Wikipedia:Reference desk/Archives/Computing/2011 March 5

Computing desk
< March 4	<< Feb | March | Apr >>	March 6 >

Welcome to the Wikipedia Computing Reference Desk Archives
The page you are currently viewing is an archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages.

March 5

Computer start-up problem

Vista Software. When starting up, get, "HTLDR", with instructions to press any key. When pressing any key, get repeat instructions. Usually have to do hard shut down and restart.Easyed7wp (talk) 08:03, 5 March 2011 (UTC)

Are you sure it isn't NTLDR? Mo ainm~Talk 11:07, 5 March 2011 (UTC)

It must say something about NTLDR as well. I doubt it just says "NTLDR. Press any key." The message may not mean anything to you, but it would mean something to me. In any case, whether the message is "NTLDR not found" or "NTLDR is compressed" or something else, you probably will need to start up a Vista recovery environment and select the "repair" option. The details of how to do this depend very much on what type of computer you have. You may want to contact the computer manufacturer for help. -- BenRG (talk) 11:24, 5 March 2011 (UTC)

Endless Ocean:Blue World

Any sources that players have ten minutes to escape, not less? Us441(talk)(contribs) 12:04, 5 March 2011 (UTC)

Website help

I'm trying to make a registration page where the user types in their name etc and if all is good he is registered however I am not sure how to do the following: if something is not right (e.g. he types in the password twice and they do not match) I want the form to reload the registration page but with certain data which would indicate what was wrong so that when it is reloaded I can for example put an * beside the fields where errors were detected. I think I can write the code to indicate and later determine what fields are wrong. I just dont know how to get the page to reload itself with this data. —Preceding unsigned comment added by 130.88.197.134 (talk) 12:41, 5 March 2011 (UTC)

What platform and languages are you using? This is pretty standard stuff for form-handling in web applications, and there's probably plenty of sample code around in books and online. AndrewWTaylor (talk) 13:53, 5 March 2011 (UTC)

PHP and MySQL —Preceding unsigned comment added by 130.88.197.134 (talk) 13:56, 5 March 2011 (UTC)

In PHP, a very simple way is to have one login form that sends the POST password data to itself. At the top of the page you have code that says, "Have I been sent a password?" and if the answer is true, and the password is valid, it redirects you to the actual content pages (and sets a cookie, or whatever means you are using to determine that a user is really logged in). If a password has not been sent, it loads the "enter your password" screen. If a password has been sent, but it is invalid, it loads the "enter your password" screen again but says, "hey, your password was wrong" at the top of it. Does that make sense? A more advanced way is that each page that has a "login" link sends a variable to the "login" page which then tells that login page where to redirect back again when it is done. --Mr.98 (talk) 23:32, 5 March 2011 (UTC)

One more note. If this is just for fun, for learning, go ahead and re-invent the wheel. If this is at all something you'd be unhappy if someone broke your security, consider using a pre-existing script. User authentication is one of those areas where do-it-yourself approach, as a novice programmer, will leave huge security holes, without realizing it, just because you don't have enough experience with practical computer security. That's no reason not to play with it. But if this is for something of great importance, try to find a pre-existing script that has things like encryption of sent passwords, clever authentication schemes, hashed and salted user passwords, protection against SQL injection attacks, etc. --Mr.98 (talk) 23:38, 5 March 2011 (UTC)

Free Random Number Generator

Resolved

Are there any free (downloadable) random number generators that will emulate the rolls of the types of dice that are typically associated with roleplaying games or tabletop wargaming, such as D4, D6, D8, D10, D12, and D20? I am looking for something exactly like this but downloadable and usable offline. Cheers. --KägeTorä - (影虎) (TALK) 15:23, 5 March 2011 (UTC)

Whoops! ;) --KägeTorä - (影虎) (TALK) 15:28, 5 March 2011 (UTC)

REBOL

A question yesterday drew my attention to a page about REBOL.

http://www.re-bol.com/rebol.html

Quoting from the introduction: "REBOL is a uniquely small and productive development tool that can be used to create powerful desktop software, dynamic CGI web site and server applications, rich distributed browser plugin applications, mobile apps,.....(It can) replace many common tools such as Java, Python, Visual Basic, C, C++, PHP, Perl, Ruby, Javascript, toolkits such as wxWidgets, graphic/multimedia platforms such as Flash, DBMSs such as Access, MySQL, and SQLite, (etc).......REBOL is ultra compact. Its uncompressed file size is about 1/2 Meg on most platforms."

This seems to me to be an extraordinary claim. Please will an editor familiar with REBOL comment on the claim?

Thanks, Wanderer57 (talk) 17:49, 5 March 2011 (UTC)

Technically, Assembly language can replace all of those things too and have a micro-sized compiler; it's a question of how much work you want to do. REBOL seems like a language that is meant to be extremely extensible. So yes, if you have lots of libraries that handle all of those specific things, it can probably do fine. But the same can be said of C and C++, as well. There are, for example, libraries for REBOL which allow you to programmatically construct Flash SWFs. It's not the same thing as using Adobe Flash at all in terms of development environment, but it can create similar output (e.g. a SWF file that your Flash plugin can display). My understanding is that this is all the above is supposed to mean. There are similar libraries for PHP, for example. I don't think it's an extraordinary claim, unless you interpret it as saying that REBOL is, out of the box, a replacement for all of the different development environments that are often associated with those things above, which it is not. REBOL can do databases, if you are willing to reprogram your database program in REBOL; that's not the same thing as saying, "now you can toss Microsoft Access out the window, if that's what you use." --Mr.98 (talk) 18:35, 5 March 2011 (UTC)

Thank you. Here is another quote from the same source: "REBOL is easy enough for absolute beginners and average computer users to operate immediately, but powerful and rich enough for a wide variety of complex professional work"

My sense is that a product with all the capability described above, and contained in a 1/2 Meg file cannot possibly be easy enough to be used by absolute beginners, or even average computer users. Comment please. Wanderer57 (talk) 00:25, 6 March 2011 (UTC)

The appeal to me as someone at beginner level is that you can quickly get it to do things, including interacting with the internet, in just a few words of code without having to write pages and pages of as with other languages. Examplers at http://www.rebol.com/oneliners.html 92.15.18.16 (talk) 15:30, 6 March 2011 (UTC)

If you're going to repost the same text you did last time, you might as well just link to the discussion where I addressed the "pages and pages" point. --Tardis (talk) 04:08, 7 March 2011 (UTC)

You expect everyone or anyone to remember something from eighteen months ago? I still prefer to just write "print read myurl" rather than pages and pages. 92.29.124.221 (talk) 11:39, 7 March 2011 (UTC)

Well, I think what Tardis said last time was that in Python it's print(urlopen(myurl).read()), or words to that effect. -- BenRG (talk) 19:44, 8 March 2011 (UTC)

Well, one of the advantages of being highly extensible is that you can have very complicated things abstracted in a very easy way, providing the library is already written to do so. So that's possible. They're not including the libraries in that half-meg definition, I'm betting; that's probably just the core functions. So it's possible. I think a literal interpretation of what they're saying is probably right — an "absolute beginning" can probably use it immediately, though they aren't claiming that the "absolute beginning" will be able to do more than print "hello world," are they? --Mr.98 (talk) 00:25, 7 March 2011 (UTC)

What libraries? Perhaps people have become acustomed to bloatware as normal. For example Sumatra PDF is said to be about 1% of the deployed size of Adobe, and I know of a perfectly good Windows spreadsheet that is 490kb - not sure haw many hundreds of MB Excel is. I was going to ask a question as to why some programs are 100 times bigger than others yet do little more. 92.29.124.221 (talk) 11:45, 7 March 2011 (UTC)

For what it's worth, see this old thread where I talked about some of the reasons for software bloat, without necessarily endorsing it. -- BenRG (talk) 19:44, 8 March 2011 (UTC)

OpenOffice Calc autocorrection madness

I'm going nuts with OpenOffice trying to DWIM and not letting me override it to do what I really mean. There might be one or two things going on, which may be combining to do a third thing. (And these behaviors seem to be something OpenOffice copies from Microsoft Excel.)

1. If I type a word into a cell and hit ENTER (or the green check icon), it gets automatically capitalized. If I notice this in time, I can sometimes override it.
2. If I type a few letters into a cell that are a prefix of an entry I've made into any other cell in that column, it assumes I'm typing that word again, and autoexpands it. Again, if I notice this in time, I can usually override it. (And this behavior can be quite convenient -- except when it's not.)
3. However, there's some variant or combination of these two effects that is proving impossible to override. I've got three cells currently containing:

Minor 1

minor 2

Minor 3

No matter what I do, I can't seem to decapitalize the first and third ones; it always recapitalizes them for me.

There are a few configurable preferences under Tools/Options which look like they might have something to do with this, but turning them off doesn't seem to help.

This is with OpenOffice 2.4 on a Mac, if it matters. —Steve Summit (talk) 18:01, 5 March 2011 (UTC)

Aha. I've partially figured this out. It's looking at the whole column, and if there's an extant value anywhere that's "close enough" to what I'm trying to type, it insists on making them match exactly. My actual scenario was more like this:

	A
1	Minor 1
2	minor 2
3	Minor 3
4
5	Minor 1
6	minor 2
7	Minor 3

I can't edit cell A1 to make it "minor 1", because OpenOffice notices that A5 contains "Minor 1", so it insists on making A1 match. But if I temporarily change A5 to "xMinor 1", then I can change A1 to "minor 1", and then I can change A5 to "minor 1", too.

(Alternatively, I could have temporarily changed A1 to something else, and properly fixed A5 first. But as long as there's a "Minor 1" anywhere in the column, it seems to be impossible to change any of them to "minor 1". I'm reminded of the saga of Robin Hood and Friar Tuck.)

Although I've got a workaround, I'd still like to know how to turn this behavior off. —Steve Summit (talk) 18:21, 5 March 2011 (UTC)

Does this help? --Mr.98 (talk) 23:27, 5 March 2011 (UTC)

I hadn't known of that dialog -- so thanks -- but no, even after turning off all of those options, I'm still seeing the problematic behavior. —Steve Summit (talk) 13:28, 6 March 2011 (UTC)

You might try posting on the OO.org forums, then. It sounds like a bug of sorts. "Autocorrect not disabling." (I loathe OO.org for its idiotic aping of idiotic Excel. I am sympathetic to your plight.) --Mr.98 (talk) 14:37, 6 March 2011 (UTC)

As a workaround, I have used a single quote -- ' -- as a leading character in a cell where I need the capitalization to be different. That doesn't show up in the cell - usually it's used to prefix a number that you want to show up as text - and it does what I want. It's not ideal, but I too got tired of OO.o trying to help me. --LarryMac | Talk 13:55, 7 March 2011 (UTC)

Thanks, guys.

It probably was a bug. My copy of OpenOffice is pretty old. I tried it with a newer copy of NeoOffice, and didn't have nearly so many problems.

The leading single quote trick is good to know. (Shouldn't be so necessary, but good to know.) Thanks. —Steve Summit (talk) 11:03, 9 March 2011 (UTC)

Random pool for encryption

When you create a new volume with True Crypt, it has you move your mouse around in its window in order to seed a random number pool. The window says that the longer you move your mouse around, the more you significantly improve the quality of the encryption.

Now I buy that having good random numbers is useful, and that the idiosyncratic moving of the mouse can act as that. But surely there is a cap on how much it can help the encryption? What's the low-end on that? I mean, if I move it for 10 seconds, is that really much worse than 20 seconds, or that much better than 5 seconds? Obviously not moving the mouse at all would introduce no new randomness and so a potentially attacker could, I guess, try to crack it based on guessing my computer's clock conditions or whatever. But how much "randomness" needs to be added to make it secure? What is overkill? --Mr.98 (talk) 19:11, 5 March 2011 (UTC)

You need to harvest enough entropy for the full key size of your cryptosystem; how long that is depends on which cipher you're asking TrueCrypt to use; Advanced Encryption Standard supports a key up to 256 bits. Windows and Linux harvest entropy from a variety of sources, but user input does seem to be particularly fecund (it's a wobbly fleshy person rather than a beautifully engineered chunk of spinning metal). If you're on Linux, try this command dd if=/dev/random bs=16 | hexdump -C and wobble the mouse around to see entropy being harvested. Beyond the key size, it shouldn't be necessary to have any more entropy, but these entropy generators kinda guess how entropic their input is, so a bit extra isn't a bad idea. As with all cryptography, you have to worry that some future analysis will uncover that the entropy measure wasn't sufficiently conservative. So you have to weigh your own paranoia, and consider the relative costs of a few seconds more mousewaggling vs. the (possible, maybe) future diminution of the level of security you thought you had. -- Finlay McWalter ☻ Talk 20:33, 5 March 2011 (UTC)

I don't think you need that much. 128 bits of entropy is plenty, unless you're paranoid about quantum computation, in which case 256 bits is plenty. TrueCrypt keys are 512–1536 bits long (XTS requires two block cipher keys). But that key protects the entire volume. If you're not worried about deriving (size of the volume in bits) bits from 512 bits then there's no reason to worry about deriving 512 bits from 128. -- BenRG (talk) 21:33, 5 March 2011 (UTC)

Beautifully engineered chunks of spinning metal (i.e. hard disk drives) are good sources of entropy because of chaotic air motion inside the drive enclosure affecting data timing. See: Don Davis, Ross Ihaka, and Philip Fenstermacher, "Cryptographic Randomness from Air Turbulence in Disk Drives", Crypto 1994.[1] —Preceding unsigned comment added by 71.141.88.54 (talk) 22:08, 5 March 2011 (UTC)

Two points about Truecrypt's entropy generation (I haven't reviewed the code, just things I've noticed: 1) it will update the random pool even if you don't move the mouse so it's polling from somewhere other than just the mouse; 2) most random sources use some sort of mixing method or possibly whitening to help correct for any bias. This has a little bit more detail about bit sequence whitening. Adding more is never bad though as it won't make the sequence any less random.

My guess is the only really satisfying answer to your original question is to look at the code itself and see how large the input sequence needs to be for the particular mixing function they're using. Then you also have to consider the inherent entropy in mouse movement. That's something I've wondered about too. I found a few papers on the subject at google scholar but many are behind a paywall. Shadowjams (talk) 21:34, 7 March 2011 (UTC)

I looked at the source (version 7.0a). Every time the window gets a mouse or keyboard message, the associated data is tossed into the pool; occasionally some networking and disk statistics are added; and there's a thread that wakes up twice a second and tosses a bunch of other stuff in, some of it completely useless (such as the return value of GetCurrentProcess, which is always -1). More usefully, it tosses in 320 bytes (that's 5120 bits per second) from CryptGenRandom, although the actual entropy of this is probably much lower because CryptGenRandom doesn't update its pool very often. At least in the case of TrueCrypt Format, all this data gathering begins when the wizard first opens, and so it has been going on for a while before you get to the page that shows the pool. My general feeling is that there's no reason to spend any time on that page. Just click Next. -- BenRG (talk) 08:35, 8 March 2011 (UTC)

I should probably add that the rate at which the pool appears to change has little to do with how much useful entropy is in it. It gets mixed once for every 128 bits that are added, but many of those bits have little entropy or none whatsoever (such as the aforementioned GetCurrentProcess result). The code makes no attempt to track how much real entropy is available, which is why TrueCrypt never tells you that it's got enough. Every mouse movement adds 32 bits and probably has one bit of entropy at least, so you should be fine after... let's see... 32 visible updates due to mouse movement. -- BenRG (talk) 20:16, 8 March 2011 (UTC)