Posted on

Ant Colony Optimization

I found this interesting article in Wikipedia about Ant Colony Optimization Algorithms. The basic idea is that collective intelligence can result from a big number of repetitions of very simple efforts. In the case about ants, the paradoxically best features of their simple effort (leave a trace back to food while taking some of it back to the nest) is that ants look for food by means of random walks (this guarantees they’ll find anything in their area) and the trace they leave vanishes after some time (this guarantees they’ll concentrate on shortest paths from nest to food).

Many crowd based ideas somehow relate to this algorithm, but they are much more complicated than needed. The hope is that if we as humans apply our intelligence to imagine a possibly optimal result we’ll save time, also collectively. What bothers me is that ants do not need this individual intelligence to find a solution that collectively is optimal. So I’m wondering if we are not really losing time paying attention to unneeded details.

 

Posted on

About the Barcelona Internet Startups Meetup Group

This is a suggestion I posted on 2012-02-27, and I’m still waiting any feedback.

I’ve been to both Speed Dating meetups as a tech guy. The last time I had the chance to listen to more interesting projects. That’s good.

At the last meetup, I think we were like 20 techies and 60 entrepreneurs. This is 20 x 60 x 3 minutes each = 3600 minutes of 2 people chats. Those 60 hours could be run with a parallelism of 20 at a time, so they could boil down to a 3 hours meetup at least. In reality, it lasted less than two hours, still enough to meet (theoretically) around 40 different entrepreneurs, but I only met 7 ! (it’s 10%)

This is not a complain, just a surprise. I know how difficult it is to have people come, so if this group was not successful, there wouldn’t be such an issue. However it looks like there is space for improvement.

If I went to a speed dating to find a partner to ask out (http://www.youtube.com/watch?v=pYBo5eS5pW8),
1: men and women are the same number
2: age is a big factor which is taken care of beforehand
3: before actually speaking to anyone, I can see how they look like
4: when we meet at last, we have limited time to understand if we match

In our meetups,

1: parallelism. We should be the same number for each role; if we are not, either (a) move extra people to the next meetup or (b) make them play another role.

2: age. IMO, this is the size of the idea (and maturity of the business, if any). It’s not the same to meet someone who needs a web presence to brand themselves; someone who wants to reach millions of people around the globe; someone who got an idea while having a shower; and someone who is growing the proven business they are expert in.
NOTE that we do not have to filter out members based on this factor, but we should know beforehand the size of their startup effort.

3: likability. This is mostly some details about the idea/team. Who is the leader, who are the other members, what do they do, what are they expert in, what is the idea about, is it selling a product, a service, a software, is there a website to look at, … And finally, it’s not the same to be looking for an associate or an employee.

4: matching. If we get here after knowing all of the above, it’s clear that a lot of time is already saved. This step is not for pitching ! Here we just need to say hello, get a gut feeling about the other and fix any misunderstandings.

Posted on

How to make the WordPress login for your personal use only

Limit Login Attempts is a very good WordPress plugin that limits how many login retries an IP can perform (and fail) before being locked out some time. I cannot recommend it enough: it works like a charm and can be tweaked at will. It also notifies you about lockouts, so that you know if someone is trying to gain access to your site. Of course you still need a strong password.

 

Let’s see how a login would work in the real world. If the blog was a house, the login page would be the door and the login button the doorbell. A guest comes to the door, slides their business card below, and rings the doorbell. The gatekeeper wakes up, collects the business card, checks guest’s credentials against the list of people allowed to get in. If there is a match, the gatekeeper opens the door, otherwise goes back to sleep.

In a brute force attack, a guest is trying to get in by submitting ever changing business cards to the gatekeeper, hoping to find a match by mere chance. When such an attack takes place, the gatekeeper is doing a lot of “useless” work, and soon they’ll ask for a raise.

To prevent that, the master provides the gatekeeper with a scanner for business cards that reveals the factory (IP) that made them. Automatically, the scanner rejects any guest whose credentials are written on a business card made by the same factory of the business card of a guest whose credentials were not on the list. This is Limit Login Attempts.

It’s a nice mechanism that in general will work very well because many guests make their business cards themselves. Additionally there are so many commercial factories around that the risk of a rightful guest to be using the same factory of a gatecrasher is very small.

 

Limit Login Attempts has been doing quite a nice job since I installed it, but lately non desirable people have started sliding below the door business cards made by many different factories, thus reducing a bit the effectiveness of the scanner. Along time, I went through all these levels of annoyance.

  1. Just ignore them.
  2. Write a sarcastic post about them.
  3. Tweak the scanner to block more and faster.
  4. Destroy the doorbell.
I never have guests on my list: it’s always just me at the door. So I do not need a doorbell because I can call the gatekeeper and trust them to recognize their master’s voice. Of course, I still present my credentials.

Step 1 of 2 – Edit the wp-login.php file

In your WordPress blog directory there is a file called wp-login.php. It’s the file that shows the login page. At the very beginning, after the statement that reads {[ .wp-login-start | 1.hilite(=php=) ]} insert the following lines of PHP code {[ .my-login-server | 1.hilite(=php=) ]}

What these lines do is to check if the user has submitted a login form with a given challenge/answer pair. In this example they are doit/now. If the pair is there, then the login form is processed as usual, otherwise the user is redirected to the home page.

Of course you MUST NOT use doit/now, but feel free to choose any other pair of words that you can easily remember, possibly unrelated, like spoon/pig. (sorry, now you cannot use that pair either) Use only letters a through z. (this is not a password !)

That pair is your secret. Do not tell anyone, unless you want them to be able to get through the login page.

Step 2 of 2 – Add a bookmarklet to your browser

Edit the following code such that the challenge/answer pair matches the one used in Step1. Then make a bookmarklet out of it, copy the result in a new bookmark and call it My login. {[ .my-login-client-safer | 1.hilite(=javascript=) ]}

What these lines do is to add a challenge/answer pair to the login form and submit it.

When you want to login, go to the login form and enter your username and password as usual, but remember to hit the bookmarklet instead of the standard button. (If you used the standard button you’d be redirected to the home page, without logging in.)

A Login Dongle Plugin

I’ve already made a Login Dongle plugin for WordPress with all that code. I’m going to upload it this week. Stay tuned.

EDIT (2012-02-09): http://wordpress.org/extend/plugins/login-dongle/