How To Spot A Psychopath

Behold: A way to automatically calibrate a projector to put a full image onto an arbitrarily aligned screen.

Even, thanks to the non-zero size of the image source, if that screen is facing slightly away from the projector.

(Via.)

This system can only lay as many pixels across the screen as the projector’s lens would manage anyway, of course, but if the Carnegie Mellon researchers do manage to turn this into a real-time system, the image will be able to follow the screens around pretty much seamlessly.

So it’ll be kind of like a real-world version of those augmented reality systems in which video images of specially printed objects “grow” extra stuff:

(Previous video magic.)

Remember those lame Internet filters which my faithful readers helped the smut-hungry youth of Australia to dismantle, last year?

Well, the whole taxpayer-funded content-control software handout program has now officially been declared (by Australia’s new Federal Labor government) to be a miserable failure.

Apart from the fact that the NetAlert packages were quite easy to get around, it turned out that nobody actually very much wanted them.

The Government predicted that 2.5 million households, about 31% of the whole country, would want their free copy of one or another of the packages (which they’d paid for with their taxes already, of course).

As it turns out, they got a grand total of 144,088 CD orders and downloads.

And not all of the people who got the filter software bothered to use it. The ridiculously-named government department responsible says only about 29,000 of the packages were actually installed.

That’s 1.2% of the target, for those of you keeping score at home.

The total price of the software filter scheme was 85 million Australian dollars. That’s about $US78 million, at current exchange rates.

So this software ended up costing the taxpayer about $AU2930 ($US2685) per installed unit.

A copy of Net Nanny will cost you $US27 from Amazon. That’s almost exactly one per cent of the effective price of the “free” software.

All that, to stop red-blooded Aussie kids from seeing boobies and doodles.

But have no fear - the new Federal government is much more sensible! They enthusiastically explain that their own very expensive scheme to implement “mandatory ISP-based filtering to deliver a filtered feed to all homes, schools and public internet points” will work far better. You know, just as it has in the other countries that’ve implemented secret Internet blacklists which, in effect, accuse lots of random innocent people of being child pornographers.

Never mind that, despite more than $15 million worth of advertising (including a booklet sent to every household in the country), it is now demonstrable that approximately three-fifths of bugger-all Australians have any interest in filtering their own Internet connection.

No, never mind that. We must be protected from filthy filthy porn, whether we want to be or not!

This is all more evidence that, as I’ve said before, it doesn’t matter whether censorware works. Which is good, because it generally doesn’t.

The purpose of censorware is not to Protect The Children, but to get some people elected and keep other people employed.

DVD Jon’s new application DoubleTwist looks completely awesome. I don’t think it really does anything that you couldn’t do before with umpteen tweaky utilities, but it aims to do it all in one simple program.

So I was all ready to download the beta and start freeing all of my DRM-ed media files from their corporate shackles… when I suddenly remembered that I don’t have any DRM-ed media files.

I’ve got some DVDs, but they seem pretty happy where they are.

If you’ve got audio, video or even photos (on a stupid locked-down cameraphone, for instance) that you’d like to move somewhere else but can’t, though, check DoubleTwist out.

There’s something you don’t see every day. (Via.)

The White Glove Tracking project got a lot of people who probably should have been working to identify the location of Michael Jackson’s famous sequined white glove in every frame of his 1983 TV performance of Billie Jean.

Then they made this video.

The video is just one - relatively trivial - example of what you can do when you turn elements of moving video into separately manipulable data, and then start fooling with that data programmatically, in this case with Processing. There are several more examples on the whiteglovetracking.com gallery page.

Another, different but related, concept:

Making 3D models from video clips (via).

DivX’s new Stage6 site will host, for free, pretty much any legal DivX-encoded content you like, with much better quality than GooTube.

Stage6 video files are of course generally much bigger, and you need to install their special player extension, and the site still seems to have that occasional GooTube problem where you upload a video and then it never goes live.

But I consider this a small price to pay to be able to watch (and download!) stuff like A Gentlemen’s Duel and Team Roomba’s hilarious instalments one and two of their TF2 griefing, in decent resolution.

(Unlike many other video hosting services, Stage6 does not have interstitial ads, or weird code that only works right on Internet Explorer. Actually, the current FAQ notes that “The Stage6 beta website is optimized for experience in the Mozilla Firefox browser. It may kind of work in IE as well.”)

As a test, I’ve uploaded my battling robot bugs video from the other day to Stage6; it’s here. I think the stereo audio improves it considerably.

(Joey, the Amazing Fetching Cat may now also be enjoyed in higher resolution and stereo on Stage6. He’s here.)

So, I’ve got that DirectX Acceleration Not Available problem again. DirectDraw Acceleration, Direct3D Acceleration, AGP Texture Acceleration; all Not Available. Direct3D was available until I tried turning it off in dxdiag, then ran dxdiag again to see if all of the options were back.

Nope, that trick doesn’t even work once, any more; now they’re all gone. Again. Graphics card allegedly has “n/a” memory on it, et cetera et cetera.

The last time this happened I tried all kinds of things, not a one of which worked, and ended up reinstalling Windows. But somebody mentioned that this was exactly the kind of problem that Windows XP’s System Restore (which I of course did not have turned on) was created to solve.

So in this Windows installation, I left System Restore turned on. And when DirectX screwed up yesterday, I used System Restore to roll the system back to its status of about a week ago.

And hooray, the problem was solved!

For about twelve hours.

I’m not crazy about the idea of restoring my system to that save point once a day for the rest of my life. I can see no other option, though, unless I get a whole new computer. I know for a fact that cleaning out all of the drivers and DirectX files before reinstalling will not help at all; all that does is take a long time and require a large number of reboots.

Perhaps a new video card would do it. This GeForce 7800 GT is pretty old and dusty; perhaps the problem does in fact have something to do with the video card failing some kind of obscure internal test, as when hard drives drop back into PIO mode.

The graphics card does still work just fine, as far as I can see; 3D mode is A-OK when DirectX is, you know, working, and OpenGL 3D is A-OK even now. I just ran OpenGL Quake 2; everything’s fine, and the video card fan ran up to higher speed as it’s meant to.

But perhaps the card didn’t give Windows the right password yesterday, or something.

I could try digging up another graphics card, but I haven’t another PCIe card in the house, and this computer’s too young to have an AGP slot. So I’d have to find some ancient PCI card, and I think the only one of those I’ve got is in the file server.

God damn it.

This post on the Light Blue Touchpaper blog tells us all yet another thing we can do with Google:

Find a password, if our l337 h4XX0r skillz have already allowed us to harvest the MD5 hash for it.

The completely stupid way to store passwords, implemented by small children writing programs in BASIC and by $300-an-hour consultants writing enterprise software, is to just save all of the usernames and matching passwords as plain text in a file somewhere. If an attacker can read that file, they can now log in as anybody.

A much better, but still not as secure as it should be, method of saving passwords is to “hash” them using a “one way” or “trapdoor” algorithm, like MD5. A trapdoor algorithm runs very quickly in one direction (turning a password into an almost-unique string of seemingly random characters), but is almost impossible to run the other way, if you don’t have access to cubic kilometres of sci-fi nanotech.

If someone gets hold of the file in which you store password hashes, the one-wayness of the hash algorithm means the attacker still can’t figure out what passwords correspond to what hashes, and so cannot make use of his discovery.

Well, that’s the theory.

In practice, attackers can take a dictionary of passwords, hash them all, then search for matches between their new hash dictionary and the password hashes. There are even helpful online tools that’ll do it for you, like the long-established passcracking.com/ru, or md5oogle. When there’s a match, you’ve got the password.

And this is what Google allows you to do in two seconds, if the password hash you’re trying to “reverse” corresponds to a common word.

The word “elephant”, for instance, hashes to e4b48fd541b3dcb99cababc87c2ee88f. Search for that in Google and you’ll get a bunch of pages which, for reasons explained in the Light Blue Touchpaper post and its comments, often also have the word “elephant” on them, or right in their title.

(This post will probably be very high in those search results in a day or two. Check out the above-linked online reverse MD5 hash lookup tool if you’d like to explore other options - it lets you hash any string you like, then checks some databases for it. While it’s checking, you can be Googling the same string. Md5oogle lets you generate MD5 hashes as well, but it converts everything to uppercase first - which many password systems also do.)

This technique only works for passwords that’re common words - or, at least, have for some reason been hashed and stored in a Google-visible file. If your password is something nonsensical like dj347F, which hashes to 54041c87e2e431f3fc4c47e55d114ef3, the hash won’t be found anywhere on the Web (except, again, on this page, once Google indexes it).

This technique also doesn’t work if the passwords are “salted” with some extra data before being hashed. So if a user foolishly decides to choose “mypassword” as his password, the software actually hashes, say, 28391mypassword, and thus creates an un-findable hash.

Adding a simple fixed salt to every password still doesn’t give you really industrial-strength security, but it’s streets ahead of a lot of the junk that makes it to production. And it does stop dumb attacks like Google searching - well, at least until people find out that MurderDeathKill 3D’s online gaming logon system just adds 28391 before hashing passwords, and start making tables of dictionary words with 28391 in front of ‘em.

Lots of current popular software uses unsalted hashes, including the WordPress software that runs this blog.

So it’s pretty lucky that I made my admin password “3hv78UEr”, isn’t it?

When last we visited the wonderful world of image “retargeting” by means of the cunning seam carving technique, I envisaged a decent free seam carving Photoshop plugin in the near-ish future.

Well, that hasn’t turned up yet. But a couple of options besides rsizr.com and that GIMP plugin have.

The inventively named Content Aware Image Resizer is a simple command line utility that can only cope with BMP format images, but gets the job done (a bit slowly…), is multithreaded, and is GPL-licensed so C++ hackers can fiddle with the source.

Resizor is a standalone Windows app, which is only single-threaded but still seems a bit faster than CAIR (I think rsizr.com is faster now than it used to be, too), has a bunch of fancy resizing algorithms as well as the seam carving “Retarget” option, and has a graphical interface too.

Resizor only lets you make an image smaller by seam carving (one of the interesting features of the technique is that it can just as easily enlarge images as shrink them), but it does what most people want to do.

I just installed the brand new v163.71 Nvidia drivers (the last non-beta release was v162.18), and benchmarked Supreme Commander before and after. There’s a small but significant improvement.

I’m tired of seeing articles about AMAZING NEW DRIVER IMPROVEMENTS OMG and then discovering that there’s only any difference if you’re using a GeForce 8800 on Windows Bloody Vista.

I’ve got a 32-bit-WinXP computer with a 2.2GHz (at the moment) dual core Athlon 64 and a 256Mb GeForce 7900 GT.

That’s probably still faster than the average, but it’s pretty far from the current cutting edge. (Only two cores, dahling? However can you cope?)

Driver tweaks aimed at the super-expensive dual-slot super-cards won’t help me at all. I’m guessing that they won’t help most of you, either. Tweaks that help a GeForce 7900 ought to be some use for various other current affordable Nvidia cards, though.

I’ve also got an effing big monitor, so I ran the tests in 2560 by 1600 resolution. That’s practical for fullscreen Supreme Commander if you’ve got some flavour of 8800 (ATI aren’t really in the very-high-end race at the moment), but it’s actually very playable if…

…you split the monitor between the normal view and the easy-to-draw topographic-view map.

Running the standard “perftest” benchmark in that resolution guarantees, despite Core Maximizer, that the game will be video-card-limited most of the time.

The Supreme Commander benchmark reports total frames rendered, “sim” performance (how fast the game calculates everything-but-graphics), “render” performance (graphics alone) and a “composite” score that roughly represents overall performance.

In this graphics-heavy test, my “render” result increased by nineteen per cent with the new drivers. The giant resolution and less-than-incredible video card meant that, in the peculiar jargon of the perftest benchmark, the “render” score only improved from minus 1029 to minus 863. But trust me, that’s still good.

The logged-frames difference was +0.7%, which probably means less than experimental error and definitely means nothing you’d ever notice. The sim score improved only slightly more, at +1.6%. But the composite score improved 4.7%, from 5794 to 6065.

You probably wouldn’t actually notice that in play - it’s a general rule of thumb that differences of less than ten per cent aren’t noticeable. But almost five per cent is not a bad improvement to get for free.

Complex Supreme Commander games are almost 100% CPU limited. Smaller games, though - and even complex games when you can’t see much of the enormous map you’re playing on - don’t give your graphics card much time to breathe, especially if you’ve taken advantage of SupCom’s still-rare ability to make use of a second monitor. So I don’t think I’m lying with statistics, here.

(I’m not, to be fair, actually playing much Supreme Commander at the moment. I got ETQW yesterday, and intend to Strogg 4 Life for a while before getting back to the direction of vast robotic armies.)

The remarkable “seam carving” image resizing technique that I and everybody else posted about a month ago has now been implemented in at least two ways.

First, there’s the Liquid Rescale plugin for GIMP.

[UPDATE: Picutel’s “Smart Resize” is a Photoshop plugin that does the same thing. You have to buy the full version if you want to work with images bigger than 640 by 480, though.]

Second, and much more interestingly for casual dabblers, is rsizr.com (of course).

Rsizr lets you watch the seams being carved before your very eyes in a Web browser.

It’s not the fastest process I’ve ever seen, since this is a rather computationally intensive technique (since it’s doing it in Flash, I suspect it may be based on one of the open-source ActionScript seam carving implementations mentioned here). If you want to mess about with Rsizr, I therefore recommend you use images no bigger than 1024 by 768, even if you’ve got a firebreathing computer.

Note also that after you’ve done the seam-carving, you still have to click the image and drag its border to actually resize it. Well, I think you always have to do that; Rsizr’s pretty much documentation-free at the moment.

But it definitely does work.

It allowed me to turn this 1280 by 850 pixel original…

…into this 855 by 640 pixel version. Click the images for full-sized versions.

The reduced-size version now has rather cramped composition, and the terrain looks a lot more hilly than it really was. But all of the major image elements - the sharp trees, the two buildings, the man and the boy - are preserved almost unchanged. They’re just closer together than they were.

The rsizr.com server’s being hammered a bit at the moment, so the “Save” function takes rather a long time to work. It’s easy enough to get around that, though - once you get your image the way you want, just take a screenshot of the window and cut the image out of it.

(I presume there’ll be a decent free Photoshop-plugin image carver Real Soon Now. In other news, one of the guys who came up with the idea has been hired by Adobe.)