Wikipedia:Reference desk/Archives/Computing/2014 October 14
Computing desk | ||
---|---|---|
< October 13 | << Sep | October | Nov >> | October 15 > |
Welcome to the Wikipedia Computing Reference Desk Archives |
---|
The page you are currently viewing is an archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages. |
October 14
[edit]Spreadsheet help
[edit]My local animal shelter puts out collection boxes on store counters for people to put their loose change in. The staff member that oversees this project has a spreadsheet, which she has shared with me, where all the info is kept. That info includes the store's name and address. It also lists the date that the collection box was emptied and how much was collected on that date. She's been keeping the date each box was emptied and the amount that was in it in the same cell (I know that will have to change as keeping two data types in the same cell simply won't work). Not all the boxes are emptied on the same date since there are several volunteers (I'm one of them) who go out and pick up the cash, and not every volunteer collects on the same day. Also, some boxes are emptied twice a month during tourist season. I have one like that but other people might have more lucrative boxes which are emptied more often, I don't know.
What she'd like to be able to do is to be able to see which boxes are not bringing in very much money. She'd then make the decision to pull those boxes and put them in more lucrative places. The boxes are expensive, so just throwing more boxes at the problem isn't the best way to go at it.
I don't have a huge amount of experience with Excel but I'd like to help her clean this up a bit and make it easier to use. What I'd like to do is make it so that she can see a graph of each box's proceeds over time. For instance, if the box is continually brining in less than, for example, $10 per month, then the graph would make that clear without having to scan through a bunch of numbers.
So, does anyone have any tips on how I might achieve this? Thanks, Dismas|(talk) 06:13, 14 October 2014 (UTC)
- A graph for every box seems like too much info, to me. I'd think that once you separate the data into the proper columns, and ensure that money is recorded as money or at least a numeric field, and date is really recorded as a date, not character or some other format, then you could just find the daily average as the amount collected divided by the number of days between the current collection and the previous collection (the box installation date should be listed as the first collection date, with $0 collected). Report that in a new column.
- You might also want a long term average, say by dividing the sum of all the money collected at that location by the total number of days since the box was first installed. At the bottom of the short term and long term daily averages, you could list the worst performing box in each category, in case you need to find one to move to a new location.
- Note that when a box is moved, you should start a new row, not continue on the same row, as then you'd have combined long term average info for both locations. Fill in cells in the old row with the closing info on the old location, then enter a zero collection for the new location on the new row. The date should be entered twice, once for each row.
- A graph would only be useful if you need to study trends, in detail, at each box, and it would require running a report to generate the graphs, while the method I proposed would be calculated automatically and added to the spreadsheet, as soon as you enter the data for each box. StuRat (talk) 17:49, 14 October 2014 (UTC)
- @Dismas: I think what you want is essentially a cumulative distribution of money over time for each box. For each box, start a new column (or row, whatever) to hold the amount of money accumulated. Then just put in a formula that adds each withdrawn amount to a running total. So if box A withdrawals are in in column A, then column B should be something like B1=A1, B2=B1+A2, ... BN=B(N-1)+AN.
- This is simple, but it only makes sense to compare cumulative totals when the last withdrawal is roughly the same date. To facilitate graphing, I'd change mm/dd/yy (or dd/mm/yyyy, etc) values to day of year values, so that they are easier to plot/manipulate (Excel can do this with built-in functions, as described here [1] [2]). If you have a new column of DOY dates, then you can just use a line plot of DOY vs cumulative box total to compare many boxes total returns over time, even if the withdrawals are at different times and frequencies.
- One of these links might help you split the date/value column into two columns [3] [4]. Make sense? SemanticMantis (talk) 19:04, 14 October 2014 (UTC)
WinRoute Pro problem
[edit]I know this will be upsetting reading, but please bear in mind that we are using ancient hardware and software due to company frugality and a 'that's the way it was always done' philosophy.
We have WinRoute Pro version 4.1 running on a Windows 2000 server that collects emails from the sky and spits them out into Eudora on the appropriate workplace PC. The company has recently moved locations. For some reason, our current ISP (Demon) was unable to provide broadband on the new location's phone line. One Bill now supply our broadband and we retained Demon's services hosting our website and email which is now 'forwarded' (?).
Our current problem is that WinRoute is now very confused and while it happily collects our email and spits it out at the right person, none of us are able to send any email, unless it is to another Demon address. We are temporarily getting around this by using webmail.
Too many people have tried to sort this out and everyone has received different advice and opinions from the helplines we have phoned. The last advice is that we need to change the port number from 25 to 587 as the mail is only able to be delivered to that in the Demon ip range. I've changed the relay SMTP server back to smtp.demon.co.uk and changed the SMTP port to 587 (no 465 was also suggested) but I am still getting the same message:
Mail server: WinRoute Pro 4.1 at xxxredactedxxx Error description: message could not be delivered, server replied: 503 This mail server requires authentication when attempting to send to a non-local e-mail address. Please check your mail client settings or contact your administrator to verify that the domain or address is defined for this server.
What have I missed out or not done?
Many grateful thanks in advance for any hints you might be able to share. 89.243.208.99 (talk) 14:01, 14 October 2014 (UTC)
- It sounds like smtp.demon.co.uk (that name is mentioned in the delivery failure message, right?) notices that you're connecting not from a Demon IP address, so it demands authentication. You might be able to get Demon to add a rule to recognize your IP block with One Bill (especially if that IP range is small/static). Otherwise, you might be able to teach WinRoute a username/password or similar to use with Demon's SMTP server, but there might not even be such (the message might really mean "we don't allow mail from your IP without special permission that it is impossible to have"). Why not use One Bill's SMTP server for outgoing mail, though? It doesn't matter if it's different from the server you use for incoming… --Tardis (talk) 01:50, 17 October 2014 (UTC)
I'm reading about the how thousands of private photos have been compromised by malicious third-party apps using Snapchat's API.[5] The main point of Snapchat is that it's supposed to protect the user's privacy. What I don't get is why Snapchat has an API to begin with. Having an API seems like a really, really bad idea. Why not have a close system like Skype? AFAIK, it's not possible to create a third-party Skype app. A Quest For Knowledge (talk) 14:05, 14 October 2014 (UTC)
- As far as I can tell, Snapchat doesn't have a public API, so it's like Skype in that regard. Various people have been reverse engineering the internal API that the various official Snapchat clients use to talk to their server, and then using that information to write their own Snapchat clients (which do stuff the official ones don't). Doing that is contrary to their terms of service, and they've apparently been trying to block these other apps, by technical
and legalmeans. -- Finlay McWalterᚠTalk 14:18, 14 October 2014 (UTC)
- hmm, I'm not sure they've actually C&D-ed anyone, and there's certainly lots of documentation of the private API and various projects on sites like Github which use it. -- Finlay McWalterᚠTalk 14:27, 14 October 2014 (UTC)
- Google did remove a large swathe of unofficial Snapchat apps, which worked by the means I've described above, back in January - presumably at Snapchat's request. As most Android devices allow sideloading apps even without rooting the device, some of those apps remained available as APK files after that. -- Finlay McWalterᚠTalk 15:25, 14 October 2014 (UTC)
- It's a fundamental problem - whenever you have an online service, part of the code lives in the client's computer and part off on the server someplace. Those two parts generally need to interact - and for that to happen, there must be some kind of API. Worse still, the client-side part is available to any user of the service to examine and reverse-engineer...especially if you're using a web/browser-based system where the client is running JavaScript...and it's really tough for the server-side code to know when it's being activated by the intended client software or some reverse-engineered malware. SteveBaker (talk) 16:26, 14 October 2014 (UTC)
- Difficult, but also not impossible to improve the security. Theoretically some of the software token techniques described by Security_token#Password_types could be used to assess the authenticity of the client. I doubt snapchat can afford to distribute physical tokens or dongles with their business model, but I don't think there's any theoretical barrier to establishing client identity/authenticity on the server side... right? SemanticMantis (talk) 17:07, 14 October 2014 (UTC)
- Anything the client can do to authenticate itself can be spoofed. Even a dongle wouldn't change that, since the dongle can't know whether a legitimate client is using it except by some sort of authentication protocol which could also be spoofed. -- BenRG (talk) 20:15, 14 October 2014 (UTC)
- The signed message produced by the dongle could, instead of simply saying "this client (tells me it) is OK", actually be the request that the dongle had vetted. --Tardis (talk) 13:25, 15 October 2014 (UTC)
- Do you mean that in the same sense as "any encryption can be in principle broken"? Maybe I should ask a new question, because while I grant the concept in principle, my understanding is that related encryption/authentication schemes could be deployed so as to make spoofing roughly as difficult as breaking modern encryption schemes (i.e. possible, but highly unlikely unless the breaker has huge amounts of time, money and expertise). SemanticMantis (talk) 16:39, 15 October 2014 (UTC)
- The only ways I can see for this to work are:
- The dongle has its own display screen, and it decrypts, displays, and erases the image entirely within the dongle.
- The app contains an authentication secret, and the OS and the hardware it runs on use ubiquitous encryption to prevent anyone ever seeing any of the app's code to extract the secret.
- The OS doesn't allow apps to send arbitrary data to the server; for example, each app has some sort of unique ID and other apps can't transmit that ID.
- All of these are very difficult to implement, and none of them can be done by an Android app acting alone.
- Normally the purpose of a dongle is to prevent anyone who lacks the dongle from authenticating. Here, the adversary has the dongle, and has the Snapchat account password, and is in fact the intended recipient of the image. There's nothing the client can do to prove to the server that it will delete the image after displaying it.
- The best you can do is obfuscate the client code and hope that no one will bother to spend the additional time it would take to extract the secret. Even then you can bypass the obfuscation by running the app in an emulated environment and scraping the images from the emulated screen. -- BenRG (talk) 05:01, 16 October 2014 (UTC)
- The only ways I can see for this to work are:
- Anything the client can do to authenticate itself can be spoofed. Even a dongle wouldn't change that, since the dongle can't know whether a legitimate client is using it except by some sort of authentication protocol which could also be spoofed. -- BenRG (talk) 20:15, 14 October 2014 (UTC)
- Difficult, but also not impossible to improve the security. Theoretically some of the software token techniques described by Security_token#Password_types could be used to assess the authenticity of the client. I doubt snapchat can afford to distribute physical tokens or dongles with their business model, but I don't think there's any theoretical barrier to establishing client identity/authenticity on the server side... right? SemanticMantis (talk) 17:07, 14 October 2014 (UTC)
- Q:What I don't get is why Snapchat has an API to begin with. A: Microsoft insist on third parties having micrsoft's closed sourced API (interfaces) to protect microsoft's manopily. Then microsoft can (and do) claim payments from security companies that can only retroactively try to fix microsoft's security sort commings. That is why it is often quoted that Windows is defective by design. Nuff said? ! ! !--Aspro (talk) 19:19, 14 October 2014 (UTC)
- [citation needed] [citation needed] [citation needed] for the claim Microsoft insists on third parties having Microsoft's close source APIs. If you interact with Windows or any other Microsoft OS, you do have to use Microsoft's APIs (although the level can vary greantly, you can use open source APIs which interact with Windows in a low level manner many don't recommend or find produces poor results if you want), just as you would any other OS, like for example with Apple's largely closed source APIs (although they lower level APIs tend to be open source). Of course as others had already pointed out, this has little to do with why Snapchat is vunerable. In fact, while security by obscurity is generally a bad idea, in this particular case there is actually a minor advantage to a closed source operating system in that if you OS doesn't provide a means to monitor the apps network and other activity, you could easily customise your open source OS to provide such functionality. That said, it's a very minor advantage. E.g. for network activity all you need to do is monitor outside the device. And you could always hack whatever functionality in to the OS if really needed. It's also a moot point since Android (and Windows) intentionally allows that level of debugging functionality to the end user on certain devices if they want it. Actually the design of most OSes probably means the functionality is there or can be added, just perhaps disabled, not only without a means to enable it but intentionally made difficult to even try (iOS and I think Windows Phone and some Android devices). In any case, Snapchat doesn't even have an official Windows Phone client [6] do I don't get the relevance of your random rant. Nil Einne (talk) 07:15, 15 October 2014 (UTC)
- Need a citation ah! Here is a good WP type reliable ref: “it is well established that a monopolist generally has no duty to cooperate with its competitors.” [7] So, Novell (as is now on legal record) could not get access to the updated microsoft's API's. Try and develop ones own API's in the dark leads to all sorts of problems. Your quote: In any case, Snapchat doesn't even have an official Windows Phone client... Now you know why! Now microsoft wants to promote its own version of Snapchat (just as it wanted to premote Word over Novells Wordperfect. Et cetera, et cetraa. Snapchat is under attack by forces that want it to look bad so that they can more easily capture (by good means or foul) Snapchat's market segment. One does not have to have a diploma or degree in Kindergarden dynamics to see this.So most of your other comments are now moot.--Aspro (talk) 16:20, 16 October 2014 (UTC)
- Finally: Google is your Friend, but you don't seem to understand![8]. This is the result of 20 seconds of googling....See: Microsoft builds Snapchat-like WindUp for Windows Phone. Why should microsoft allow Snapchat access to authentic microsoft API's, that other developers can then use to dilute microsoft's monopoly? A leopard cannot change its spots! So I stand by what I say. Snapchat is boxed into using their own unofficial API by the actions of a big monopolist bully. Meaning that, other independent developers are liable to introduce security weaknesses if they misuse Snapchats guidelines. Is that Snapchat's fault, when they are being forced to work in the dark? Over to you that where born knowing everything but understanding nothing!--Aspro (talk) 18:04, 16 October 2014 (UTC)
|
iOS 3rd party app interactive notifications
[edit]Maybe I'm missing a trick, but I can't see to find any options in my iPhone settings for interactive notifications. The reason I'm asking is because I can reply to iMessage and SMS from the lock screen using the interactive notifications, but none of the third party apps I use let me, and I'm not seeing where I can activate the functionality. I googled it, but all the guides say, I can activate/deactivate interactive notifications 'from Settings' but doesn't specify where.
I am aware that some of the apps may not yet have this functionality added, so if you know whether Facebook, Line, WhatsApp and WeChat allow this yet, please let me know. I'm thinking Facebook does because I saw some article about being able to reply to wall comments etc somewhere.36.225.87.98 (talk) 14:58, 14 October 2014 (UTC)
- They're probably not "notifications", but "widgets" (small mini-views of an app, intended for use on screens like the home screen). As far as I can tell (I'm not so up on IOS things as Android), IOS8 added the ability to add widgets to the lock screen. This may help you do that yourself. It seems that IOS7 didn't support 3rd party widgets on the lock screen, unless one rooted the phone with Cydia or the like. -- Finlay McWalterᚠTalk 16:20, 14 October 2014 (UTC)
- No, it's definitely notifications. When I get an SMS since the update to iOS 8, I can reply from the lock screen by sliding left and typing. Apparently this should work with Facebook and Line... but it doesn't. Like I said, all the guides say the ability to do this can be toggled 'from Settings' without saying where specifically. I'm not sure if those apps have been updated to allow this function.36.225.82.45 (talk) 16:10, 15 October 2014 (UTC)
Word menu disappeared
[edit]I'm not sure I have the terminology right here, but Microsoft Office 2010 programs (including Word) have at the top menu labels (File, Home, Insert, Design, etc.) with sub-menus where you can click to do such things as center text and make it bold. I clicked a button that made the sub-menus go away, and I don't know how to reverse that action. Can anybody help? Thanks. --Halcatalyst (talk) 21:10, 14 October 2014 (UTC)
P.S. The icon was in the far upper right hand corner, and I was just curious what it was for. I hate it when I go somewhere and can't find my way back. --Halcatalyst (talk) 21:49, 14 October 2014 (UTC)
- If you still have the help question mark icon, you can click that and type in the keywords you want, then bring up a link to change the setting. StuRat (talk) 23:27, 14 October 2014 (UTC)
- Thanks, this suggestion led me to the solution. The state I was in is called Read View. It's designed to allow more space when you just want to read the document. The other options are Print Layout, Web Layout, Outline and Draft. If you're in Read Mode, you hit View and then choose Edit Document to see the writing tools and menus again. --Halcatalyst (talk) 00:02, 15 October 2014 (UTC)
- You're quite welcome. I'll mark this Q resolved. StuRat (talk) 01:28, 15 October 2014 (UTC)
Installing 1333MHz RAM into a 1066MHz machine
[edit]My older computer takes 1066MHz DDR3 RAM SO-DIMMs . However, I'm having trouble finding that speed in retail stores in the 8GB density I want. What risks (if any) is there of installing 1600MHz or or 1333MHz DDR3 SO-DIMMs? I'm assuming the faster RAM will merely run at the maximum 1066MHz that my motherboard accepts? --76.95.37.3 (talk) 22:04, 14 October 2014 (UTC)
- Yup. And even slower too, because it gets bottlenecked. Stick with 1066 if you can find it. I have no idea what computer you have, but probably something like this. KonveyorBelt 22:14, 15 October 2014 (UTC)
- Can you provide any evidence to support "even slower too, because it gets bottlenecked"? I'm pretty sure that's false.
- Faster RAM will most likely work. Higher-capacity DIMMs may or may not work. You should check what your motherboard, or prebuilt machine, supports. If it does work, I really doubt it will be slower than slower-rated RAM. -- BenRG (talk) 22:28, 15 October 2014 (UTC)
- I just bought some PNY DDR3 PC3-12800 RAM and on the packaging it says "compatible with 1600MHz, 1333MHz, and 1066MHz". So I guess that answers that! Thanks for your help! --Navstar (talk) 18:30, 17 October 2014 (UTC)