Book Reviews
![[Day Permalink]](http://radio.weblogs.com/0112083/images/permaLink.gif){kind=small}
Monday, April 26, 2004
![[Item Permalink]](http://radio.weblogs.com/0112083/images/ur_bullet.gif){kind=small} Why Windows manages to survive despite a high total cost of ownership -- Comment()
As the Apple Turns quotes the European Commission's 300-page report justifying why it's fining Microsoft 497 million euros for antitrust violations. The following was written by Aaron Contorer, who was Microsoft's C++ General Manager: "[The] Windows API is so broad, so deep and so functional that most ISVs would be crazy not to use it. And it is so deeply embedded in the source code of many Windows apps that there is a huge switching cost to using a different operating system, instead. It is this switching cost that has given the customers the patience to stick with Windows through all our mistakes, our buggy drivers, our high total cost of ownership, our lack of a sexy vision, at times, and many other difficulties. [...] In short, without this exclusive franchise called the Windows API, we would have been dead a long time ago."
|
|
A solution for scripting Cisco VPN with Expect -- Comment()
Here is my current version of the Expect script for Cisco VPN:
#!/usr/bin/expect
# Cisco VPN Script
set profile PROFILE
set username [exec whoami]
set sshpasskey /Applications/Utilities/SSHPassKey.app/Contents/MacOS/SSHPassKey
set passwd [exec $sshpasskey 'CiscoVPN']
for {} {1} {} {
eval spawn vpnclient connect "$profile"
expect -ex "Username \[" {send "$username\n"}
"A connection already exists." {exit 2}
expect "Password" {send "$passwd\n"}
interact
exec sleep 2
exec Cisco-VPN-kill
exec sleep 2
}
The following script (Cisco-VPN-kill) terminates existing (hanging) vpn connections:
#!/bin/csh -f
ps -aux | grep vpnclient | grep -v grep | awk '{print $2}' | xargs kill -9
exit 0
Thanks to Ssp for telling about SSHPassKey:
I think there is a surprisingly easy solution to the password question thanks to the SSHPassKey utility. While it has been made to provide keychain passwords for ssh, it can also be used by other applications.
|
|
-- Comment()
Morphing Plane Wings for Efficient Flights: "Airplanes, whether manned or unmanned, need to travel at various speeds. For example, a surveillance plane needs to fly fast to reach its destination point. Then, it needs to reduce its speed to achieve its surveillance mission. But with its fixed wings, it doesn't offer the same level of efficiency during these two phases. That's why Penn State engineers have devised airplane wings that change shape like a bird and have scales like a fish. Right now, the team has only built a tabletop model. So it will be a long time before you catch a plane and watch the wings disappear by looking through the window." [Roland Piquepaille's Technology Trends]
|
|
Automating Cisco VPN connections with Expect -- Comment()
I wrote earlier about scripting Cisco VPN with Expect. The script sort of works, but definetely needs a few improvements. Ssp commented that sometimes you need the command killall cvpnd, because the script does not exit properly from vpnclient. Here is my wish list for what the script should be able to do:
Update: Here is a new version of the script, which includes a better way to exit properly from vpnclient:
#!/usr/bin/expect
# Cisco VPN Script
set profile PROFILE
set username USER
set passwd PASS
eval spawn vpnclient connect "$profile"
expect -ex "Username \[$username\]:" {send "$username\n"}
"A connection already exists." {exit 2}
expect "Password" {send "$passwd\n"}
interact
The command interact returns the control of vpnclient to the user, and thus Control-C can be used to stop VPN.
Update 2: Here is a loop which tries to restart the VPN connection after sleep or other failure:
for {} {1} {} {
eval spawn vpnclient connect "$profile"
expect -ex "Username \[$username\]:" {send "$username\n"}
"A connection already exists." {exit 2}
expect "Password" {send "$passwd\n"}
interact
exec sleep 2
exec Cisco-VPN-kill
exec sleep 2
}
The Cisco-VPN-kill script terminates existing (hanging) vpn connections:
#!/bin/csh -f
ps -aux | grep vpnclient | grep -v grep | awk '{print $2}' | xargs kill -9
exit 0
Update 3: Here is yet another version, which uses a password stored in the Mac OS X Keychain:
#!/usr/bin/expect
# Cisco VPN Script
set profile PROFILE
set username [exec whoami]
set sshpasskey /Applications/Utilities/SSHPassKey.app/Contents/MacOS/SSHPassKey
set passwd [exec $sshpasskey 'CiscoVPN']
for {} {1} {} {
eval spawn vpnclient connect "$profile"
expect -ex "Username \[" {send "$username\n"}
"A connection already exists." {exit 2}
expect "Password" {send "$passwd\n"}
interact
exec sleep 2
exec Cisco-VPN-kill
exec sleep 2
}
The Keychain interaction is due to SSHPassKey. This avoids storing the password in the script.
|
|
We live in an encrypted world (you don't survive without it) -- Comment()
It seems that using computers and working on the net requires layers of encryption. At home, I'm connecting throuh a WPA-secured WLAN connection to an ADSL broudband router. To secure my net connection between ADSL and the intranet at work, I'm using Cisco VPN, which encrypts the traffic. So, this is already two levels of encryption (WPA between iBook and base station, VPN between iBook and intranet). In addtion, I'm using encryption in the application level: https, imaps, ssh etc. Some uses of encryption are still just possibilites, such as using S/MIME or PGP for signing and encrypting e-mail messages, but some day these may be routine as well. And I almost forgot: on the iBook you can use FileVault to encrypt your home directory for added protection. It seems that encryption is everywhere, you just can't be without it. This has been a bonus for mathematicians and computer scientists who work with number theory and related fields. Perhaps other fields of mathematics should invent similarly important uses for their research as well?
|
