net.ssl.trustStore=[path and filename]
-Djavax.net.ssl.trustStorePassword=changeit


3. Set the truststore in jBoss's SSL support properties.  To do this, edit:

[server directory]server/default/conf/bootstrap/security.xml

Add this, at the bottom, inside the "deployment" block:


[path]/server/default/conf/somekeyfile
 changeit
 [path]/server/default/conf/somekeyfile
 changeit


Change [path] to your server path of course.

Interestingly, keystore properties must be given here also, even though they also appear in the other file.  Otherwise, the security system will not initialize and it's a big mess.

With this setup, and the server bounced of course, the certificate is found and HTTPS works.

Friday, August 03, 2012

Trouble

I've been having a good deal of trouble with Ubuntu 1, on 11.something.  Ubuntu One solidly occupies that perfect space where it is just barely stable enough to be useful, but not enough to be reliable.  It is a space of peak frustration.


First, performance was terrible on my PC.  I found the Ubuntu One daemon using 100% of the CPU.  With a bit of Googling I found that this is a common problem - it just goes crazy for no reason.  Ok...  In attempting various suggested solutions, I found right off that the normal shutdown command for the sync daemon would not work. But this did:


sudo killall -9 ubuntuone-syncdaemon


I also did this:


u1sdtool -q rm -rf ~/.local/share/ubuntuone u1sdtool -c


and rebooted.  Didn't help...  An I/O nice on the process would seem to be in order:

ionice -c 3 -p $( ps h -o pid -C ubuntuone-syncdaemon )

And this seemed to help, for a few minutes I thought it was ok.  But then the whole process died.

To take a step back, I think what started the trouble was that I accidentally unpacked a very large tar/zip into the sync'ed directory.  The system hit my account limit.  I'm here to tell you, don't let this happen.  It does NOT handle it well.  The software will begin to fail to connect to the service.

So while in the midst of trying to get the daemon to connect and run, I was also discovering, and deleting, the extra files.  I went and deleted them from another sync'ed computer too, which I think helped.


Also, at some point in there I did what, I guess, re-sets the local Ubuntu One "marks on the wall".


rm -rf ~/.local/share/ubuntuone

But somewhere in the middle of all this I was distracted by nautilius no longer functioning.  It was extremely sluggish, and eventually terminating.  Again, Googling this called for deleting various files and directories - none of which worked for me.

At some point though, after deleting a lot of things, and several changes and reboots,  nautilius, out of the blue started working.  I unfortunately can't pin this on any specific action on my part.  It just started working, while I was sitting there contemplating just going on with life, without it.

Then two things happened at about the same time.  One was that Ubuntu One appeared to start working, even though CPU was still swamped. 

Also, I looked at my Droid 2.  Verizon's service had set the date/time on my phone to about 2 days and an hour into the future.  I know it had been correct earlier in the day.  One problem at a time though...  Or two...  Or three...

Several hours later after a lot of goofing around, nautilius and Ubuntu One are working.  The date/time magically fixed itself in Verizon's network too.

However...

One of my most important files in the Ubuntu One sync directory is gone.  Fortunately I have other copies, having had prior experience with Ubuntu One over-writing newer files with older files (yes, it absolutely does that, although it hasn't happen in awhile), so I can in theory, put the file back.

But when I do this, Ubuntu One instantly deletes the file and creates a new conflict file with the desired content.  There appears to be nothing I can do about this.  I have to call the file something else.

I really shouldn't try using software that hasn't been out for 5 years.  Or should that be 10...  Performance on my PC is back to normal though.


In other interesting trivia, I also had Ubuntu One running on a Windows XP machine.  This was not easy to install, but that's another story.  The funny thing currently is that for the past 2 or 3 weeks, if I start the Ubuntu One GUI program on that machine, a dialog appears.  It tells me that an update is available and asks if I want to upgrade.  


At first I clicked "yes".  But nothing further happens and it has never done anything, apparently, because the dialog continues to appear.  So now I don't bother.

Tuesday, July 31, 2012

What's My IP Address?

Would you like to know your IP address for a script?  There are quite a few websites that will display your IP address, but when writing script for any sort of automation, you don't want to do a lot of screen-scraping.

Try this one:

http://automation.whatismyip.com/n09230945.asp

To grab the address in a bash script, use curl.  Something like this will do...

IP=`/usr/bin/curl -s http://automation.whatismyip.com/n09230945.asp`




Wednesday, June 27, 2012

Crow Attacks!

A crow has been defending a nest for weeks by diving down on unsuspecting pedestrians and bikers on a busy sidewalk in downtown Portland.

http://www.katu.com/news/local/Bird-of-terror-This-storys-something-to-crow-about-160480945.html?tab=video&c=y

"From morning to night the bird swoops down from the sky, flying inches from the heads of unsuspecting bicyclists and pedestrians. Frequent travelers have taken to protecting themselves with umbrellas and hoods while keeping their eyes to the sky as they dash to the other side."

Thursday, May 31, 2012

len length

Microsoft SQL Server has a function called len() while MySQL has a function called length().

There doesn't seem to be any common way to write SQL that will work in both servers.  So I guess my Java program will have to resort to detecting the server type from a JDBC Connection and making the necessarily adjustments to the queries.

Connection con;
DatabaseMetaData databaseMetaData;
...
databaseMetaData = con.getMetaData();
if (databaseMetaData.getDatabaseProductName().contains("Microsoft"))
{
  /*
   * SQL Server, boo!
   */
}
else
{
  /*
   * MySQL, hotdog!
   */
}

For what it's worth SQL Server appears to be the out-of-spec one of the two (shocking I know).

Thursday, May 17, 2012

Fat Cat

This is Iris the cat.

I took this cat, Iris, to the vet for a checkup first thing this morning.
Strictly routine...



















The vet said she was too fat and gave me this cup to measure the cat food.


I have two cats, the other one being thin and smaller generally, so there's some guess work involved, but she suggested about how much food they should both eat in a day.

I took the food I had just given them this morning, hardly any eaten yet due to the trip to the vet, and poured into the measuring cup.  Here's the problem.

It's almost exactly what it is supposed to be.

Wednesday, February 01, 2012

Bring Back the Incoming Stream


Google+,

Having the Incoming steam, I can share with Extended Circles. Persons I don’t know, but have a real connection to, through another person, may see those items. They are free to ignore them, or add me to a circle themselves. They can even easily ignore the Incoming stream altogether if they like. Without the Incoming stream, it’s first of all hard to see the point of the Extended Circles option at all. But even more importantly, I have no incentive to grow my own circles, beyond what I actively read, to included interested persons.

This devalues the whole idea of Circles by removing one of their innovative applications. Circles are used both to read incoming items, and to direct out-going content. Without the Incoming stream, there’s no functional middle ground in out-going items between a carefully directed shared item, limited to people I know fairly well, and a completely public item.

The idea that the suggested friends display in circle management is a suitable replacement is almost laughable. Items appearing in my Incoming stream are items expressly made available by someone I don’t (yet) know, to me. The suggested friend list is nothing more than an selection of Google executives, billionaires, pop stars and assorted internet celebrities.

Google+, do you want our circles to be a core collection of 100 or so people we directly interact with, plus William Shatner, Robert Scoble, Larry Page and a few others so widely followed that they don’t even know we exist? Or do you want us to crowd source vast networks of people with common interests in labeled collections?

Google+, please bring back the Incoming stream.

Thank you.

3D modeling Advertising Air Canada Airline Alfa Romeo Spider Touring Gran Sport Analog signal Android Anomalies and Alternative Science Apache Apollo Astoria Augmented reality Aurora Famous Fighters auto-awesome Automobile Autos Barack Obama Batman Beards Beer Bell System Berkshire Hathaway Bigfoot Bird Toys Birds Blogger Books Build Management Business and Economy Business Process Execution Language Byte-order mark Canadian Carrot Cats Christmas Civil Defense CNN Cockatiels Collections Crows Dear Jane Debian Diabetes Digital Living Network Alliance Digital television Disney Doll House Dow Jones Industrial Average Duesenburg SJ Roadster Durham University E-mail address ebauche Economics EJB Energy development Enterprise JavaBean ESP Facebook Fedora Filesharing Finance Ford Fossil fuel Garfield James Abram Garfield Minus Garfield Glassfish Global warming Golden Arches Goofy Google Google Buzz Google Docs Google Lively Google Photos Google Reader Google Wave Google+ Greenhouse gas Half-Life 2 Helbros High-definition television History Hybrid electric vehicle IBM Inner city Instagram Insulin Investing Irony J.C. Penny Jane Austen Java Java Architecture for XML Binding JDBC Jeff's! Jim Davis joe the plumber John McCain Karma Kay Thompson Kermit the Frog Kids and Teens LA Auto Show Larry King Laser Logging Lowry Sexton Mark Cuban Market trends McDonald Meier and Frank Microsoft Microsoft Windows Models Monkey monsters Moon MOUNT HOOD Music Music industry Muxtape MySQL NetBeans Netflix Nintendo Nissan Cube Norm Coleman Nuclear fallout Nuclear warfare Office Depot Open ESB Oracle Corporation Pacific Ocean Packard Boattail Pearl District Pearl District Portland Oregon Philip K Dick photography PlayStation 3 Pocher Pokémon HeartGold and SoulSilver Politics Portal Portland Portland Development Commission Presidents Pride and Prejudice Programming Projects Radio Recording Industry Association of America Renewable energy RIAA Robot Chicken Rock-paper-scissors Sarcasm Science fiction film Serbia Service-oriented architecture Shopping Slide Rule Social Security Social Studies Society6 Spirit of St. Louis SQL Stanford Hospital Star Wars Starbucks Stock market Strip search Sun Microsystems T-Mobile TechCrunch Technical ThinkGeek Toaster Total Recall Transportation Security Administration Unicode United States United States Department of Homeland Security Universal Plug and Play Unknown Primates Vegetable garden Video game Vintage Images Vintage Vintage! Virtual world Volvo C70 Wall Street Warren Buffett watches We Can Remember It for You Wholesale Web service Web Services Description Language Wii Windows 7 Windows Phone 7 Windows Vista Windows XP X-Files X-ray vision XML XML Schema YouTube Yugo Zima