If you want to learn more about vulnerabilities (or just want to have some fun) there are lots of options to practice.
OWASP Juice Shop is a web shop with lots of vulnerabilities. If you’re interested in hacking web applications, this is a good place to start. It covers the whole range of common security issues. The shop is easy to install on your system. It contains a scoreboard listing the vulnerabilities you can find, rated by difficulty. The scoreboard keeps track of your progress, but finding the scoreboard is one of the challenges.
Exploit education contains a couple of training sets, such as Nebula (basic linux exploitation), Phoenix (buffer overflows, format strings, heap exploitation) and Fusion (like Phoenix, but more advanced). For each set there’s a list of challenges, and a virtual machine on which you can practice. There’s also the Main Sequence set, containing a Capture The Flag event with various challenges.
OverTheWire contains a huge number of games and challenges, accessible through SSH. For example the first set, Bandit, teaches the basics of linux commands. On each progressive level, you SSH to the bandit, where you have to find the password for the next level.
W3Challs contains CTF like challenges grouped by category: Hacking, Cracking, Wargame, Forensic, Cryptography and Programming.
IO contains the IO wargame. The challenges are accessible through SSH.
Perhaps not that useful, but I decided to make my personal top 10 favorite programming languages.
Still my number 1. I don’t think any high level language gives you so much control as C, and it’s super fast. Kind of the Swiss army knife of programming. Dangerous to use, but that’s what keeps you alert. Having started with assembly there’s still a weird attraction to pointers and direct bit manipulation.
Using python makes programming so much faster and easier. It’s like working pseudo code. Despite it’s popularity still underrated. Combined with C (in case you need speed or low-level access) there’s no need for any other programming language. Standard Python is surprisingly fast for an interpreted language. For more speed you can always compile (pypy) or combine with C.
I’ve received a few questions about the details of the mathematics in my Divine 9 post, and why the Divine 9 theory qualifies as pseudo-science. In this post I’ll skip the musical part of the Divine 9 tuning, and will focus on the arguments about the divinity of the number 9.
Let’s start with the pseudo-science part. The usual scientific principle is to start with the facts, and then trying to draw a conclusion. Scientists try to find counter-examples to disprove their own theory. Pseudo-science just starts with a conclusion and tries to find facts supporting this conclusion, ignoring facts that don’t fit with the result. Now let me try to explain why the Divine 9 theory qualifies as pseudo-science.
If you take a look at the Divine 9 music site, you’ll read about the importance of the number 9 and how it should show up everywhere in nature. In fact, this connection with nature is based on spirals, the Fibonacci sequence, and the golden ratio. So far, so good. Both the Fibonacci sequence and the related golden ratio (I’ll get into the details), really do show up in nature. Interesting, but not that spectacular, since both nature and the Fibonacci sequence follow simple rules. Where it goes wrong is where the number 9 is lifted to a divine status. On the Divine 9 site, Gert Kramer gives examples of how the number 9 keeps showing up. Musical examples are John Lennon’s ‘Revolution 9’ and the fact that Beethoven wrote 9 symphonies. Conveniently, wikipedia maintains a list of song titles with a number in the title. Counting titles I don’t see a preference for 9. And though pi shows up, the golden ratio is missing. Wikipedia also features a list of symphony composers. Again, there are many composers who didn’t write exactly 9 symphonies.
There’s only so many ads I can take before I get curious. After too many pop-ups about how to become rich I had a look at the Euro Millionaire System. I’m not brave (or stupid) enough to really give it a go, but the system itself is completely wrong. The ‘magic system’ contains a few mathematical tricks that help to convince you that you can’t go wrong, but actually don’t make sense. With the Euro Millionaire System you’re supposed to bet on binary options, using two simple strategies: one to choose which of the two options you have to bet on (up or down), the other to choose the amount of money you wager. I am not a stock expert, but let me try to explain how binary options work. The Euro Millionaire System video refers to Stockpair, a platform for binary options. The idea is that you guess whether for example the euro/dollar exchange rate goes up or down in the next 15 minutes. If you’re right you earn yourself some money, if not you loose. Not too different from playing roulette, except that one could argue that the exchange rate over a short period of time isn’t completely random. The payout however is much lower than in a casino.
This week I stumbled upon what’s called the Divine 9 tuning, which should be an alternative to Equal Temperament. The Divine 9 website claims that this temperament is based on the order principles of nature itself, and looks more like a new age site than a music site. It keeps mentioning the importance of the number 9 and how this is derived straight from spirals using the Fibonacci sequence (including Egyptian gods, Chinese dragons and ‘Cosmic creation principles’). The Divine 9 tuning is supposed to use this number to give it it’s specific properties.
There’s nothing wrong with trying out different tunings, but the Divine 9 tuning somehow annoys me. More because of its presentation than because of the tuning itself. First of all I’m not sure whether it’s really an alternative to Equal Temperament. Secondly, the mathematics behind the importance of the number 9 and its relationship with nature is flawed. Finally, the way the number nine is part of the Divine 9 tuning is very artificial, and has hardly any influence on the tuning itself. From what I’ve heard of music played in Divine 9 tuning it sounds pleasant, but so does for example Pythagorean tuning (yes, my digital piano can play Pythagorean). I haven’t checked in which keys the Divine 9 example are, but I doubt it sounds that good in all 12 keys (which is exactly why we use equal temperament on a piano). Continue reading
Although I use abc music notation quite a lot, I haven’t looked at the specification for a while. I’ve always prefered to use the old 1.6 standard. To me, the main advantage of abc is the simple syntax to transcribe melodies, sometimes with chords or lyrics. There’s a trend going on to expand abc to a complete music description language for complicated multivoice music. However, the thousands of abc tunes online are mostly simple melodies. For music typesetting there are much better solutions, like Lilypond. The Lilypond syntax is more complicated than plain abc, but writing multivoice scores in abc is not much easier.
Since I’m working on new abc software I’ve had a look at the specification. The latest version is 2.1. Of course the 1.6 specification is a little informal. There have been many additions to abc 1.6 and the new standard is an effort to standardize these extensions. Unfortunately they’ve also deprecated part of the older abc files, so most of the abc music online does not conform to abc 2.1. New abc 2.1 files should start with a file format identification ‘%abc’ or ‘%abc-2.1’. A quick google search shows that after almost two years there are only three files using the ‘%abc’ identifier and a handful of tunes using the ‘%abc-2.1’ version. So who’s using the new specification?
To keep things simple I think I’m going to stick with abc 1.6 and add my own extensions for everything that isn’t covered by 1.6.
The Dutch composer Douwe Eisenga composed 10 beautiful piano songs based on the first 10 tunes from the HBC. I’m very honoured that they’re called ‘Simon Songs’. In January 2014 they will be played in China by French pianist Francesco di Fiore, with visuals by Valeria di Matteo. You can buy the sheet music on Douwe Eisenga’s gumroad page. A cd will follow later.
In part I we started the ukulele chord system by learning which notes are used in a chord. Now it’s time to find those notes on the ukulele fretboard. First we’ll have a look at which notes are where on the fretboard. Then, we can search for the chord notes. We will learn that a few shapes are sufficient to play all chords.
Note: this is the first part of a five-part course in moveable ukulele chords, originally published in Dutch. The other parts will follow shortly.
You can find ukulele chords in chord tables which you can find on the internet. But there are many kinds of chords like major, minor, 7th and many more, each in twelve different keys. And you can play each of these chords in a number of ways, resulting in hundreds of ukulele chords. You could learn all of these chords or use a small selection of ‘basic’ chords. A much better solution is to know what you’re doing, and learn a couple of basic shapes. Combined with a little bit of musical theory you can then find all the chords and variations you ever need yourself. In this series I’ll show you how to do just that. Continue reading
Until a couple of weeks ago I’ve kind of missed the paleo diet hype, but lately everywhere I look this ‘caveman diet’ shows up, even in articles about running. I’m perfectly happy with my diet, so I’m not planning to switch to the (incompatible) paleo. But since I found a couple of false claims so support the paleo diet I couldn’t resist doing a little research. It seems like most paleo supporters really try to convince everyone that it’s the only healthy option. It turns out they’re probably wrong.