blog.josephhall.com

I can't even tell you how mad I am right now at Art Pollard, at Amano Chocolate. After my glowing review of his totally excellent Guayas chocolate, he rewarded me by completely failing to mention that he had another chocolate also on the way: Dos Rios. I would have had no idea if I hadn't seen it on the shelf at Pirate-O's today.

I bought a bar, along with my sandwich for lunch, and headed back to the office. After a few bites of sandwich, I decided that I couldn't wait to try the chocolate. So I put the sandwich down and broke off a piece of chocolate. The second I put it in my mouth, I knew I had a problem. Not only did I not want to finish my sandwich, for fear of losing the flavor that was suddenly in my mouth. In fact, I don't know if I can ever eat another kind of chocolate again. I have officially been ruined.

The box that this chocolate comes in describes it as tasting like bergamot oranges, cloves and cinnamon. They're not kidding. The orange punched me in the mouth immediately, and was complimented by an amazing set of spices. I used to like those cheap chocolate oranges that you can find everywhere in America around Christmas time. They are officially crap. This trumps that any day.

There is a bitterness that you expect from dark chocolate, but it's not an unpleasant bitterness. I broke off a piece and gave it to Harleypig, and told him that he had to try it. The look on his face was classic. He finally said, "I do not like dark chocolate. But I like this." The bitterness is one of the things he mentioned. It's not the dark bitterness of overly dark chocolate, but the pleasant bitterness of an orange that isn't too sweet.

You have to try this. If you're in the south part of the Salt Lake valley, go down to Pirate-O's right now and buy a bar. If you're closer to downtown, go to Caputo's and get it. If you're too far from either, order online. This stuff is effing amazing.

Disclaimer: Although he's apparently not much of a friend right now, I do know Art Pollard. I don't believe this to have biased my review of the chocolate itself, but that's your call. And maybe if Art starts telling me about new flavors again, I'll acknowledge him as a friend again.

Update: Art called, and we talked shop until I had to go change a diaper. We're friends again.

I suppose this would be a much bigger concern if you could pull it off as an unprivileged user, but you do have to have root access on a server to pull this off. And really, once somebody has root, all bets are off anyway. Still, it's an interesting excercise.

In one window, log into a Linux server (RHEL 5.3 in my case) as root. In another window, use ssh to log from a remote machine into the server:

jhall@bourdain ~$ sftp guest@myserver
Connecting to myserver...
guest@myserver's password: 

When it prompts for the password, hop back over to the server and run ps to figure out which process is handling the connection:

[root@myserver ~]# ps auxf | grep ssh
root   28705  0.0  0.0  60672  1184 ?  Ss  12:32  0:00 /usr/sbin/sshd
root   29361  0.0  0.0  86856  3116 ?  Ss  14:36  0:00  \_ sshd: guest [priv]
sshd   29362  0.0  0.0  62016  1384 ?  S   14:36  0:00      \_ sshd: guest [net]

What you need from this is the PID of the sshd process with [priv] next to it. In this case, 29361. Use strace to hop in and monitor this process (redirecting STDERR to a file, for later reference):

[root@myserver ~]# strace -p 29361 2> strace.log

Go back over to the remote system and type in the password. Go back to the server, cancel the strace, and then take a look at the log file. On my system, the 3rd line down had the payload:

Process 29361 attached - interrupt to quit
read(6, "\0\0\0\f", 4)                  = 4
read(6, "\v\0\0\0\7inmelet", 12)        = 12
getuid()                                = 0
open("/etc/passwd", O_RDONLY)           = 4

The text that we're looking for here is "inmelet", which is our sample password. In the clear.

Of course, this was a very manual process. But plenty of techniques exist would would allow us to monitor sshd, and launch strace automagically every time a user logged in. Of course, if you're using ssh keys, then there would be no password to see in the clear anyway. I haven't tested to see if you could steal the ssh key though. That might be a fun excercise too.

Wow, this was a fun one. We have an internal "project manager" that we use at work, instead of my prefered program, RT. The other day, my boss asked me to set up this program so that they could email tasks to it, instead of having to pull up the site to create a new task. The easy part was building the queue into our system. But the fun part was setting up Postfix to receive and parse the emails.

My first thought was to set up Procmail to send the messages to my parsing script. I'd never used it before, and I'd heard horror stories about writing "recipes" in it. What I had not heard was how difficult it could be to get it to play right. The mail server that I was using was not one that I had set up, and it had some weirdness about it that I wasn't familiar with. After fighting with Postfix and Procmail for a while, I managed to learn enough about Postfix configuration to realize that I might as well just skip Procmail, and write my own MDA.

Now, when I say MDA, it's a bit of a misnomer. It receives and parses emails, but rather than filtering and delivering emails to a specific mailbox, it dumps a few fields into a database. To avoid confounding the issue too much, I will try and keep this post to the bare minimum. My setup uses virtual mailboxes, but I won't go into the steps to set that up. I also won't cover the DBI code that I wrote. If I get enough requests, maybe those can go into other posts.

First things first. You need to edit the mail.cf file to set up some transports. There were two specific lines that I needed to add to mine:

virtual_transport = virtual
transport_maps = hash:/etc/postfix/transport

This allows me to only send messages sent to specific email addresses to my MDA. So the next step is to add the addresses to /etc/postfix/transport that you want forwarded to your MDA:

tasks@mytaskmanager.com mymda
projects@mytaskmanager.com mymda

Make sure to hash the file once you've edited it:

postmap /etc/postfix/transport

You've probably guessed that "mymda" is what you're going to call your MDA. This doesn't have to be the name of your script, it's just a pointer to the lines that you're about to add to your master.cf file:

mymda unix - n n - - pipe
   flags=R user=vmail argv=/usr/local/bin/mymdascript.pl USER=${user} EXTENSION=${extension}

You can see in here where we actually define the name of your script, in this case "/usr/local/bin/mymdascript.pl". Now that we're done with the Postfix configuration (remember to restart postfix for it to take effect), we can go ahead and set up that script. It's going to look something like this:

#!/usr/bin/perl

use Mail::Internet;

my @rfc2822 = <STDIN>;
my $email = Mail::Internet->new( [ @rfc2822 ] );

my $from    = $email->head->get("From");
my $date    = $email->head->get("Date");
my $subject = $email->head->get("Subject");
my $body    = $email->body();
$body       = join( '', @$body );
...snip...

This is a very, very basic script. It will receive the email from Postfix using STDIN, and to save you the trouble of parsing it out manually, I just ran it through Mail::Internet (part of the MailTools package).

Keep in mind that each line that you pull out of the message will have a newline in it, so $from, $date, $subject, etc. may need to be chomped, depending on your needs. Also, the date is hopefully in RFC2822 format, so in my case, I had to run it throught DateTime::Format::Mail to get it ready for MySQL.

Like I said, this isn't a full MDA. But it can be used for accepting things like commands, preformatted data, etc. from email and processing them, without having to deal with the overhead of something like Procmail. And if you want to use it to write a full-featured MDA, by all means feel free. And really, now that you know that the script is going to pull the message from STDIN, you're free to use C, Python, even Bash if you want.

While reading today's post at the XKCD blag, I found a reference to a comic from a couple of months ago about the TSA. I knew that the TSA had been challenged on said comic [citation needed], but I didn't know that they had responded.

In the time that I worked for Guru Labs, I spent a lot of time at airports. I learned a lot about air travel, and especially about the TSA. I thought I'd share some of the experience that I've picked up, to hopefully make some body's life a little easier.

The vast majority of TSA agents that I've had to deal with seem to be kids that got beat up in high school a lot, and are now getting their revenge. Not all TSA agents are like this, of course. There are plenty that are helpful, friendly, and generally on the ball. Most of the good ones that I have found seem to be in some kind of supervisor position, but not all. The ones that got beat up a lot in high school are the ones you need to understand.

You see, they seem to think that now that they are in a position of power and authority, that they can throw their weight around and intimidate people that remind them of high school bullies. It's not so much that they're power hungry, they're just looking for vindication. But they look in the easy places. And fortunately for them, the easy places correspond with the profiling that their job requires. The TSA may claim that they don't profile, but they'd be stupid not to. They just don't profile people the way we think they do.

Contrary to popular belief, they're not looking for turbans. They don't care what color your skin is. They're looking for (among other things) nervous people who look like they have something to hide. This is good from a security standpoint. But the high school kid in them also seems to be looking for somebody to push around. Hey, if you had to sit around all day watching X-rays, you'd get bored too.

It took a few trips, but I eventually formed the persona that I would use at airport security. Polite, respectful, occasionally friendly, but for the most part dismissive. Oh, and efficient. When you get to the metal detectors, you should already have your pockets emptied into an easily accessible part of your luggage. You should have your shoes off (or at least untied), and your laptop ready to be taken out of your bag. Everything should be ready to go on the belt, and you should be ready to pass through the detector without causing the agent any problems.

Occasionally, your luggage will contain something that the X-ray agent thinks is worth taking a look at. I'll get to some of my own stories in a moment. If this happens to you, politely and respectfully comply with the TSA agent. In my case, I add in a little bit of boredom that says, "seen it, done it, nothing new". When you start challenging the TSA agent, you risk looking like that bully that beat them up in high school a lot. And really, when it comes down to it, you knew the rules before you showed up. If you didn't bother looking them up, then you're an idiot.

Many TSA agents will just finish their job and move on. But I have seen some visibly deflated by not being able to play their game of retribution on me. The disappointment of not being able to push that high school bully back was visible and obvious. It's time for them to let you get to your gate, and they have a job to do anyway. Rules are rules, and you haven't broken any of them.

Speaking of rules, these are pretty important. Yes, a good number of the rules are asinine and should be challenged. The securitty checkpoint is not the place to challenge these. The agents have NO AUTHORITY to change the rules. The rules aren't meant to be flexible, they're meant to be followed. Yes, they realize that your 5 oz tube of lotion may obviously contain only an ounce or two. But the rule isn't "a container with 3.4 oz or less", it's "a container than can hold no more than 3.4 oz". If you really want to bring that lotion with you, find it a smaller container. Most grocery and drug stores in my area have a travel section of their pharmacy that can help you out.

So follow the rules while they are in place, and if you want to get them changed, write your congressperson or something. Treat the TSA employees with the same amount of respect and politeness that you should treat anybody else with, and they will generally do the same for you. And if they don't, you have the right to demand to talk to their supervisor. Personally, I've never had to do that. They tend to leave me alone. But I have had some small encounters.

Salami, Salami, Balony

When I grew up, I remember my dad being a big fan of dry salami. He'd frequently buy these tubes of it covered in some white stuff (mold, as I later discovered) that he would peel off before slicing off a few pieces. This style of salami has being increasingly difficult to find in Utah. One day in the San Jose area, I found a big ol' stick of the stuff, and bought it to bring home to him. Little did I realize that to the X-ray, it probably looked like a club of some sort, strictly forbidden by TSA rules.

Of course I was stopped at the X-ray. It was in my carry-on luggage because I don't check my luggage (there's only two types of luggage: carry-on and lost). My bag was full of clothes and computer books, but the salami was on top. The TSA agent had already told me I could put on my shoes, so I did so while almost completely ignoring him looking through my bag. Occasionally I would glance over, and I saw that he found the salami almost immediately, and gave a look that said "that's probably what they were worried about". After a layer or two of books, and the realization that I was just letting him do his job and not even remotely worried about what he might find, he gave up, without even making it halfway through my bag. He looked a little deflated. He gave my bag back and wished me a good flight.

"But It's Just Candy"

One day in Phoenix, I bought a tube of marzipan. I didn't get a change to open it beforehand, so I just stuffed in in my bag. Of course the X-rays identified it as a paste (almond paste, to be exact), so they pulled it out. I told them, "but it's just almond candy", but it fell on deaf ears, and I didn't want to push the issue.

I was told that I had three options: I could check my bag with the airline, or I could walk down to the airport post office and ship it home. With either of these options, I would get a TSA escort, so that I wouldn't have to wait in line when I came back. My last option was to throw it away, which is what I did. The TSA agent was confused, and reiterated that with either of the other options, I could keep my marzipan. My reasoning was this: I was flying on Skywest, and they are the principle reason why I don't check bags. And mailing my marzipan back home would have cost more than just buying another tube when I got home. The TSA agent was perplexed, but he let me chuck the marzipan and gave me no more trouble.

Darts

I have a travel kit of tech tools that I never leave home without. I keep them in a bag in my trunk, and when I fly, I take a TSA-safe version with me. One of the tools I used to have was a mini-screwdriver, with removable bits. I had taken it with me on dozens of trips with no incident. But one day I arrived at security while it was particularly slow (about 3 or 4 agents per passenger). A bored agent with way too much time on his hands saw my screwdrivers (I had two of them with me) and thought they looked like darts. And while the pocket that I kept them in was easy to access and obvious to me, it took the agent several minutes to find them. And as per TSA rules, I wasn't able to help. Once he found them, he realized his mistake, told me he thought they were darts, and allowed me to move on.

Just Chocolate

When I was in Montreal, I found some excellent French chocolate, and I bought plenty of it. On the way back, going through customs, I declared that I was bringing food over the border with me. When I went through security, I was stopped at the X-ray. I was asked if I was bringing back anything with me that I didn't bring with me. I said, "yes, chocolate". They asked if that was the food that I declared, and I responded affirmatively. As they inspected my bag, chocolate kept falling out of various pockets. Towards the end of the screening, they were more amused than anything. I was sent back to America with a smile.

Okay, so I have a thing for silicone baking molds. And I know the shapes weren't quite what I wanted. So sue me.

Baking molds aside, these muffins are the perfect way to start off a cold, wintery day. As with most muffins, it takes longer for the oven to preheat before than it takes to mix everything together, so set your oven to 375F a good 10 minutes before you start mixing.

1 1/2 cups flour
1 1/2 tsp baking powder
1/2 tsp salt
1/2 tsp nutmeg
1 Tbsp cinnamon
1/2 cup melted butter
1 cup packed brown sugar
1 whole chicken egg
1/2 cup milk
2 oz craisins

Being muffins, we use the muffin method: whisk together the dry stuff (flour, baking powder, salt, nutmeg and cinnamon) in one bowl, whisk together the wet stuff (melted butter, brown sugar, egg and milk) in another bowl, then combine and mix together with a spatula (trust me it's easier to combine wet and dry with that than with a whisk). Fold in the craisins, pour into prepared muffin tins, and bake for 20 to 25 minutes at 375F.

On a diet? Or maybe just looking for a way to add a little extra flavor? I'm told that with the muffin method, you can swap out the liquid fat with apple sauce, cup for cup. I didn't try it with this recipe, but I've done it before and it's worked well. And you can still spread on butter after it bakes, so don't worry about losing that goodness.

I've been feeling handicapped when I cook, and especially when I bake. When I used to bake professionally, we used the oven timers to know when to check on our cookies. It wasn't long before my internal timer was telling me 30 seconds before the oven timer went off, that I needed to check on the cookies. But that didn't help with cakes, pies, breads, pastries, you get the idea. One of our bakeries had multiple digital timers, to help out with production.

At home, my oven doesn't have a timer. My microwave does, but that's also the only working clock in the kitchen, and even on that floor of that house. And if I need to nuke something while something else is in the oven, well that's a problem. And I occasionally have enough going that two ore more timers would really come in handy.

When I got my G1, one of the first types of apps that I looked for was a kitchen timer. I found one (and only one) that didn't complete suck; it only half sucked. It could time for more than 90 minutes, immediately putting it ahead of all the other timers (my microwave timer only goes to 99 minutes, not nearly long enough for proofing bread dough). This particular timer had a pretty graphic of a kitchen timer, and rather than typing in numbers, you had to use the touch screen to rotate it. It was clunky, and difficult to get the exact time that I wanted. And when the timer went off... well, I don't know what the crappy music was that started playing, but I hated it and you couldn't change it.

That app was removed from my phone this very morning, when I came across a timer to end all timers. It's not complex, it's not pretty, but it does the one thing that it needs to do: it works. I can set as many timers as I want, I can type in exactly the time I want (down to the second), and I can change the alarm sound.

This app isn't available on the Android Market. You just need to head over to synic's site and download it. Kudos to synic for putting together such an awesome app. This is one of the few that I will be adding to my desktop on my phone.

A couple of days ago, I stumbled upon a poster at AllPosters of a Periodic Table of Vegetables. It's an interesting concept, to be sure. The Periodic Table of the Elements is a mapping of a particular type of data, organized by groups (columns) and periods (rows). Why not use the same style as a visual representation of something tastier?

Unfortunately, the image is a little too small to make out most of the veggies clearly, but it got me wondering what other kinds of periodic tables of food exist. The search was, and still is, on. I found several interesting tables of food, a couple of which I had even seen before. I also found non-food tables, my favorite being of game controllers. Here's what I've found so far:

The table that I've found myself looking at, and wanting to hang up on my wall the most, is the Periodic Table of Dessert. It breaks down its categorization into separate ingredients, which is important, because that's pretty much what the elemental table does. It makes an excellent effort to categorize things clearly, and assigns one- or two-letter symbols to each item. However, it does contain far fewer columns than the original, and uses symbols that I don't necessarily agree with (why P for peanut butter, instead of PB? How does M signify honey?). I would love to send this table through another revision. On the bright side, it is accompanied by a thermal spectrum (which doesn't make a whole lot of sense to me) and what appears to be the crystaline structures for several compounds (which is just awesome). These are all available together as a single poster.

Next up is the Table of Condiments that Periodically Go Bad. Unlike the dessert table, this table is numbered. Unfortunately, the numbers really only make sense paradoically (is that a word?). Again, elements are given symbols, and any that crossover to the dessert table actually seem to match. This kills me. I don't think that salt should be S, I think it should be Sl or Sa. Ideally, we would break into a three-letter designation, and use Sal. <End Rant> The most important part of this table is the designation for each condiment of how long you have before it goes bad. Very nice, in terms of food safety.

The Periodic Table of Produce is similar, except that it feels much more serious to me. Really, it's a table of food storage of fresh produce, including storage suggestions and timelines to when a particular veg will go bad. I would love to find a higher-quality version of this, and put it on my refrigerator door.

Growing more complex, we have a Periodic Table of Cheeses, complete with full merchandizing on t-shirts, mugs, mouse pads and, of course, posters. According to the site, this table was created by the blind Russian cook Anatoli Grigor Konchalovsky, apparently in 1865. I don't know how true that is, but if it is, that probably makes it the first periodic parody of food. Some thought has clearly gone into its organization, but I'm not entirely sure yet what each color means, or how some of the groupings fit. I love the "Noble Cheeses" classification, though.

I found the Periodic Breakfast Table interesting, though I haven't yet found a copy that looks to be complete. Offhand, it seems to be sorted visually, rather than by type of grain, manufacturer, history, etc. It does have some of this printed with each cereal, but it doesn't seem to be sorted that way.

Going back to deserts, there was a Periodic Table of Cupcakes posted in Women's Day earlier this year. There's a part of me that is impressed, because I never would have expected any mainstream periodical (other than the venerable Cook's Illustrated) to expect their readers to enjoy a scientific nod like this. But then another part of me looks at the actual cupcakes printed, and would be entirely confused by the majority of them if it didn't know that really it's probably just a marketing gimmick for their own recipes. Still, it's cool.

The Periodic Table of Candy looks to be entirely parody, listing commercial candy varieties, numbered, and in alphabetical order. I haven't decided yet whether the little girl at the top is cute or frightening.

Our journey is almost over. Back at AllPosters, I also came across a poster of the Periodic Table of Sandwichry. There is no way I can make out anything sensible on this, but as one of the cheaper posted presented, I might be willing to order it along with something else.

To finish up, I present to you the Periodic Tables of Beer Styles and of Mixology. Add these to the category of "Text to small to read, so no clue as to any useful information, including accuracy." Still, it's a nice thought.

Some of you may recall that when I did my Object Oriented Cooking presentation at the 2009 Utah Open Source Conference, I was wearing a t-shirt with an 8-bit stand mixer on it, instead of one of the bowling shirts that I usually wear. I actually designed and had that shirt made about a year ago. The idea was always to put up a few designs for sale, but I never got around to it; mostly because I only ever came up with one other design that I was even remotely happy with.

Well, a couple of nights ago, I got an idea for another design. It was based on the source code that I used in my presentation for a PB&J sandwich, written in Perl. I drew up the 8-bit graphics, added the source code to the back of the shirt, and after a couple of revisions, posted it for sale.

I now have three shirt designs for sale, in my Spreadshirt store. All feature 8-bit graphics depicting various food-related items. We have the stand mixer that I wore at the conference, a big-ol' jug of moonshine, and of source the PB&J in Perl. And just in time for Christmas too!

So if you want to show your geek side and your food side all at once, head over to my Spreadshirt store and grab a t-shirt. Or direct your friends and/or family members in that direction! I'll post more shirts as ideas come to me, but at least now we have an appetizer to get everyone started.