Featured post

Sunshine and Snowflakes — Free mp3 download

Sunshine and Snowflakes is my favourite Christmas music album in the world. Released in 1973 by Light Records (album LS-5625-LP) by Lexicon Music, Inc. and distributed by Word, Inc., it presents an upbeat and energetic take on familiar Christmas carols, sung by an impressive, 40-member children’s choir. Unfortunately, the album has been out of print for some time now, hence I wish to make it available here. The album is arranged by Clark Gassman and directed by Jan Gassman.

[Sunshine and Snowflakes Album Cover][Sunshine and Snowflakes Album Back]

I digitized individual cuts of the album from a well-played LP record and converted them to 192 kbit, 44100 Hz, joint-stereo mp3 format using the Audacity audio editor and the LAME mp3 encoder. No (audio) compression, noise reduction, or any other digital signal processing was performed on the raw digital data, as I prefer the sound of the original vinyl recording.

I truly hope that you enjoy this unique Christmas music. “God Rest Ye Merry Gentlemen” and “Joy to the World” from the medley are not to be missed!

Right-click the following links to download:

Cut Title Length (m:s) Size (MB)
1 A Sunshine Christmas Medley 14:36 20.1
2 Over in Bethlehem 3:31 4.7
3 Wise Men Still Adore Him 3:19 4.6
4 The Very First Christmas Day 2:51 4.0
5 Where’s Christmas? 3:30 4.6
6 Happy Birthday, Baby Jesus 3:19 4.6
Total 30:46 42.6

If you appreciate this music, please leave a comment below. Your stories are most welcome. And please link to this page on your website or weblog. Thanks!

Oh—and I’m not getting paid to say this—if you want, you can buy a used LP or an unofficial CD-R of this album from sweet-music.com.


DNS-based mitigation for Samsung SwiftKey keyboard vulnerability

I was just listening to the discussion of the Samsung SwiftKey keyboard vulnerability from Security Now! episode 513, and I came up with a simple DNS-based mitigation that a user could implement to protect themselves.

The Vulnerability

Without any user interaction, the user’s phone makes a plaintext http GET request to a SwiftKey update server, and this request can be hijacked and malicious code injected into the phone by any man-in-the-middle bad actor. According to NowSecure, the discoverer of the vulnerability, the request looks like this:

GET http://skslm.swiftkey.net/samsung/downloads/v1.3-USA/az_AZ.zip

DNS-based Mitigation

With a rooted Android phone, a user could edit their /etc/hosts file to redirect the hostname of the update server (skslm.swiftkey.net) to localhost, preventing the http GET request from ever leaving the phone. In other words, the user is hijacking the request to the update server before a bad guy gets the opportunity to do the same.

With a non-rooted phone, there are DNS Resolver apps that can be installed that do the same kind of redirection to localhost.

Will this kind of mitigation work? Since I don’t have an Android phone to test against, this is just a thought experiment for myself.

The Mathematics of Easter

Why is Lent 40 days long, why is Passion Week 7 days, and why was Jesus “in the earth” for 3 days? Further, why do we celebrate his birth on the solstice and his resurrection on the equinox?

This essay by Alvin Boyd Kuhn explains it all, and it blew my mind. Good reading for an Easter weekend.

Backup Your Dropbox Files with rdiff-backup

The Problem

Teresa and I use a single Dropbox account to share files between our computers. I also use the same account to store (and sync) plain-text notes on my iPad and iPhone (I use the apps PlainText and iA Writer). In case things go wrong with these apps, the syncing, or with Dropbox itself, I want to backup my Dropbox files and keep past snapshots of the backups so I can go back in time.

The Solution

rdiff-backup can do this. It is a command-line tool written in Python that:

…backs up one directory to another, possibly over a network. The target directory ends up a copy of the source directory, but extra reverse diffs are stored in a special subdirectory of that target directory, so you can still recover files lost some time ago. The idea is to combine the best features of a mirror and an incremental backup.

To make this all happen, I have Dropbox installed, signed-in, and running on my Linux desktop/server, which runs Ubuntu 11.04 Natty with Gnome 2.

Install rdiff-backup thusly:

    # aptitude install rdiff-backup

I use the directory /backup/ to hold all my backup targets, so I can run rdiff-backup like this:

    $ rdiff-backup  \
        --exclude $HOME/Dropbox/.dropbox \
        --exclude $HOME/Dropbox/.dropbox.cache \
        $HOME/Dropbox /backup/Dropbox

Every time I run rdiff-backup like this, it creates a new snapshot of my Dropbox files. Old snapshots are kept until I decide to purge them (if at all). To purge any snapshots older than two months, for example, I run this command:

    $ rdiff-backup --force --remove-older-than 2M /backup/Dropbox

I run the above two commands in an @hourly crontab script to keep this all happening automatically.

Browsing Past Snapshots

rdiff-backup has its own commands for digging into the files stored in the past snapshots, but it requires exactly knowing the filenames and backup times. Another tool, rdiff-backup-fs solves this problem by mounting the rdiff-backup backup directory as a FUSE filesystem, allowing me to grep and find my way through a directory tree of all snapshots.

After installing FUSE and rdiff-backup-fs, I mount my Dropbox snapshot tree with this command:

    $ rdiff-backup-fs ~/mnt /backup/Dropbox

Note that the order of the arguments for mounting source and target are backwards compared to the canonical mount command.

A long listing of my 10-oldest snapshots looks like this:

    $ ls -lF ~/mnt/ | head -10
    total 0
    dr-xr-xr-x 1 root root 4096 2013-03-10 13:52 2013-01-06T05:00:01/
    dr-xr-xr-x 1 root root 4096 2013-03-10 13:52 2013-01-06T06:00:01/
    dr-xr-xr-x 1 root root 4096 2013-03-10 13:52 2013-01-06T07:00:01/
    dr-xr-xr-x 1 root root 4096 2013-03-10 13:52 2013-01-06T08:00:01/
    dr-xr-xr-x 1 root root 4096 2013-03-10 13:52 2013-01-06T09:00:01/
    dr-xr-xr-x 1 root root 4096 2013-03-10 13:52 2013-01-06T10:00:01/
    dr-xr-xr-x 1 root root 4096 2013-03-10 13:52 2013-01-06T11:00:01/
    dr-xr-xr-x 1 root root 4096 2013-03-10 13:52 2013-01-06T12:00:01/
    dr-xr-xr-x 1 root root 4096 2013-03-10 13:52 2013-01-06T13:00:01/

I can then explore all my snapshots at once with any tools wish.

When done, I unmount the rdiff-backup-fs filesystem with:

    $ /bin/fusermount -u ~/mnt

Dell laptop BIOS update using FreeDOS and ISO Master

I recently needed to update the BIOS on a Dell Inspiron 630m laptop. The file, available from Dell support, is a DOS executable named MX51_A04.EXE.

I had two problems with this file: (1) Windows would not boot, so I couldn’t run the file using Windows. (2) The laptop had no floppy drive, so I couldn’t easily boot into DOS.

Now, one can solve this problem by booting from a FreeDOS LiveCD to run the file. But then you have to figure out how to get and run the MX51_A04.EXE file from within the FreeDOS environment. Various websites suggested methods using USB flash drives, but I couldn’t get this to work.

Instead, I was able to add the file to the LiveCD ISO image before I burnt the CD. Here’s how it worked:

  1. Download the FreeDOS LiveCD called fdfullcd.iso (153MB).
  2. Under Linux or Windows, install and run ISO Master.
  3. Load the fdfullcd.iso in ISO Master and then add the MX51_A04.EXE file to it.
  4. Save the modified ISO under a new name.
  5. Burn the modified ISO to a CD and boot from that.
  6. When you boot the laptop using this modified FreeDOS LiveCD, be sure to choose the LiveCD mode and not the install option.
  7. Once you have a DOS prompt, the command X: will switch you to the X: drive, where you’ll find the contents of the CD and the BIOS update file.
  8. Run it, cross your fingers, and reboot.

A Better Online Dictionary


I like using the online dictionary at die.net because it’s fast and clean.

It’s easy to query, also. Just append your word to the end of the URL. For example:

It describes itself as offering “free cross-referenced definitions, spelling correction, and word searches from WordNet, Webster’s, FOLDOC, and a variety of specialized sources.”

In the “spam” entry above, some of the sources include the Free On-Line Dictionary of Computing, the Virtual Entity of Relevant Acronyms, and the Jargon File.

Which editor should I learn?

On serverfault.com, Rory McCann asked, “What’s the best terminal editor to suggest to a Unix newbie? i.e. not vi or Emacs.”

This answer, which purposefully ignores the original poster’s restriction, says it best:

My take is still Emacs or vi. Even for a beginner.


Because time invested in learning an editor is productive only as long as you keep using that editor. All those less expressive options are poor choices for the long run, and will be abandoned eventually. At which point the time spent learning them is wasted, and the user still has to learn Emacs or vi.

In other words, the best (most expressive) tool for the job is one of Emacs or vi, and so you’ll eventually switch to one of them. It ultimately doesn’t matter which one you choose, but you would be smart to invest yourself into learning one of them.

For the record, I’m a vim user, and I love using it.

Wil Wheaton has a new podcast

[Memories of the Future Jellyfish]

I just learned tonight that Wil Wheaton has a new podcast out, called Memories of the Futurecast.

The podcast is a promotion of his latest book, Memories of the Future, Volume One, which is Wil’s going-down-memory-lane review of the first 13 episodes of Star Trek: The Next Generation.

I listened to the first episode of the podcast already, and I’m looking forward to hearing the rest (12 of 13 have been published so far, as I write this). I enjoy everything Wil Wheaton does.

Check it out.

How to Disable Autosave in WordPress

The autosave feature in recent versions of WordPress (versions 2.5–2.7) is actually a misfeature:

… A misfeature is not a bug. Nor is it a simple unforeseen side effect; the term implies that the feature in question was carefully planned, but its long-term consequences were not accurately or adequately predicted (which is quite different from not having thought ahead at all).

The improper functioning of the WordPress autosave has bitten me several times. It’s supposed to prevent you from losing work by periodically saving your blog edits in the background, when in fact it has caused me to lose work by its very operation.

[WordPress Logo Inverted]

Basically, the most recent edits made to a blog entry often get dropped when you go to “Preview” or “Publish” the entry. In other words, during either of these two operations, it reverts you to what it had autosaved in the past and the new edits are lost. The frustrating thing is that most users would expect the “Preview” operation if not the “Publish” operation to properly save what’s in the edit box. So often, you might end up publishing an incomplete or incorrect version of your blog entry without even knowing it.

This is madness. Let’s stop it.

Find the following four files in the wp-admin/ directory of your WordPress installation:

  1. page-new.php
  2. page.php
  3. post-new.php
  4. post.php

and comment out the following line:


by changing it to:


This will disable the autosave feature in the WordPress user interface.

A secondary part of the solution, too, is to always hit “Save Draft” before hitting “Preview”. I’m not sure if this is strictly necessary, but now I’m paranoid.

Thanks to Allen Day and William Lone for showing me how to do this.

How to Relax Your Body Through Your Thoughts

Thoughts are Energy

Have you ever had that feeling in your gut when someone close to you is about to tell you bad news? Or what about the pit in your stomach when you know you have to face something that you know you don’t want to face? Well, behind these feelings and physical sensations are thoughts. These thoughts are sometimes conscious and oftentimes subconscious, but they are there.

These feelings and the thoughts behind them demonstrate that thoughts are energy. The thoughts that we hold in our consciousness, and those that lie below the level of consciousness, have an effect on our emotional lives. Through them, we can be lifted up and “energized” or be brought into states of fear and anxiety. Where you end up on this scale depends on the level of spiritual consciousness of the thought itself.

A Way to Relaxation

[Cultural Creative Figure]

Along these lines, then, we can find way to achieve relaxation and calm the body through conscious thought. Basically, ask yourself the question, “What does gratefulness feel like?” Now, this is not a question for the intellect, to be mulled over and processed by the thinking mind. No, hand your awareness over to your body as you enter the state of being grateful.

How do you do that? Well, this may be slightly different for every one of you, but I start by thinking about things I am grateful for. That is, I enumerate the wonderful things in my life, from the exceptional to the mundane. But the key is this: I don’t stay at the level of the thinking mind. Instead, as I bring each thing into conscious thought, I start to pay attention to how I feel—in my body. In other words, I shift my attention from the mental image to the sensation in my chest (or in my heart or in my forehead). For me, this immediately shuts off the thinking mind and allows me to enter into the awareness of who I AM—the thinker behind the thought.


Now, as you read this, I encourage you to give it a try. Examine for yourself what gratefulness feels like and where it shows up in your body. How does it differ from the feeling of universal love? Which emotions work best for you as a way to connect with and relax your body?

As you practice and become increasingly familiar with this method of relaxation and meditation, you can start to use it in your daily life to change how you feel in any situation. You can shift your thoughts to what you want to focus on and to the emotional state you wish to achieve in any given moment.