Wikipedia:Reference desk/Archives/Computing/2011 November 9

Computing desk
< November 8	<< Oct | November | Dec >>	November 10 >

Welcome to the Wikipedia Computing Reference Desk Archives
The page you are currently viewing is an archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages.

November 9

Android's pixels

Hi, Many Android devices have some diffrent scales. So how in the largest devices you cannot see pixels? When Google launched Android, I am sure that it didn't know about the futuristic scales. Exx8 (talk) 00:07, 9 November 2011 (UTC)

Android software can support many different resolutions. If someone wants to release a tablet with a 10 inch screen and a high resolution display, software can be configured to handle it. And don't assume that Google did not know. First, the first Android device only came on the market three years ago. Second, they are not in the business of not knowing things. There are probably many things that they knew back then that many of us still don't know now. :) --Itinerant1 (talk) 00:19, 9 November 2011 (UTC)

Also, when things are drawn on screen, it's usually "draw a line that's 2 pixels thick", not "1/30th of the screen". So, creating larger displays with the same size of pixel will still be 2 pixels thick. It doesn't become stretched out and pixelated, because the pixels are the same size. "Seeing pixels" only depends on the size of pixels. Do you mean devices with the largest pixels? KyuubiSeal (talk) 01:52, 9 November 2011 (UTC)

That depends entirely on your graphics library. Some graphics libraries do allow the programmer to specify "1/30th of the screen" - for example, consider HTML/CSS, in which a div element can specify its width as a proportion of screen (or canvas) area. Some graphics libraries allow the programmer to specify drawing-size in physical units, and handle the needed device-specific conversion. A good example is a font-rendering library, where font size is often specified in picas or inches or points, rather than in pixels. Some graphics libraries will accept a value in points and render in pixels anyway. Some will convert from "inches" to "on-screen inches", scaled by a configurable, user-settable zoom-factor. (Consider the ruler in Microsoft Word, which displays in inches, irrespective of actual size on screen). The "100% zoom" is, theoretically, corrected for screen-size and resolution; in practice, though, this is often not exactly compensated. If hardware can't communicate its dots per inch or otherwise provide some conversion between pixels and physical units, all bets are off. For example, a VGA monitor uses a simple, mostly-analog protocol and does not publish its true size to the computer. Most Android devices use MIPI/DSI, or HDMI, so the screen can actually inform the operating system of its specifications. Nimur (talk) 03:37, 9 November 2011 (UTC)

Converting a PowePint presentation for the web

A colleague is delivering a presentation and has produced it in PowerPoint. What would be the best way to present this on a website? The assumption being that PowerPoint as such is not an appropriate format for the web. The site uses Drupal, if that's of ay relevance. --rossb (talk)

Versions of PowerPoint up to 2007 have a "Save as HTML" option, but this option has been removed in Office 2010. However it's apparently still possible to do it using VBA - see this discussion. AndrewWTaylor (talk) 08:42, 9 November 2011 (UTC)

Do they want it work as a slideshow which the viewer can control, or just be used for presentation purposes? If it's just for presentation, you can save it out as a video file which you could put on a website in a web friendly format. --jjron (talk) 10:26, 9 November 2011 (UTC)

Is exporting it as a PDF not enough? (If not, explaining why will help us figure out what you're after, here.) --Mr.98 (talk) 12:58, 9 November 2011 (UTC)

I was hoping to have it in HTML, as i don't like to create PDFs when there's a reasonable alternative. I tried the direct conversion from PowerPoint to HTML (had to use an old version of PowerPoint as the feature's disabled in the current version) but the resulting HTML was really horrid with lots of frame stuff and JavaScript - hence useless as a basis for incorporating into Drupal - so in the end I used a PDF after all. --rossb (talk) 18:06, 10 November 2011 (UTC)

You Could Do Google Docs. It automatically converts it. Cjc811 (talk) 01:47, 14 November 2011 (UTC)

hacking

how the hacking of websites work? in the movie swordfish, hero is asked to hack FBI website and he did some coding.I mean where he write thee code and where he compile it.--nijil (talk) 09:03, 9 November 2011 (UTC)

The representation of hacking in movies and on the TV tends to be extremely unrealistic.

The biggest misconception is that any site can be hacked by a skilled hacker in a matter of minutes. In real life, unless the site exhibits a known vulnerability (and it would take minutes to scan the site for exposed services and to look for known vulnerabilities), one would have to search for unknown holes in software, and that would take a long time - days, maybe weeks. (All software has holes, the question is, how long it would take to find one.) Breaking into a site after two weeks of coding, trying different approaches, and failing does not make for a good movie. --Itinerant1 (talk) 12:25, 9 November 2011 (UTC)

suppose hacker can write a code but my question is where he run it? how can he apply that code to that website?we can only see the source code of a page ,not edit it.then this hacking thing works?In that movie in where he write that code ? — Preceding unsigned comment added by Nijilravipp (talk • contribs) 14:38, 9 November 2011 (UTC)

He could be writing a program to talk on port 80 on the server and fake some HTTP requests. He could be altering the get string of a URL to exploit a database query. He could be attempting to access the server itself through some exposed SSH or FTP connection. The movie is entirely fake. So, using that as a starting point is silly. -- kainaw™ 14:49, 9 November 2011 (UTC)

Here's a very simple idea of how these things might work out in the real world. Let's say a hacker wants to attack a website. The website is hosted on a server, which is just a computer somewhere in a big, air conditioned building. The hacker uses software to probe the ports (which connect the server to the internet) for vulnerabilities. "Ah ha!" says the hacker, "they have left port 125 open, which normally is used by some kind of obscure server software. If they haven't been applying all of their update patches, I can launch a buffer overflow attack on it!" To the hacker's dismay, the server is patched, and that attack won't work. However some further poking around on the website's interface itself reveals that shoddy coding has left its database exposed to an SQL injection attack. With this, the hacker is able to get details about the administrator account on the website, which eventually gets him into the control panel interface, which gets him FTP access, which lets him upload some malicious code and set it to regularly execute.

This is just a silly little example. There are more or less sophisticated types of hacks, ranging from pure social engineering ("Hi, this is Bob in IT. We're having trouble in your account — do you remember what your old password was? Thanks.") to very sophisticated technical attacks (discovering and exploiting a totally unknown vulnerability — e.g. using a zero-day attack). Web servers are complicated pieces of hardware and software, and web sites rely on many complicated programs (server software, database software, scripting software, etc.), any of which can have obscure bugs in them that allow people to get database information, execute arbitrary code, etc. Even just setting the permissions bits incorrectly can lead a savvy hacker to find lists of usernames and passwords, and so on.

Most of this is pretty time consuming and makes for poor television viewing, which is why on the TV the guy presses the "HACK" button and a little program with a skull and crossbones appears on the monitor and the files are copying but the bad guy is right outside and so on and so on — it's just to make sitting at a screen and typing look like something dramatic, as well as something comprehensible to your average non-hacker audience member (because having the hacker shout out, "Ah ha! An improperly escaped database query! Finally!" is not going to mean a lot to most people). --Mr.98 (talk) 19:38, 9 November 2011 (UTC)

More or less realistic hacking has been shown in some movies. 188.117.11.111 (talk) 18:46, 10 November 2011 (UTC)

Keep in mind that a lot of it is just script kiddies, people applying known exploits to easily found targets, and not necessarily a person doing personal investigation and "hacking" or cracking. ¦ Reisio (talk) 21:28, 9 November 2011 (UTC)

Also, the assertion was made earlier that "all software has holes" - which is not correct. It is theoretically possible to construct software - even network server software exposed to the internet - that has no "security hole." Proper, secured software can correctly implement a secure interface; it can be made impossible to gain unauthorized access to the server administrator's interface. For example, in the simplest case - suppose the system does not allow any user to log in except through the serial port. Even if you know the password, it is impossible to connect to the computer except via physical access. Buffer overflows, SQL injections, stack shooting, code injection - and other tricks - these are not "known limitations of all software" - they are results of incorrect or incomplete validation, usually attributable to system complexity and/or programmer incompetence. Nimur (talk) 22:55, 9 November 2011 (UTC)

Also worth noting is that a website is just a website. The CIA would be very foolish if they were to store their top secret information on the same machines that serve [1]. Cracking into their website is equivalent to spraypainting something on their headquarters. Now, breaking into a bank website or a webmail provider is a more serious matter, since valuable information is accessed through and provided to them. If cia.gov asks me for my email password, I'm probably not giving it to them. Paul (Stansifer) 22:02, 10 November 2011 (UTC)

video sharing questions

So, one of my films uploaded to youtube was just banned for no clear reason. Whilst trying to find out more, I happened upon discussions in the forums that suggest this is an increasongly common problem and that large numbers of people are leaving youtube to upload things at other sites that are a little less strict, however the poster of that comment didn't think to say where they were going, anyone have any ideas?

Meanwhile, whilst I'm here, any ideas on how to go about finding out the reason for the ban, the notice I recieved from the site was rather vague, and the terms and conditions even more so.

148.197.81.179 (talk) 13:34, 9 November 2011 (UTC)

Since you have gone to great attempts to ensure you didn't tell us exactly what the notice said, it is not reasonable to expect us to have any idea why the video was banned. -- kainaw™ 14:50, 9 November 2011 (UTC)

I'm not asking you to tell me why it was banned, I am asking where on that site I could go to ask the people that made the decision why they thought it should be, since they are the only ones that could really know. 148.197.81.179 (talk) 16:34, 9 November 2011 (UTC)

If DMCA was mentioned, it could be almost anything or nothing, and sometimes you can have the media restored by a similarly bureaucratic process of merely asking. Consider whether you included anything that violates YouTube's rules, including having used copyrighted media in a non-fair use fashion. YouTube alternatives. ¦ Reisio (talk) 21:31, 9 November 2011 (UTC)

I can't see anything in the rules, it was a film I recorded myself, in my bedroom, with no music, there was nothing like the things they say not to include, racism, nudity, inciting people to commit crime, that sort of thing. Anyway, just as an update, I thought I had found a few things that were slightly controversial, removed them and refilmed it much shorter and simpler, with almost nothing happening, and that got banned as well, even though I do little more than sit on my bed juggling with a bunch of tennis balls. I can only assume someone has deliberately targeted my account, or that there is something barely visible on the edge of the shot which looks almost like something that is not allowed. Or perhaps it is because there is a child's toy visible in the shot, and you are no longer allowed to have an adult and anything child-related in the same image any more. I have appealed against this decision, and fully expect them to completely ignore me again. Perhaps I can write them a letter asking for an explanation? 148.197.80.214 (talk) 18:15, 10 November 2011 (UTC)

Here's the generic "get in touch with YouTube because they say you violated the TOS" page. I'm not sure we can help you with anything more specific if you don't actually reproduce the message they've given you here. If you're in the dark about their motivations, we're doubly in the dark. --Mr.98 (talk) 21:09, 10 November 2011 (UTC)

Case sensitivity in Oracle DbCommand in C#?

Today one of our customers reported they were getting an error "ORA-01036: Invalid variable name/number" in one of our products. It turned out that the reason was that the code was creating an Oracle DbCommand with SQL such as "select name from record where id=:id" and then adding a DbParameter to the SQL with the name ":ID". Changing the name of the DbParameter to ":id" seemed to fix the problem. I thought SQL was supposed to be case insensitive, when it comes to the language itself (values of string type columns are case sensitive, natch). Why is this? Is it somehow specific to Oracle, and if so, is it specific to a particular version? JIP | Talk 21:52, 9 November 2011 (UTC)

http://webchat.freenode.net/?nick=JIP&channels=##oracledb ¦ Reisio (talk) 03:57, 10 November 2011 (UTC)

Reisio, is there some reason you believe that the random channels on Freenode constitute reliable sources? You often post links to the IRC network as if it were an authoritative source of information. Why not point to, say, the official Oracle documentation?

Comment to JIP: The official OracleDB help system is already installed, if you have a standard Oracle system.

Also, it's not clear to me from your post whether ":id" is a string literal or a result of another SQL query - if it's a string literal, it should be case-sensitive. What is ":id" actually matching on? Nimur (talk) 17:38, 10 November 2011 (UTC)

":id" is the name of a DbParameter. Its value is a string literal. It is used something like this:

DbParameter param = new DbParameter();
param.ParameterName = ":id";
param.Value = "foo";

This is supposed to bind the string literal "foo" to the parameter named ":id", so the query "select name from record where id=:id" becomes "select name from record where id='foo'". Now I know that string literals are case sensitive in SQL. I am fully aware that "select name from record where id='foo'" and "select name from record where id='FOO'" might return different results. My question is, if I replace the above code with this:

DbParameter param = new DbParameter();
param.ParameterName = ":ID";
param.Value = "foo";

Why does it cause an ORA-01036 error? JIP | Talk 19:34, 10 November 2011 (UTC)

Hm. I've never been an Oracle expert, but it looks like, in the case you describe, ":ID" and ":id" should both work. It's going to be hard to ascertain if the error is on the Oracle side, or in the MSDAORA driver.

My best advice is, assume this is case-sensitive, even if it ought not be. There's a little bit of description here, in the Remarks Section of the OracleParameter documentation. There are a few corner-cases where the C# string is parsed by the driver differently than it would be parsed by a SQL interpreter - for example, white-space-padding. Parameter names shouldn't be case-sensitive, per that doc, but "a bug exists." Consider filing a bug with Microsoft, or with Oracle. Nimur (talk) 20:34, 10 November 2011 (UTC)