What music gives you a “frisson”?

Uh, what? A frisson? Just watch…

Yeah, that goosebumpy feeling you get when you hear some music that really affects/connects with you. Now, this particular video features a track called “I put?? a spell on you” by Sonique but I swear that when I saw this ad while in Finland in ’98, it featured the much more impressive “Energy 52 – Nalin & Kane Remix” by Cafe Del Mar - recently voted the #1 dance track of the last 20 years – but hopefully you get the picture. Know this track? Jump straight to the frisson section of the song here. Watch those arm hairs :)

For me, the first one that I can remember is actually “I will survive” by Gloria Gaynor – I must have been 5 or 6 at the time. I had obviously no idea what the hell it was about, but I could feel that there was something in that music that was more than I could hear.

Fast forward many years, I’ve caught a few more frisson generating tracks along the way, like:

to name just a few. It’s a personal thing – what buzzes me need not buzz you, but I’ve always wondered if there is any universality to it – is there one track, or one aspect of the musical progression that will affect everybody this way?

Unfortunately, as far as I’ve been able to google, no one has found one yet. But, the always reliable folks over at NPR’s “Talk of the Nation” recently broadcast a fascinating show called “‘The Power Of Music’ To Affect The Brain“. The whole thing is well worth a listen but what was particularly interesting to me was this excerpt:

Mr. PATEL: Yes, well, I also want to point this caller in to some research that has been done by a colleague of mine, Dr. Robert Zatorre at the Montreal Neurological Institute, very elegant experiments, actually having people in brain imagining machines, while they are experiencing these musical chills.

So they bring in their own CDs that give them this response, and like your caller mentioned, they often know the exact moment, down to the chord, where they’re going to get that response. And it’s pretty reliable. And looking inside the brain to see what’s going on.

And this is also – Dan Leviton has been involved in some of this work, and one of the neat findings is the activation of these very ancient reward centers of the brain that have been associated with things like food and reproduction and biologically important behaviors being activated by people listening to instrumental music and getting this response to music.

CONAN: It’s the old dopamine rush.

Mr. PATEL: Yes, it’s – yes.

So finally they took some ppl, stuck them inside PET and FMRI machines and had a look while they experienced these “musically induced frissons”. Fascinating results, you can read the summaries here and detailed jargon-heavy PDFs are linked therefrom if you can hack it.

My take? Frisson is real, and is medically/chemically like a non-addicting sexy drug injection, both before it happens and as it happens.

Like I said, it’s a personal thing, and can be a good icebreaker conversation if the party mood is right. You should know though, that there are some unfortunate souls whose brains simply don’t get music at all. No frisson for them :(

Have you experienced a frisson with a particular piece of music? Let me know in the comments – bonus if you can add a link to it :)

Posted in Uncategorized | 1 Comment

Making your web app more secure; an upside of tumblr’s sexy data exposure

So over this past weekend tumblr had a “minor” security breach. Sure, maybe none of their users’ info was leaked, but what was leaked was basically tumblr’s entire website configuration which is at least as salacious, at least to geeks. Alright, at least to web app development geeks like what I am.

I had a good look at their configuration underwear (I’d be happy to show them mine if they asked :) ) and was happy to see some overlap in approach (the good stuff – yay!) and a bit dismayed to see other stuff in there that seemed a bit hackish. But hey, their config runs a 10 million UV/month site so, it works alright.

The interesting thought to me is what to do when your site is this painfully and righteously compromised – as in, what to do *immediately*, in what order. We’re talking the full blown klaxon’s blaring, lights flashing, people screaming, dogs and cats living together, mass hysteria filled moments immediately afterward.

My hit list to prepare for such an apocalypse:

  • If you can, stop the bleeding – take your site down, redirect to your sorry page – this doesn’t actually do much beyond easing a tiny bit of embarrassment. The horse has already bolted.
  • You’re going to need to change allll those passwords and keys – as you add services for your site, keep a list of the URLs you’d need to visit in order to change those passwords alongside the credentials themselves in the same file – this saves you valuable seconds. If you have an accomplice, you can readily say “I’ll take the top 5, you take the bottom 5″ and halve your time.
  • Make sure you use a common email address to sign up for all your site’s accounts – some of them will likely require you to confirm the changes by clicking on links in email and you don’t want to be logging in and out of loads of different accounts when the poop is slapping that fan.

Of course the best move is not to play this game at all – by making it super duper unlikely in the first place. Those in the web app business that haven’t experienced the colonic gripping fear that goes along with a feckup of these proportions, yet, kudos to you, you get to plan ahead for when it does. For all the many many others, myself included, who’ve been bitten by this to at least some degree, see if you think my list passes muster:

  • Store your web app’s configuration settings OUTSIDE the web root – i.e. somewhere where your web server will not send it out on request as if it were a regular text file.
  • Restrict access to this file as much as possible. Chown and Chmod to be as aloof as you can – for some situations you can even make your web app configuration readable only by root!
  • Store all sensitive system information in only ONE file, vs spread around your app. Compromised is compromised but you’ll be more likely to secure something well if you only have to concentrate on securing *one file*
  • Don’t include this settings passwords file in your standard code repository. Yes, it’s very convenient to have it there, but every time your code is checked out somewhere, so are your passwords. It doesn’t have to be that way.

That’s it. There’s always more, just like there’s never such a thing as total security. Had tumblr done all this, it’s not a guarantee they wouldn’t have leaked their data, but it would have been way way way less likely and way way way harder than some poor schmoe fat fingering a vi command. Voosh. Shudder. I feel that pain.

Posted in computing, security | Tagged , | Leave a comment

I just filled up gmail — and then rolled it over!

UPDATE: WTF! Slow news day last week, turns out some guy filled up his own gmail account, and everyone and their auntie decided to shout about it. A slowwwww news day. Not gonna whine about it, but that guy didn’t even have a cunning solution! ;)

Seven thousand, four hundred and eighty eight megabytes… of (let’s face it) mostly crap! It’s pretty obscene when you think about it. I feel dirty just having that much mail, and whilst over 30,000 of them are unread, at least 25,000 of *those* are just ‘notifications’ from the work website platform.

These are still big numbers in the email realm. Nothing to be proud of either. I should never have let it get that high, but in the grand scheme of life and work priorities, ‘pruning email’ doesn’t even rank. For most people, this is not a problem. For me even, in my person gmail, after 5 years i’m at a scant 4%.

Email, I’ll state for the record, sucks. It’s like a sickness. Good conversation on metafilter about it. I think one of the recipients participants there summed it up nicely:

the worst form of communications, except for all the others

Anyway, the point is, when gmail told me I could no longer SEND email, I had a hard choice:

  1. Spend time pruning my email down to, what, the “half a gig free” level?
  2. Create a new gmail account, forward new mail to it, swear to “keep this one clean!”

Life is too short – and my Nexus One can handily deal with multiple google accounts – so in a move inspired by a classic episode of “Porridge”, I have a new work email address – clean, and Freeeeeeeesssssssshhhhhhhhh… like new linen sheets. Mmmmm-hmmmmmm!

New mail to the old address gets sent through to the new one. I have a nagging feeling that there’s going to be some subtle unintended consquences here, but hey, at least I can send gmail now.

G

Posted in computing, zootoo | Tagged , , , , | 1 Comment

Android vs iPhone = Internet vs MSN (also, porn!)

http://pogue.blogs.nytimes.com/2010/04/19/android-tries-harder/

What we’re witnessing here is musical chairs. Apple seems keen to take Microsoft’s chair, Google is taking Apples’.

If Apple don’t have the relationships referred to above with developers – it’s because they don’t *have* to. They’re Apple and can do no wrong. If a developers app is rejected, the developer is wrong. Apple decide.

Apple’s attitude to the mobile app space reminds me very much of Microsoft’s attitude to the net back in 95-96 http://en.wikipedia.org/wiki/MSN — they neither wanted it nor believed it would succeed. They changed their mind eventually, and IE was the main result (not saying that was a panacea :) ). Now, Apple wants a nice walled garden via their app store. “We will decide what you can and cannot do on your device.”

That’s never been OK. Remember the freak out when microsoft announced palladium? It’s my device. I bought it. Help me if you like, but don’t hinder.

Recently, Jobs has been cited as saying “If you want porn, go for android.” in the apparent context of Apple’s “shepherd of the app store” position.

If that smells a bit fishy, it’s not surprising. Jobs actually managed to pack three (count ‘em) 3 Red Herring Fallacies into that little nugget – “Straw Man” – the issue is control of what users can put on their phone, not ‘porn or no porn’, “Guilt by association” – ‘see? only filthy perverts want non-apple-approved apps’, and “Emotional Appeal” – ‘it’s porn! we’re just more moral than you! Ignore the playboy iphone apps. And what you can see using safari.’

UPDATE (to me at least) – A year ago, there was this controversy of an app called “Baby Shaker”? Sure, the app is sick, but Apple, you put yourself as the gatekeeper, so… you condoned it? You… approved… an app that is about infanticide?

Master showman, that he is. As someone who naturally makes use of all the argument types you can find at the “Fallacy Files” just to win arguments, believe me when I say I can recognise BS when I read it.

BS is, after all, my middle name.*

**disclaimer** I use a mac – and a nexus one. That should say something.

G

* Well ok, my middle two initials.

Posted in android, computing | 1 Comment

Win7 + Virtualbox + Ubuntu + Raid5 + LVM + Samba = Big Shared Filestorage

The problem:
You have made a big raid array (terabyte range) that also uses the Logical Volume Manager (LVM) format in your Linux distro of choice. It’s sitting in a computer that you would also like the option of running a flavour of windows on, at times. You realise that you cannot access the raid array that you made for Linux, when the machine is running the windows system.

The hacky as hell solution:

The basic idea: Virtualbox a Linux distro under windows, use it to access the raid array, share it via samba.

http://www.ubuntugeek.com/howto-access-ext3-partition-from-windows.html

Throw in some Raid 5 setup and access:

http://changelog.bthomson.com/2009/09/software-raid-5-in-windows-7.html#comment-form

Wait, what about LVM?:

http://www.thushanfernando.com/index.php/2009/09/02/mounting-and-activating-lvm-volumes-from-bootcd-to-recover-data-in-linux/

Caveats:
- I chose to mount the array as read only. Paranoia mostly. Read write should be fine, but I am only using this as a view only media share.read only works for me.

Make sure to cleanly close/ unmount your vms every time.even though you are mounting read only, this is still raid we are talking about. Take care with it.

Posted in computing, ubuntu | Tagged , , , | Leave a comment

pipe shell (command line) output to the web

Geeky exhibitionism at its finest, in order of increasing geekitude:

There are a buttload of them, of course. Enjoy these.

Posted in computing, shell | Leave a comment

“i saw this and i thought of you…”

Well, many many people I’ve known fit this paradigm. Yeah, it’s a noble concept (kinda), but am I bad person if my mind goes straight for the comedic implications?

Stupid as as stupid does

Posted in Funny | Tagged , | Leave a comment

Ubuntu Karmic, not ready for primetime. Very sadly.

pulseaudio. I know, it’s a known ‘issue’. And who is to blame, is about as important as who the hell cares? The end result, sadly, is that I moved the media server to karmic and it’s rare (if ever?) that I can “just watch a frickin show” without getting up and killing pulseaudio (and xbmc/boxee/vlc) a time or three.

Very sad state of affairs.Windows? Didn’t have similar problems. OSX? Also, straight on. You think I want to be admitting I made a bad call? Not so much. But hey, maybe Lucid will fix everything.

Pulseaudio / lucid, it’s not going to have any of those problems that whatever/karmic had

Posted in computing, ubuntu | Leave a comment

Flash, cookies, swfuploader and cisco loadbalancers = Fun!

Picture the situation:

We deploy a fancy new flash upload mechanism based on swfupload – users get to see a nice progress line for their massive 5mb photo uploads.

In QA environment, it works perfectly.

In Live, sometimes it just doesn’t work… images seem to disappear once uploaded. How can this be?

The answer lies in our use of a load balancer in front of our 3 web servers. We have a Cisco css of some number, and we make sure that your browser sticks to one of the servers using a specific cookie. All is well.

Enter flash. MacroDobe, in their wisdom, have arranged so that flash doesn’t send session cookies reliably if at all

This royally screws our flash upload mechanism. Your web browser talks to server #1 – your flash player talks to server #2 perhaps. Result, your file goes to the ‘wrong’ server! you expect to see it on #1.

Now, you can use a different load balancing mechanism – cookieurl – this will use cookies if it finds it and if not, will look for the instruction in the URL of the request. So in theory, you add “?server=www1″ to the end of your URL, tell the load balancer to use cookieurl and you are off the to the races, right?

Not quite. The Load balancer will use the url as *fallback* only. What if flash gives it a cookie – but (dun-dun-duuuuuuunnnn!) The Wrong Cookie! Back to square one.

In device conversation form it goes like this:
- flash: hey, I need to post to this URL.
- load balancer: ok, but first, do you have a cookie?
- flash: oh, no. I don’t have one.
- load balancer: well then I see that you have a special URL that says “goto server 1″ – I’m going to send you to server 1
- flash: great, here I go to server 1.
- apache: welcome to server one! Here, have a cookie (server=www1)
- flash: Hey thanks! I love cookies. nom nom nom.

now, flash has it’s own cookie, server 1. Web browser has a cookie. Flash has a cookie. Are they the same? Probably. Will they always be the same? uh… maybe not. If not, then eventually the conversation goes like this:

- flash: hey, I need to post to this URL
- load balancer: ok, but first, do you have a cookie?
- flash: oh, yeah, I got one – server=www1
- load balancer: ok, off you go to server www1
- web browser (which may be on server www2 now): hey, where the hell is my file?

The Solution:

Tell your load balancer “hey, for urls that look like this: /flash_image_upload/ use the following load balance option: search for specific domain names or information in the http header.” (a.k.a – our original cunning plan of ?server=www1)

Shout out to mike wise from rackspace for this – hey, fanatical idea :)

So, a quick rewrite:
RewriteRule ^/flash_image_upload/$ imageuploader.php [nocase,last,qsa]
* qsa gives me the ability to pass through the ?server=www1

Now, for specific uploads from flash – the URL is what decides the server being used. And what determines the URL? The cookie in your web browser – “/imageuploader.php?server=”.$_COOKIE['server']

Let’s see if it works…

G

UPDATE: No, it didn’t work. Sadly, the way rules in the loadbalancer are applied, it wouldn’t allow a mix and match of cookie based rules with url based urls. It’s either or.

In the end, the somewhat less elegant solution was to make a wildcard dns entry, that allowed each server in the pool to be referenced directly. E.g. www1.www.website.com – and rules in the loadbalancer to direct traffic to the appropriate box. So now, swfuploader sends it’s files *directly* to the server that the user’s web browser is talking to.

I don’t like this solution nearly as much because it requires that the load balancer have not only knowledge of all the servers living behind it (not a problem) but *also* have specified rules directing traffic to those servers (a problem if you are looking to dynamically scale, for example in the cloud). Adding rules to load balancer devices can be scripted, no doubt, but it’s not an option with our load balancers, managed by RS.

Posted in computing, zootoo | Leave a comment

The home server (almost) died. Phoenix like, all good now.

Way way way long ago (2002?) I installed what was known back then as the “e-smith server and gateway” I believe. A neat little redhat 7.x-based linux distro designed for people who were un-keen getting hands super dirty with Linux. At the time, me. Nice web-based interface, lots of community development – could function as a LAN admin box doing things like:

  • mail for your own domain
  • nameserving for your own domains
  • webserving
  • ftp
  • vpn even

You get the idea. Back in the day, armed with my new shiny speakeasy dsl connection and static IPs, I decided to hell with the (not super-nominal) monthly fees for hosting, I’ll do it myself! Save money! So I got donated(*) an old pentium-something with practically no ram, 1.1GB disk, cpl of network cards. An embarrasingly poorly specced machine. Worked tho. Like a charm in fact. I was able to spend a bit of time tweaking the thing, before tooooo long I had it all doing what I needed – even with rDNS courtesy of speakeasy, I was a fully fledged Machine On The Internets! Something that I’d been seeking for many years. I even had relatively not terrible upload bandwidth (768k – ironically more than I have *now* curse on all US ISPs, bar FioS) – it felt pretty good. This happy situation lasted all the way up till about May 2005, when I had to say good bye to it all. Why? All for good reasons, but still…

Anyway.

The server went through one OS upgrade – from 5.1.2 to 5.6. I should have gone to 6, never got round to it. Hardware wise it changed quite a wee bit. First it got my old desktop hardware when I upgraded that (asus a7v/athlon something), then I believe either that crapped out or I just felt flush, got an a7n266-vm/aa/athlonxp1.8 something. A very nice 3ware 7506-LP raid set with 4x120GB raid 5. And a very nice Sonata Piano Black Silent Case to keep things hush hush.

Key thing here is, nothing original remained about the ‘server’ – not the OS, not the hardware – only the BITS! Which is exactly how it’s supposed to be, you keep the bits moving forward in time, the hardware/OS just falls away.

Fast-forward from mid-2005 to mid-2007. One of the 120gb disks in the raid array dies. I should replace that, I’m now running a 3 drive RAID-0 setup which is like flying a wet kite by copper wire in a thunderstorm shouting “Zeus is a pansy!”

Time passes.

“I gotta get a replacement 120gb drive… but these days, 500gb is normal! I should upgrade the whole thing… oh wait tho, i have a PATA raid array, these are all new SATA drives coming out. I should get a SATA raid controller. Gah, $250+, and I’d need a new MB, CPU and RAM thanks to PCI-X and PCIexpress! Even my desktop doesn’t have that! I should upgrade my desktop…” etc, etc, etc. There are what I call “upgrade cliffs” every few years (probably there is a technical term…) and 2004/2005 was a big upgrade cliff which left me 3 years out of date. Things had moved on and I hadn’t kept pace, with either the desktop or the server. It meant either a painfully expensive replacement of almost every damn bit of kit, or deliberately buying obsolete parts, and paying a price premium. A dilemma.

Time passes.

The server wobbles a bit. Then after one restart, a big phat “ZAP!” noise is heard. No more booting. No server, no internet, angry wife. “All my art data is on that! Get it back!”

Time passes.

Wife goes out of town to SF for a week, over a year since the 120gb drive failed. Time to take some drastic action.

What’s up with the server? Could just be the power supply, the box has been on for about 3 years continuously, using about 4,000 kWH maybe? could be the raid card is dead. Could be the mb or the proc. Have to figure it out – I’m going to have to suck it up, take apart the server *and* the desktop too, to plug the desktop powersupply into the server… ah hell with it. I never get a chance to use the desktop much these days anyway. I’ll give it up. Give up 3d gaming, give up surround sound (hah, haven’t had that since we left the loft in early 2006) and just re-make the server with yet new kit. The stuff from the Desktop:

  • asus a7n8x-deluxe
  • 1gb kingston ddr something
  • Athlonxp-2800
  • meh, that’s pretty much it. Some other bits that made it snappy 3ish years ago.

Shopping list needed:

So, got all the stuff, spent a cpl of DAYS de-installing desktop and server bits, culling desktop bits into server bits, adding the 2x750gb drives and moving the old mp3 120gb drive to replace the dead 120gb drive.

End result:

SME server 7.2 (wowsers!) running on 2x750gb RAID-1 array (the hassle it was to get the motherboard’s built-in raid firmware upgraded to recognise the big drives. Oy.) with a resurrected 4x120gb RAID-5 array (because why not?) hooked up to a gigabit switch.

No desktop machine. The poor thing is just sitting there, eviscerated.

What’s next?

Posted in computing | Tagged , , , | Leave a comment