use strict;
use WWW::Mechanize;
use HTTP::Cookies;
use JSON;
my $URL = "http://localhost/chatbot/rivescript.pl";		# == the URL of the RiveScript chat bot
my $MSG = $ARGV[0];						# == the message to pass to the bot
# == setup the json interface
my $json = JSON->new->utf8->pretty;
# == setup the web interface, with a permanent cookie jar
my $mech = WWW::Mechanize->new( 
     cookie_jar => HTTP::Cookies->new( file => "cookies.txt" , autosave => 1) 
# == post a message to the bot
$mech->post($URL,{ message => $MSG });
# == decode the json output
my $vars = $json->decode($mech->content);
# == display the reply
print $vars->{reply} . "\n";

Within chatbots I believe there should be a core set of knowledge files, call it an operating system, for lack of a better term.  I call it BotOS, which essentially is common knowledge a bot needs to survive.  What I mean by that, is that some things a bot should just know, regardless of it’s personality or purpose.

These are (but not limited to) :

  • A list of substitutions (if I say “what’s”, you know I meant “what is”)
  • A list of person substitutions (if I say “I am” you say “you are”)
  • A list of common spelling mistakes (If I say “becuas”, you know I meant “because”)
  • A list of common redirections (if I say “Where is your house”, you know I meant “Where do you live”)
  • A list of arrays (grouping pork, beef and lamb as meat)

To promote cross collaboration, I’ve decided to host the data file on Google Docs.  Every night, a dump is taken from the file, and converted into an equivalent A.I. text file.  Currently only RiveScript is fully supported, and partial support for AIML.

Update - The Google Docs idea is not working.  I’ll work on something like a Wiki interface.  For now, I’ll maintain the data files.

The resulting files could (in theory) be placed into the same directory as your bot, and start to enhance it’s understanding with the built-in redirection, and also help with the common spelling issues.  However as we’re just starting out, there’s still some work to be done for the BotOS to become a real game changer.

If you would like to contribute, email me with the data you’d like to add in, and I’ll be more than happy to paste it in.  If you’d like to be an active participant, I’ll be more than happy to share the document with you, provided you’ll abide by playing nice, and work towards the spirit of collaborating and improving chatbots overall.

And of course, if you have your own bot language that I have not covered yet, or you find a mistake in some of the code, let me know.  I’d be more than happy to adjust the code to cater for that requirement.

Data files

These files are updated from time to time.  All (except personality.rs) can be dropped in place of your existing bot, and it should enhance the bot’s ability to respond.

  • Substituions, spelling, array and reductions – begin.rs
  • A core set of chatbot rules - core.rs
  • A personality variable file to support the core rules – personality.rs
  • Some factual knowledge (still early days) – knowledge.rs

Some legal stuff

By contributing your content, you are allowing others to benefit from your work.  BotOS may be used in any bot application, be it a hobby or commercial, free or paid.  It doesn’t matter.  You just can not sell a clone of BotOS as your own.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

use strict;
use Win32::OLE;
my $v = Win32::OLE->new('SAPI.SpVoice');
$v->Speak('Hello world');

If you have a bank card, chances are that you have the Paypass feature.  Paypass basically lets you pay for goods and services with your credit card by simply “waving” it at the terminal.  On top of that, there is no need to enter a pin for some transactions up to $100.

Now if that doesn’t scare you, it should.

The only reason they are using Paypass is to get customers quicker through the checkouts at the busy shopping centers.  That means more business, and more money for the big companies.  I’m sorry, I insist on using the chip every time.

Risk 1 – someone can scan your card without you knowing

Yes, this can happen.  Since it is a proximity card, there is a risk that someone can stand next to you, and activate the card without you knowing.

Risk 2 – paying the wrong amount

If the merchant enters the wrong amount, chances are you’ll just “scan & go”, not realizing that they’ve overcharged you.  This is thanks to the pinless transaction.

I complained to my bank about it, and they were hiding behind the fact that it’s actually Mastercard who controls it.  They have “no influence over it”.  I asked if I can get PayPass disabled, and they said no.  The only thing they could do is issue me a debit only card, but then I won’t be able to purchase online, or use my card overseas.  Bummer..  They are forcing me to use this insecure technology.

What does Mastercard have to say about it?  Numerous people (including myself) have commented to Mastercard on their Facebook page, and the standard boiler-plate response from them as as follow :-

We understand that you have some concerns relating to PayPass functionality. The inclusion of the PayPass functionality on MasterCard cards is part of an industry wide upgrade with all MasterCard cards in Australia to feature the contactless payment technology within a couple of years. Rest assured even with the PayPass functionality enabled, MasterCard customers are still protected by the Zero Liability Policy: http://www.mastercard.com.au/zero-liability.html for any unauthorised transactions. Additionally, the banks use sophisticated fraud detection software that can identify unusual purchasing behaviours and patterns and can block the card. In the unfortunate situation where cards are lost or stolen irrespective if an unauthorised transaction occurs via PayPass or by the traditional dip and swipe manner, customers are protected.

We hope this answers your queries.

MasterCard Australia

Seriously Mastercard ??

The fact that the entire industry is upgrading it does not make it safe or secure.  When you take away my power to choose when my card can be charged, it is not secure anymore.  Policies like “Zero Liability” is a joke, because as soon as a bogus transaction is noticed, it might be too late, and my kids will go hungry because all my money will be gone.  I am sure they will require me to go to the bank, fill in numerous forms, and prove to them why I should get my money back.  They are not going to make it easy.  And for the fraud protection?  Come on… I know business intelligence solutions have come a long way, but we’re talking about millions of transactions a day, and correlating all that information is no easy task.

There is a way to disable Paypass, although the banks may not recommend it (and it may actually break the card), but if you’re concerned about the security of Paypass, maybe this is worth looking into.

I am very happy with my SSL certificate installation!

That’s right… All of massyn.net is now running as an encrypted site.  I just managed to finish up the last bit of config on my .htaccess file, and WordPress is also very happy with running on SSL.

I’m really glad I switched to my own virtual machine..  This is very cool.

So you have that favourite song that you’d like to turn into a ringtone on  your iPhone, but Apple is just making it so darn difficult.. Have no fear.  This procedure will describe how you take your audio clip and turn it into an iPhone ringtone.

  1. By now you probably have the audio clip that you’d like to ringtone.
  2. Edit the clip in your favourite audio editor.  If you don’t have one, Audacity works just as well.
  3. Strip out no more than 30 seconds of audio.  This is important!  It won’t work if it’s longer than 30 seconds.
  4. Save the 30 second clip as a WAV file.
  5. Import the WAV file into iTunes.
    1. Open iTunes
    2. Click File, Add File to Library
  6. Convert it to MP4
    1. Find the imported file in the iTunes library
    2. Right click on it, and select “Create AAC version”
    3. When it’s converted, you will see two files in iTunes.
  7. Find it in Windows Explorer.
    1. Right click on the newly created music file, and select “Show in Windows Explorer”
  8. Rename the file’s extension from a m4a file to a m4r.
  9. Import the newly renamed m4r file into iTunes again by clicking on “File”, “Add File to Library”
  10. Now when you open up “Tones” in iTunes, you’ll see the ring tone.
  11. Sync the ring tones to your iPhone like you would any other song.

I travel on the train every week day, so the the Opal card roll-out in Sydney would certainly affect me.  I was trying to hold out as long as I could, but it would seem the paper tickets will start to fade away, so I might as well get on board.

One thing people have been saying, is that Opal is more expensive.  When you look on the Opal website, they are very quick to explain how will save a whopping $1 on a ticket.  Ok, that’s great.. or is it..

Let’s compare..

A weekly train ticket (according to the said website) from Wyong to Central would cost $60.  Comparing this to the paper tickets, we get the following :

Type Cost for 1 week Cost for 2 weeks Cost for 4 weeks
Opal $60 $120 $240
Adult weekly $61 - -
Fortnight Adult - $122 -
Adult Monthly - - $222

I have logged a question to Sydney Trains to find out what the deal is. It just seems wrong that they would send so much propaganda around the “saving” on a weekly ticket, but neglect to say that you will now cough up more since you’re travelling on the train monthly.

Watch this space… I think I can already predict what Sydney Trains is going to say to me.

I remember growing up, we attended some church seminars.  The one I remember, was the subliminal messages that are embedded in rock music.  I distinctly recall the preacher citing Queen’s “Another one bites the dust”.  The theory was that if you play the song backwards, you’ll hear the message : It’s fun to smoke marijuana.  I tried it (playing the song backwards!!) and I don’t hear the message.

Then there’s also the talk about how barcodes are the devil!  Yep, this preacher had it in his mind that the introduction of barcodes is the sign of the end times, and how it relates to the mark of the beast as written in the book of Revelations.

Really?  How can this little image be the mark of the beast?  It’s data encoding.  It’s a mechanism to represent data in a format that is easy for a computer to read, to improve the management of materials in a distribution center, reducing human error when capturing the numbers, and improving performance in capturing data.

There is no security built into a barcode.  Any one can read it, any one can produce one.  You will not get a barcode tattooed on your forehead.  The chances of someone copying it and pretend to be you is huge, so no, it won’t happen.

So fellow Christians, I love you guys, but really, please do your research into topics before you get on your soap box trying to save the world.  Sometimes you make the rest of us look like a bunch of idiots.

I think it was back in 2009 that I wrote the Yubikey authentication modules.  One authenticates against the Yubico servers, the others will decrypt the code itself.

I do recall someone making a comment that they would have liked to see some server code in action, so I decided to do it.

Head on over to Github, and download the yubikey-server.  It’s just a few perl scripts with a mySQL backend, that plugs into my decrypter module.

A few things to keep in mind… This server has not been security validated yet.  I’m putting this up as an example on how you could do your own authentication using the Yubikey hardware.  For one, I’m not particularly proud of storing the AES key in clear text in the mySQL database, but since this is only as an example, I don’t really mind.

The repository is on Github, so I don’t see a need to prevent it’s development from continuing.  So if you’re keen to know how to do your own authentication, head on over and have a look at the code.

I started using the Google Authenticator app on my iPhone, and started researching how the TOTP algoritm works. With a bit of research I managed to get the algorithm working in Perl.

# Phil's Google Authenticator code in Perl
use strict;
use Digest::SHA qw(hmac_sha1);
use Convert::Base32;
my $otp = &generateOTP('abcd efgh ijkl mnop');
print "Your OTP is $otp\n";
sub generateOTP
	my ($key,$interval) = @_;
	# Turn the key into a standard string, no spaces, all upper case
	$key = uc($key);
	$key =~ s/\ //g;
	# decode the key from base32
	my $key_decoded = decode_base32($key);
	# Read the time, and produce the 30 second slice
	my $time = int(time / 30) + $interval;
	# Pack the time to binary
	$time = chr(0) . chr(0) . chr(0) . chr(0) . pack('N*',$time);
	# hash the time with the key
	my $hmac = hmac_sha1 ($time,$key_decoded);
	# get the offset
	my $offset = ord(substr($hmac,-1)) & 0x0F;
	# use the offset to get part of the hash
	my $hashpart = substr($hmac,$offset,4);
	# get the first number
	my @val = unpack("N",$hashpart);
	my $value = $val[0];
	# grab the first 32 bits	
	$value = $value & 0x7FFFFFFF;
	$value = $value % 1000000;
	return $value;