What kind of plane do you fly?

Cherokee 140
In the supermarket this evening I spotted a woman with distinctive white hair coming down the aisle towards me. I thought I recognized her as half of a couple, friends of my neighbor, who I had taken flying a couple of years ago.

I’d run into them several times since, and they always stop to say “hi” and ask how the flying is going.

As we passed, I waved and said hello. The woman looked at me, puzzled, and asked if she was supposed to know me.

I could tell now that this was not the same lady.

Sorry, I said. I thought that I had taken you and your husband flying.

No.

But my husband IS a pilot.

Then she continues, “What kind of plane do you have?”

A Piper Cherokee, I answer.

The look on her face was all-telling.

“Oh NO! He wouldn’t have gotten into THAT.

(Source Unknown)

Password Strategy

I just checked and I have over 100 UserIDs and passwords. The vast majority of them are for sites that don’t have any of my personal information but require registration before viewing or commenting. I don’t really care if someone hacks into those sites with my UserID. For those sites I use a weak password protection scheme. I use the same UserID and a password that has a codeword, numbers, and something specific to the site that I can remember. I’ll let my browser remember the UserID and password, but sometimes I’ll have to type it in. So, lets assume that my UserID is WellGolly and I want to register with the New York TImes. The first part of my password will be NYT followed by a code word. Here’s where you get creative. Make up a pseudo-word like delk or kifr. It helps if it is easy to type i.e. the keys are next to each other on the keyboard like these. (But not qwerty or asdf.) Then add a number to the end. Pick something like the first four digits of your locker combination in high school, your street address when growing up, or the year you graduated from high school. Then add a special character like ! or #. That should satisfy most password checkers and no one is going to guess the password. So my hypothetical New York Times password would be, NYTkifr3212!. My Washington Post password would be WPkifr3212!. A lot of places use your member ID as your UserID. There’s no way I’m able to remember all these, so I’ll let the browser remember them for me. For all of the sites in this category, I’ll let the browser or operating system remember my UserID and password.

The second kind of password is one where they have my credit card information. For these I never use a UserID that is visible on the web. They frequently use email addresses as UserIDs so it’s hard to get a secure UserID to use on these sites. For these sites, when I want to receive their spam I create an email account with their name as my email address. e.g. Sears@WellGolly.com or Amazon@WellGolly.com. I can filter their email and look at it from time to time. For sites where I don’t want to receive spam, I use NoSpam@WellGolly.com. This goes directly into the trash and I only look at it if I need to reset my password or go through a confirmation link to activate my UserID on the site. If you don’t have your own domain to play with, set up a free account at Google or Yahoo and use it only for registrations. The other benefit of this strategy is that if one of these sites is cracked, the crackers can’t use the email and password information from the cracked site on a different site.

I use the same strategy as above, just a different code word and number than the one for the throwaway sites. I let very few websites keep my credit card information—usually only places where I make frequent purchases. And by frequent, I really mean frequent—like weekly.

The third kind of password is for banks and credit card companies. Here I use a different code word for each account. That way, even if someone knows my strategy for choosing passwords, and my throwaway code word, there is no way they can guess the password. I’ll also use a number that is secure but that I’ll remember—like the number for the garage door opener or the security code for the alarm at the office. The codeword is something that is associated with the bank, like My password at Bank Of America might be, BOAcindr1875!#. I use these often enough that the codeword is easy to remember.

Banks are starting to use additional questions to verify your identity. Unfortunately, the questions they pick aren’t things I can remember. They used to ask things like mother’s maiden name and city where you were born. I know the answer to those kinds of questions. They’ve moved to questions that can’t be googled. One account wanted to know my favorite candy, color, and band. I won’t be able to remember what I told them so I’ll have to write the information down somewhere. On a Mac, you can use Keychain Access to create a secure note where you can write that stuff down. It’s a very bad idea to keep that information in a regular text file. If you don’t have a way to save it securely, then write it down on a piece of paper and store it somewhere secure.

Keychain Access (and other password managers) will let you test how easy it is for random crackers to crack your passwords. All of the passwords that are generated with these methods receive Excellent scores. You can get better scores by increasing the length of the password, and that might be something to consider.

For banks and credit cards, never ever let the browser or operating system save your id and password. If someone has access to your computer, then they have access to your accounts.

Update 2011-01-09: This article calculates the time required to hack a few common types of passwords. Dictionary words and random letters don’t take very long. A three word phrase takes basically forever. Add a few numbers and only the NSA is getting in.

Update 2011-07-18: The only secure password is the one you can’t remember. is an interesting read if you’d like to know more.

Downloading the NACO A/FD

NACO publishes terminal area charts and the Airport Facility Directory (A/FD—also known as the green book) and has an online version of the PDFs. The only obvious way to access them is through a map interface. The interface works fine for the terminal area charts but is broken for the A/FD. It’s been broken for years and they don’t seem to have the expertise to fix it. The code is a bit convoluted and it’s on my list of things to decipher and fix. However, in the mean time I’ve provided a table by state to access the PDFs. It is located on the Touring Machine site at this link. The page provides links to the PDFs that are located on the NACO site. The NACO site uses an XML file to determine the page in the AF/D for each airport. Since XML is a very structured format, it is fairly straightforward to parse the file and convert it to useable HTML. The exact methods I’m using are specific to this file but the general process works on any XML file.

The first step in the process is to read the XML file. The address is http://naco.faa.gov/afd/afd_17DEC2009.xml, where the date changes every 56 days. Your browser won’t display the xml, but if you view the source and save it you can begin working with it. The first couple of times through I used BBEdit to convert the XML to HTML tables. There aren’t too many steps, but it makes sense to automate the process. Any program that supports regular expressions could be used and I chose sed because I’m familiar with it. Make sure that the CR/LF setting is changed to Unix or Mac if you aren’t working on a Windows machine. Character encoding should probably be set to Western (ISO Latin 1), since that’s how it was originally encoded.

#### Script to convert NACO A/FD to HTML tables
## Remove the first five lines of XML and creator information
1,5d

## The opening and closing tags aren't needed
/.*airports>/d

## Make each state a header tag
s/<location state="/<h1>/

## Set up the table for each state
s/">/<\/h1>\
<table width="100%" border="1"><tr><th>Airport Name<\/th><th>
City Name<\/th><th>ID<\/th><th>Navaid<\/th><th>pdf<\/th><\/tr>/

## Location is the demarcation for each state.
## Close the table and put an End of State line for splitting
s/<\/location>/<\/table>\
EOS/g

## Open and close the row for each airport or navaid
s/<airport>/<tr>/
s/<\/airport>/<\/tr>/

## Replace each of the following with td> to open and close the columns
s/aptname>/td>/g
s/aptcity>/td>/g
s/aptid>/td>/g
s/navidname>/td>/g

##The pdf tags are replaced with a link
s/<pdf>/<td><a href="http:\/\/naco.faa.gov\/pdfs\//
s/<\/pdf>/">pdf<\/a><\/td>/

## Change Tabs to spaces
s/  /  /g

Run this code on the raw XML file and then split it at the EOS line. I use a script to do it.

#!/bin/bash
FILENAME=NACO_17DEC2009_
INDEX=1
while read
do
 if [[ "$REPLY" = "EOS" ]]
 then
  (( INDEX++ ))
 else
  echo "$REPLY" >> /Users/username/Desktop/DEC/$FILENAME$INDEX
 fi
done

You could modify it to take an argument but I just feed the input file to it.

./SplitNaco.sh < afd_17DEC2009.xml.html

You can download the scripts from here.

Things I can’t remember.

Linux Commands

I have one set of styles that I use for all of my sites. Rather than have dozens of copies that get out of synch, I use a symbolic link to the styles folder. To create a symbolic link to a folder use the ln command with the -s option. First CD to the directory where you want the new folder. The location of the folder you want to link to is first and the new folder that you are creating comes last.

ln -s /www/Styles/ Styles

For files, leave out the trailing slash.

ln -s /www/Styles/s_gray.css s_gray.css


tar
The following will tar and compress up the entire www tree and
put the archive file in your home directory (on the server).

cd /; tar -czvf ~/www.tgz www

Explanation:
cd / – change to root directory of the machine
; – separator for multiple commands on the same line
tar – tape archiver—the name is archaic, it’s the utility that compresses the data
-c – create new archive, write supplied files to it
-v – verbose – print out names of files as they are added to archive
-z – compress archive using gzip (gnutar only, as used on OS X)
-f ~/www.tgz – write output to file www.tgz in home directory
www – the file (or directory) to include in the archive, in this example www is in the root

To extract it again:

cd /where/you/want/it; tar -xzvf /path/to/www.tgz

will unarchive the www tree under the directory /where/you/want/it

Here’s how I tar up a MySql backup.


sudo tar -czvf mysql-backup.tar  mysql-backup.sql

Making URLs compliant

If you encode your pages as UTF-8, no BOM and include this


    <meta charset="utf-8">

line in your header to tell the browser how to interpret the text, you shouldn’t have any problems with displaying characters. However, if you read text from a database or have special characters in URLs then you may need to convert them. I use these two sites to look up the HTML codes for special characters.

HTML Characters

Special HTML Characters

Fixed Size Browser Window

We’re doing screen shots of sites we’ve designed and wanted to make each window the same size. A simple javascript bookmarklet lets us do that.

javascript:self.moveTo(0,0);self.resizeTo(1000,800); self.location="http://slipintoview.com/";

Constrain image to div

To keep an image from overflowing its box, constrain the width.

div#flow img {
  float: left;
  padding-right: 1em;
  padding-bottom: .5em;
  max-width: 100%;
}

Turning Off Google Analytics Site Overlay

When you first enter the site overlay you’ll notice that your URL has #gaso and a bunch of letters and numbers appended.

http://www.learningfundamentals.com/#gaso=z2mqTCUBAAlak123jdnkSSSG

The only way to turn off the overlay is to open Preferences and search for the gaso cookie. Delete it and you’re good to go.

Avoiding ISP redirects when a site is not found

I frequently mis-type a site name and instead of getting a browser error and quickly correcting my typing, I get a redirect to my ISPs spam page. Using Google for DNS lookup avoids that. Link.

Comparison Operators

PHP has a comparison operator that checks to see if the values being compared are of the same type. The operator is

$a === $b  Identical  TRUE if $a is equal to $b, and they are of the same type.

For example, I have a bunch of pages from the NACO Airport/Facility Directory (A/FD). They are saved as AFD_1.inc, AFD2.inc, etc. I want to check whether the $page variable contains AFD, and if it does then display the correct page. If no page is given, then display a spash page, and if a page is requested using the old style format (State abbreviatons), then indicate that they need to use the new format. If the page starts with AFD one of the string functions I can use to determing that is strpos. It returns the position of the first occurrence of the string and FALSE if it is not present. Now FALSE and 0 are the same value, but different types. So if I use the == comparison operator, it returns TRUE if the $page starts with AFD and returns TRUE if $page doesn’t start with AFD. However, if I use === then it works as expected since 0 and FALSE are different types.
This is what my code looks like: (WordPress has trouble with this so it’s commented.)

//  if(strpos($page, 'AFD') === 0) {
//    include("./AFD_17DEC2009/$page.inc");
//  } else if ($page == '') {
//  } else {
//    include("./Missing.inc");
//  }

Browser Size

Determining the appropriate display size for websites is fairly difficult. You don’t have any control over how users set up their browser windows so you have to guess how your site looks to visitors. I just found this tool from Google that lets you see you site is probably viewed. Google Labs. Type your site address into the text box at the top and you can see what percentage of visitors can see your site without scrolling, with vertical scrolling, and how many need to scroll horizontally.

Hiding Photoshop

When OSX started using Command-H to hide applications and Command-Tab to switch between open applications, I was ecstatic. However, Photoshop never adapted to the new behavior so typing Command-H does something else—I’m not sure what. It’s been a real annoyance for years. I looked all over the Photoshop Preferences and couldn’t find a way to change the behavior. I was reading a blog post today and found out that Adobe puts Keyboard Shortcuts in the ‘Edit’ menu. Select it and look for the Hide Photoshop section. In the shortcut field, hold down the Command Key and hit the H.

Turn off inline viewing of PDFs in Safari

I usually prefer to view PDFs in Preview rather than the Safari browser so I copied this command to the terminal. Sometimes, you need to view the PDF in Safari so you can submit it online. Change YES to NO and it turns the view feature back on. For some sites, you may also need to turn Adobe Acrobat back on.

defaults write com.apple.Safari WebKitOmitPDFSupport -bool YES

Embedded Fonts

Link

MooModernizr

This tool seems like it will come in handy. MooModernizr 1.1 tests the browser’s CSS3 and HTML5 capabilities. This by extending MooTools’ Browser. Features object with a variety of CSS3 and HTML5 features. It is a MooTools 1.2 port of Modernizr 1.1.

Clean up CSS for HTML Mail

Premailer

24 Ways

Lots of posts on web crafting. I reference a few frequently.

Rock Solid HTML Emails
Going Nuts with CSS Transitions
Working With RGBA Colour
Forms

Choose a random row from the MySQL database.

ORDER BY rand() LIMIT 1";