Using beamer with lucimatx

hacks, open source, friends, research, usability, education

I'm done with PowerPoint. It's just stupid.

Instead, I'll do my talks in LaTeX with the beamer presentation class. This allows me to use familiar LaTeX markup and build a PDF slide presentation that I can then use in any PDF viewer with a full-screen slide mode (like, Adobe Reader, etc.). For the record, I owe this decision to Philip and Eric.

Ping, in turn, got me into Lucida fonts. I really like the lucimatx package from PCTeX; this package provides a lucida font family that is just gorgeous (here's a recent example: "On the Margin: The effects of introducing or swapping votes on election margins").

Unfortunately, there's a conflict between beamer and lucimatx.1 beamer loads the amssymb package by default to provide math fonts. In that package \digamma is defined and lucimatx attempts to define \digamma also, resulting in a conflict and the following error:

! LaTeX Error: Command \digamma already defined.
               Or name \end... illegal, see p.192 of the manual.

It's pretty easy to fix this error by redefining the \digamma command before loading lucimatx2:


The first line redefines \digamma and the second loads our lucimatx font package. The redefinition uses the TeX command \let to redefine \digamma as the LaTeX command \relax. \relax does nothing, so we're essentially redefining \digamma as nothing, so that lucimatx can do what it wants with it.

With that, it just works.

1 I found this explanation here.
2 I got this idea from this post (in German).

Setting up WireShark on Mac OS X

hacks, open source, chilling effects

I've been playing around with network traces and recently installed Wireshark (formerly Ethereal) which is a packet-capture tool that captures all the traffic across a network. (More from Wikipedia here.)

I had a bit of difficulty getting it up and running. Here is what I did:

  1. Download the DMG from Unpack it.

  2. Move to /Applications/ and copy all the executables in the Utilities/ directory in the DMG to a place in your PATH, like /usr/local/bin/. (If you're running as a non-admin user, you'll have to authenticate as an admin to do this.)

  3. Now, anything in /dev/bpf* needs to be both readable and writable by the admin group in order to run Wireshark. Unfortunately, we have to set these permissions during system start-up. The "Read me first.rtf" file in the Wireshark DMG explains how to copy over a start-up item that will handle this:

    The Utilties/ChmodBPF folder [on the DMG], contains the ChmodBPF startup item from the libpcap distribution. This can be used to set the permissions of /dev/bpf* when your system starts up. See Utilties/ChmodBPF/README.macosx for more details.

    Copy the entire ChmodBPF folder to /Library/StartupItems. (again, if you're running as a non-admin, you'll have to authenticate as one to copy this over. In fact, Mac OS will probably ask you to "fix" this startup item and reboot after you reboot the first time after this.)

  4. At this point, you might think you can reboot and fire up Wireshark. Go for it; see what happens. However...

  5. When you first start Wireshark you'll probably get an error that says something like:

    The following errors were found while loading the MIBS:
    -:0 1 module-not-found failed to locate MIB module `IP-MIB'

    The key here is that Wireshark is looking for some stuff, and can't find it. After consulting this Wireshark bug thread, the solution seems to be simple:

    1. In Wireshark, open the Preferences ("Edit" -> "Preferences").
    2. Click on the "Name Resolution" tab.
    3. Click on "Edit" next to the entry for "SMI (MIB and PIB) paths".
    4. Click "New" and put /usr/share/snmp/mibs/ in there.
    5. Click "Ok" until Preferences is closed. Restart Wireshark.

    The error above should now be gone.

  6. Now, if you're running as an admin user: first, shame on you, punk! Second, you'll probably see a list of network interfaces in Wireshark in the "Interface List". That's good and you're ready to start capturing packets.

    However, if you don't see any available interfaces, you're probably running as a non-admin. If you plan on running as a non-admin when you use Wireshark in the future, you need to make one more change. The problem here is that the ChmodBPF start-up item we installed earlier (that changes permissions on /dev/bpf*) only works for users in the admin group. So, we need a way of allowing the user you're running as to at least read stuff in /dev/bpf*.

    A simple solution, and you can do this to check and see if you can capture with this change is to simply do sudo chmod o+r /dev/bpf*. That works, but it allows any user on your machine to sniff packets. A better solution is to just add a line to the ChmodBPF script to chown (change the owner of) those things to the user you want to run as:

    1. Open the ChmodBPF script, which is located in /Library/StartupItems/ChmodBPF/ChmodBPF, in a text editor.
    2. Add a chown line so that the file looks like this:

               chgrp admin /dev/bpf*
               chmod g+rw /dev/bpf*
               chown foobar:admin /dev/bpf*

      But replace foobar here with the user you want to run Wireshark under.

    3. Save the file.

  7. If you're doing a fresh Wireshark install on Snow Leopard (Mac OS X 10.6), it appears that the ownership of the ChmodBPF files needs to be changed. So, fire up the terminal and do the following:

    cd /Library/StartupItems
    sudo chown -R root:wheel ChmodBPF

After all of this, you should be able to capture network traces and such.

UPDATE [2009-11-11T06:36:32]: Added step 7 thanks to commentor Vi and Nick Kleinschmidt.

EVT/WOTE 2009 Update

elections, hacks, news, secrecy, privacy, friends, research, policy, usability

I'm excited to announce that we have the following confirmed invited talks for EVT/WOTE 2009:

  • Keynote: Larry Norden, NYU Brennan Center
  • Invited Talk: Hon. Rush Holt, NJ-12 U.S. Representative
  • Invited Talk: Ben Adida, Harvard Unviersity, "Voting Cryptography Tutorial for Non-Cryptographers"

In addition to 19 the dynamite technical papers, we will also have:

  • A rump session consisting of presentations that run the gamut: from work in progress to humor and artistic takes on election issues (chaired by Eric Rescorla)
  • A demo session consisting of prototype voting systems (and others)

Hope to see many there:

Upgrading to iPhone 3.0


As I've detailed before, it's a bit of a pain in the butt to upgrade a jailbroken, unlocked iPhone (I have the 2G original iPhone). (Warning, I'd advise using these directions instead of those just linked to. I believe these to be superior.)

I hoped that AptBackup would help ease a bit of the pain... AptBackup saves a list of Cydia applications (applications that run on jailbroken iPhones) to a place that iTunes can back it up. The idea being that you restore from iTunes, restore from AptBackup and at least all your old programs are there. No dice. I don't think AptBackup works with iPhone OS 3.0. Anyway, it didn't seem to for me. (A friend pointed to this article which tells which files to copy via SSH from your iPhone once you've told AptBackup to "back up". This is handy if AptBackup barfs and you need to SSH in and copy these files back.)

Here's how I upgraded my 2G iPhone:

  1. Had iTunes download, but not install, the iPhone OS 3.0 ipsw file.
  2. I wrote down all the Cydia apps I had installed by starting Cydia and hitting the "manage" tab. As updating the FW removes any Cydia applications, you'll need to add these back one by one. (My list is below.)
  3. Used PwnageTool 3.0 to create a customized version of the 3.0 ipsw file. Saved this file to someplace where I can find it.
  4. Put the iPhone in DFU mode (or recovery mode?). I can never get this right. But I found a way to get it right every time: With your iPhone connected to your Mac, close iTunes and then open PwnageTool (you might have to close and re-open it). See that it has a tab labeled "DFU"? Click on that. This will walk you through how to put your iPhone in DFU mode. Close PwnageTool. (A friend told me that if your iphone is unlocked, you can use recovery mode instead... to get into that disconnect the iPhone, hold the home button while connecting it to USB.)
  5. Open iTunes and it will notice the iPhone is in recovery mode. Option-click "Restore" and navigate to the ipsw file you created with PwnageTool. Let iTunes restore from the new firmware and re-sync. (takes a long time)
  6. Re-install all the Cydia apps, one-by-one, from the list made above.
  7. If you're on T-Mobile like me, in order to use the EDGE Data Network, you'll have to go to Settings -> General -> Network -> Cellular Data Network and put in in for "APN" (or if you have T-Mobile's Total Internet package.).
  8. If you've purchased Snapture (a campera app), you'll probably have to download SBSettings from the iPhone and reset the user directory permissions on your phone (more here). Later: Actually, I can't seem to get Snapture to work. Looks like Snapture Labs will have an updated binary "within hours". Even Later: If you're having a problem deleting old pics and taking new ones, use MobileTerminal or ssh into your phone and delete any directory like 100APPLE or 999APPLE from /private/var/mobile/Media/DCIM/. (see here)
  9. Via Terminal, you should change the passwords on the root and mobile users from the default of alpine for both (in the last firmware, mobile's password was dottie, but not anymore.
  10. If you've setup Cycorder to save videos to a directory in your Air Sharing directory tree (e.g., a la this post), you'll have to re-establish that symbolic link. (Tip: make sure the target directory exits and is chowned to mobile:mobile.)

Dude, ForceHTTPS

hacks, privacy, friends, policy, education

There's been quite a bit of attention (EFF, NYT, BBC) paid to the letter to Google from 38 security experts requesting that they make HTTPS the default for their cloud computing services (GMail, Google Docs, Calendar, etc.).

The simple and somewhat neglected answer to this is a recent solution developed by the Stanford Web Security Group: ForceHTTPS. (The associated academic paper from Jackson and Barth is here.)

ForceHTTPS is a FireFox browser plugin that ensures that all connections to Google services use SSL and HTTPS. Additionally, it ensures that your Google cookie never gets sent when you perform a Google search, which is the only part of Google's services stack that does not support SSL. (It also forces HTTPS for PayPal, American Express, Bank of America, Chase, and Fidelity.)

So, take matters into your own hands and use it!

Contact / Help. (cc) 2020 by Joseph Hall. blog software / hosting.
Design & icons by N.Design Studio. Skin by Tender Feelings / Evo Factory.
And a few words about the structure of the eye . Everyone " retina ". Especially often we hear it buy clomid online in the phrase " retinal detachment ." So what is the retina ? This - the front edge of the brain, the most distant from the brain part of the visual analyzer. The retina receives light first , processes and transforms light energy into irritation - a signal that encodes all the information about what the eye sees . The retina is very complex and in their structure and function . Its structure resembles the structure of the cerebral cortex. The shell of the retina is very thin - about 0.14 mm.