Henry Cipolla

In a move that will surprise anybody who knows me, I’ve installed Mac OSX 10.5.2 on a Dell PC I had sitting around my office. As a side note, I was shocked at how easy it is to achieve this. I did not run into a single problem and the entire process took less than two hours from deciding I wanted to do it to having a bootable Hackintosh.

One of the first things I did was set up Screen Sharing, the Mac equivalent of remote desktop. Screen sharing is just a Macified name for VNC server which ships with OS X which means that once the server is started any VNC client should be able to connect to it. The following are instructions on how to set up Screen Sharing and connect to it from a Linux box.

Setting up the Mac

1. On the Mac, Click on the Apple in the corner and launch System Preferences
2. From there click sharing
3. Click the check mark next to “Screen Sharing” this will start the VNC server.
   
4. In theory this is all you need to do. However many clients will fail with errors like “No matching Security Types” To get around this, enable vnc password-based authentication by clicking Computer Settings and clicking the checkbox next to: “VNC viewers may control screen with password:”.

Connecting from Linux
After following these instructions the Mac should be all set as a server. So any vnc client should be able to talk to it. On my Linux box I tried TightVNC and RealVNC:

• TightVNC: Worked by simply typing xtightvncviewer ip.of.mac.box. However, I found the performance pretty poor.
• RealVNC: The window updates slightly quicker than TightVNC, however by default it is unable to connect to the Mac because of a problem detecting the color settings of the vnc server. So the command line to use it is
  vncviewer FullColor=1 ip.of.mac.box

In order to make the experience more palatable I recommend changing your background to a solid color. This will make a significant difference in usability. If you are using the box only as a vnc server I would also recommend changing the number of colors to as small a number as you are willing to deal with.

Share This

It has been a little while since I’ve written anything. Hopefully all 0 of my loyal fans will look past this slight hiatus and continue to adore me. Obviously the bulk of my time has been taken up by my quest to start a successful software company with Andrew. While we have done quite a bit of coding over the last month, our greatest achievement to date is how far we have come in terms of understanding our goals and the roadmap to them. Last night Andrew said: “this is the first time I’ve felt like I understand our plan well enough to write a very strong business plan” which I think speaks a lot for our growth in this area.

I also want to use this space to be amused. You have probably seen this already, but Apple is attacking New York city for their use of an apple in their ‘GreenNYC’ initiative to promote recycling. I find myself constantly in the company of diehard Apple fans who enjoyed pointing out all the bad/silly/unreasonable things Microsoft would do while I worked for them. Well fortunately, suing the Big Apple for copyright infringement isn’t one of them.

Share This

Like all things with Facebook Platform API, creating infinite sessions is really easy. However, there seems to be a lot of confusion and misinformation on the web about how this works. Part of this could be the fault of Facebook’s documentation. They provide a pretty good explanation of the authentication process but then the example they suggest (which is otherwise really good) relies on this line:
$facebook->set_user($user, $key);
which calls set_user() which is not referenced anywhere else that I could find in their documentation.

For some reason, people see all of this and get it in their head that the way to create an infinite session is to do the following:

1. Send the user to www.facebook.com/login.php?api_key=key&ver=1.0
2. Take the value that gets sent to the callback as the auth_token parameter and save it
3. Call auth.getSession with this value
4. Expect this to create an infinite session
5. Instead get back error 100 “Invalid parameter” from the call to auth.getSession
6. Write about it on the Facebook Developer’s Wiki, open bogus bugs in the Facebook bug database, and post horribly wrong things to Google Groups.

Where does the temptation to call auth.getSession come from and why are people using the auth_token when the documentation and examples clearly say you need to get the user’s session key? I tried looking to see if there was an example or tutorial somewhere that I missed that suggested this but I could not find it.

Either way, this process will yield significantly better results:

1. Create a page which asks the user to login. You do this by directing them to the login URL: http://login.facebook.com/login.php?api_key=&v=1.0
2. Make sure the api_key points to a valid callback page.
3. In the callback page, get the USER’S SESSION KEY AND SAVE IT. Php Example:
   $key = $facebook->api_client->session_key;
4. This is your infinite session key for this user. Store this along with their UID.
5. Whenever you want to become that user, simply call
   $facebook->set_user($uid, $key);
6. Instant infinite session.

Hopefully some confused people find this and it saves them some time and it keeps the number of bogus bugs in the Facebook database down. :)

Share This

It’s been two weeks in Boston working on the startup and we are beginning to have a routine. As part of this I am going to make an effort to post weekly (ish) about what we are doing so that when all is said and done I have an entertaining log of the process.

This week Andrew and I met up with the founders of Pandemic Labs, a startup that began in the same town that I am from. They have been at this for much longer than we have so it was extremely helpful to hear what they had to say. This was an extremely encouraging meetup for me because I got to see people who had been doing this for awhile and were still passionate and happy about it.

On the topic of meetups, Andrew and I have been looking into all of the Boston area networking events that we think will be helpful for us. We have found a lot of results by searching on meetup.com. There is at least one event every week and they are all low cost which is important. The Pandemic Labs founders also recommended that we check out MITX which sounds like a very valuable resource. Finally, we are also expecting to get a lot of value out of SCORE because their name comes up a lot when talking to veterans of the startup game.

So it’s still too early to really tell anything, but the energy is good and we are moving in what feels like the right direction!

Share This

Work has begun in earnest on our business. Andrew and I are both in Boston now and we have places to work and to meet. We have a roadmap for our business and are exploring the different technologies we intend to use for this phase of our idea. I am enjoying this part and look forward to having a working prototype to show people.

One of the things we are doing right now that I thought was particularly interesting is drafting a partnership agreement. This is interesting because it raises all sorts of good questions about things I had never bothered to think about. For example, what happens if I die?

Unfortunately everything is still a bit of a secret but I’m hoping that soon I can talk about the idea and share our vision.

Share This

Well everybody is talking about Cloverfield so I guess I should put my two cents in. You have probably heard the usual praises and complaints so I’ll pick something different. Stop reading here if you have not seen the movie.

I thought it was lame that Hud (the cameraman)’s last moments were spent staring at the monster up close. This demystified the monster because it gave the longest shot of it for the entire movie and it makes the monster look smaller and less terrifying than previous shots where it is surviving bombs and destroying bridges.

Also, one other observation a friend of mine made: At one point a building has collapsed into another building. They climbed up to the 57th(ish) floor of the building that was still standing and from there walked across to the roof of the collapsed building. They then immediately went into a room on the 39th floor that had their injured friend. At no time after getting into the second building did they enter any stairs. So, how is it possible for a building to fall over in such a way that the 39th floor is at the same height as the 57th?

And finally, why did their helicopter have to fly so close to the monster? Seems like risky business to me.

Share This

One of the things I particularly enjoyed about working at Microsoft’s main campus was having my own office. The company has a lot of space and most of their engineers have an office to themselves. Now I am no longer with the company, so no more office. Instead, I have a ‘home office’ (small bedroom with a desk in it) which I’m very excited about. Here is the virtual tour:

Because I obviously work a lot, I like to leave a laptop in the bedroom in case I have a quick task and don’t feel like trucking my behind into the office… All jokes aside, I am really happy with my setup. It’s another step towards achieving the lifestyle that I want.

Share This

As I mentioned before, I moved across the country in a Uhaul. Naturally, I couldn’t just return the Uhaul when I was done with it without first finding some way to abuse it. After talking with Clint we decided to do a burnout in my Miata, which was inside it, while it was driving down the street. See the video.

Share This

Here we have another example of Slashdot taking non-news, making it sound very sensational, giving it some anti-Microsoft spin, and then passing it off as something newsworthy. Could you imagine how horribly skewed your perception of the world would be if you took every story and description on Slashdot as truth? Today’s example:

Boot Record Rootkit Threatens Vista, XP, NT
Paul sends us word on a new exploit seen in the wild that attacks Windows systems completely outside of the control of the OS. “Unfortunately, all the Windows NT family (including Vista) still have the same security flaw — MBR [Master Boot Record] can be modified from usermode. Nevertheless, MS blocked write-access to disk sectors from userland code on VISTA after the pagefile attack, however, the first sectors of disk are still unprotected… At the end of 2007 stealth MBR rootkit was discovered by MR Team members (thanks to Tammy & MJ) and it looks like this way of affecting NT systems could be more common in near future if MBR stays unprotected.”

ZOMG?!?!, all Windows machines are vulnerable to this new attack because stupid Microsoft made the MBR writable from usermode! Unfortunately for all the sensationalists out there, this is completely and utterly wrong for the following reasons:

1. You need admin privileges to do this. In which case you can delete all users on the box, format the hard drive, or install a more classic virus. This is no different than having root on a *nix machine.
2. You can do this from any operating system that allows raw access to the disk. That means that almost all operating systems, including Linux, Mac OS, BeOS, etc., are ‘vulnerable’.
3. Without this ability updating the MBR would require a reboot.
4. This isn’t even new. Blue Pill can do this and significantly cooler stuff.

Hey Slashdot, MS-DOS 1.1 called. They want their news story back.

Share This

Well, tomorrow begins my last week at Microsoft, and considering my general disregard for ‘normal’ schedules, I feel it is fitting that my last week would begin on a Wednesday and end on a Tuesday. In the spirit of these last days I am sharing a relevant quote from The 33 Strategies of War by Robert Greene, an author I have a profound interest in:

You are your own worst enemy. You waste precious time dreaming of the future instead of engaging in the present. Since nothing seems urgent to you, you are only half involved in what you do. The only way to change is through action and outside pressure. Put yourself in situations where you have too much at stake to waste time or resources - if you cannot afford to lose, you won’t. Cut your ties to the past; enter unknown territory where you must depend on your wits and energy to see you through. Place yourself on “death ground,” where your back is against the wall and you have to fight like hell to get out alive.

After this week I am taking two weeks to myself and then I hope to begin writing about my new venture in earnest.

Share This