Luke’s Notebook

So to follow up on that rather random post, I’m going to try to make sense of it here.

The basic idea I was attempting to get across is that with MD5, it isn’t possible to know what the password is, but it is possible to determine whether or not a given password is correct. So there’s no telling just what exactly the right answer would look like, but the program will recognize it when it sees it.

To me, this is almost exactly how I would describe my approach to searching for the right kind of girl. “Searching” isn’t exactly the most accurate word, but I think you’ll understand what I’m getting at here. I’m sure I am not the only single guy who is kind of keeping an ear to the ground, kind of wondering if I’ll cross paths with that special girl.

When somebody asks me just what I am looking for in a wife, I have a difficult time being terribly specific. I mean, I definitely have some important qualities that I look for, but there’s a lot that I am unable to say. For instance, if I was able to design the perfect wife, I doubt I would be very good at it. The main reason being that I don’t even know what I want/need, by and large.

I just don’t know what combination of traits, talents, weaknesses, and personalities that would be the best fit. Would it be best to have a wife who is ultra-outgoing? Or maybe somebody who is artistic? A neat freak? A math wiz?

I would just have no clue what the smartest choices would be. If I tend to be analytical, would it be best to find a girl who likes to think things over so much? Or would it actually be a better dynamic if she was more of a free spirit?

While I really think I would do an awful job of giving a description of my dream girl, I will say this — I’m pretty sure I’ll know her when I see her. Not literally, I don’t think, but something will just “click.”

Over the years, I’ve been interested in my fair share of girls — some more so than others. Sometimes, I’ll be extremely impressed with a girl, she’ll seem to have a lot going for her, will be very sweet and attractive, but… just something doesn’t match up. Oftentimes, it’s hard to pinpoint. It’s not like I can say that something is even wrong, per se.

Getting back to the whole MD5 concept for a minute. It would be as if all of these girls have their own unique number associated with them. Everything that they are — their strengths, weaknesses, likes, dislikes, personality — everything that makes them them — comes out to this unique number. And while I’m not able to know WHAT the “right” number is that I’m looking for, I am able to tell when a certain number just doesn’t work.

So in a lot of cases, there won’t be a match, and I won’t even know why. Things might look perfect on paper, but for whatever reason, it’s just not the perfect fit.

It’s never been a matter of finding the “perfect” girl, so to speak, since I’m not a perfect guy. The goal is to find the perfect fit, where I’ll complement her beautifully and vice versa.

Every now and then, I will run across a girl, and something will just seem to click. I can’t explain it, except to say it’s like everything that she is seems to generate that number that I’m looking for. Even though I can’t really describe what exactly it is that I’m looking for, I just know that something about her is what I’m after.

Now that I think about this MD5 thing a little more, it’s surprisingly hard to turn it into a relevant analogy. I mean, I have a pretty clear idea of how it’s applicable, but I’m afraid it’s an awful abstract (and geeky!) parallel to try to draw.

Nevertheless, it makes sense in my head, if not typed out. In short, I tend to recognize it when I see it in certain girls, but I can’t even tell you what “it” is. It’s just, something — that proverbial MD5 hash — is right-on.

Have you ever been in this situation?  You try logging in to a website that you haven’t visited in a long time, and you’re told your password is incorrect.  You try a few more times, maybe enter in a few other passwords, but you can’t get through.  You realize that you’ve forgotten your password.

So you click on the “I forgot my password” link, and after having you jump through a couple of hoops, the website tells you that a new password has been sent to you.  So you go check it out, and the new password is nothing like your original password.  It’s likely now a series of random letters and numbers, such as lwkje3913.

You’re glad to finally have a working password, but you’re wondering what gives.  Why didn’t they just e-mail you your original password?  Why the new mumbo-jumbo? The short answer is MD5.

You see, the typical way a website stores a user’s information, including their password, is in a database.  Then, when a user tries to log in using the username “jack” and the password “apple,” the system looks through the database for a user named “jack.”  If it finds Jack, it then checks the password “apple” against the password that is stored for Jack.

Imagine a database table looking like this:

ID USERNAME PASSWORD E-MAIL ADDRESS 1 jack apple jack@jack.com 2 jill soccer jlovessoccer@something.com 3 luke thelukester luke@aol.com

Get the idea? So when the system finds a “jack” with the password of “apple,” the green light is given, and Jack can now access thousands of old Photo Of The Day archives.

Now, most databases don’t actually show the password like this, which is a good thing, because it’s not the smartest practice. Any time you store a password in plain text, that password is at a higher risk of being exposed somehow. Even in a database, which should be safe from prying eyes, it’s not a smart thing to store passwords there. But if you can’t store passwords in a database, what can you do?

Enter MD5. MD5 is an encryption method, whereby you are able to encrypt a regular password (say “apple”) to a 32-character string of what look like random letters and numbers. The result of running a word or phrase through an MD5 function is called a hash. The hash of “apple” is 1f3870be274f6c49b3e31a0c6728957f . Go ahead and try it out for yourself!

Interestingly, the hash for “apples” (with the added S) is “daeccf0ad3c1fc8c8015205c332f5b42″ — NOTHING like the hash of “apple.” What that means is there is no real way to predict what a given word or phrase is going to translate into in MD5 language, so to speak. So because of this, because of the seemingly-random strings that MD5 returns, there is no way* to use the MD5 hash to find out the original password. So basically, using MD5, you can go from apple -> 1f3870be274f6c49b3e31a0c6728957f, but you cannot go from 1f3870be274f6c49b3e31a0c6728957f -> apple.*

Now you can probably better understand just why MD5 is handy, because it is a one-way encryption. This way, instead of having your password (”apple”) stored in anybody’s database –and not knowing just what they are going to do with that database, how well-secured it is, how trustworthy the keepers of it are — all they have on you is this irreversible* string. They can see that your password translates into 1f3870be274f6c49b3e31a0c6728957f, but they cannot tell what 1f3870be274f6c49b3e31a0c6728957f translates into.

So a GOOD database these days would look like this:

ID USERNAME

This is kind of unnerving. I recently had a client of mine call me, asking me if I had received an e-mail that he sent a few weeks ago. Surprised, I told him no, that I never got it.

So of course, that’s not a good feeling, to just happen to hear that an e-mail was sent to you but you had never received it. I checked my spam folders and the deleted messages, but I couldn’t find the message anyway.

Now I’m kind of on high alert here, and I can’t help but wonder if any other e-mails were lost. Because, after all, how would I know? You don’t know what you miss. And unless somebody follows up and says, “Hey, did you get my message?” then I would simply have no clue that I’m supposed to have received something.

Not only do I, obviously, dislike missing e-mails, it also bugs me that something like this could make it look like I’m ignoring somebody, or that I am very slow in replying to them. That’s worrisome also, because I try to be pretty prompt in replying to people, and I don’t just ignore e-mails.

So I’ll need to do some investigating. I hope this was an isolated incident, that no other e-mails were lost, and that this was just a freak thing. This may serve as a wake-up call for me to find a better way to handle our e-mails, to ensure that something like this can’t happen in the future.

(By the way, if anybody out there has e-mailed me within the last month or so but have not received a reply or an answer, please just write me at lukearndt@gmail.com. And sorry for the troubles!)

Since the early part of 2005 — January 25, to be exact — I have kept another blog, a personal (and, obviously, private) journal. It was a Microsoft Word document, and over the years, I would just jot down random thoughts, concerns, the current goings-on — anything at all.

Well, I have been faithfully writing in this journal for three-and-a-half years, and I had found myself with a 430-page Word document with nearly 750 unique entries.

For the longest time, I have wanted to convert that Word journal into something that’s a little easier to manage and sort. With Word, it just wasn’t possible. It was one giant document. No sorting by date, no sorting by title, no searching by tags. Nothing at all like that. Just one humongous Word document.

Of course, this journal would continue to grow, so I wanted to take some quick action in order to do things right just as quickly as possible. I thought a good option would be to convert them into blog entries.

One thing I did not want to do, for obvious reasons, is post this stuff online. I realize you can have private blogs, protect your entries, and all that good stuff, but I’m sure no blogging service is totally bulletproof, and I’d really rather not have my innermost thoughts being kept on somebody else’s computer! I’m just kind of finicky like that.

So I ended up installing a local web server, complete with MySQL — the database service. Then, on top of that, I installed WordPress, a great (and free) blogging system. WP will host your blog if you’d like (for instance, lukesnotebook.wordpress.com), or you can download and install the system on your own server.

Since I don’t want to post any of this on the Internet, I went with the latter, and I installed WordPress on the server computer that we have in-house here. That means I have all the benefits of blogging software — including tags, categories, ease of use, standardization, import/export abilities — just lots of goodies — but it’s contained on this local network and this local network only, meaning it’s not accessible over the Internet.

So after a lot of copying and pasting and a good deal of database trickery, I managed to move my 750 entries into WordPress, where they are dated correctly. This means I can very easily go back in time and see what was going on, for example, in May of 2006. Also, if I ever want to move from WordPress to another service, or I want to use this data elsewhere, it’s super easy to export the data from the database, and then use it wherever.

After finishing the hard part of transferring all of the posts, I also anted to find a very easy way to make future entries. The beauty of writing in Word was its convenience. I would just launch Word, and I was ready to go!

While WordPress has a built-in rich-text editor for posts (rich text meaning you have the ability to easily add in markup, or change font colors and sizes, add images — that kind of stuff), I wanted to find out if there was any way to still write my posts in Word, and then simply export them to WordPress.

I found a Blogger plug-in for Word that allows direct publishing to Blogger accounts, but with my whole keeping-it-local thing, I couldn’t use Blogger for this, and so that plug-in wouldn’t help.

I couldn’t find a plug-in for Word that would work well with WordPress, but I found something quite a bit better! In my searching, I stumbled across a brand-new program called Windows Live Writer. It’s free, and it’s basically a stripped-down version of Word (or any word processor) that is made specifically for blogging.

So I set it up, configured it to work with my WordPress blog, and now it works beautifully. I can easily write the post, add the title, and even add in any tags or categories — all from within WLW. So it’s pretty neat!

(As a side note, Windows Live Writer seems to support most popular blogging services, so you bloggers out there may want to check it out as a tool to assist in writing.)

In the end, I’m very happy to have my journal converted over to a database, and I’m glad that I was able to do it without compromising the privacy of it. I’m not sure what, if anything, I’ll end up doing with all of these writings, but I’m just happy that they’re now organized so much better.

I’ll have to think about if I ever want to do something like that to this online blog. Although I kind of like the idea of building it myself and everything, I would be open to the idea of moving this blog to a different service. Right now it seems to be doing pretty well, but perhaps I can find some ways to improve it down the road.

Well, over the years, we have watched many old Disney cartoons. Some of the family favorites have been the Donald Duck cartoons, those starring Humphrey (the bear), and many of the Goofy shorts.

The other night, I caught an old Donald Duck one, called “The Clock Watcher,” on. I remembered it all right, but there was a clip in that I did not remember.

I just laughed out loud when I first saw that, and to be honest, I have a hard time keeping quiet when watching it again, some 20 times later. I just find that so hilarious. The voice commands Donald to apologize, and he makes a pretty convincing apology. But immediately after that, Donald just makes this face, where he’s sticking out his tongue and rolling his eyes at the speaker.

It’s just so funny how instantly defiant Donald is, and I think the animation was just done perfectly. It’s so extreme, so over-the-top. He’s so rebellious. I love how Donald’s eyes seem to scroll as he’s rolling them.

Anyway, I don’t often just “LOL” at a cartoon, but this one just really got me. It’s just so darn funny! I can’t get over it.

These old Disney cartoons are the best. I have never been a huge fan of the ones starring Mickey Mouse, but the Donald Duck ones tend to be so funny, so clever. I think someday, when I have more time, I’ll just spend some time on YouTube, finding old favorite cartoons.

So without further ado, watch this cartoon. Or to seek directly to the location, go to the 4:00 mark in the video, and you’ll quickly see what I mean. Enjoy!