Thursday, November 25, 2010

Factorial and pub toilets

What on earth could they be doing together in the title?

On / Twitter / irc there are many ways to tell a new user.

Retelling old jokes or resending tired comparisons: just one way of spotting a new user.

Python programming techniques comparison - factorial:

from math import factorial
print factorial(6)

is a concise and modern way of obtaining factorial of 6 in Python.

There is a funny comparison of different approaches, that has made the rounds several times, and here is one version at

I could link to many forums that have posted the same things in 2009, 2007, 2004 and so on.

The point is that whilst it was funny for myself, because it was new to me, it is not very new to the Python community.

And the pub toilets?

Ah in a pub I used to frequent up in Preston, the toilets where located at the end of the bar and a bit difficult to see if you did not know. Slight inconvenience if you were new to the pub, however it did hold one advantage for the pub manageress ... the new drinkers in the pub almost always introduced themselves to her, in asking the way to the toilets.

About math versus cmath or c_math:

If you were doing a large factorial, then you could instead use Cython to give you a less interpreted runtime version of factorial.

If you are wondering about import c_math in the comparison I mentioned, then you might need to read the articles and links which follow. Perhaps you are looking for Cython or a Complex number library for Python.

Links and further reading:

Tuesday, November 23, 2010

Dickens - he does tell a good story - "Great Expectations"

I reproduce a short extract from the end of Chapter 7 of Great Expectations

With that, she pounced upon me, like an eagle on a lamb, and my face was squeezed into wooden bowls in sinks, and my head was put under taps of water-butts, and I was soaped, and kneaded, and towelled, and thumped, and harrowed, and rasped, until I really was quite beside myself.

(I may here remark that I suppose myself to be better acquainted than any living authority, with the ridgy effect of a wedding-ring, passing unsympathetically over the human countenance.)

Chapter 17 and a future solution for the damaged:

Because I am re-reading this novel, I am about a third the way through as I write this, and have no recollection of how it ends.

Around Chapter 17, the main character Pip has been damaged. His brief contact with the residents of Manor House (Satis), have left him dissatisfied with his lot. Furthermore his first experience of boyhood romance, has been with a subject who has been tutored in scorn and damage.

"Eternal Sunshine of the Spotless Mind" [ 2004 ] is an interesting movie and suggests a future solution to 'damaging experiences that the individual cannot get past'. In Pip's case, the availability of such a treatment, and the combination of the two stories would be an interesting mix of fiction.

Summary: He was damaged, he was fixed, the end.

I am not advocating the treatment suggested in the Michel Gondry film, but merely musing on how the story of Great Expectations, will look, if the treatment that Winslet and Carrey undertake, ever did become generally available.

New technological treatments have upsides and downsides, and in the 1990 film "Total Recall", a more sinister application of that technology is used.

I leave you with an extract from the Total Recall page on Wikipedia:
The film [ Total Recall ] explores the question of reality versus delusion, a recurrent topic in Philip K. Dick’s works. The plot calls for the lead character and the audience to question whether the character’s experience is real or being fed directly to his mind.
And now back to my book, to see how Pip gets on with his adult life.

Sunday, November 7, 2010

djvu2pdf - well manually that is...

As with most conversions from format A to format B, the best results are often obtained by using format A viewer, and 'Export'

djvu -> ps -> pdf

Well if you really want you can go that way, but be warned that .ps files rarely use image compression and other modern techniques, so expect a large intermediate file!

I use postscript and do like the format for short documents (say less than 10 pages).

For longer documents and full books, then .djvu is a great format in itself, and now that djview4 is available in Debian, there is no real pressing need to convert.

If however you are determined to convert then here are your options:
  1. djvups to get a .ps file, and then postscript view export/print
  2. ddjvu -format=tiff  to get a tiff, and then convert that again
  3. djview4 'File' -> 'Export As'
  4. djvu2pdf script by Christoph Sieghart
Option 3 is what worked well for me.

If djview4 was not easy to install using apt-get, then I would probably have taken a closer look at option 4, however having tried the Export feature of djview4, I am happy with the result.

'Export As' option of djview4:

Allows you to set a dpi for the output and 300 dpi was quite readable.
( The original .djvu was good quality so I could afford to be a bit lossy )

There is also an option to adjust the .jpeg compression, but I left it unchanged at 75%.

Best results are often obtained by using format A viewer, and 'Export':

What I meant by this is best illustrated by describing the alternative...

Less preferred alternative:
Having done the conversion to .ps, implicitly* or explicitly, open the file using 'Document Viewer' / Evince / Okular and try exporting.

The above may work, but for me, seems to be a less reliable way of attacking the problem.

Yes, Yes, cups has a pdf output helper

Yes, Yes, Okular has 'Print to file' option

However my experience was that viewing in a native .djvu reader (not Evince or Okular), and Exporting produced the most reliable result.

*ps/pdf viewer software will often open a .djvu file, but in the background, what really happened was probably a quick 'on the fly' conversion.

Tuesday, November 2, 2010

LibreOffice / OpenOffice - Where did my 'Formatting' toolbar go?

The toolbars in LibreOffice / OpenOffice are unlocked by default.

Whilst this is great for usability, it makes it easy to lose a toolbar also.

So you go into your application Writer and here is what you see:

When you would normally have above the "1 2 3 4 5" ruler something that mentioned Fonts and Font sizes???

...and here is what you are missing:

In most cases it is just a case of ticking the checkbox in View -> Toolbars -> Formatting
and hopefully it reappears.

But what if View -> Toolbars -> Formatting is already checked?

Well as toolbars are unlocked by default, it is all too easy to drag them off somewhere by mistake.
Maybe the family were around and little Bernard clicked on the Word Processor icon and had a little play around. Or perhaps you had your finger pressed on the mouse and somebody talked to you from the side.
It is easily done.

In my case, the toolbar had been moved to the right of the main toolbar and was not easy to see at first glance. But having located it, then it is just a case of dragging it back to where it should be (below the main "File | Edit | View" toolbar.

The little grabber  is marked as 5 horizontal lines on top of each other, and if you hover over it then you should see a four pointed symbol, which indicates that you are about to perform a move.

So you have used the grabber (shown above) and pulled the toolbar back to where you usually like to see it.

Locking toolbars - a must really:

I have used OpenOffice for many years, and have never felt the need to move toolbars about. However, I know some folks like to move them to be down the sides or whatever their preference is.

So for me personally, unlocked toolbars are a waste.

Unless you feel the need to move things about then I would recommend for each of the toolbars, that you 'Lock Toolbar position' as shown here:

To the right of each toolbar there should be a little icon which has an arrow at the base and is clickable.
When you click it then the drop down menu (shown above) should appear, and you should 'Lock Toolbar Position'

Having the toolbars locked, means you can leave the computer on, and little Bernard at the controls, and your toolbars will still be there when you check later :)

Ubuntu and LibreOffice / OpenOffice:

Ubuntu have their own desktop 'look and feel', which gets tweaked slightly with each release.
The default themes are pretty usable by my reckoning, however when the application themes are touched up to bring them into line with the desktop themes, then sometimes there is an oversight.

What I found when I used an Ubuntu Lucid machine recently, was that OpenOffice had been touched up to bring it into line with the desktop theme, and in the process the little grabber was either hard to see or missing.

To reiterate: If you are using Ubuntu and cannot find the little grabber (shown below)...

...then just grab a bit of greyspace where the grabber should be, and you should be able to move that way.

Whilst this is not ideal, it is the price you pay for using a Linux Distribution which puts a high priority on Desktop themes and consistent look and feel.

I prefer Debian, where the defaults do not involve tinkering with the Application look and feel, (although I am free to switch on a different application theme (say crystal) from within Writer itself)

Friday, October 29, 2010

LibreOffice / OpenOffice and repeating without 'cut paste'

Working on a recent document that involved some figures had me wondering how to have the same figures repeated.

I have used the Free Open Source Office Suite for 7 years, and wondered how to get the result without using 'Cut and Paste'

The particular section I will be repeating, is unusual in that it includes many numeric results, but not enough to really justify living in a separate spreadsheet.

Conceptually here is what I want:

One way to achieve this is to use Sections and the Navigator
( My icon looks more like a four pointed star. Compass or Star will do and hovering should say 'Navigator' )

Page2 in that concept diagram I show the repeated text in grey, as it is important that it is non-editable
( Just too easy otherwise to fall in and edit things in the wrong place! )

I list the steps involved and then run through with some screenshots:

  1. Insert -> Section          and give the section a name say 'Section1'
  2. Open Navigator and Right Click on 'Sections' to get a drop down menu
  3. From that drop down menu select 'Drag Mode' then 'Insert as Link'
  4. In your document move to where you want the copied section to go, and then drag 'Section1' from the Navigator into place.
  5. Right click the new entry in 'Sections' within Navigator and select 'Rename'. Make name Section1copy 
  6. Right click the new entry in 'Sections' and select 'Edit' and understand what the padlock symbols say

1. Insert -> Section

2 & 3 in Navigator:

6 ... padlock symbols:

If all went well then you should see something like the above. Section1 is unlocked (editable), whereas Section1copy is locked and will show as 'read-only' in the bottom status bar.

The quicker way of achieving the same result:

Having already created a section and populated it with the text which you will be repeating, just do Insert -> Section and check the 'link' checkbox.

It is not necessary to use the Navigator at all. However once you begin repeating sections and including links in your documents, then it is probably worth knowing your way around the Navigator feature.

The ultra fast way of achieving a similar result (Paste Special):

Copy and Paste but keep your finger on Shift when you Paste.

Select 'DDE link' from the 'Paste special' menu that pops up.

In order for the DDE link to work, a new Bookmark will have already been created in Navigator like so:

This type of link is marked 'soffice' internally and has details that look similar to the following example:

The advantage of using this 'Paste Special' DDE link way is speed obviously, and you do not have to create a Section around your text in preparation.

Where using Sections wins out is in complex documents, where perhaps you have repeated different blocks of text. Having the Sections clearly identified in Navigator can be a real win for that complex case.

Avoiding the startup 'Update all links' prompt:

Having setup a document with a repeated Section as described, you may then see this on opening your document:

And switching that off can be achieved in Tools -> Options -> Writer -> General

so that 'Update links when loading' is set to 'Always'

Deleting Sections and clearing up:

Use the Navigator and right click 'Edit' the section you want to remove.

Within 'Edit' you have a 'Remove' button which will do the trick.

Clearing up:
The text block I was copying was prepared as a table by me.

What I noticed was that removing the section did not delete the text copy itself, but merely reverted it to being 'standalone' typical text. A handy feature perhaps but do manually delete the text if that is not what you wish to be left with.

Links and further reading:

Friday, October 1, 2010

Budget Hotels and Bed Bounce

A weekend away staying in a budget hotel, always holds a bit of surprise.
I enjoy plenty of city breaks and am pleasantly surprised when everything about the budget hotel is great.

A recent weekend was a new experience for me...the bed was like a broken trampoline. I asked to be moved and was moved down the corridor to another room (119). The bed there was like a slightly less broken trampoline, and so I gathered that was the standard and unpacked my weekend clothes.

My weekend was excellent by the way...I explored a city that I have visited only fleetingly before, and really enjoyed my time there.

Here is a sheet which that hotel should have in every room:

The above was inspired by Wetherspoons and their toilet check sheet. Wetherspoons make over half of their profit selling liquids, and so they are bright enough to realise that, having clean, well functioning toilets, is a must for their business.

What I am suggesting to that budget hotel chain (I will not name them directly) is that they print off this sheet, and pin one up in each room.

When the cleaners or maintenance staff visit room 119 (for example), they might glance at the sheet, and see that October has yet to be completed.

A quick bounce on the bed is enough to test the condition. If it creaks and whines when you bounce then it should be marked down as "Poor" and perhaps the manager notified for a replacement requisition.

If the bed has no firmness left at all, then it should be replaced immediately.

Hopefully most months the entry will say "Good" or "Okay".

This simple, once a month check, in each room would be enough to prevent the daft situation which I recently experienced. You are in the hotel game, and customers expect beds which can be slept in.

Beds which can only be described as trampolines do not count, and just make people think your hotel chain has maintenance issues.

Here is what that sheet would show for my room:
"Good, Good, Good, Okay, Okay, Okay, Poor"
Note: There is only one "Poor" because hopefully the hotel manager was notified and ordered a new bed promptly.

Weekend Memorable Pub: "Dove & Rainbow"
Memorable Real Ale: "Moonshine" (4.3%) by Abbeydale

Monday, September 27, 2010

When did media decide 'not compliant'?

The introduction of Mass Printing and Newspapers was a plus.

The introduction of Broadcast Television was a plus.

The introduction of Twitter was a plus.

If twenty years ago somebody said that the you will be able to watch high definition movies streamed from the street cable, through the computer onto a 32 inch television, then you would think that would be a plus.

If that same someone said that you would be able to drive your people carrier, and have a great quality film played from the front, and viewable to both children in the rear seats then you would think that would be a plus.

Here is the DRM nonsense that is 'required' in order for the last two to work.


Question: If somebody compromised the encryption on those three standards and published the keys tomorrow would your convenience change?

Certainly your hardware would not stop working.

You might suddenly find that at home that older television, in the other room would now stream okay - no more blank screen and laptop 'not HDCP compliant' error messages.

You could rig an extra lead out the back of the 'in car' blu-ray player, and your partner could enjoy the film in the passenger seat on their Samsung Galaxy Tablet.

Well the big news this week is that somebody just did cross off the first item (HDCP), and Intel have confirmed this.

I am sure there will be a concerted 'Chicken Little' campaign to try to convince you that the loss of HDCP is something to be regretted. Is your life any worse honestly?

Links and Further Reading:

The next convenience - high definition streaming without cables:

Wireless Display (WiDi):

Intel has built in HDCP to control which of your monitors/TVs will be 'allowed' to receive a stream.

HP Wireless TV connect:

As far as I can tell TV connect makes no restriction on which of your monitors/TVs can receive the stream.

How can I have less DRM in my living room?

  • Avoid buying Televisions by Sony or Toshiba
  • Avoid buying laptops from the same.
  • If you want a streaming device, then buy one that is Nvidia Ion or ARM based and skip Atom.
  • When you buy a new monitor, ensure it has DVI input and HDMI input so that you have two connection choices.
  • Test out your new Television, Monitor, and Laptop and ensure your streaming is unhindered. Immediately return any item which does not 'play nicely' and report it as defective to the shop.
  • Research before you dive in to wireless streaming - do you really want a box that restricts which monitor/television you can watch the stream on?

( I have deliberately avoided mentioning fruit names in the above list. Most people who own a pair of iSocks or an iBra already know they are holding hands with DRM, but it seems not to matter to them much, so why bother. )

Saturday, September 4, 2010

dns propagation - why rescuing a dropped site takes time

Domain Name System (dns) is quite involved, and the first time people encounter issues is perhaps when their website disappears from the internet.

An extract from Wikipedia:

As a noteworthy consequence of this distributed and caching architecture, changes to DNS records do not propagate throughout the network immediately

So your website has disappeared and you want it back as soon as possible, but how will that happen? and when will the problem be completely fixed?

Firstly a little explanation....

I have a domain and in order for people to see the site I must have created it, hosted it, registered the domain, AND have a publicly available properly formed dns record.

The last bit is rarely considered specifically, as another company will usually do that on your behalf. However if you have issues with dns, then you should take a keener interest in that last bit about the dns record.

http -> domain lookup -> NS records -> nameserver -> A record -> IP -> homepage

Okay that is a highly simplified, and somewhat abstracted, flow diagram of what happens in order for your homepage to appear.

Dropped sites:

By 'dropped sites', what I mean is that the Domain Name System process, for your site, has fail somewhere in the portion:
...-> domain lookup -> NS records -> nameserver -> A record -> ...

and the result is that your web browser responds with:
Problem occurred while loading the URL

If the problem is that no dns record is known to the Domain Name System, then whoever manages your domain and/or nameserver will have to create a new dns record or fix the existing dns record.

Even if your provider does that right now, then it might take a day or two for those records to propagate, and your website and mail to start working totally how they should.

This is not a failing of the Domain Name System, it is a distributed system designed to scale massively, and to use multiple listing servers to spread the load.
The downside of this is that things take time to propagate to all corners of the vast internet*

( *In particular broadband providers maintain their own dns caches and so that is sometime an additional delay for correct records to be picked up on users PC )

Analogy: Dropping out of dns is a bit like forgetting to renew your yellow pages/thompson directory entry for your business. When you do get the new entry created in yellow pages, it takes time before the new printed catalogue gets to all your customers.

Dns is a technical area, and there are a whole host of consultants and specialists, who can assist you with diagnosing issues.

There are also online tools to help you check your domain, these work well, but may not be the whole story.

The piece which is not so easy to quickly pick up, is being able to speak with technical confidence to your provider, in order to press for a satisfactory outcome.

Wednesday, August 18, 2010

Without Flair - Safe computer use means Safe fonts

The title of this post might be a little inflammatory to folks who get really uppity about 'nice' fonts.
( If that means *you* then this article is maybe not going to be to your liking. )

Fonts that are screen friendly Sans-Serifs, such as DejaVu Sans Mono* or Liberation Mono, might better be described in a sentence as:
Having fewer finishing touches and spaced as if letters were punched individually, rather than closely packed handwriting placement.

Here is a typical Sans-Serif:

...and for comparison here (below) is a Serif:

take a look at the right hand floor kicker on the letters a and u in the second example. These are sometimes referred to as "finishing touches". If you were handwriting non-joined letters, then you would touch these extra bits of ink perhaps after the main bulk of the character was done...hence a "finishing touch"

Now look instead at the a and u in the first example and see that they do not have those finishing touches.

Now look at the first five characters in each example and note the difference in the spacing.

Comprehension of text on computer screens:

The examples above are probably too short to really make a noticeable difference in how you comprehend what is written.

A paragraph of text with one or more full sentences is needed, but it also depends on the particular Sans-Serif and Serif that you choose.

Decide which of these three Sans-Serif sentences you prefer:




now decide which of the three you like...

...and I will label them below...

Note: Pay attention to the style, rather than how clear the image is on your screen. Using an image means you might have to click the image to get a clearer representation, however you see the exact font with no substitution by your browser.

  1. DejaVu Sans Mono
  2. Liberation Mono
  3. FreeSans

Which did you prefer?

Note: I did not disfavour FreeSans by making it smaller for any particular reason, it was just that blogger resizing seemed to blur
it more than the other two when using the largest resize option.

On my computer the examples were all produced at 12 point in OpenOffice, exported to PDF and then Okular selected saved to .jpeg files.

I expect the results to be okay but not fantastic and I think that is what I have got.
The original .pdf and OpenDocument text files are available at this directory for you to download and open locally (repeated below).

  • .pdf file with paragraphs for comparison of the Sans-Serif fonts
  • .odt file* with paragraphs for comparison of the Sans-Serif fonts

*You will need LibreOffice or OpenOffice to open OpenDocument Text files (.odt) , and those Office suites can be downloaded from and respectively.

If you have not had much experience with using Pdf files across different platforms, then you might be interested to see what/how the fonts are embedded into the .pdf that I have generated.

If, when you open them on your computer, the .pdf and .odt look different somehow, then it maybe that your computer is doing some font replacement. The .pdf has the fonts embedded so there should be no font replacement there I hope!
If your OpenOffice is doing some font replacement then consult Tools -> Options within OpenOffice:

The Fonts screen shown above will have a tick in the box for "Apply replacement table" and you should see the replacements listed in the box in the middle of that dialogue.

Safe fonts - what is that supposed to mean in the title?

There is some speculation, that having fonts that are well spaced and designed for viewing on electronic displays, might help users with symptoms of Computer Vision Syndrome (CVS).

Is it a safety issue to have fonts that are optimized for viewing on electronic displays? I'll let you be the judge of that.

I will however give a personal opinion about Sans-Serif and Serif, with particular reference to the 3 font examples I used Earlier.

( An Aside: Sans is French or Middle English depending on your opinion, but for arguments sake I'll say French and introduce another prefix 'Certaine' to mean 'some'. )

  1. DejaVu Sans Mono I would describe as Certaine-Serif
  2. Liberation Mono I would describe as Certaine-Serif
  3. FreeSans is Sans-Serif
To get straight to the point ... looking at the letter l in the word 'black' in font examples (1) and (2), it can be seen that those letters are not entirely without "finishing touches". In particular in DejaVu Sans Mono, there is a quite nice look about the letter l.

For my mind, font examples (1) and (2) represent a middle ground between a Sans-Serif and a Serif. They have some "finishing touches" that aid comprehension, so helping readers easily distinguish the number one from letter l and so on, but they stop short of being full Serif.

Note: DejaVu Sans and Liberation have fonts that do not include "Mono" in the label which are perhaps less fitting to the purpose of this article. I steered clear of those variants as I wanted to choose a variant with a larger spacing between characters.

Below I have simulated what I would do if somebody was to print off a finished document, that had been prepared in Word 2007, and I wanted to match a proprietary font.

The output of fc-match using the -a option will produce a list of possible replacements. Without the -a option just a single "best" match will be displayed.

Users of Open Source Office software might ask...
"should I use DejaVu Sans Mono or Liberation Mono or FreeSans for my electronic document?"

Users of Non-free equivalents might instead ask...
"should I use Verdana, or Trebuchet, or Arial for my electronic document?"

If you believe some of the research that is being published at the moment, then the answer in both cases is perhaps the former rather than latter option.

( The owners of the proprietary Verdana font, have commissioned some research that allegedly supports its use instead of Arial as being easier to comprehend.
A quick websearch should turn up some hits to that research, but bear in mind who paid for it when considering any conclusions )

Putting that in the terms I have used in this article, perhaps Certaine-Serif rather than fully "without Serif" might be a better choice

The push by proprietary software to get you to drop Arial, is in non specific terms saying that readability is improved if instead of using 'straight' Sans fonts, that have been widely used in electronic documents for the last ten years, you use Mono variants / humanist variants.

Just one observation regarding Verdana in particular ... there are some opinions about the size which might be worth considering, before Non-free folks commit to using it in text that will appear in document form and on a website.

The article in the link above is a couple of years old and so does not include DejaVu Sans and Liberation Sans for comparison. If you want to conduct your own up to date comparison then it should be pretty quick to do some "quick brown foxing" to test your own view on size and suitability :)

A note regarding the font used for the text of this article. I have relied on images to provide my examples, as they cannot be subject to 'font replacement' on your computer. In writing this article I have just accepted the default font setting of Blogger.

Do download the Pdf to get further examples that should also render faithfully regardless of your brand of computer.

Here are some font comparions which I ran again in 2011:

Above Gnome Specimen Font Comparison - Creative Commons CC-BY-SA

Final note: In the phrase "Without Flair" in the article title, I do not mean to be critical of DejaVu Sans Mono or Liberation Mono, both of which I believe to have some nice touches and have happily used for documents.

Sunday, July 11, 2010

Security first - pdfs and embedded files

A short posting with an example of the screenshot from a pdf reader ( Okular )

Pdf generators sometime include some of the settings for how the pdf was generated into the final pdf itself.

A security conscious pdf reader should give the user some information, rather than just rendering the embedded file:

When generating the pdf using a very feature rich Pdf Writer, there are many, many, options such as the CMYK profile.

Adobe Distiller likes to include a file named 'folder.options' (or similar) that contains entries like the following:
  • CompatibilityLevel 1.3
  • PDFXCompliantPDFOnly false
...and so on.

There is just one advantage I can see from having a copy of the embedded folder.options ... see for yourself the compatibility settings which the author thought were
appropriate for the distribution of their published pdf.

Hybrid PDF/ODF export from OpenOffice:

Whilst on the subject of embedded files, I am running a recent version of OpenOffice (3.2) and noticed that pdf export has a new checkbox labelled 'Create hybrid file'

If you want maximum compatibility with people using open source AND adobe readers, then be wary of ticking 'Create hybrid file'.

Whilst it might seem convenient for yourself, I suggest you do some thorough testing with Adobe reader software before creating hybrid PDF/ODF files for wider distribution.

OpenOffice version 3 prior to version 3.2 and ColorSpace:

 If you have sent a pdf to a colleague and they have reported back they were unable to read it and their reader software reported 'invalid ColorSpace', then
consider running OpenOffice 3.2

( OpenOffice 3.2 was released in February 2010 and has better compatibility with the latest versions of Adobe reader )

OpenOffice 3.2 is the default version for the upcoming Debian Squeeze release.

Friday, July 9, 2010

Protein and Carbohydrate balance

Some web articles describe a "High Protein Diet", here I draw your attention to a "Low Protein Diet", an easy trap for some ready meals.

Here is an example of Cauliflower Cheese Grills ( ):

Cooked per 100g breakdown for Protein and Carbohydrate:
  • Protein 6.1g
  • Carbohydrate 25.3g
So in those Grills the Carbohydrate is 4 times the protein.

Nothing much wrong with that, although if you are in the muscle building phase of your cycling regime, you might want to be wary of that '4 times' factor and seek something higher in protein.

You might like to add half a tin of Tuna chunks (27% protein) if you want to tip the balance back a bit in protein's favour :)

Tuna, Chickpeas, Beans and misconceptions about Protein levels:

People often wrongly think that Chickpeas are around a quarter protein. They are when they are raw, but things change when looking at a supermarket tin of Chickpeas.

Quoting directly from this Wikipedia page:
One hundred grams of mature boiled chickpeas contains 164 calories, 2.6 grams of fat (of which only 0.27 grams is saturated), 7.6 grams of dietary fiber and 8.9 grams of protein.
Which fits with what I read on the back of the tin (6% to 8% protein).

( If you see a figure of 23% or higher protein for Chickpeas then I would be thinking that these were raw Chickpeas perhaps. )

However If your supermarket tin says 23% or more protein, then post the brand name in a comment to this article and I'll gladly stock up :)

Here is a useful link for protein content of beans.

Most beans in that list are in the 6% to 8% protein range so Chickpeas seem to be pretty typical in terms of their protein level.

Tuna, at roughtly 25% protein, is something that you can use to boost the protein content of a bean meal, if you are unhappy with the protein level.

How much protein do I need?:

There are lost of answers (and the links provided later are a good place to start)

One simple answer...
The only people who should be getting less than 40g per day of protein are children
( If you are an adult and getting less than 40g per day then do read the section "Protein links" below to understand why this is not great )

Quote from
Health professionals suggest men should eat 55.5g protein a day and women 45g.

Bean links:

Protein links:

Tuna Baked Potato - where it all goes wrong:

You can eat Tuna Baked Potato and still be living a "Low protein diet"

Because people who diet tend to cut out some starchy foods and greasy foods,
there is a temptation to hide behind a "Tuna Baked Potato" as proof of diet regime.

Firstly if you want a high protein meal then it needs lots of Tuna, rather than a meagre sprinkling
on the top.

Secondly, if Ian Botham wouldn't bowl your Jacket Potato then it is too big.
Most people have idea of the size of a cricket ball. The chef in your canteen might think they are doing you a favour by ordering in 'oversize' potatoes for Jacket Potato meals, but perhaps it is not such a great idea.

Thirdly, try half fat Mayonaise and/or a better oven cooking method if your Potato is too dry.
Avoid the temptation to reach for a packet* of butter and grease things up.

*If you thought two packets here then I rest my case.

Taking a Tuna Baked Potato with a huge Potato, tiny sprinking of Tuna, and two sachets of butter, is kidding no one. You might aswell have queued at the chips counter.

Final tip - look to Lentils:

Apparently cooked lentils are 18% protein, so pick up a Lentil cook book and you have a great way of getting high protein meals as an alternative to Tuna :)

Note: I am not a fan of Atkins diet or Low Carb diets generally. This article is about equipping myself with the knowledge of how much Protein is recommended, and how to get it at mealtime.

Thursday, June 24, 2010

Opening Terminal with preset size / fixed geometry

There are many different terminal programs for Linux, and they all have some similar features.

I am familiar with Gnome terminal and Konsole, but choose Xfce terminal because I feel it is a closer match to my needs.

Opening Terminal with a fixed geometry:


( Geometry in this context means the number of rows and columns )

The geometry I have given looks good on a 24" screen but smaller screen sizes might want to experiment with any of the following:

  • --geometry=80x24
  • --geometry=80x30
  • --geometry=80x40
In full you might enter something like the following in a panel item/command launcher:
'/usr/bin/xfce4-terminal' --geometry=80x24

Or for something that is more generic*, perhaps...
xfce4-terminal --geometry=80x24

*Depending on your Linux system, xfce4-terminal might alternatively be in /usr/local/bin/ or /opt/local/bin/

*The single quoting (') in command launchers, is something I see in Xfce, but do not recall seeing elsewhere.

Opening Terminal with fixed location:

For xfce4-terminal, I was able to set a default position by editing MiscDefaultGeometry in the file ~/.config/Terminal/terminalrc as shown in this diff:

To tell xfce4-terminal to have a default geometry of 160x50 and a default position of 150 pixels from the left, and 0 pixels from the top use:


Xfce Program Launchers:

In Xfce adding a 'New Item' to a panel brings up a selection list with 'Launcher' as the first entry.

Selecting 'Launcher' will bring up a screen like the following:

Here is one that my system has (and it uses exo-open):

The Command field contains:

exo-open --launch TerminalEmulator

...and there is no mention of xfce4-terminal (explanation later)

Here is the Launcher that I created for the Midori web browser:

Use startup notification (quoted directly from Xfce manual):
... means that the window manager can show an hourglass while the program is loading
( You might want to tick 'Use startup notification' on older systems with significant startup times )

What is this exo-open --launch about?:

Xfce has a 'preferred applications' system. It allows you to select your preferred application in 3 categories WebBrowser, MailReader, TerminalEmulator

I repeat again directly from the manpage for clarity:
--launch category parameters...
           Launch the preferred application for the given category with the optional parameters..., where category is either WebBrowser, MailReader or TerminalEmulator.

This preferred applications system is a bit like Debian update-alternatives but specifically for desktop preferences. Here is the control screen if you want to have a tinker with it:

...and the 'Utilities' tab now:

If you have not bothered setting your preferences, or want to bypass the preferences and simply call a particular browser, then there is no need then to bother with exo-open

Mnemonics - convenient or not - you decide:

If you find that commands/menu are being selected by mistake in your Terminal, it could be, that you have Mnemonics in GTK enabled and might prefer to switch them off.


To read more about GTK and Mnemonics try this link.

The file ~/.config/Terminal/terminalrc is where you would set ShortcutsNoMnemonics

(This is an xfce4-terminal specific configuration option, I am sure there are ways of achieving the same in Gnome Terminal or similar )

Making changes to ~/.config/Terminal/terminalrc and future upgrades:

When upgrading your system to a new Linux release, it may be that a newer version of xfce4-terminal chokes on your terminalrc file ( It has happened to me in upgrading Ubuntu desktops )

Symptom: clicking xfce4-terminal launcher briefly flashes up the terminal but then it disappears

Solution: remove ~/.config/Terminal/terminalrc and retry

Gnome Terminal and Konsole:

Both of these terminal programs work well, and it may be that these are your favourite programs.

The great thing about weblogs is that anyone can write an article expounding their favourite Terminal program.

Rather than tell me how much better Gnome Terminal or Konsole are in your eyes, please instead write an article yourself and if you link to this article in it's comments, then I will happily reciprocate :)

Further reading and links:

Xfce4 manual section on Launchers (version 4.0 of Xfce)

Final tip for people who are wanting to remove Preferred Applications they may have set:

Setting a MailReader in Preferred Applications generates a file at...


If you no longer want any Preferred Application set for MailReader then perhaps...
...remove the custom-MailReader.desktop file.

Saturday, June 5, 2010

Password caching during desktop startup

The first time your desktop startup shows you a message like this: can, maybe have you wondering about, how secure your desktop really is.

The message 'Granted permissions without asking for password' is not too serious when the explanation is read in full, but it does grab your attention :)

What is happening is that an authentication password you have entered has been cached, and is now being reused.

The output above shows an example of what is happening in the background. It shows gksudo being called with the message "Wicd needs to access your computer's network cards", but instead of showing you the message, your system is taking advantage of a cached sudo password ( -p GNOME_SUDO_PASS )

This is designed to add some convenience to your desktop, but does not suit everyone.

Now some might shout 'security risk' or 'insecure desktop', but as with most things Linux, it can always be changed to suit individual needs (see next section)

timestamp_timeout of /etc/sudoers:

If you feel the sudo password caching is too much for your taste then
you can enter your own preference in the file /etc/sudoers

Setting timestamp_timeout=1 will ensure passwords are only cached for a minute.

The screenshot above does not show me actually making the change, but rather I provide examples of how the relevant line in /etc/sudoers should appear.

The first line beginning Defaults, is how thing are right now. Sudo is using the default caching time (15 minutes or 5 minutes according to various forum postings )

The last line shows how the line in /etc/sudoers should look in order to have 1 minute caching.

The guide here shows you how to use sudo -K to empty out a cached password
( helpful if you are about to walk away from a shared desktop machine )

There are several guides to walk you through the editing of /etc/sudoers, they tend to be editor specific and here is one for vi fans.

Although the command itself is named visudo, you can use update-alternatives command to have emacs editing as follows:

update-alternatives --config editor

( pick the number corresponding to emacs, and you have emacs editing of sudoers next time you run visudo )

Nvidia 7025 onboard graphics - a less supported chipset

My 5 year old motherboard has been progressively failing over the last year (usb got twitchy, then intermittent memory errors) it was time to replace things.

I wanted something cheap and cheerful, until (hopefully) I can move to an X6 machine next year.

The Asrock N68C-S motherboard, at £30, is cheap and cheerful with one important drawback - the onboard graphics uses a little known GeForce 7025.

( I don't know how many AMD processor motherboards use Nvidia onboard, but I suspect most are Ati chipsets )

The graphics problems is not an issue for me as I was planning to use a spare PCIE Ati 3450 anyway, but I tried the onboard regardless just to see how it fared.

The manual says Chipset is Nvidia GeForce 7025 / nForce 630a on this motherboard.

I did get a working display but the resolution 800x600 is far from workable.

This message from the NV driver is probably important:
    "(--) NV(0): Chipset: "Unknown NVIDIA chipset"

A full Xorg output file is available in this directory (labelled unknownNvidiaChipsetMessage.log)

In fairness, I am using this motherboard with Debian Squeeze (unreleased), but trying it with Ubuntu Lucid didn't give great results either.

Ubuntu Lucid uses the Nouveau driver rather than the older NV driver by default.

If you have already bought this motherboard and are wrestling with getting it to work with Ubuntu Lucid, then it may be that, neither the newer Nouveau driver or the older NV driver give results :(

If you are stuck with GeForce 7025 and do not want to shell out for a PCIE graphics card, then, it may be worth bookmarking the Nouveau project project page, to keep up to date with any news on GeForce 7xxx support.

Here is the current list of supported devices for Nouveau:

If you are interested in how the PCIE Ati 3450 setup went, then there is an article here. The article finishes with a working 2D display at full 1920x1200 resolution (radeon driver), which is adequate for my business desktop.

Having already complimented the Asrock N68C-S motherboard on it's affordability, I should add that it does have one more useful feature...DDR2 and DDR3 memory slots. This is a practical board, for those self build types who (like me) have a mix of older and newer machines, just ensure you have a spare PCIE graphics card to hand before you decide to buy.

Friday, June 4, 2010

html5 sandbox tag - good defense against clickjacking

Before diving into the sandbox tag, a quick two question quiz.

iframe (the source of clickjacking attacks) was invented by?
  1. Thomas Edison
  2. Microsoft
  3. Apple, it's their new name for a digital photo frame
Where can you use markup like <iframe security="restricted">?
  1. CERN
  2. IE Browser
  3. Everywhere today.
(2) is the correct answer for both.

The SECURITY=restricted tag is something only IE supports, and adoption has been very low among website developers (4 sites out of 10,000 surveyed apparently)

The most high profile clickjacking technique currently, is a Facebook trick, whereby the baddie uses a cleverly crafted iframe to trick you into 'liking' something.

The result can be considered a social hack, whereby other users might feel more trusting of something, based on your (bogus) recommendation.

If you care about your online reputation, then you should at least have an awareness of such techniques.

Rather than singling out Facebook, it might be proper to report that Twitter had the "Don't click" annoyance which is documented in detail here. Twitter responded to this issue and it quickly disappeared.

html5 iframe tag extended to sandbox with src attribute:

<iframe sandbox="allow-same-origin" src=""><iframe>

<iframe sandbox="allow-same-origin allow-scripts" src=""><iframe>

A new Mime type text/html-sandboxed
has been specified which is used in partnership with the sandbox attribute so that:

  • The sandbox attribute tells you what type of secure browser environment should be created before rendering the content
  • The  text/html-sandboxed type indicates that this content being delivered from the server is  subject to some sandboxing.
  • The  text/html-sandboxed type indicates that the content is other than regular unsandboxed html, and should not be served directly, but only within a sandboxed iframe.

Here I quote directly from Eitan Adler article ( )
So it’s a security feature. You could restrict an advertising iframe to have no privileges whatsoever, but you could give a widget iframe privileges to execute its own scripts or embed its own forms.

You could argue that this sandbox marker in html5 is not too different to the (IE only) security=restricted thing. The important thing, is that, being part of a formal, company independent standard, should encourage website developers to feel that they are more likely to get some return from their time, in implementing it on their site.

There is much more to the html5 proposal than a 'restricted' equivalent and many more details are shown at the links below.

iframe sandbox - current and planned implementations:

Chrome and Safari have taken the lead here as being webkit based, they
both have rendering engines with a sandbox implementation.

Some details on the Chromium blog

sandbox tag support status - Opera


Mozilla seem to have dropped the ball a bit here. They are so busy implementing 64 bit versions of their software and other priorities that they seem to have missed the boat.
Mozilla Firefox is my preferred browser, but I feel it is being held back at the moment by:

  • The fact that the NoScript plugin is so effective.
  • Confusion by having the term sandbox already applied to isolation of plugins. ( I think of that sandbox as a stability feature but the two are sometimes confused )

( Whilst NoScript is a convenient solution right now, it would be good to have official inbuilt support commitment from Mozilla folks regarding sandbox attribute of iframe )

I think it will be a mistake if Mozilla decide to ship Firefox 3.7 without support for iframe sandbox tag.

There is a test script here to report on whether you browser supports html5 sandbox tag.

I ran the test script for my system (Debian Squeeze) and both Midori and Epiphany report success \o/

Opera on my system has just been updated but reports a fail (Opera version

The test script link (above) returns this message from Opera:

Alternative approaches that involve headers:

My personal opinion here is that these are a mistake, it is a nonsense approach to have a webserver header to fix this problem. Better to remove iframes altogether from the html standard, rather than be prescriptive about which web server software is 'good' and 'bad' based on out of the box ability to serve these headers.

There are millions and millions of websites out there that pay for shared hosting setups. Suggesting these servers are all reviewed to protect a bit of reputation on Facebook is backward.

Yes, most of these servers (54%) run the same software (Apache) but it would take years to effect the change.

( It is my personal opinion that using meta headers in web site pages to 'simulate' http headers, is something that should be disabled on servers that are proactive about security. )

If Twitter can fix "Don't click" by making some intelligent changes to their site, then Facebook, who are arguably much better funded, can be expected to do the same.

For completeness here are some links to approaches that involve server headers:
A further argument against the server headers approach is that it is all or nothing, which could cause problems with existing users of NoScript plugin (see last paragraph). This would mean that in order to solve one problem (clickjacking), you remove the defenses (NoScript) against another problem.

There are some who suggest there is little to consider and suggest implementing X-FRAME-OPTIONS on the server side, like the views in this article.

Having worked in ISP and hosting environments where thousands of small business host on the same web server, I think the blanket rewriting/header insertion suggestion is naive at best, and the trigger for a disruption to business lawsuit at worst.
( Many businesses rely on their sites being accessible cross browser, and some like the ability to publish their own embeddable content (documents, whatever) on sites they pay hosting for. If removed or affected, without notice this might cause some consternation )

( Should a business themselves choose to move a business site to their own servers, and activate some global http headers, then that is their choice, and their would be no legal repercussions on shared hosting providers. )

With regard to marking their embeddable content with new mime type  text/html-sandboxed , this is something the business themselves could do over a period of time. It would be their choice, and configuring virtual hosts to allow mime type overriding for certain directories, might cause much fewer issues in a shared hosting environment.

In the process, the ISP or hosting company would learn a bit about which of their customers are really taking advantage of the ability to publish embeddable content, and this might help them tailor future service to this new distinction that sandbox in html5 will bring.

Minor annoyances "Are you sure you want to leave this page YES/NO":

Using javascript techniques it is easy to be tricked into leaving a
site for some other (unwanted) destination.

What you should do is ignore the text in the box (if you feel it is suspect) and always reply in the negative (Cancel or No)

If in doubt close your browser.

Installing NoScript plugin for Firefox will help avoid these javascript annoyances.

If you want an indepth discussion about how iframes, can, and have been exploited in the past year then there are a few in depth studies by (links below)
The studies by Gustav Rydstedt give good coverage to the techniques, but fail to survey fully the solution proposals. In particular, making no mention of the Html5 enhancements, in a paper dated only last week, seems to be a unfortunate omission.

Thanks is due to Gustav for making these papers available at all, as they do describe the problem clearly, and I found them very readable.

I want my online documents to be embeddable in my other site:

These type of queries have been cropping up frequently this year.

Should your documents be embeddable by default?
I have my own opinion about this, but I suspect a survey would give mixed results.

googledocs sends X-FRAME-OPTIONS headers in an attempt to indicate to some browsers that they should ignore the document in certain iframe circumstances.
Practical effect today: This blog does not function as it did some months back when viewed from within IE8 :(

Zoho does not implement any server side headers, so should produce similar results in all browsers.

(Unsurprisingly) All documents hosted on a sharepoint server will come with X-FRAME-OPTIONS headers so again the mixed results at the client end.

There are several sharepoint queries floating around in forums, and here are some solutions:

Query: My sharepoint [hosted] document cannot be included my site, is there a way round this?

Answer: If you want your documents to be embeddable then make copies on Zoho and embed the zoho links in your pages at

Lazy Answer: Do nothing. Only IE8 users are affected, whilst 75% of internet users would see the embedded document just fine.

Rolling back the web - who needs iframes anyway:

There are lots of websites that use iframes, however, that does not mean that
you have to allow them in your browser:

Here is another option you might want to tick in the Options:

and for those not familiar with NoScript extension here is some introductory text from the AddOn description:

NoScript is a free AddOn and is very powerful. It really does offer protection against existing and emerging threats (the developer seems quite quick to respond to new internet exploit reports).

However, there is a whole range of options in NoScript, and it will take you a few hours and some experimentation to get your setup as you want it.

If any of the following apply then getting comfortable with NoScript might prove a challenge:
  • It is your first year of using the internet 
  • You have very little knowledge of the terminology (perhaps not knowing the difference between Java and JavaScript might be an indication)
  • You do not value your online reputation enough to spend a couple of hours trying out NoScript and whitelisting your favourite (non-Facebook) sites*
*You will need all the protection of NoScript until Facebook themselves become more security conscious in how they program the 'like' feature (the thing being exploited right now).
( The knowledge is there for Facebook to mitigate the threat already, but whether they are willing to take some resource away from new online games and Yahoo integration, to fix the issue with 'liked this' hijacking is the real question )

Further reading and links: