Once you get hooked to retina display there’s no going back. You’re pretty much hooked for life. Every other screen you keep seeing pixels and it annoys the hell out. Reading experience just dominates with a retina display. I’m using the word retina, loosely to mean any screen that you can’t see individual pixels. This is one reason iPad Mini is such a letdown for me. True it’s more portable and easy on the hand because it’s light but you still see those individual pixels. Which ruin the whole reading experience. In the tablet world, for me at least it’s not about just having a portable device. It’s about having a portable device with a beautiful screen. A screen that display crisp fonts and sharp pictures. Couple of years from now retina displays will be everywhere. Big screens with retina will be crazy expensive still. Just like anything in the tech industry, it’ll be cheap enough in near future it’ll be accessible to everyone. Now it seems to be really hard to move onto any mobile device that has jagged fonts and edges. Just doesn’t seem good enough.

WSO2 Governance Registry (G-Reg for short) come with a Registry API and a Governance API. Registry API is mainly there to interact with the G-Reg at a repository level. Then why is this API called the Registry API and not the Repository API? That’s because G-Reg started its life as an SOA Registry first and then on generic repository level functions as well as Governance functions were added. The name Registry API was not changed. Registry API is a SOAP based API and have an associated WSDL. You can find detailed information about these API on G-Reg documentation. This blog post is about some aspects that I found to be useful when you’re trying to work with the API. Please note that this is not a comprehensive API guide, rather the path I took to use these APIs. There are other methods that you can use to archive the same. There are other ways of constructing objects and so on. Treat this as a sort of API getting started if you’re completely new. If you know your way around, dive right in to the Java doc.

Connecting to the Registry

When you’re connecting to the Registry via the web service API you’re essentially making a remote call. So you need the server address and credentials to connect. All the parameters that you have to set is documented in G-Reg documentation here.

Example initializing a WSRegistryServiceClient,

1
2
3
4
5
6
7
8
9
10
11
12
13

System.setProperty("javax.net.ssl.trustStore", CARBON_HOME + File.separator + "repository" +
                File.separator + "resources" + File.separator + "security" + File.separator +
                "wso2carbon.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
System.setProperty("javax.net.ssl.trustStoreType", "JKS");

return new WSRegistryServiceClient(SERVER_URL, USERNAME, PASSWORD,
    ConfigurationContextFactory.createConfigurationContextFromFileSystem(
        CARBON_HOME + File.separator + "repository" +
        File.separator + "deployment" + File.separator + "client",
        CARBON_HOME + File.separator + "repository" +
        File.separator + "conf" + File.separator
        + "axis2" + File.separator + "axis2_client.xml"));

Then before you interact with the Governance API you need to set the Repository write mode system property. If you do not do this all your governance operations (addService etc…) will return null and the operation will not happen successfully.

1

System.setProperty(ServerConstants.REPO_WRITE_MODE, "true");

Up to this point what we did was, we set some properties and now is going to connect to G-Reg and get a registry instance object so that we can do governance related stuff. Code below,

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

private static final String CARBON_HOME = "C:\\test\\wso2greg-4.5.3";
private static final String USERNAME = "admin";
private static final String PASSWORD = "admin";
private static final String SERVER_URL = "https://localhost:9443/services/";

private static WSRegistryServiceClient initialize() throws Exception {

    System.setProperty("javax.net.ssl.trustStore", CARBON_HOME + File.separator + "repository" +
            File.separator + "resources" + File.separator + "security" + File.separator +
            "wso2carbon.jks");
    System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
    System.setProperty("javax.net.ssl.trustStoreType", "JKS");

    return new WSRegistryServiceClient(SERVER_URL, USERNAME, PASSWORD,
            ConfigurationContextFactory.createConfigurationContextFromFileSystem(
                    CARBON_HOME + File.separator + "repository" +
                            File.separator + "deployment" + File.separator + "client",
                    CARBON_HOME + File.separator + "repository" +
                            File.separator + "conf" + File.separator
                            + "axis2" + File.separator + "axis2_client.xml"));
}

public static void main(String[] args) throws Exception {
    System.setProperty(ServerConstants.REPO_WRITE_MODE, "true");
    Registry registry = GovernanceUtils.getGovernanceUserRegistry(initialize(), USERNAME);
    GovernanceUtils.loadGovernanceArtifacts((UserRegistry)registry);

    ...
}

At this point you can use the Governance API. Governace API documentation can be found here.

Adding a new service

G-Reg API page for attaching a new service list out basic functionalities of how you can use it. Let’s explore more about how to use the API. First thing you have to do is get a service manager instance from the registry object we just created.

1

ServiceManager manager = new ServiceManager(registry);

void addService(Service service) So we have to create new Service object. Our manager instance have a method to create a new service. Service newService(QName qualifiedName)

Let’s see how a new service creation code looks like,

1

Service s = manager.newService(new QName("http://example.com/ns", "MyServiceName"));

There, easy. We created a new service, in order to add this to the Registry you need to call manager.addService() method passing the service object you just created. The service we just created have a namespace URI and a service name. Nothing else. That’s kinda boring. API supports adding all sorts of additional attributes to stuff this service object. Let’s look at those.

void attachPolicy(Policy policy)
void attachWSDL(Wsdl wsdl)
void attachSchema(Schema schema)
void attachLifecycle(String lifecycle)
void attachEndpoint(Endpoint endpoint)

When you’re adding a service the service must have an endpoint to be useful. Then from other programs you can lookup the registry for services, get the endpoint and talk to that service programmatically. So it has to have at least one endpoint in order to be useful. Let’s add an endpoint.

Here’s a place that I went horribly wrong. I looked at this list of functions and thought I could create a service object, stuff it up with different things like attaching an endpoint, a WSDL etc… and then finally add the service using addService() method. Unfortunately the API doesn’t work like that. In order to attach an endpoint to the service the service should be added first! So, I had below lines which seemed natural to write,

1
2
3
4
5
6
7
8

Service s = manager.newService(new QName("http://example.com/ns", "MyTestService"));

EndpointManager em = new EndpointManager(registry);
Endpoint e = em.newEndpoint("http://mytest.com/service/url");

s.attachEndpoint(e);

manager.addService(s);

Executing the above few lines will give you the following error message which is a bit hard to digest and figure out what’s exactly wrong.

13/01/03 12:14:16 ERROR dataobjects.GovernanceArtifactImpl: A path is not associated with the artifact.
Exception in thread "main" java.lang.reflect.InvocationTargetException
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.intellij.rt.execution.CommandLineWrapper.main(CommandLineWrapper.java:112)
Caused by: org.wso2.carbon.governance.api.exception.GovernanceException: A path is not associated with the artifact.
    at org.wso2.carbon.governance.api.common.dataobjects.GovernanceArtifactImpl.checkRegistryResourceAssociation(GovernanceArtifactImpl.java:619)
    at org.wso2.carbon.governance.api.common.dataobjects.GovernanceArtifactImpl.attach(GovernanceArtifactImpl.java:550)
    at org.wso2.carbon.governance.api.services.dataobjects.ServiceImpl.attachEndpoint(ServiceImpl.java:405)
    at main.java.org.wso2.carbon.registry.importer.XLSImporter.main(XLSImporter.java:76)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
    ... 5 more

Why does it say a path is not associated with the artifact? The API is designed in such a way that you’re adding or attaching stuff to a resource that exist in the Registry already. If it exist there should be a unique path for that in the registry if not there’s no path. Hence the error. So you have to make sure to add the service first and then attach the endpoint. Following snippet worked like a charm,

1
2
3
4
5
6
7
8

Service s = manager.newService(new QName("http://example.com/ns", "MyTestService"));
manager.addService(s);

EndpointManager em = new EndpointManager(registry);
Endpoint e = em.newEndpoint("http://mytest.com/service/url");
em.addEndpoint(e);

s.attachEndpoint(e);

It’s helpful to note here that this API has 4 things you can attach to a service. Endpoint, WSDL, Policy and Schema. In other words Endpoints, WSDLs, Policies, Schemas and Services seems to be the high level things that you deal with the Governance Registry. But from the UI you will see only four major items. Everything except Endpoints. Endpoints get created automatically when you upload a WSDL to the registry and it’ll create dependencies between the services in the WSDL and endpoints. You can add new endpoints to the Registry through the API as you just saw. If you don’t use the API then how to add a set of endpoints to the Registry? Here you can use WSO2 Developer Studio to create endpoints as resources and upload them to the Registry. So it’ll create endpoints and you can later look them up from the API and attach to your services.

Following the same principal, similarly you can add a schema for this service and attach as well.

1
2
3
4

SchemaManager sch = new SchemaManager(registry);
Schema schema = sch.newSchema(FileUtils.readFileToByteArray(new File("test.xsd")));
sch.addSchema(schema);
s.attachSchema(schema);

Another way to attach stuff to a service is through the addAttribute() method. Has the following signature,

void addAttribute(String key, String value)

So with this method you can add an endpoint and other associated items with a service. In order to add stuff you need to know what are the possible keys. Let’s look at the G-Reg UI for a bit, specifically Add Service UI. The form for adding a service is shown in the following image,

Here the thing that you should note is the sections have a gradient background.So generally the key that you have to use have the format lowercase(section) + “_” + camelCase(name). There are a few exceptions to this though. When you’re adding the service name, the key you should use is overview_name. Here’s the entire list of keys according to the above image.

overview_name
overview_namespace
overview_version
overview_scopes
overview_types
overview_description

So the overview section is pretty much self explanatory after you get to know the convention. Next section is Contacts. When you click Add Contact there will be a two columns to fill. Contact Type (which is a drop down) and Contact Name/Organization Name. The default drop down cannot be changed using this API. Meaning if you provide a new value then it’ll not be automatically added and visible as an item in the drop down. The drop down list of items must be configured before hand when you configure the definition of the service. This definition file can be edited using the G-Reg UI and is referred to as RXT - Registry Extension Type. You can add new items to this service UI by navigating to Extensions -> Artifact Types and edit service. Adding contacts require slightly different syntax. You can add as many contacts as you please so the syntax is,

contacts_entry

For this key, since the value has two columns in the UI you need to separate them with a colon. First field you cannot change, so you need to click the drop down and get what are the possible values and then you should use the exact same value otherwise it’ll not be added. A valid value look like “Technical Owner:John Doe”.

Next, Interface section

interface_wsdlURL
interface_transportProtocols
interface_messageFormats
interface_messageExchangePatterns

Here the URL you give for the interface_wsdlURL should be pointing to a valid WSDL file. At the time of adding the resource Registry will automatically download the WSDL, add it as a dependency and will put the location of the WSDL within the registry in the WSDL URL field. Rest of the drop down fields you need to check the drop down and find out what the actual possible values are and give the exact value.

Same applies for Security section. Possible values,

security_authenticationPlatform
security_authenticationMechanism
security_authorizationPlatform
security_messageIntegrity
security_messageEncryption
security_comments

Next up is Endpoints section. Here you can add any number of endpoints. Endpoints also take two fields. The environment and the actual endpoint. So you have to separate the environment and the URL with a colon. You need to find which environment the endpoint should go on to (Unknown, Dev, Test, Stag, Prod). Here’s an example - "Dev:http://dev.example.com/service". If you just want to add a URL then you should have the colon in front. Otherwise the tokenizer will think http is the first part and will drop it! So adding a URL alone should look something like ":http://example.com/service". Notice the colon at the beginning of the string.

I’ve been on an outward bound program some time ago that’s designed for leadership and team building. The program itself was educational and had activities that you should do as a team. I was particularly impressed by one such activity that involved getting into two groups, forming two lines face to face and then trying to put down a stick that sits on top of your fingers. Everyone’s goal is to lower your hands so that the stick will go down. Instead what happens is everyone shout at other people to lower the stick but the stick itself goes up! Unbelievable. Then we were told to concentrate on our own hand and not look and others, then the stick actually came down.

After some googling the activity seems to be going by the name Helium Stick. Wilderdom site seems to have a large collection of such games that you typically would do on an outward bound program.

Years come and go. This is one of those years that just flew by in a whim. You just loose track of time when you’re having fun! This year was an exceptional year in terms of the experiences and type of work that I got the opportunity to do.

I got the chance to visit different countries and work with remarkable people and make great friends all over the world! Experiencing different cultures, food, customs, life styles were one of the best parts when it comes to traveling. Another great thing about traveling is that you’ll get to interact with a lot of different people. People from all walks of life. People that work with you, people that you have random conversations with on different places, people that tries to pick up a fight with you on local watering holes, people who’ll try to intimidate you and so forth. Diversity of people are truly amazing. It’s a stark difference to the people you normally would hang out with or get to interact with on your normal walk of life. Being somewhat of an introvert, having to interact with this wide variety of people fascinated me. The more I talked to people the more I realized how little I know and how much is there to learn. There’s an astounding amount of information out there.

Like most programmers I was comfortable looking at a monochrome screen in a dark room doing “computer stuff”. Dealing with computers was far more easier than dealing with people. Then I had to talk to people about it. Not blogging but you know … face to face. Initially it was challenging but it got easier with time. You have to talk/present information in a manner that the other person can understand and explain and clear their doubts. Not one or two people but several. One thing I realized through all these is that writing code is the easy part. Explaining it to people, doing presentations/demos and other human interactions was the hard part. As with anything else, it becomes easier with practice. I loved every second of it. These so called soft skills were invaluable.

As personal life goes, this year was filled with ups and downs, twists and scary turns as well. Life, one of those things that you have to man up and deal with. This year was not without it’s own share of let downs, mistakes and set backs. I’m looking forward to the next year that will bring more challenges and let’s see how things progress.

The year in blogging was not too good. I couldn’t do more than a couple of blogs. Looking forward for a more noisy year in terms of the blog :-) This year marks the year I watched the most confusing and complex movies of all time. It’s none other than Cloud Atlas. With a ridiculously complex plot and as one of the most confusing stories of all time to be put to the telly, it stands out as a significant event this year.

I was thoroughly disappointed about the Mayans. Or I should say angry instead. It’s exactly 10 days passed the dooms day. What a let down. I thought I’ll be going toward a bright light when I wake up 22nd morning but instead there were no bright light. Woke up with a headache instead. Pulling pranks on humanity. Not cool. SRSLY.

I’m forgetting about twenty five thousand other things that have happened over the past year. This is not a thorough analysis but a very short and lazy dump of a few things. I’m really grateful to the things life brought over the past year. It has been truly an amazing ride. I’m looking forward for the year ahead.

Wish you all a happy new year!

My website was running on Wordpress. It’s been like that for a couple of years. I’ve been updating the wordpress version somewhat sporadically. When I login to the dashboard it says if there’s a new wordpress version available and after clicking a button voila it’s updated. When you’re hosting your own blog engine there’s some administrative overhead that you have to accept. Then again when things get busy you probably don’t have that much time to look into the blog. At least that’s what happened in my case. All this time there were no sign of foul play. Everything was normal. During these holiday times I was thinking about doing some SEO ninja on the blog and kinda spring it back to life. More frequent writing and the like. So I remembered I’ve signed up for Google webmaster tools, so I logged in. I immediately noticed the message Notice of Suspected Hacking on http://engwar.com/

As the above image shows the suspecting file seems to be pad.php. So I went ahead and removed that file. Also at the same time I started searching for fishy files. Then I noticed a directory called coockies. Looking into the directory I saw several .php files. Since the entire directory looked cocky I removed that as well. Then I think I deleted a bunch of other files that seemed to be out of place. I downloaded the vanialla WP installation and compared file structrue. Now that I think about it I should’ve been more methodical about this. Gah. Anyhoo, I stopped at that thinking it’s over and resumed the usual holiday activities. The following day, to my surprise the cocky directory was back. A bunch of files with different names were back. Then I searched around to see what the heck this thing is and found out about the “pharma hack”. Just google for “wordpress pharma hack” and you’ll get a bunch of posts about it. Seems to be quite old as well, first seen at least a couple of years ago. At this time I was a bit annoyed with the way things are and started to removed a bunch of files, also got a copy of the site just incase. Later I decided to migrate to Octopress because it seemed like less hassel and require very little maintenance. It’s a bunch of static pages.

Looking at the code

Luckily I got a file backed up, wp-stat.php. This file was invoked from .htaccess for all search engine related traffic. Nothing more. Let’s see what that looks like.

It’s a common technique followed by spammers to base64 encode the string of statements and then do a base64_decode and execute that string through eval(). That’s what’s exactly being done here. So let’s decode this sucker and see how that looks like.

Doesn’t look like that interesting or readable. Looking at the first few characters I thought this is some kind of another encoding. But then again the very first character ($) dollar sign is how you define a variable in PHP. So this must be some variable. Let’s put this to a text editor and do some indenting.

Now it looks like we’re getting somewhere. The first couple of lines with sorta gibberish is actually variable declarations. If you haven’t programmed with PHP before a little clarity from the manual about variables,

It is not necessary to initialize variables in PHP however it is a very good practice. Uninitialized variables have a default value of their type depending on the context in which they are used So the first line in the program,

1

$wA5dC1cM3rT9iB2aY9hN1aK6tQ6kW9lE6wD5dW8fX1oL8eZ6nQ6nB6rG8yX9vA2hH3tS5fX5dA5mP2uS9xA2kP5fZ3uJ0cG2qT2jN6tO8tO4=$nR5cG9jK1yW4wV7uA4uR2lM6vR3pA7uQ7aI6jH2mF9jJ6rK5nP5lQ0oT7lR2gQ1nH8iX3iF7oJ0rE5sT1hX1mV3xG1rI3iW3aA9hO5;

is a variable declaration with two very long variable names. The statement doesn’t have any effect since it doesn’t have any value. Purpose of this is to include some “gibberish” into the program to fool you. First bunch of executable code that does something is there from line 286 - 296. Looks like it’s doing some curl stuff. In line 288 you can see it’s doing a CURLOPT_URL, that’s setting the URL. The URL is composed of several strings. In PHP assume you have 4 string variables like $a, $b, $c and $d. You can concaternate them all into one like “$a$b$c$d”. That’s what’s being done here. So, to find the actual URL comment out all the evals and curl_exec() call. Then insert an echo call with the same string to echo back the URL. Now exectue the PHP program in your machine to see the output. The URL is “http://82.192.91.10/100JS71MLKpzPzFbcYeVvZUMxCRUKBVFFx6iO6pr2VfhBthyzGcp.txt” Let’s do a wget to get the contents of this text file and see how that looks like.

Another base64 encoded string, let’s decode that and see,

For requests coming from a search engine this guy tries to get a “template” from the listed host under the specific domain and caches it for future requests under “coockies” folder before sending it. So for search engines they see an entirely different page with a bunch of spam links. The “template” that’s being used, the “index” one for requests coming to the root or the “/” is available at https://gist.github.com/4404914

I wish I had saved all the files to do some more digging around. Interestingly it has a debug mode even for requests coming from one IP, probably the spammers who control this. After some searching I was able to find a very similar file someone has posted about a year ago. http://pastebin.com/Sj22HbWb/ same variable names etc…

Then I remembered there was another PHP file I had copied. I was going through the uploads folder in my Wordpress and on a previous post I’ve given a patch to a pom file and in the same folder I found a file called pom.php. I copied that file. Contents of that file was extremely basic and there was one line that did,

1

preg_replace("/.*/e","\x65\x76\x61\x6C\x28\x67\ .... ");

Yet another long base64 encoded type string. Running it on the command line gave an HTML page. So I uploaded it to my local Apache and ran it.

And it’s none other than the nifty WSO Webshell. This tool, once put onto a server can do all kinds of interesting stuff ;-) So this was probably used to upload files to my server. How this tool was uploaded in the first place? That’s unknown to me but probably through a vulnerable Wordpress version/plugin.

I’m migrating the blog to Octopress. I’m just starting to play around with Octopress so things are broken pretty badly. RSS feed URL is at a different place, comments are not working, and all the images are broken right now for old articles. This I’ll be working on fixing during the next couple of days. Although I’m not a big fan of static site generators, Octopress seems interesting. I’ve been wanting to play with this but that got buried under The List somewhere ;-)

Another reason was my wordpress site was hacked. This was rather a clever hack as it changed the meta keywords indexed by Google only. Anyother thing was not changed. Googling around revealed this is the famous pharma hack. This has created a couple of backdoors. Even after I deleted all the files it somehow created all of them after a day. So there are multiple backdoors created in order for them to get in and restore all the files.

After backing up all the files, without analyzing in detail what I thought was to migrate to Octopress. Seemed easy, and it was. I backed up all the posts and ran through exitwp to create markdown versions of the posts. Then I migrated into Octopress. Since the posts contain the new URL structure all the old links will break. Plus old disqus comments will not work correctly. Now that I have a working site up and running with Octopress I’m off to learn more about how to do various stuff with it. I think this is way way more easier than having to setup a DB and having executable PHP code on the server. Plus, you don’t have to worry about your site getting hacked if you keep it unattended for couple of months :-)

When learning about OSGi it’s easier to start from some sample code first. Then dive into what it all means. Apache Felix is a OSGi container with nice set of samples to start with. First learn how to launch the Felix framework. Then dive into the examples.

OSGi is a dynamic module system for Java. Wikipedia entry for OSGi is naturally a good place to start. Then tech overview at OSGi.org. Also OSGi in Action is a great book to dive into. Although I’m still in early chapters, looks to be a great treatment of the subject.

If you’re just trying to find a means to and end, then of course you don’t need to dive into the gory details. If you’re trying to hack around existing code, then, look at MANIFEST.MF for the Activator class. If your bundles are written as OSGi declarative services, then your implementation classes are specified in OSGI-INF/serviceComponents.xml file. This happens to be how WSO2 Carbon components are structured. Once you find where execution begins for a bundle it’s easy to follow along what’s happening. More on that later.

Staying up-to-date on Internet of things is a daunting task. Come to think of it now, I haven’t really missed much. Or may be I have on certain things. I said goodbye to RSS readers nearly 4 years ago. I did that after reading a post by Chris Wanstrath. I tuned into Twitter instead as my primary news source. If it’s worthy of attention people will tweet it. I haven’t really missed much on major news bulletins. It’s useful to stay up-to-date on the field you’re interested in, trends of the industry etc… With so many sources of information this will soon become a major time sink. When you go beyond 1000 feeds it’s really hard to read all of them.

I was looking for one of my old blogs today (you know, the things that you write when you’re young and naive) and found out that Microsoft Live Spaces is no more. In fact they’re redirecting to Wordpress! Ballsy move M$!

Couple of years ago on one gloomy Sunday afternoon, earth was about to get a massive down pour. Signs were all clear. Slight drizzle, turn-on-your-headlights-dark and dark cloud cover visible through thundering. With a massive thundering strike it dawned on to me. That. I. Need. Exercise. It was either that or have to control my daily calorie intake. You know, for those of us (unfortunate?) folks sitting in front of a computer the good part of the day isn’t what our bodies would want. Apparently. So, I was all game for doing diet control.

This was tough. Couple of friends were following the GM Diet to the letter. This looked ridiculously hard I didn’t even bother. When you’re used to eat a certain sized portion and when you start eating less you naturally feel hungry. When you’re at it for a couple of days then you run the risk of death by starvation. You food lovers know what I mean! Thousand different reasons cross your mind, “will I faint?”, “am I going to die?!”, “is this what dying feels like?”, “I should eat, NO! I’m on a diet” and so on. It was all too depressing to be around food and not eat the damn thing.

So the next option is to workout. This is relatively easy the first couple of days. So at first I started running followed by a few exercise routines. Running is great but when the weather is bad and when you have to stay indoors for couple of days then it became hard to go back to the routine. Felt lazy and “well .. not today, may be tomorrow” sorta thing where tomorrow never happened.

Next option was to try a gym routine. This is good in many fronts. Now you can eat all you want and burn all the fat! Bad weather, no problem. Again getting into a regular schedule was hard. After about 6 months of irregular gym use there was no real improvement. Spending couple of hours twice a week at the gym gives you that warm feeling of “I’m going to the gym so I must be healthy”, but no measurable results. So any routine should be regular and consistent. Regular usually means daily unless may be you’re into power lifting. Simple act of walking for half an hour a day also yield many benefits as the following video shows,

When you’re at a gym there are many things you can try to complement walking. For couple of days I tried a HIIT routine which involved one minute of fast running followed by a four minute walk for 20 minutes. I quickly lost interest ‘cos it was too hard. I should’ve started with a lower intensity.

Later this turned out to be one day all cardio and next day cardio + circuit training. This routine has worked ok and I found that I could stick to this. Now I’ve been at this stint a little over thirty days. When you’re doing a particular routine regularly I’m finding it’s easy to ramp up the intensity. It doesn’t get too hard too early and not that easy also. Once you find this balance then gradually moving to bigger and heavier things becomes relatively easy. Now where is that six pack? (pun intended!)

I have read a bunch of articles about the financial crisis happened a few years back. Never came across such a brilliant write up than The Quiet Coup by Simon Johnson.

Typically, these countries are in a desperate economic situation for one simple reason—the powerful elites within them overreached in good times and took too many risks. Emerging-market governments and their private-sector allies commonly form a tight-knit—and, most of the time, genteel—oligarchy, running the country rather like a profit-seeking company in which they are the controlling shareholders.

Later on Simon writes,

Squeezing the oligarchs, though, is seldom the strategy of choice among emerging-market governments. Quite the contrary: at the outset of the crisis, the oligarchs are usually among the first to get extra help from the government, such as preferential access to foreign currency, or maybe a nice tax break, or—here’s a classic Kremlin bailout technique—the assumption of private debt obligations by the government. Under duress, generosity toward old friends takes many innovative forms. Meanwhile, needing to squeeze someone, most emerging-market governments look first to ordinary working folk—at least until the riots grow too large.

Who said running a country is so hard?!