Wikipedia:Reference desk/Archives/Computing/2007 September 5

= September 5 =

Fractals and Apophysis and Math...Oh My!
I recently put this question up at the Mathematics' Part of the Reference desk and I've decided to ask the computer ref. desk for more information about my question (sorry if it's "rude" or something), I didn't know. Anyways the question is below.

I recently downloaded the newest version of Apophysis (2.02) and I was wondering about this question: How Exactly do you make fractals?I already read the article on Fractals but it seems slightly ridiculous that I have Apophysis and not know how to make a fractal! I already can create thing from altering the code (I think it's a code) from fractals generated randomly by the program but is there any way to do it manually? Do you just type in random numbers like "01001001..." or is there more to it? And, will the fractal appear for a given parameter exactly the same on any other program or Apophysis? For example: if 01001001...appears as an "eye", will it look the same on another Apophysis or fractal program or will it be a completely different image for each one? P.S.- If anyone knows a good place to get started on fractals let me know!

Many thanks in advance for my confusing question- ♥  ECH3LON  ♥  00:03, 5 September 2007 (UTC)


 * I don't know if this helps but you can make heaps of different kind of fractals with the effects on the GIMP, with tools such as Fractal Explorer. Hope this helpsMix Lord 02:04, 5 September 2007 (UTC)


 * I have no idea what Apophysis is, so cannot comment on that. A Fractal is a mathematical concept, not a drawing. There are many "functions" that are fractal in nature and there are ways converting data obtained from these functions into x, y and z (often z=colour) coordinates. There is no reason why your package should produce the same pictures as some other program unless they both use the same conversion scheme. Some functions have obvious conversion schemes. No you don't just type in random numbers - unless you have a program that implements some particular fractal function and wants a "seed" value.


 * A good way to generate a fractal image is using multiple reducing recursive photocopying. In this you take any (non-empty) image (a unit square is any easy starting image) and replace it by several distorted images, overlaid on each other. Then repeat the process with the newly created image an infinite number of times. You'll get a fractal. An example of this is the Serpinski Triangle Sierpinski triangle. -- SGBailey 19:20, 5 September 2007 (UTC) -- link fix SGBailey 22:03, 5 September 2007 (UTC)


 * Oh, I've got that and I LOVE IT!!!! Anyways, I'll come here a few times to check up on this section if you post more.  To edit Control + E to change color Control + G  I'll post on you're talk page too.Yamakiri 22:50, 9 September 2007 (UTC)

Getting information from a Visual Basic menu
How do you find out what item in a dropdown menu that a user clicked? I tried the following code that is supposed to change the size of the items on the visual basic form:

When I run the program, clicking on the mnuView_large item does absolutly nothing. What am I doing wrong? P.S. I am using Visual Studio 2005 as my development software. 69.205.180.123 01:24, 5 September 2007 (UTC)


 * If I recall—though I don't have it in front of me—you use the e (EventArgs) object to get information about what specific menu has been clicked. Try e.value or e.Checked and see if that works... --24.147.86.187 01:47, 5 September 2007 (UTC)

Rapidshare
which site or search engine is the browser of Rapidshare?Flakture 08:15, 5 September 2007 (UTC)
 * You cannot browse files on rapidshare- for maximum privacy you need the link to the file's page in order to download it. There are third-party registries though, mostly for warez.. --⁪frotht 13:45, 5 September 2007 (UTC)

C# mode for GNU Emacs?
I have GNU Emacs 21.4.1. Is there a C# mode for it that would support syntax colouring and automatic indentation for C# programs? J I P | Talk 10:12, 5 September 2007 (UTC)
 * http://www.emacswiki.org/cgi-bin/wiki/CSharpMode --Sean 13:37, 5 September 2007 (UTC)
 * I've downloaded and installed the Moonfire Games C# mode. It required upgrading my CC mode too. However, when I load a C# file into Emacs, it spends 3 seconds loading the CC mode. This does not happen, for example, when loading Java files. What is causing this? J I P | Talk 14:25, 5 September 2007 (UTC)
 * Perhaps you have not byte compiled the new modes, and Java is using the old versions that are so compiled? --Tardis 18:47, 5 September 2007 (UTC)
 * I have byte compiled them, but it still happens. J I P | Talk 04:55, 6 September 2007 (UTC)
 * Emacs has a mode for everything if you have enough modifier keys ;D --⁪frotht 13:46, 5 September 2007 (UTC)

Serving web pages with the correct MIME type
I have a web page that passes the W3C validation but gives me the following warning: "The document is being served with the Mime Type which is not a registered media type for the   Document Type. The recommended media type for this document is:" So I serve the document with the recommended type instead, but then everything breaks down – it doesn't validate anymore and Firefox just displays an error. What should I do? —Bromskloss 10:33, 5 September 2007 (UTC)


 * Your server needs to send the file with the correct Mime Type or, if you are using some server-side scripting, change the Mime-Type of the document in the header. This has nothing to do with the page itself.  The page is most likely fine XHTML.  However, the sever is claiming that it is text/html, not application/xhtml+xml. -- k a i n a w &trade; 15:31, 5 September 2007 (UTC)


 * Actually, with the default settings, the page gets served as text/html. The validator says this isn't correct, but the page shows up fine in browsers. But, when I reconfigure to serve it as application/xhtml+xml, both browsers and validator complain violently. I'm puzzled – I just did as the validator told me! —Bromskloss 19:31, 5 September 2007 (UTC)


 * Can you tell us the exact error messages you get? — Matt Eason (Talk &#149; Contribs) 20:07, 5 September 2007 (UTC)


 * The rules are a lot stricter if you serve it as application/xhtml+xml. It must be 100% clean XHTML, you can't have any javascript on the page itself (at least they don't seem to work for me), you can't do document.write in &lt;head&gt; (Heh I spent hours last night on that one) and yeah, basically any error will knock up a yellow screen of death on Firefox. Why are you using XHTML1.1 though? I used it only because SVG scripting doesn't work otherwise. --antilivedT 08:13, 7 September 2007 (UTC)

Commutative encryption/decryption
I would like to solve the problem of sending a message (specifically, a session key) securely between client (specifically, any "modern" browser running javascript) and server (specifically, Apache running PHP).

This problem has been solved using Diffie-Hellman secret key exchange, but existing solutions require up to several realtime seconds of computation and client/server turnarounds using a large amount of Javascript and/or Java code on the client side, and a large amount of PHP code on the server side (see http://srp.stanford.edu/demo/demo.html for a starting point for developing the code). I have an implementation, but it is just not practical to use it on all my websites due to its size and slowness.

I would like to find a solution that is much quicker, uses far less code, and is easier to compute. It should use ordinary 32-bit operations instead of simulated modular arithmetic on 1024-bit integers. I don't mind if the solution is not ideal, or has some weakness, so long as most hackers can't break it. It is generally possible to add features to a weak system to increase its security (such as applying it repeatedly, to give just one example).

I'm currently thinking about a solution involving commutative encryption/decryption. Here is how it would work:

The client chooses a pseudorandom 32-bit number, which is never sent to the server. The server chooses its own pseudorandom 32-bit number, which is never sent to the client. Each side has functions, parameterized by its secret number, to encrypt and decrypt character-string messages of any length (good functions do padding, transposition, and substitution). The functions are as follows:

EC: encryption using the client secret number

DC: decryption using the client secret number

ES: encryption using the server secret number

DS: decryption using the server secret number

As explained in the following steps, EC and ES are commutative, as are DC and DS.

If the client needs to send a secret message M to the server, it would do it as follows:

1. The client sends EC(M) to the server.

2. The server replies with ES(EC(M)).

3. By commutivity, the client now knows EC(ES(M)).

4. The client computes DC(EC(ES(M))=ES(M).

5. The client sends ES(M) to the server.

6. The server computes DS(ES(M))=M.

And similarly, the server can send a secret message to the client.

This process is only used once (as is the Diffie-Hellman scheme), to communicate a secret random key from the client to the server (or vice versa) securely. Once both sides have the same secret random key, any fast encryption/decryption methodology can be used for subsequent messages. This provides efficient session data exchange security.

The problem is that I'm not aware of any good encryption/decryption functions that are useable in this scheme, because they all fail to be commutative as defined above.

So, my question for the Wikipedia community is: can you come up with commutative encryption and decryption functions suitable for this message exchange scheme? (Commutation is not enough; the functions must be short and efficient.)

I believe this question is worth asking, because a solution would be of widespread interest and applicability in ordinary web programming, such as user login, secure form data transmission without the overhead of SSL, etc.

On the other hand, if a solution is not possible (because good encryption can never commute), it would be good to know that, too.

David 12:47, 5 September 2007 (UTC)


 * I suggest you either stick with proven standards or use a really simple system. Any fast nifty key exchange you think of is unlikely to be cryptographically secure. Easiest way I can think of to get a key to both client and server would be to have the client generate it and just send it to the server over HTTPS and sort of piggyback on the secure D-H exchange built into SSL. Or do something really quick and dirty with md5 or sha and send it plaintext, if security is only a nominal consideration --⁪frotht 22:42, 5 September 2007 (UTC)

Froth, if I hadn't done so much experimentation with encryption I probably would agree with you, but I have a strong feeling that what I am proposing is possible. Note that I indicated that I didn't need a cryptographically secure algorithm, only one that would protect against typical hackers. Any encryption that does sufficient padding, transposition, and substitution should meet my requirements. I'm not looking for a mathematical proof, but something that just works okay in practice.

I believe that transposition and substitution are each separately noncommutative. Therefore, I'm looking for some restriction on these operations to make them commutative. Or else I'm looking for some other way to do encryption and decryption that uses only commutative operations (like XOR, which is easily broken as a standalone encryption method but may be secure when applied to pseudorandom 32-bit integers).

Your proposal to use SSL is unacceptable because it encrypts everything sent over the connection. This introduces noticeable slowness to page serving. It would be okay just to send short messages designed to share a secret 32-bit number, but I don't see how to limit it to that purpose, rather than being applied to all pages served for that browser connection.

Your proposal to use md5 or sha1 is fine, except that these are one-way functions, so I see no way to use them to share a secret. Finding such a way would be a major contribution to cryptography. David 11:09, 6 September 2007 (UTC)


 * I know little about this, but I think it is fairly standard for sites to use SSL to send password keys, then deposit a cookie with a session hash in it (md5 of the password plus the IP or something like that, keeps it from authenticating for anyone else if stolen), and then to stop using SSL. Gmail, for example, starts you off in https:// when you are logging in, then turns into straight http:// once you are authenticated. Again, I don't know a ton about this, but it seems like that is a fairly standard approach and would be easier than all of the client-side processing necessary for your method. --140.247.242.79 18:56, 6 September 2007 (UTC)


 * FYI if you actually go to https://mail.google.com it'll keep you on a secure transaction --⁪frotht 03:23, 8 September 2007 (UTC)


 * I believe that the fact that there are many websites that employ SSL is irrelevant to the question I have raised. I've explained why I do not wish to use SSL. David 16:30, 8 September 2007 (UTC)

Yes, that is the standard method. But I neglected to mention that SSL has another drawback: it requires a security certificate. Since I want to be able to encrypt data in any of my web programming, I don't want to pay for certificates. On philosophical grounds, also, I object to paying (fixing the security holes of a free Internet should involve reimbursing us for our trouble and overhead, not cost us money). Yes, I know that we can create our own certificate. But since it is not rooted in a "trusted authority" (read: company with a cash cow), many browsers will bother visitors with what for them are very cryptic error messages. David 10:33, 7 September 2007 (UTC)


 * I do agree with all the cautionary notes above about homebrew encryption. All that said, there certainly are encryption methods that satisfy your commutativity requirement: in particular, any stream cipher, or a block cipher in CTR mode, ought to do it.  However, they won't actually provide the secrecy you seem to be looking for: an eavesdropper, possessing EC(M), ES(M) and ES(EC(M)), will be able to trivially compute M.  —Ilmari Karonen (talk) 19:13, 6 September 2007 (UTC)

I'm looking for a new approach. Even if it is homebrew, if it has merit it will be improved by others. I'm not familiar with stream ciphers or CTR mode, but I will look them up. Your comment about trivially computing M puzzles me. I don't see how to do it. In order to decrypt any of these three messages, one must know the secret key. Otherwise, one doesn't know and therefore cannot apply DC or DS. David 10:33, 7 September 2007 (UTC)


 * In a stream cipher, one uses the key to generate a pseudorandom "keystream", and then simply XORs that with the data to be encrypted as if it were a one-time pad. To decrypt, you just repeat the process.  The problem, in your application, is that this means ES(EC(M)) is simply KS ^ KC ^ M, where KS and KC are the keystreams and ^ is the XOR operation.  Since XOR is associative and commutative, and since X ^ X = 0 for all X, an eavesdropper can simply XOR the three values he has together to get EC(M) ^ ES(EC(M)) ^ ES(M) = (KC ^ M) ^ (KS ^ KC ^ M) ^ (KS ^ M) = (KC ^ KC) ^ (KS ^ KS) ^ (M ^ M) ^ M = M.  In a sense, the problem is that your scheme reuses the same keystream KS to encrypt two values (M and EC(M)), which is a big no-no for stream ciphers.


 * More generally, if your cipher is vulnerable to a known-plaintext attack — that is, if possession of ES(X) and X allows an attacker to determine DS — then your scheme falls apart (consider X = EC(M)). Note that the attacker does not necessarily need to obtain the original key, merely enough information (such as the keystream of a stream cipher) to allow him to decrypt messages shorter than X.  I'm not aware of any ciphers that would be commutative and not vulnerable to such an attack, though I won't swear that they don't, or can't, exist.  —Ilmari Karonen (talk) 15:51, 7 September 2007 (UTC)

I had also reached this realization (thinking also of the example of XOR with the local secret number), but I was holding out the hope that there could be commutative EC, ES pairs not using a function as simple as XOR for which it is impossible to guess DC or DS. You appear to have dashed this hope. However, I won't give up, and if I ever figure out a solution, I'll post it here. A simple solution would be so wonderful. David 16:30, 8 September 2007 (UTC)

features of recylebin
process of recylebin & features of it? —Preceding unsigned comment added by Yrocks (talk • contribs) 15:06, 5 September 2007 (UTC)


 * Recycle Bin is a place where deleted files go before they are permanently deleted. I suppose the idea is that you get one more chance to decide whether you want to delete something. Features usually include some form of "secure" deletion, where the file is overwritten with random 1's and 0's a few times, so that it cannot be "undeleted". --24.147.86.187 15:18, 5 September 2007 (UTC)


 * marks grade A*. Wikipedia should not do IP's homework. Bad 24.147.86.187! Josh Holloway  19:54, 5 September 2007 (UTC)


 * Eh, who cares. That's either one lame question on a homework, or it's not enough of an answer to possibly count for much. Anyway it is pretty obvious, as far as these things go. --24.147.86.187 13:49, 6 September 2007 (UTC)

Skinker Vs. Desktop Buddy
What is the difference between a desktop buddy and a Skinker? —Preceding unsigned comment added by 159.153.156.60 (talk) 16:16, 5 September 2007 (UTC)
 * I can't say. However, I think you might want to learn about Spyware before you install too many of either. --Mdwyer 21:57, 5 September 2007 (UTC)
 * One witty answer that was! I recommend voting it for the award ... --69.150.163.1 User:Kushal_one] —Preceding unsigned comment added by 69.150.163.1 (talk) 21:19, 6 September 2007 (UTC)

ِDreamweaver
How can I download a whole site with dreamweaver?Flakture 17:37, 5 September 2007 (UTC)


 * Dreamweaver is for creating sites, not downloading them. <font face="Calibri" color="orange">:: <font face="Calibri" color="blue">Manors <font face="Calibri" color="orange">::   18:14, 5 September 2007 (UTC)
 * Dreamweaver has a built in FTP client, but you'll need all the FTP login info for the site you wish to download. The exact info you require will depend on which version of DW you're using. Exxolon 23:35, 5 September 2007 (UTC)


 * Why does it have to be with dreamweaver (which is often considered a bad program)? Alternatively, have a look at website copier. Oops, doesn't exist? Well, HTTrack then. DirkvdM 09:13, 8 September 2007 (UTC)

Windows Explorer problem: missing option in "Open With" context-(sub-)menu
I have Office installed on a Windows XP machine. For some reason, when I right-click on a .htm file in Windows Explorer, the "Microsoft Office Word" option is missing from the "Open With" sub-menu. I used to have that option.

I tried selecting Word using the "Choose Program..." dialog, but Word is not among the programs available. I can't even use the Windows file chooser (invoked by the "Browse..." button) to choose the Word executable. (I can "choose" the Word executable from the file chooser, but upon returning to the "Choose Program..." dialog, Word is NOT added to the available programs.)

Not sure if it is relevant, but in the "Choose Program..." dialog, Firefox appears twice in the list of recommended programs.

If anyone knows how to fix this problem, please help. Thanks. —Preceding unsigned comment added by 64.236.170.228 (talk) 19:16, 5 September 2007 (UTC)


 * I don't know why that is happening, but you could right click the file, then save it to the computer. Then open Word and try to open the HTM file and see if it does open. If it doesn't, there might be a problem with your Word, not internet explorer. <font face="Calibri" color="orange">:: <font face="Calibri" color="blue">Manors <font face="Calibri" color="orange">::   21:32, 5 September 2007 (UTC)

Are you sure you don't have Firefox 1.0.0.7 AND Firefox 2.0.0.5 installed on your computer? --69.150.163.1 21:18, 6 September 2007 (UTC) User:Kushal_one

What's up with Photobucket?
It's not working for me. Is it down, or is it me? <font face="Tahoma">Pacific Coast Highway <font color="#7F4812">{blab • stalk} 20:30, 5 September 2007 (UTC)
 * Working fine for me now. Every site has down time sooner or later. They can be caused by various reasons, but are usually fixed soon after. <font face="Calibri" color="orange">:: <font face="Calibri" color="blue">Manors <font face="Calibri" color="orange">::   21:29, 5 September 2007 (UTC)

unable to connect with a provided link to a source.
When I left click a link to a source ie. a link to a very interesting fact on wikipedia, I get a dialogue box that says,"locate link browser" and will not connect me. So I right clicked, and I get "select all" and "view source" and that's it. Please help. 198.6.33.31 21:57, 5 September 2007 (UTC)


 * To help you more, a specific browser would be nice. A simple google search turned up an interesting hit.  Read here  and read the various solutions.  Keep me posted. Monkeynoze 23:05, 5 September 2007 (UTC)


 * Also, is it all links or just a specific link ? If just one link, which is it ? StuRat 05:50, 6 September 2007 (UTC)

Quick/easy tunneling through restrictive public wifi.
Hi, I am visitng a relative in the hospital quite often these days. The hospital has free "internet access" but it has a draconian filtering policy. AFAICT only connections to port 443 and 80 are allowed. I use linux and all I want to do is be able to ssh to my home box so I can get my email. There is apparently some application level filtering going on because I moved my ssh server to port 80 my connections get reset. What is an QUICK EASY way I can tunnel (probably ssl over port 443) and make it look like a https connection so I don't get killed by the filter. I know there are a ton of options for tunneling but I am specifically looking for quick and easy suggestions. All i need is an ssh shell. Thanks so much! -- 71.86.121.200 —Preceding unsigned comment added by 71.86.121.200 (talk) 22:56, 5 September 2007 (UTC)
 * to answer my own question, this is a simple howto to tunnel ssh through http which uses httptunnel-- 71.86.121.200 23:44, 5 September 2007 (UTC)
 * A filter could in principle detect and block ssh inside http, though you'll probably be fine. You could also try ssh inside ssl, using stunnel for the ssl layer. There's no reliable way for a filter to distinguish this from real https (which is http inside ssl). -- BenRG 00:06, 6 September 2007 (UTC)
 * You'll have to have it set up at home too. --⁪frotht 12:53, 6 September 2007 (UTC)


 * What you may be bumping into is a intercepting HTTP proxy running on port 80. The stunnel/httptunnel suggestions above ought to work, or you might simply try running your ssh server on port 443 (since they might not have bothered running that through the proxy).  —Ilmari Karonen (talk) 20:56, 6 September 2007 (UTC)


 * Thanks for the answers! Yeah its probably a transparent proxy like that. httptunnel should work but is not very robust at all,  I start the server at home and by the time I get to the hospital it has ended for unknown reasons which is highly frustrating.  I control a few internet-connected machines so I will try stunnel on one and ssh on port 443 on another.  Jumping thorough these hoops to get real internet access is very frustrating, and I don't have time to devote to computer tinkering like I usually do. The lesson in this is to setup your tunneling proxies/vpn before you think you will need them. I will probably even set up one of those cool dns-tunnels when I get the time. -- 71.86.121.200 22:47, 7 September 2007 (UTC)


 * Cool, yes. But please don't tunnel gigabytes of traffic through DNS requests! It's a terrible protocol for data transfer and the hacked-together methods of doing it are certainly less stable than httptunnel. Are you sure that you have the proper ports forwarded on your router and that's not why you can't connect home? --⁪frotht 03:21, 8 September 2007 (UTC)


 * THanks for your opinion but I can assure you that httptunnel by itself, though a great idea, is not very stable, I am sure therea are other similar tools that may be more robust. Sure I could write some shell scripts to keep it running but I am not going to bother. I know my way around an IP network and port forwarding is not the problem, httptunnel dying is the problem. -- 71.86.121.200 14:23, 8 September 2007 (UTC)


 * I would strongly recommend against bypassing their restrictions in any way. Hospitals need to be very careful of their networks, as they are a life-providing service. I doubt an stunnel could do any harm, but there may be bandwidth considerations or unforseen problems. If this were a coffee house, I wouldn't be concerned, but I wouldn't screw with a hospital's services. -- 68.156.149.62 13:03, 8 September 2007 (UTC)


 * I am quite sure there are no mission critical applications for this network, I am quite sure I am not violating the usage policy. I am quite sure I know what I'm doing, and my ssh session for reading my email will not cause bandwidth problems. I could even go downstairs and connect to the same network from the coffe house... -- 71.86.121.200 14:23, 8 September 2007 (UTC)