Lewies Blog

My brother had asked me how I was doing on my free iPod program. I clicked on over to the website and discovered that I had another person that completed an offer. That makes three! I only need two more people to complete an offer and I’ll be ready for my free iPod.

Is this an iPod scam? I don’t know. So far I haven’t paid anything. Krozys opinion on the matter is that he would rather just go out and buy the thing and get it over with. My argument - I don’t need an iPod. I look at this as my reward for all the time and effort that I had spent blogging. After all, that is how people find out about my offer.

I’ve been seeing many photos on the internet of people who got there own free iPods. I also see that the free iPod site now shows photos of people who have received there free iPods. I just hope that people sign up sooner and complete there offers so I can Jam offline.

Krozy has been concerned over his weight as I have - but he has been doing it on his own without and dieting plans. He has lost just as much weight as I have. “Go Krozy!”.

What is Krozies secret? I’ll tell you. Drink plenty of liquid and cut back on sugar and caffeine. And no Splenda! Apparently, he has found out that Splenda is bad for you and actually does not contain sugar as advertised.

During this conversation, he had a problem. (file under: famous quotes from Krozy)

man, since I’ve been trying to cut caffeine and I’ve been upping my water intake, I’ve been peeing a lot less frequently. on the flip-side, I’ve had to take a dump more often. I’m not sure if that’s good or bad.

I replied that my own dieting plan keeps asking me when my last bowel movement was. Its actually good to have BMs quite often because that is just some confirmation that you are losing something. Don’t be worried unless it is black. Black means that you may have internal bleeding.

“Ok Cartman, show us the pigment of your turds on the color wheel”

My brother made that line up, but it is the kind of thing that wouldn’t surprise me to see in an episode of the cartoon - South Park. However, we both agreed that South Park doesn’t do much about feces anymore except for Mr. Hanky, the Christmas pooh.

Three BMs a day isn’t so bad as he thought and did not merit worry. He found some information to his own question on the internet as well.

Normal for one person might be three bowel movements a day, and normal for another might be three bowel movements a week. If your bowel movements fit somewhere in that range, then you’re on a normal schedule.

Krozy then went on to say:

Foods without, like fatty, and greasy foods, as well as sugary foods make you crap less often and make you constipated

I had a chat with my brother, Krozy tonight. Every now and then I ask him about his blog and when he is going to post something. Usually he says that he has nothing to blog about. For starters, he posted his answers to a course he was taking in college.

A nice attempt, but I went on to explain that blogs are full of opinions, ideas, images, links, news articles, etc. While the answers to a course in college may constitute as a blog entry - you want to start writing about something your readers would be interested in.

Sure … a few may be interested in his course. That thing may be plastered on his blogs front page for the next three months. It isn’t going to be so cool.

Krozy then started reading over my blog with all the different entries and became fascinated with what he was reading. He started to get ideas and the last I heard, he was going to post his opinion about antidepressants medications and sugar intake.

An opinion! Now that is the spice of life rite there. I can’t wait to see what it is. Every time he sends me a link, I tell him to include it with his entry so that others may get additional information with what he is talking about.

If you haven’t already done so, read the post on how I met my wife. I’ll wait patiently for you here. Go on …

Great! Now that you are up to date, I’ll continue. The two of us went back to her house. I think we were actually getting a bit bored since I wasn’t allowed in the house. She asked if she could come with me back to my place. I was dumbfounded and just said “Sure”.

She went in the house to get a few things. I just stood there looking at her sister not knowing what to say or do. Angel came back out with her things. We took the long drive back to my house. At that time I lived about thirty minutes from her place.

God, it has been so long. I don’t remember what we did until later that night. We were trying to sleep and she asked me if I wanted to have sex. I replied, “No, I don’t have any protection”. She asked again a few moments later and said it was ok. I’ve never been ridden on bareback and this was a most pleasing method.

My mother called me on the next morning asking if I had heard from Dad. She heard Angel giggling and asked who it was. I just replied that she was a friend and chuckled. Mom hung up. I found it really odd that Mom would call on my birthday and not mention anything about it.

Well, I think that is all of the juicy stuff that I can squeeze out of my gray matters archives for the moment. Angel could probably fill you in better with the details. (Just email me Angel, and I’ll post it for you.)

Just when I thought I had enough, another project came in that is a contract management application. I think this is the fourth one that I’ve worked on since I’ve started working for this company.

Like usual, cost-point is involved somehow. It also has the same stuff to manage.
Technical Instructions (TI)
Task Orders (TO) - same as TI,
Sub-Tasks (TI that fits under a TI)
Contract Definition Requirements List (CDRL)
Statement of Work (SOW)
Point of Contact (POC)
Contract Line Item Number (CLIN)
Sub-Contract Line Item Number (SLIN)
Modification (PMOD MOD)
Firm Fixed Price (FFP)
Cost Plus Fixed Fee (CPFF)
Cost Plus Award Fee (CPAF)

Why am I listing these names? Because it took me a good deal of time to learn what the acronyms ment when I started working on my first project. You see, the definitions were not accessible to me, nor there meanings. If I asked someone what a CDRL was, they would look at me blindly and then go on showing me what you do with them. Such is the life in an acronym-based environment.

Even the lookup lists and entity relationships of data are the same. You got your contracts, and they have CLINs, SLINs, POCs, TIs, and MODs. Your TI’s can have sub-TI’s, follow-on TI’s, CDRLs MODs, and POC’s. Deliverables can be assigned to your TI’s CDRLS (usually monthly) but can become a real mess when the formulas for requirements get really messy and start changing throughout the lifetime of the TI. Managing CDRL’s alone was one project that quickly became complex.

Confused yet? Great! So am I. Not really. There are many resources out there to look up the functionality of administrating government contracts. Unfortunately, this documentation is for the end-user (such as someone using cost-point).

A programmer such as myself can have a tough time acquiring information sometimes if documentation is not readily available. After learning much of this stuff over the years, I feel that I can actually understand the lingo of a government accountent, should I ever have the desire to seek one out.

One thing that sticks out is the color of money. I had heard this term thrown around a lot before money was any other color except green. It was funny when the goverenment actually started printing colored money.

The great news is that I’m not in on the project alone this time. I’ve got a great staff working together with me on this. I’m confident that we can get this out the door quickly with the experience that I am bringing to the table.

When you login and view your comments, you may have noticed an export tab. I’ve been working on automating the process of downloading my own export file. During the process, I learned much about using cookies and posting form data with the .Net framework using the C# programming language.

I was able to login through the security Haloscan provides, and then download the file. I wanted to see if I could actually limit the number of page requests to the haloscan server to just one. I took a look at the cookies in my debugger and saw two that were jumping out at me. They were called “entered_login” and “entered_password”. The password looked like a hashed value.

I tried a few hash algorithms on my own password and the first one in my command window showed the exact hash value that was stored in the cookie. I tried limiting my requests to go directly to the export file and it worked.

So why is this insecure? Simple - there is no salt. When encrypting or hashing values, it is common practice to add additional text onto data that the end-user is not aware of. This is called the salt value. You are sprinkling on some extra stuff on the main course. In my own adventures, I have used a different salt value for each account. Without this salt value, you can easily start running an automated dictionary-based attack against the server to sniff out users passwords.

Using salt may use more resources on the server. If you use a unique salt for each user, then you need to add an additional field in your database table to store that information. This causes more hard drive space to be used.

Are the accounts really vulnerable? I don’t know. I just don’t like the fact that they are not salted. Salt adds more security to hashing. Even if the passwords are hashed with salt, there is another problem. I was able to originally login to the system by posting my username/password in clear text. Someone could run the same attacks through this method as well.

There are a few ways around this. The first one is to use a Turing test. This usually involves requiring the user to enter some text that they see on an image to prove that they are a human. It would be nice if HaloScan offered this feature on comment forms alone. The other way to help prevent these attacks would be to monitor how many requests per minute are coming through. If someone is flooding the system with requests, you can bet that they are attacking it and deny them access for the next ten minutes or even an hour.

So what can you do personally? To add more security to your account, there are a few things that can help:

• Use a password larger then 8 characters
• Use a combination of upper-case, lower-case, numbers and symbols
• Don’t use words within your password
• Do not use consecutive characters
• Change your password every 3 months

I found some problems when restoring a backed up database. It appears that many foreign keys were missing. I came back to the database developer and explained that she was missing some foreign key relationships. She then went on to show me that the relationships did exist in the original database entity-relationship model.

My co-worker said that it would have been impossible to get the data out of a data table without the foreign key relationships defined in the database. We proceeded to debate over it, for I didn’t agree. She asked if I wanted to bet lunch and I shook hands on it.

Later today she called me into her office with two small tables in Microsoft Access. She told me to try and select data from both tables without a relationship. I started using an “Inner Join” but she said I wasn’t allowed. So instead, I used a simple “Cross Join” and used the where clause to compare the two values. From what I understand, Oracle only allows cross joins and this is what she was used to seeing.

My query worked. She was awestruck and argued that it wouldn’t have been possible to do that in Oracle unless a relationship existed first between the two tables. I haven’t worked with Oracle, but I’m doubting that the argument is valid. My explanation to her is that relationships are primarily used for data integrity along with cascading updates and deletes. Other then that, you can run queries against multiple tables without relationships in place.

She turned to me and said “I guess I owe you a lunch”. My reply - “I knew that the moment I shook your hand”. Sometimes it is so easy that I feel guilty.

I ordered my medications through Aetna Home Delivery two weeks ago. You see, I can’t order them through my local pharmacy or I will be charged top dollar. Everyone is out to save a buck. Any how, I have been taking my medication every other day to stretch it out a bit. Unfortunately, I had my last one Sunday night.

I ran into work on Sunday thinking that I had two pills in my drawer only to find one. I called the insurance company today to find out what has happened with my order. They are usually much quicker about it.

I could get it to be automagically sent, but my doctor only prescribes 90 days and zero refills. So each time I order, I have to create a new order and fill out a bunch of paperwork. I guess it takes the insurance company longer since they are processing a new claim.

I am starting to go through withdrawal. I can only skip every other day for so long before my body complains. My head is beginning to throb. No, it’s not a head ache. Thankfully, my wife has the same prescription. Actually, her prescription is twice as much.

I’m not a pharmacist, but it doesn’t take a genius to pop those suckers open and divide the balls in half. I counted little groups of ten and added them to a pile. When the pile would reach 50, I placed the pile into a separate dish. I eventually came out with two groups of 195 and 196 balls.

I folded a sheet of paper in half and poured one container of balls into the crease. From there, I funneled the balls into the empty capsule and popped the end back on. I went downstairs to warn my wife that I may overdose since I was taking an extra ball. Yea, I’m corny like that. It’s a “Lewie” thing.

Hopefully the pills come in the mail tomorrow. The woman on the phone said that they were sent out through express mail on Friday. I guess the presidents day holiday slowed down the mail on Monday.

I’ve been working on my blog software every now and then. I have decided to run my first report. This report lets me know how many comments people have been leaving. I am more interested to see who my loyal readers are.

I thought that I would go ahead and list all of the people who have been commenting on my blog. Since link backs are the currency of the internet, this is my way of saying thank you. I still need to get an updated list for the past week from haloscan, so your name/site might not appear here if you are new.

I didn’t list anyone who did not leave there web page.

My die-hard fans. Viva La Lewie!

113 Lewis E. Moten III (Stalker?)
91 Unperson1

40 Aurorealis

11 anti

7 Nathan Frampton

7 Nettie

6 Atalante Vala (Wife)
6 Katie

6 m4magarmuch

5 LisaNotLiza

3 Comments (I must be doing something rite.) AP, Deek Deekster, letti, Linda, Smeggy, Tony

2 Comments (They came back!) Alli, Babz, Beth, blair, Brent, Brian, Catt, ethan, Flirt, Gambling Joey, Jenny, Joe, Joshua Ditty, Laila*, Len, Lisa, MaxedOutMama, Meg, PiXeLs, Priapo, Shalovee, Shannon, suki, tanya, Vector, Xavier

1 Comment (will they ever return?) Aldon Hynes, Alekx, Amanda, andrena, Angel, Angelia, annette, Barb, Ben, Benjamin Solah, Benjamin Solah, Benjamin Solah, Bernie, Blue Skelton, brainhell, Brendan, carson, cathysue, Cetta, Chris, Christine, Christine, Craig R. Harmon, criticaldarling, CryptoJoe, Danyel, DarkLethe, dayna, Denise, Dennis, Doc, dot, Downtown Lad, Eric, Eric, Erin, Gary, Geri, Ginny, greg, Halden, Harrison, Heather, Hustler, i love my cat, Ian, Iris, Izzy, jay, jazzchic, Jean C, Jenny, Jesse, jett, Jf Jeter, jin, John McCrarey, john shanks, Johnnie Walker, Jon Langdon, Joshua Ditty, judge-mental., julia, just rambling, karma, Kayla, Kim, Kirkkitsch, Kristie, lainey, lastrider, laura murphy, Lauren, Lauren, Laurie, mai, mai, marion, matchingtracksuits, Matt, matt thorne, Matthew, Max, Melanie, Michael, Michael Jones, Michael Paul, Michelle, Michelles, MICK, mommifer, Mona, Mrs Darling, Natalie, Noah, Norman, NRT, opforsoldier, outer, prince c, rachel, Red Clover, retro_soul, richhappens, Rico, rowan, Saint Nate, Sarah, Scott, Scott C. Smith, shab00ty, Skyte, Sol, stefaniow, Sterling Fisher, SUPERHAWK, Suzanne, Taoski, Tav, Terrible lie, ThaSickness, ThaSickness, theaardvark, ThePaul, Tiffany, Tom, TrekMedic251, TruthNM, UncleHorns, vandamonium, wendy, Whit, windreader, WWCC

I received and email from Andy Koh inviting me to take part in a twenty minute survey. It took more then twenty minutes when I took the optional second part which went into more detail about my ethics on different scenarios. I had time to kill.

Apparently, Andy got my email address from my weblog using a random generator service on the Internet. Which one, I do not know - but I am aware that my name and email address are plastered everywhere.

The results will be made available at The Singapore Internet Research Centre. The survey will be closing on March 1st, 2005. A portion of his email:

If you have already done so, we would really appreciate if you can forward this e-mail to your blogger friends or post our survey link on your weblog. We are working hard to have our survey disseminated globally so that we can reach out to a greater population of the blogging community. Thank you so much!

More information about Andy Koh:

I am an undergraduate from the School of Communications and Information, Nanyang Technological University (Singapore). Previously, my fellow course-mates and I have sent you an e-mail regarding our online survey to study the practices and attitudes of bloggers on ethics. This study is conducted as part of our honours thesis.