Friday, October 03, 2008

ssh -NfL

Probably at least once in life you've heard the old adage, "It's more powerful on the command line."

But never before have I encountered a command-line argument this powerful. I thought that ssh was powerful, what with its X11 forwarding and secure encryption and all. But just when I thought that the command line had reached its limit, the command line morphed and merged with the full weight of the NFL. Now introducing: ssh -NfL.

ssh, or Secure SHell, is an encrypted way to log into computers remotely, usually through the command line. VNC, or Virtual Network Computing, is another way to log into a computer remotely, but through sharing a screen. VNC with ssh tunneling is a way to combine screen sharing with the security of ssh.

Several websites give helpful hints on how to create ssh tunneling, and for awhile I used a sophisticated solution I found that involves a single line that creates the tunnel, establishes the local connection, and loops a sleep command to auto-close the client. The only problem was that for some reason the connection always seemed slow. I always thought that it was a limitation of my home internet, but one day I noticed that my girlfriend logged into her VNC server from my home with tremendous response rates.

And that day I stumbled upon a new command. A command alone worthy of the heavyweights of Joe Montana and Steve Young. An NFL command.

ssh -NfL creates a fast ssh tunnel with minimal coding. I don't even know if it's technically superior to the more sophistated command I was previously using, but there's no doubt that it's symbolically more powerful with -NfL by its side. What does the NFL do for ssh? "N" is an option not to present a command prompt to the user after logging in, allowing the user to continue operating from the local command line. "f" puts the ssh tunnel into the background, also to free up the local command line. "L" does the dirty work, creating the tunnel by forwarding a local port to the remote server.

And that's it! I did find the commands a little unwieldy to type in by hand on a regular basis, so I wrote up a little script; feel free to use it and comment on how to improve it as well. Now VNC through ssh tunneling is a speedy matter, bringing me from home to work insuperably faster than even the Grey shuttle can.

Saturday, September 27, 2008

Atom-based medical tablets: the way of the future?

I saw a recent Crave posting on this new Atom-based netbook tablet that will be marketed for use in hospitals and other medical settings. I've been craving a netbook but as a poor grad student still lack the funds to procure even one of these. Maybe when the Atoms become as cheap and ubiquitous as K atoms (or ions), I'll pick one up. Or maybe by then I'll finally be on the wards and can use one of the hospital's tablets.

(CNET photo of a the upcoming Panasonic Atom based tablet)

Dunder Mifflin would be disappointed by the paperless system, but might be better prepared.

Sunday, August 31, 2008

The tXtFL Season Has Arrived!

The football season has finally arrived, and it feels like forever since I've worked on the tXtFL football simulator. This past Labor Day weekend I've finally had a chance to labor on tXtFL and work on an oft-requested feature: multi-game automation.

One of the tasks for any simulator is simply to figure out whether it's actually a simulator. In other words, it would be terrible news to find out that a football simulator never simulated anything close to reality, or even worse (or better, depending on how you look at it), if a football simulator is a better simulator of baseball or cricket.

tXtFL has simulated scores fairly accurately in recent versions and even came close to predicting the historic final Patriots game of the regular season last year. But it's hard to get a clear grasp of statistics with only a few simulations to compare against each real game, and the same model fell short of predicting the following Super Bowl upset. Of course, one could spend hours sitting on the Enter key to generate hundreds of games and then manually compile them for comparison against raw NFL data. But shouldn't there be an easier and more robust method?

It turns out that the first step to multi-game simulations was easier than expected and only involved centralization of code handling user input and a few automation functions. Now tXtFL can run games in full AI mode of the same two teams theoretically up to thousands of times. Games are played back-to-back and cycle with only initial user selection of teams.

The next steps will be to save that output, ideally in a format that could be fed into Matlab or R or other statistical software for a more thorough computational analysis. We could check individual player stats against historical data and also analyze its predictive power of games and seasons. Hopefully we can figure out how to run it on a cluster. And hopefully our simulated stats will eventually cluster around reality?

Friday, July 18, 2008

Fedora 9 Server Upgrade Experiences

I recently upgraded my aging server from Fedora 7 --> Fedora 9, now that the 7th distribution is no longer supported. Fedora 7 was an old favorite, a trouble-free experience to both my laptop and server, a 7th-inning stretch if you will. But alas it's baseball season, and the 9th inning has arrived, and it's come time to get on board before the game is over. As usual I'm providing a summary of my experiences in case you might find it useful for your own upgrade.

Netinst Installation CD

My server dates back from the last millenium and is pushing a decade since its birth in 1999. A Pentium III 450 MHz, it's done its share of work but presses on. Even if it doesn't have a DVD drive. I needed a way to install by CD, and rather than downloading the entire 6-volume set, I learned that new to Fedora 9 is a "netinst" disc image that replaces boot.iso, rescue.iso, and diskboot.img and provides "everything the user needs to install a system over the network."

It serves as a small disc that contains just enough to run the installer, download the files for an installation, and even rescue a system. One just needs to remember to point the URL to the official Fedora 9 release rpms, such as, or of course to a local repository of mirrored Fedora files.

During the upgrade, my internet connection went down, and the netinst install failed at the final file. Not to fear. A retry completed the upgrade, and Fedora 9 came to life on my server.

Web Server Down!

A quirk from the initial release of Fedora 9 is that the httpd Apache web server failed to start on several of my machines. Apparently some libphp module couldn't be found, and the server never started. Again, not to fear. A sudo yum update resuscitated httpd, and it started serving pages immediately.

Subversion Subverted

While updating some CCF web files, I found that I couldn't commit my changes to the server. I got

can't open db activity permission denied

error messages when running svn commit commands. At first I thought that the permission bits had been misapplied, or perhaps files had been overwritten by a different user, but even setting permissions to 777 failed to permit commits.

Eventually I came across a solution on a Fedora forum that pointed to an SELinux context error. Apparently during the upgrade, the security labels got changed, flagging SELinux to prevent those files' usage. One workaround was to switch SELinux from "enforcing" to "permissive" mode via

sudo /usr/sbin/setenforce 0

Of course this change dramatically alters security just for Subversion. An alternative solution is to restore the context of the Subversion files. I saw "httpd_sys_content" several times in forums but didn't find the label to solve permission erros on my machine, so I left the server in permissive mode while making a file commit. One of the files that gets changed during a commit is /path/to/repos/db/current. Using ls -ldZ /path/to/repos/db/current, I found that the file had been labeled to "unconfined_u:object_r:httpd_sys_content_rw_t".

That last bit was what flagged me that a similar "httpd_sys_content" label might work. Using

sudo chcon -R system_u:object_r:httpd_sys_content_rw_t /path/to/repos
sudo /usr/sbin/setenforce 1

I found that I could again commit files with SELinux in enforcing mode. Note that I used "system_u" rather than "unconfined_u" and that SELinux is still much of a mystery to me.

Fun with Fedora? or Fedora frustrations? As with most things Linux, how can there be one without the other?

Tuesday, June 24, 2008


I just noticed the fog icon for the weather feed on Google Calendar. But I thought every day is foggy in San Francisco? Or maybe that's just because I live in the Sunset.

Google Calendar, SF Sunset Edition

Sunday, June 08, 2008

Dual Display

At a product vendor fair today during the ADA conference, pioglitazone maker Actos made it clear to me that multi-tasking with a penlight can be both fun and productive. The dual snake penlight/laser pointing device can be employed for a majority of tasks, most typically to doubly highlight extremely important points during talks or, while using the LED light to read papers in dark corners of the night, to "virtually underline" text with red laser.

A brief demonstration of the "hands-free" lighted reading paradigm. Guaranteed to impress your colleagues at any time of the day.

Actually, it is a pretty cool contraption, maybe useful for some quiet reading on a late-night shuttle ride home.

Tuesday, May 13, 2008

A Dream Come True?

This is almost too good to be true. Ubuntu 8.04 LTS in VirtualBox seamless mode, plus Fedora 9 via VNC, all within Vista SP1. All virtually configuration-free (literally!).

How is this possible? Several recent developments in the open source world collided to make this near-paradise a present-reality.
  1. VirtualBox released a new version (1.6) with "Seamless Mode" for Linux guests. This mode has been available for Windows guests, but only now has it become available in the other direction, a great boon for the ubiquitous Windows desktop in need of Linux support on the side. Perhaps Sun's recent acquisition of Innotek, makers of VirtualBox, propelled the feature? It may have already been on the cooker.
  2. Ubuntu released version 8.04 LTS (Long Term Support) just last month. Although I could not get a Fedora 8 guest to run successfully in seamless mode, Ubuntu 8.04 worked without a hitch.
  3. Give up on Fedora? Not quite so fast. Fedora 9 made its debut today and installed on my trusty Dell laptop without complication. That's it, there's almost nothing buggy/techy to report.

Monday, May 12, 2008

Amateur Architecture

While searching for a way to launch Text Trix through Java Web Start, I stumbled upon another Web Start application: Sweet Home 3D. This application launched with a simple URL link and took me to an architectural planning grid, with drag-n-droppable walls and furniture items.

I'm no architect, but I can drag-n-drop, so I designed an amateur mock-up of a "living bedroom," a living room with a built-in bedroom. Sweet Home 3D comes with some catchy bird's eye and human's eye views, including a "virtual tour" option with adjustable body and head angles to take in the room's entire view.

If you take a closer look at the living bedroom, you'll notice one of its unique and advanced features: a bench and stool (on your right), suitable for a mini late-night laboratory in case you need to finish up a Western at home. I was hoping also to add an incubator, but could only find an oven.

Of course this all started with a search on Java Web Start for Text Trix deployment. Here's a snapshot of a first launch. It's nothing exceptional, but at least this time there's no exceptions (null pointers included!).

Saturday, April 12, 2008

Catching Up on the Past Few Months

In-between time spent with my mice at lab, I've been blessed to spend time with good friends, good places, and goodness knows what else.

City Church Retreat 2008. Colin, Christine, and I wind our way through the rainy redwood forest surrounding the Mt. Hermon area near Santa Cruz on our first ever City Church retreat.

Veritas Forum at UC Berkeley. Me and my grad buddies Chris and Angela take a photo op with the Veritas speaker, Tim Keller, author of Chris' now-autographed copy of The Reason for God.

Community Group Snow Trip. My car (Colin, Brenda, me) at the start of our two-day ski/board adventure through Northstar at Tahoe. Our smiles grew only bigger as we entered day 2 and found a secluded "secret" lift, complete with access via rope tow. Yes, rope tow!

Phone System Prep for The Game at UCSF. Ken and I stress test the automated, menu-driven phone system we're implementing with Colin for the Bay Area scavenger hunt.

Monday, March 31, 2008


Come to me, all who labor and are heavy laden, and I will give you rest. (Matthew 11:28)

Tuesday, February 26, 2008

Shining Out of Darkness

For God, who said, 'Let light shine out of darkness,' has shone in our hearts to give the light of the knowledge of the glory of God in the face of Jesus Christ. (2 Corinthians 4:6)

That was the theme verse my sister imprinted on the T-shirt design for my junior high fellowship, Sonlight. We aligned the words of the verse on separate lines so that the letters SONLIGHT shone out vertically in bright fluorescent yellow. We got it printed and were quite proud of the design, even later when people rediscovered them during a church cleanup and started wearing them for janitorial duties.

To this day that verse—and the fellowship where I discovered it—have left an indelible mark on me. I'm still amazed how God used that little fellowship of little middle schoolers to shine light and life into me. I remember one speaker, a radio talk show host from a nearby Christian station, who asked us how far a candle could be seen in pitch dark. 10 feet? 5 feet? A couple inches, before the darkness quenched it? "30 miles," she told us. "A single candlelight in pitch darkness can be seen 30 miles away."* Imagine what that meant to little junior highers, who felt no bigger than tiny candlelights in the sometimes oppressive darkness of school and society and puberty? My eyes opened like candles as I thought of that, as I thought of God's light shining that far through the darkness, of God's light shining onto me—junior-high-me—and reflecting off me as light to those all around me.

My grad fellowship today is named, coincidentally, Sonrise (no relation to Sonlight!). We're no junior high fellowship, but I am awed at how God continues to shines his light into fellowship as strongly and steadily as I remember him back in junior high. As we travel further along in our careers, new corners of darkness crop up in our lives as we face new dilemmas, disillusionments, doubts, yet into each dark corner he peers in and shines on us with his light, the light of the Son, in such a way that as the old translations put it, "the darkness comprehended it not" (John 1:5).

*I've never had a chance to verify the candlelight distance scientifically, but I'll leave it as a junior high memory and take her at her word.

Tuesday, February 05, 2008

tXtFL Interface Updates

While visiting Andrew & Miyon in New York at the turn of the new year, I had a chance to take advantage of East Coast time with a few late-night coding sessions. Back then, the Patriots swept victory from the Giants in the final game of the regular season. But this week New York took it back in the Bowl. Evidently good things happen in New York, and it was good to me those evenings in the form of a long-overdue graphical interface update to tXtFL.

The old view, stable from tXtFL 0.7.0-0.9.2 (2004-2008):

The new view, currently in progress for tXtFL 1.0.0alpha2:

Lots more work left before 1.0.0. Feedback always welcome!

Thursday, January 31, 2008

Saturday, January 26, 2008

Post-Orals Celebrations

Two friends from Sonrise and I took orals back-to-back-to-back last November. Months of anticipation came to a head in my dual orals (minor+major), which though stressful, proved surprisingly invigorating. So many of those papers I had been intending to read finally came out of their folders, and I finally got a chance to formally justify to myself why I was doing what I was doing. I asked for prayer that I wouldn't try just to get through it, but that God would grow me as a scientist through the entire process. He truly answered.

I'm blessed to have a wise and supportive mentor.

Ken organized a post-orals celebration, introducing me to a nearby southeast Asian restaurant that he (and now all of us) vouches for. Colin later introduced the guys to an even near-erby brewery that we hope to visit again.

The following week, I took my MSTP classmate Marcus to celebrate his orals. Chris, pictured between us, took his orals the week just before mine, which you can tell by the width of his smile in both pix.