Inspired Intuition

Almost 2 months ago, I started on a project that required the use of Python and access to an Oracle database. It took me multiple days in a row to finally get it up and running so that I could actually make progress on the project, but once I did, I thought nothing of finally getting it to work. However, I was recently approached by another person at work who had to use the cx_Oracle package to access an Oracle DB through Python, and realized the value of actually putting together a post about the steps required.

First off, it is really easy to get it running on Linux. I mean super easy to get Python and cx_Oracle up and running. Secondly, I have an XP machine at work, so no guarantees that this will work with all other Windows Operating Systems until I get to test it on one (not possible till about September at the earliest, I’ll put a todo item in my calendar to try to remember to do it).

Alright, down to the nitty-gritty of it. You first need to install a recent, if not the latest, version of Python, if you don’t already have it of course. When I was installing it on my work computer, that was Python 2.6.5. Now that would be Python 2.7, but since Python is intentionally backwards compatible, it SHOULDN’T matter. For installing Python, be sure to follow one of the many Python install guides available on the web, but the quick run-down of the install process is:

1. Install Python.
2. Edit your environment variables to add the Python directory to your PATH variable and create a PYTHON variable. I will cover editing/creating Environment Variables with the later part of this guide because you will have to do it again for cx_Oracle.
3. Code in Python (you can use an IDE like Eclipse, or a regular text editor like Notepad++).

Next, run the cx_Oracle .msi installer for your particular Windows install. Now that was the easy part.

Next up is the part that most people seem to miss, having an Oracle client on your local machine. Oracle suggests the use of the Oracle Instant Client, and that’s what I used this time. Oracle’s instructions seem to have improved since I first installed the Oracle Instant Client, but that doesn’t mean they are easy to follow.

1. Go download, and unzip, the Oracle Instant Client from here.
2. Put it in a place on the C:\ drive that is easy to find/access later (it’s a drag and drop procedure for getting the files there, no installer). My suggestion is to create a directory called Oracle, and place the instantclient directory in there. This way, my path to the Instant Client directory reads “C:\Oracle\instantclient”.
3. Add this guy to your PATH Environment Variable. You can get to the Environment Variables by right clicking My Computer, select Properties, go to the Advanced tab, click the button that says “Environment Variables”, and now we’re here. From the Python install, your PATH variable (in the user variables section, not the system variables) should already exist from you creating it as “C:\Pythonxx”. Now, add that directory location from step 2 so that the PATH variable reads similarly to mine, which is “C:\Oracle\instantclient;C:\Python26″.
4. Now you are going to need a tnsnames.ora file. For those of you that don’t know what that is, read here. The company I work for fortunately provided me with one, so I didn’t have to make it from scratch, but basically they contain your connection strings to the different databases you are going to be accessing. I saved mine to “C:\Oracle\network\admin” just for easy memory (and because that’s where someone else’s was when I asked). I hope you didn’t close the Environment Variables screen, you’re going to need it again.
5. Lastly, you need to add the TNS_ADMIN variable with step 4′s path in it.

You have now installed cx_Oracle successfully. To really test it, you can open up a Python command prompt and run the following lines of code to test it.

• import cx_Oracle
• db_conn = cx_Oracle.connect(“user/pass@tnsname.world”)

If either of those steps went wrong, double check the steps. If you still don’t know, comment on the post, or email me (my email is lying around somewhere on this site), and I’ll do my best to help you. There are also many forums and forum threads scattered around that have tried to explain these points as well, but I found them to be inadequate.

Lastly, Google is your friend for finding out about the different functions available in cx_Oracle, and the documentation isn’t terrible for this either.

Well, I wanted to have my first blog post of the week be about a different topic, but since this is breaking news, I’m going to post about it.

There has been a new vulnerability discovered, and reported by Microsoft as of July 16th with security advisory number 2286198. It affects all Windows operating systems (XP, Vista, 7, and correlating service packs), and the source code is already publicly available. The worry is that this will start to experience wide-spread usage within the next few weeks by malware writers.

What It Does

When we browse the file system in Windows, it shows icons for each file/shortcut/directory, and these can be customized. This malicious code is hiding in the simple viewing (not even running the shortcut) of the shortcut’s icon containing the malicious code. The malware utilizing this exploit can spread via infected USB thumb drives and the usual unintentional downloading of trojan horses and the like.

How to Protect Against It

Follow Microsoft’s instructions for not displaying shortcut icons. Microsoft’s temporary fix can be found with their security advisory number 2286198 (see the Workarounds and Mitigating Factors sections).

My Original Source

I found out about this issue through Trend Micro’s CounterMeasures blog post about the situation.

Parting Advice

Follow the workarounds described by Microsoft in their security advisory and hope that they can push out their fix by Patch Tuesday in August (closest planned patch date).

If I ever do my own ad campaign, I will definitely follow the model that Old Spice is using right now. If you are unfamiliar with what they are doing, they have the man in their regular TV commercials (which are quite humorous to say the least) doing personalized YouTube videos for people sending the OldSpice twitter account a message of what they would like said. Suddenly, Old Spice is getting tons of brand awareness, resulting from a little bit of real-time, instant work. Very interesting to say the least.

As more people become aware of this project of Old Spice’s, more people will submit to have videos made. As more videos are made, the larger the presence of Old Spice on YouTube and the internet in general. The larger their brand awareness level is, the greater expected profits for Old Spice and increased purchasing by consumers. To top it off, it is definitely a CHEAP advertising campaign. They are doing everything in probably 1-2 takes, and a little bit of writing ahead of time. The result will likely be a combo of the best use of social media to advertise and one of Old Spice’s cheapest advertising campaigns.

Of course, the novelty of this advertising scheme will likely only be viable for another day or so of straight use, but after that time, and giving the social communities a rest, Old Spice or someone else can likely rinse and repeat the process. Now, the most interesting use of this ad campaign would certainly be if someone ELSE had the guy say something that advertised for a different product all-together. Association would get the word of this other product out there, but would likely ruin the ad campaign for all the bystanders.

So recently, when BurgerBlog went through the automatic update from WordPress 2.9.x to 3.0, it ran into a slight hiccup that corrupted ALL of the posts that were on there. The issue seemed to be with the format of the single and double quotes throughout all the posts. They were all, without fail, replaced with ‘?’s. Now, what baffles me is how the system saved the wrong double and single quote symbols in the first place.

The quotes were the ones that are seen in word processors, like Microsoft Word, that are directional. So if I “quoted” something, the first quote would be different from the second quote.

Regardless, the reason that the system originally saved them, but no longer saved them is what truly confused me. As a result, I went through the following procedure:

NOTE: SQL knowledge and access to the phpMyAdmin page is required.

1. Accessed the phpMyAdmin page, found on the control panel for your site. No, not the WordPress control panel, the one that’s on the back-end of the site itself (gives you access to your site’s stats, FTP accounts, email accounts, etc.).
2. Browsed to the WordPress database and used the following SQL statement to find all posts that now had ‘?’s in them:

To get all the posts with ‘?’s in them and their IDs.
SELECT ID, post_title FROM wp_blogname_posts WHERE post_content LIKE ‘%?%’

To get the distinct post titles that contain ‘?’s in them.
SELECT DISTINCT post_title FROM wp_blogname_posts WHERE post_content LIKE ‘%?%’

3. From there, I was able to garner the proper ID of the post title (most easily found by finding the present blog post with that title and selecting edit, then looking in the URL bar for the ID), and use SQL back-ups where possible to garner the most recent version with the quotes and single-quotes in them still.
4. Did a find and replace on my back-ups for all of the incorrect double and single quotes.
5. Manually pasted in the corrected post content directly into the database to expedite the process (could have done it manually with each edit page, but that requires waiting for all the WordPress functions and AJAX to load).

It took a couple hours to go through the 40 posts on BurgerBlog that were messed up, and that’s not including the extra time required to fix the ones I didn’t have back-ups for (I had been slacking with my consistent back-ups). Now, it is almost entirely fixed, with the exception being the couple of ‘?’s that were missed in the ones that were done manually (those should be fixed by end of 7/2 anyways).

At this point, it’s kind of ridiculous how many weeks I am behind on blog posts. It is a recurring todo item on my personal calendar, but I never quite find the time for it in the day. The worst part about that is that I have content for the blog. LifeHacker did a new summary of the MUST have free apps for the Mac, and I am meaning to supplement it with my 2 cents. I have started my internship (been doing it for 3 weeks now) and have already learned plenty of topics ranging from DNS to proper unit testing in a real development environment to learning Python (which is a very fun language). Sprinkled in amongst such activities and learning experiences, there have been news posts worth my comments (in my opinion), and other developments in my personal life that I have debated discussing and just haven’t for the same reason that there hasn’t been an update before now, I didn’t do it.

So, with that being said, I am working on a post on one of those subjects for later this week and hope to get that trend going again. I’m thinking that the first subject will be all the issues I’ve had during the past couple weeks with WordPress due to upgrading BurgerBlog to WordPress 3.0 without taking a database backup. So frustrating.

See you later this week!

Yeah, that’s right, I went to Israel. It was pretty awesome actually to get to see the country, not to mention it was an experience I won’t ever forget. Most would say that they won’t forget seeing Israel because they are more religious now, or because a sight in Israel really touched them, but for us, this trip was all about the connections to others that we made. The group of people that we had the opportunity to go with was absolutely awesome! I could not imagine a better group of people. By the end of it, we were more akin to family than simply close friends. I will go through some of the sights we got the opportunity to see, and then talk about the best part of the trip a bit further. The trip itself is called “Taglit-Birthright” and is a free opportunity that college students can take advantage of, if they are between the age of 18 and 25.

So every day was basically non-stop. We were doing 12 hour days from the time we touched down in Israel. Our plane left Newark airport at 2:30 PM on 5/10, and hence landed at 7:30 AM on 5/11 (local time) in Israel. Not one to waste time, we were seeing sights all day WITHOUT any sleep for pretty much any of us. We landed, and started the trip in Jaffa. From there, we went to a market for lunch and then moved on to Independence Hall in Tel Aviv and Rabin Square. Independence Hall is where the country was declared a sovereign Jewish state, and Rabin Square is where Rabin (one of the leaders of Israel in the 90′s) was killed during his term. We then ended the first day on Mount Scopus.

Mount Scopus deserves a little bit more of a description. Firstly, it is just outside of Jerusalem, and gives a gorgeous view of the city along with the Dome of the Rock. Also, it is the home of one of the Israeli universities and did I mention it is gorgeous up there at sunset? This is where they welcomed us, officially, to Israel, served us challah and wine, and provided some music to encourage some ethnic dancing (of which there was lots of). At this point, we have ONLY had one day in Israel, and that hasn’t even included sleep yet!

The next day started with a tour of the Jewish Quarter of the old city, and a little exploring around there, but was focused around the visit to the Western Wall. I had REALLY high expectations about the connection I would feel when I got to touch the Western Wall, but I unfortunately had TOO high of expectations for the experience. When I touched the Wall, I only saw all the people around me who were affected more, and I regret not taking the moment to truly go within myself. I wish I had allowed myself to be more introspective, but sadly I did not, and this is the ONLY regret of my entire trip!

The Western Wall was followed by dinner and a thing they called the “Mega Event,” but that was just a huge opportunity for them to talk about how great Birthright is and how it has been around for 10 years, etc. The next day started early with a talk from a man named Avraham Infeld. As speakers go, Avraham was amazingly good, and the sad room he talked to us in was an embarrassment to the message he was trying to tell us. The greatest quote from him was that “Judaism is not a religion” and that it is a culture and a people and a connection that we all have. He continued by telling us many stories about his life experiences, how he grew up hearing that Judaism is not a religion, and that to others, Judaism is a religion and not a culture. It depends on the person, their upbringing, and many other factors that shape that opinion in a Jew’s life. However, the crux to it all was that we are all a family. We are connected to each other in an almost indescribable manner that goes deeper than any religion truly can (he also inserted a plug here for all of us to move to Israel). His talk was definitely a highlight and learning experience!

We then followed Avraham’s talk with a visit to Yad Vashem. For those who don’t know, Yad Vashem is a Holocaust Memorial Museum. But calling it that understates its importance and connection to anyone and everyone who has learned about the Holocaust, not just Jews and other peoples who lost loved ones during World War II. You can equate much of the memorial to the one in Washington D.C., and as a result, many of the images had been seen by me before and were a little less profound, but the final room is where I was truly touched. Of the 6 million Jews who died in the Holocaust, they have managed to collect in this final room boxes upon boxes of identifying information for 3 million of the men, women, and children who died. For many of them, this includes pictures of them before the war and information about their birthdays and country of origin. For others it is simply a name and the signature of a relative who survived saying it was so. Seeing this room, being able to truly grasp the enormity of 3 million, really hit home for me compared to the entirety of the rest of the memorial.

The next day, we met the soldiers who would be with us for the next 5 days, and volunteered at a local soup kitchen. Since the soldiers were THE highlight of the trip, let me say a little bit more about them here, and then I’ll move on to a description of Mount Herzl. In America, we imagine soldiers as burly men, or the depiction of them in Jarhead and other movies. Israeli soldiers are very different. Their military is based upon all men and women serving 3 years, and being in the reserves well into their 40′s (or maybe right up to 40). As a result, the soldiers are no different than myself when out of uniform. The group of 8 soldiers who joined our group for 5 days had something even more special than that. They connected with us. Each and everyone one of the 40 people who went to Israel in our group. We hung out with them at night, joked with them during the tour, cried with them at Mount Herzl and at departure, and connected with them at a level akin to the lifelong connections that people typically make over the course of years. All in just 5 days! They are our family, and we are theres. As if the group of people we flew to Israel with weren’t awesome enough, we got there and met these soldiers who truly resonated with us and will always be part of the memories that this trip gave each and everyone of us.

Mount Herzl is what Americans would call a cemetery for the Israeli soldiers who have died for the state of Israel. To Israeli’s, and clearly to anyone who visits it, it is more akin to a memorial of what people are capable of when they truly believe in their cause. There are stories for each and every grave, some of camaraderie, others of bravery, and many of commitment and believing in what they fight for. Even to the most staunch anti-Zionists, the stories that accompany the sight of the graves is moving.

Shabbat services were led by a member of our group, and would have been great if the other buses had been more respectful. Also, I have never heard so many diverse and different tunes for the same songs. Who uses the tune of Yankee Doodle? The next day was Shabbat, and the first time that we had some time to relax, and we used it! The majority of the day was spent sleeping, and it was a good thing that we got so much rest, because the next day started with hiking Masada. For those who don’t know, Masada was the site of the Jewish Zealots’ last stand against the Roman Legionnaires where, the night before the Romans were going to overrun the outpost of Masada, after a terribly long siege, the Zealots took their own lives to never surrender, so that they would “die as free men” instead of under the whip or sword as defeated men. The hike up was not easy, since we climbed up the Snake Path (a series of many, many switchbacks that took us up about 400+ meters in elevation to the top), but the hike back down was on the Roman Path, which was a straight shot done, and much easier to do.

After our hike, we got to ride camels, and float in the Dead Sea before we headed to the hotel. Israel without getting the experience of riding a camel is not worth the money, I’m glad we got to do that, even if the ride was short. Floating in the Dead Sea is… painful. Imagine the saltiest water you’ve ever seen (it creates salt crystals on the bottom in lieu of a sand bed) getting into any cut, nick, or orifice, and multiply that by 4. For anyone who had a cut, it stung like hell. If you got it in your eye or nose, that hurt to no end and you were out of the water in a snap to rinse. But just staying in the water eventually causes is to get into areas that most prefer not to talk about, and that stinging is just annoying. With all that being said, floating in the Dead Sea is a true experience!

The highlights of the next day were a nature walk in the Tel Dan Nature Reserve, standing atop the Golan Heights, and rafting down the Jordan River. The walk was really cool because the area was very nice, we got to see the ruins of a Canaanite temple, and we were able to see the border of Lebanon. Later that day, we went up the Golan Heights and were able to look out from atop the mountain, through the haze since it was a bit rainy, and see the border of Syria. Then rafting down the Jordan was TONS of fun (once people got into the mood of it). We started out with a bunch of people who just didn’t want to be splashed by the cool water, but by the end of it, everyone was splashing each other, jumping from one boat to the other, and dragging people into the water. It was tons of fun (and I ended up with a broken sandal from the experience).

The following day was the saddest day of our entire trip. It was our last day with the soldiers, and saying good bye to people who we had connected to so thoroughly was difficult at best. You know the song Absolutely (Story of a Girl)? Well we cried 40 rivers that all drowned the world!!! We sat in a circle and basically kept talking about how much none of us ever expected to connect to each other and to the soldiers at half the level that we did, and there were SO many tears! The rest of the day from then on was pretty much shot. That evening was Shavuot, which was delicious! The rest of the night was spent with everyone just kind of going to bed. The next day included bnei mitzvah services and naming ceremonies on the beach in Nahariya, which were beautiful! We hung out on the beach for the rest of the day and then were surprised by some of the soldiers when we got back to the hotel. It was so awesome to get to see some of them just one more time and we went out that night and had a great last night together at a couple bars on the beach. Was a stellar way to end the trip minus the fact that many of us didn’t bother going to bed since we were leaving the hotel at 4:30 AM.

Overall, the trip was absolutely awesome! There are precious few moments in life that I would be willing to trade for the memories that I have from Israel. I love everyone who we were with and all 8 soldiers! You are all awesome and that was the most fucking Taglit trip of my life!!!

I find it amusing that a CNN article is what gets me frustrated enough to blog again. But before I write down my very angry thoughts towards the terrible assumptions and conclusions that they jump to in this article, I will do a quick, brief, catch-up on what’s new in life.

The semester is almost over, so that means a few things have finally come to fruition.

1. I finally (officially) landed that summer internship I’ve been working on since last November. Really looking forward to the new opportunities, spending the summer with my girlfriend in DC (living with her folks), and having a solid plan for the summer!
2. Being able to see my girlfriend who is coming back from China on May 4 and I’ll be able to see her on May 10th (going to drive all day to do it too)!!!!!
3. My roommate and I signed on an apartment to live in. He will be there over the summer, but I will not be (we made arrangements for rent though, so all’s good).
4. I am presently in Dead Week, which means the workload is light for once and I am supposed to be studying more than I am right now.
5. My girlfriend and I are going to be going to Israel on our Birthright trip (the same one we unfortunately missed over the Christmas break), and we are really excited for that!

Overall, things are good, and will be awesome this summer!

Now, to that stupid news article that is bugging me (which can be found here)!

I will preface my rant with the fact that I agree with the general undertone of the article, that there needs to be greater checks and balances, and that the SEC should not be exempt from that. However, the article points out that 33 SEC employees over a five year period were accessing pornography using government resources. This statistic is immediately followed by Republican Darrell Issa quoted saying the following:

It is nothing short of disturbing that high-ranking officials within the SEC were spending more time looking at pornography than taking action to help stave off the events that brought our nation’s economy to the brink of collapse

Now I don’t have all the data, or the actual report, but I can sincerely say that 33 out of the thousands of employees within the SEC could not have stopped the present recession from happening if they had not been looking at pornography with government resources! This fallacy is ridiculous in my eyes, and is one of the reasons that I have so much trouble with our present government. To top it off, Issa is the ranking member of the House Committee on Oversight and Government Reform… this is the same person that is trying to reform our government to work better. I am so thoroughly unimpressed by the exaggeration and extravagance of his comment that I lost a little more faith in the supposed representatives of our people.

Also, videos of our government representatives saying unintelligent crap like this only greater disheartens me!

Not a whole lot to report in regards to the family reunion. It went surprisingly well and it was great to actually meet extended family! About 30 of us showed up for the reunion and of those, I knew about 10 (including grandparents and immediate family) beforehand. Also, I didn’t know I had so many cousins of my own age. Great to know, and I think that we will be able to stay in touch a bit over the course of the next few years. Maybe we’ll even have a follow up reunion before I’m 40!!!

I know that I’ve been away from the blog for a while, and expect to be away until at least Friday, if not Monday of next week. Yes, I know that I consider Friday a normal post, but I am not considering TODAY a full post in any way. Essentially I just wanted to fill in my limited reader base with why I have been absent.

Initially it was just a level of laziness and not really wanting to blog about anything over Spring Break (the week of March 22-26), and then last week I just didn’t really think about it. Funny how getting out of the habit of doing something makes it hard to get back into the routine. Regardless, I’ll actually have something worth talking about after this coming weekend because my family and I are attending a family reunion for my father’s side of the family tree. Should be interesting, if not enjoyable. We shall see either way.

Till then.

The weekend was definitely a busy one. Between having/attending a party at a friends’ place and then spending the rest of the weekend doing homework (had an assignment for my Algorithms class and a group paper for my Ethics class to finish), it was a very busy, but productive weekend. I got all the work done (eventually), and had a great time Friday night! I’d rant a bit about my Ethics assignments not being clear enough, but I don’t think that’s really necessary when I have better fodder to write about in the form of my Marketing online homework submissions.

So the system is called Management by the Numbers and the site/product is completely new. At the beginning of the semester, they provided us with accounts according to the school we are in and the number we were on the roster (I assume that’s how the number was generated at least). So, the format would be gtxxx, and they initially gave EVERYONE in these classes the EXACT SAME PASSWORD! I noticed this immediately in the email that they sent out to us regarding what our login credentials were. As someone who wants to professionally doing information security for a living post undergrad, I just cringed when I saw this. To make matters worse, I did the first assignment on the WRONG username because ALL the passwords were the same. Of course, I didn’t realize that was the issue when I saw a 0 for the grade, but only after contacting the professor and TA about the issue did it become apparent “Aaron, your username is gtxxx.” “OH MY GOODNESS, I did the homework on the wrong username, I did it on gtxxy.”

After further discussion, I discovered that the company was “working on” a password change “feature,” which I consider standard in ANY login system. I almost asked for a contract to write the code to do it in PHP out of frustration, but thankfully I didn’t because I have had a bunch on my plate this semester. Overall, it was really disappointing. The funny part, that’s not even what I wanted to show with this blog post.

When I was doing the assignment that was originally due tomorrow, I found a few interesting bugs in it (causing the due date change). The first one had to do with an algorithm that was used to obtain the answer for a problem. It was supposed to be:

(($23.90 – 10) / (.71 * $23.90 – 10)) – 1 = 0.99

Instead of:

(($23.90 – 10) / (.75 * $23.90 – 10)) – 1 = 0.75

You see, the .71 in the correct answer was because it was supposed to have a 29% decrease (in this problem, since that number is dynamic) in price for the comparison, but the algorithm had been setup for a static 25% decrease in price instead. This caused correct answers to be completely wrong.

The more interesting bug, pictured to the right, had to do with precision. They were taking the number out to multiple decimal places, and requiring precision according to that, but the dollar amounts were automatically rounding as we expect cents to do. The end result was that a correct answer was STILL wrong. Of course, this was extremely frustrating for me at first, until I thought to myself “I wonder if it will accept the decimal written ALL the way out (I think I did 6 places just to be over accurate). It worked of course, since the issue had to do with their accuracy, but displaying it as a whole cent was extremely confusing. Regardless, I have finished the assignment and the due date has been pushed back to this Thursday now.