9.99999% Guaranteed uptime. Six nines!
:: Humour ::

October 31, 2008

Understanding Traffic on the 401, pt 1.

Filed under: misc, travel, data, programming, ideas, long rambling stories — Dave @ 8:45 am

The Government of Ontario runs a fantastic service to monitor the state of traffic jams on the 401: COMPASS Freeway Traffic Management System. So the obvious question becomes, when should I drive home?

Step 1: Get some data

First I ran a cronjob on the server hosting ultrasaur.us, that basically recorded the state of the various stretches of road. It’s been running a few days now, and after 14000 readings, there seem to be the following states for a stretch of road (with counts):

  • Express and collector moving slowly (423)
  • Express and Collector moving well (7055)
  • Express and collector very slow (85)
  • Express moving slowly. Collector moving well (205)
  • Express moving slowly. Collector N/A (49)
  • Express moving slowly. Collector very slow (138)
  • Express moving well.  Collector N/A (1236)
  • Express moving well. Collector moving slowly (435)
  • Express moving well. Collector N/A (271)
  • Express moving well. Collector very slow (48)
  • Express N/A.  Collector moving well. (1241)
  • Express N/A. Collector moving slowly (129)
  • Express N/A. Collector moving well (421)
  • Express N/A. Collector very slow (43)
  • Express very slow. Collector moving slowly (45)
  • Express very slow. Collector moving well (14)
  • Express very slow. Collector N/A (75)
  • Moving slowly (122)
  • Moving well (795)
  • N/A (1198)

Notice that there are some near duplicates with double spaces after a period — I’ll convert multiple spaces into singles.

Next I needed to give all of these a value, based on my back of the envelop calculations well means 80+, slowly means 50-80 and very slow means 0 to 50.

Caveats and thoughts:

  • the values can’t be exactly calculated, so I’m not going to try,
  • one important thing that I want to do is map each status to a unique value so that I don’t lose any data. The key is that the values be in order
  • you can see that I’m biased towards the expressway

So values represent the proportional time it takes to travel over a stretch of road (ie higher is worse):

  • 100: Moving well
  • 101: Express and Collector moving well
  • 130: Express N/A. Collector moving well
  • 150: Express moving well. Collector moving slowly
  • 160: Express moving well. Collector N/A
  • 170: Express moving slowly. Collector moving well
  • 180: Express moving well. Collector very slow
  • 200: Moving slowly
  • 201: Express and collector moving slowly
  • 210: Express N/A. Collector moving slowly
  • 250: Express moving slowly. Collector N/A
  • 380: Express moving slowly. Collector very slow
  • 410: Express very slow. Collector moving well
  • 460: Express very slow. Collector moving slowly
  • 501: Express very slow. Collector N/A
  • 500: Express and collector very slow
  • 510: Express N/A. Collector very slow
  • null: N/A (I’m willing to extrapolate a guess at the other N/A’s, but not here)

So this gives me the first chance to make a graph, just over my first 14000 points, here’s the average state of the 401 Westbound over the 24 hours in a day (over a Monday-Wednesday):

Westboud 401 travel times (higher is worse)

The worst time to drive is 4-5pm, but the three hours from 3pm to 6pm seem to be the worst. That’s not much of a surprise (although it’s an hour or so sooner than I expected rush hour to start), but that evening rush hour is so much worse than morning rush hour is a bit of a shock. That 1pm is such a slow time is curious too, I wonder if that bump will go away with more data.

(Data is available to anyone who contacts me, it’ll eventually be available for download)

October 26, 2008

Why computer security scares me

Filed under: misc, security — Dave @ 6:39 pm

Disclaimer: Any of the security articles on this site, no matter how juicy the titles, are about white-hat work. If anyone learns anything useful for attacking servers from me, it’s because they are really, really bad at googling.

I’m not a paranoid person, I rarely lock my doors. Even with computers, many of my passwords are “password” and I believe in backups not preventative security for 90% of my personal files. Still, I’m passionate about *being able* to secure systems.

Computer security is hard. It’s hard enough to write software that works 100% of the time for users who desperately want it to work, malicious users are another kettle of fish. It’s far too easy to just claim to be “concerned” about security, and then do nothing but hope for the best.

The attackers are machines. Back in college I had a machine exposed to the internet for a few days and it was turned into an FTP server for pirated movies in under a week. There was nothing special about my machine, the pirates were likely just constantly cycling through IP addresses looking for an unprotected machine. The idea that there are evil machines on the internet who spend 24 hours a day trying exploits against every server they can find is 2 parts scary and 3 parts science-fiction-style-creepy.

Long odds aren’t a defense Every so often, I’ll figure out an attack that’ll require an annoyingly specific set of circumstances. It really takes the thunder out of it to explain that if you were running IE6 on Windows 98 on Tuesday in the rain, I could totally sniff your passwords. It’s tempting to think that if only one in a thousand machines is vulnerable to an attack, no-one will bother. Just like how the low response rate to spam emails means that no-one bothers sending them.

Anti-virus software

Filed under: misc, security — Dave @ 6:37 pm

I’m often asked what anti-virus software I use. It’s always hard to answer the question, I really have a two-part system:

  • Good backups — so the worst that can happen is I have to re-build a computer.
  • A complete list of every virus that I’ve ever caught and why it’ll never happen again. I occasionally check my Windows machines with anti-virus programs (I like ClamWin) to verify, but generally you know when you have a virus the same way you know if there’s sugar in the gas tank. For anyone keeping score
    • I had to share files regularly with a computer in China, and every time I plugged my USB drive in, the computer used to copy over a viral EXE, and once I hit enter instead of delete
    • In university I foolishly connected an unprotected Win98 system directly to the internet and it was taken over by a warez group (not quite a virus, but similiar enough).
    • I actually got the Michelangelo virus back in the late twentieth century.

I don’t think I’m all that unique, the last “is it a virus” I was asked to take a look at was just a really bad HP printer driver. I may be unique in having spent more time dealing with problems caused by Norton antivirus than viruses, but I still suspect that if you practice safe computing, the threat from viruses is overstated.

At least compared to backing up.

October 20, 2008

TSA agents commit crimes

Filed under: misc, kinda maybe funny — Dave @ 9:36 am

Notable if only for the size: TSA agent steals $200K worth of gear, resells it on eBay

…one agent had single-handedly absconded with over $200,000 worth of travelers’ belongings, primarily cameras and laptops… travelers have no real means of protection when it comes to guarding against inside job thievery like this.

I’m going to assume that the amount stolen by a given TSA agent is a poisson distribution, so though I expect this agent is an outlier in terms of magnitude, he reflects a general laxity towards employing criminals in the TSA. To be fair, security is hard, and a job riffling through other people’s things with near immunity is going to attract thieves.

But to be clear, there’s something deeply disturbing about being treated like criminals by the TSA every time you fly through the USA, when the TSA employs criminals.

/grumpy.

Update (Nov 20): A helpful reader writes in to point out that air marshals are worse.