The Beatles White Album   1 comment


“Paint It Black, You Devil”

Angst fan on the Rolling Stones Get Your Ya Yas Out Album


It’s My Own Invention or The Name Of This Song Is Called

You are sad,” the Knight said in an anxious tone: “let me sing you a song to comfort you.”

“Is it very long?” Alice asked, for she had heard a good deal of poetry that day.

“It’s long,” said the Knight, “but it’s very, very beautiful. Everybody that hears me sing it——either it brings the tears into their eyes, or else——”

“Or else what?” said Alice, for the Knight had made a sudden pause.

“Or else it doesn’t, you know. The name of the song is called ‘Haddocks Eyes.'”

“Oh, that’s the name of the song, is it?” Alice said, trying to feel interested.

“No, you don’t understand,” the Knight said, looking a little vexed. “That’s what the name is called. The name really isThe Aged Aged Man.'”

“Then I ought to have said ‘That’s what the song is called’?” Alice corrected herself.

“No, you oughtn’t: that’s quite another thing! The song is called ‘Ways And Means‘: but that’s only what it’s called, you know!”

“Well, what is the song, then? ” said Alice, who was by this time completely bewildered.

“I was coming to that,” the Knight said. “The song really isA-sitting On A Gate‘: and the tune’s my own invention.”

14 - 1

Rutherford Chang buys White Albums, just White Albums.  He currently has almost 1,000 first editions of

the Beatle’s classic “The Beatles” (The record is not actually titled The White Album).  At the  top of this

blog is a photograph of my wife’s first edition copy.  Unlike most limited edition art works the owners of

The White Album “prints” often adorned there copies with there own expressions (artistic or otherwise). 

Mary Jo felt free to put her dorm name and room number on hers so if it was lost someone could have

returned it to her!









                                                                                                                                                                 The cover was designed by Richard Hamilton, and the Beatles recorded the album in 1968.  So tense were

the recording sessions that at various times George Martin (producer), Geoff Emerick and Ringo all “quit” 

for at least some length of time.  Love it or hate it this revolutionary set of tracks is almost fifty years old. I

have purchased it four times (as media has changed).



Chang Rutherford made digital recording of 100 vinyl copies of the first side of the White Album and

mixed them down to a single track. Listen to it here. I think it’s great.  I took the last three minutes of

Chang’s track (Happiness Is a Warm Gun” X 100) created a mash-up with some other Beatles sounds

which you can view / listen to here:

White Album Side One X 100 : The Last Three Minutes

The Cloud2013 All Digital Sound and Media Studio Used To Create: The Last Three Minutes and this blog post:DSC_0001


The Beatles, John Lennon And Revolution: One, Two, Many Revolutions   1 comment

It a long way from the early John Lennon demo tape for Revolution 1 to the Nike Ad.

You say you want a revolution
Well you know
We all want to change the world
You tell me that it’s evolution
Well you know
We all want to change the world
But when you talk about destruction
Don’t you know you can count me out/in

We can start with the demo tapes done before the White Album.

We recorded the song twice. The Beatles were getting real tense with each other. I did the slow version and I wanted it out as a single: as a statement of The Beatles’ position on Vietnam and The Beatles’ position on revolution. For years, on The Beatles’ tours, Brian Epstein had stopped us from saying anything about Vietnam or the war. And he wouldn’t allow questions about it. But on one of the last tours, I said, ‘I am going to answer about the war. We can’t ignore it.’ I absolutely wanted The Beatles to say something about the war.

John Lennon
All We Are Saying, David Sheff

According to Wikipedia:

The White Album (Kinfauns) demos (1968)

In May 1968, The Beatles met at Kinfauns, the Esher home of George Harrison, to review and record demos of songs under consideration for their next album; twenty-seven songs, mostly acoustic, have become public from this session.[40] Seven of the songs were released on Anthology 3, including “Junk“, a song McCartney would later record for his first solo album. Of the twenty demo songs not officially released, fifteen would be recorded and released on the White Album, while “Not Guilty” and “What’s the New Mary Jane” would be recorded for the album but not make the final line-up.

And here is The “Kinfauns Acoustic Demo” (I love this one):

Kinfauns Acoustic Demo

You say you got a real solution
Well you know
We don’t love to see the plan
You ask me for a contribution
Well you know
We’re doing what we can
But if you want money for people with minds that hate
All I can tell you is brother you have to wait

Then the Beatles as a group played the track many, many times.  Here is Take 20 with some post processing:

Revolution 1 Take 20 (Rejected Mix)

From Wikipedia again on Take 20:

Take 20

Low-quality monitor mixes of the full-length version of Revolution appeared on various bootlegs, such as From Kinfauns to Chaos, throughout the 90s.[16] Then in 2009, a high-quality version labeled “Revolution Take 20” appeared on the bootleg CD Revolution: Take…Your Knickers Off![17][18] The release triggered great media fanfare and activity among fans. This version, RM1 (Remix in Mono #1) of Take 20, runs 10 minutes 46 seconds (at the correct speed) and was created at the end of the 4 June session, with a copy taken away by Lennon.[19] It was an attempt by Lennon to augment the full-length version of “Revolution” in a way that satisfied him before he chose to split the piece between the edited “Revolution 1” and the musique concrete “Revolution 9”.

Finally we get the White Album mix which is pretty sweet:

White Album Revolution as Released.

George thought this was TOO SLOW for a single and John wanted the song out NOW.  And so on July 10, 1968 the fast, loose and out of control version (more in keeping with the times really) was recorded.

We got into distortion on that, which we had a lot of complaints from the technical people about. But that was the idea: it was John’s song and the idea was to push it right to the limit. Well, we went to the limit and beyond.

George Martin

Here is “GetGBackEsto”’s restored version of a live studio performance of the fast version of Revolution (with backing vocals absent from the released single):

Live Take of Revolution Post July 10

The Video of this performance with the raw sound mix can be seen:  Beatles Revolution Fast

Finally he is John’s mix for the single Revolution (this was the “B” side to Hey Jude):the-beatles-revolution-apple-4

Fast Revolution as Released

This is the one I bought in High School and it was before the White Album and slow version of Revolution was released.  Listening to it had a big effect on me.

You say you’ll change the constitution
Well you know
We all want to change your head
You tell me it’s the institution
Well you know
You better free your mind instead
But if you go carrying pictures of Chairman Mao
You ain’t going to make it with anyone anyhow

The less said about Nike’s use of the fast version of Revolution for a shoe ad the better.

From 1983 through 1990 The Grateful Dead pulled out Revolution as an encore closer.  Hear them below:

19831012 Madison Square Garden Revolution 05:11
19831017 Olympic Arena Revolution 05:18
19831022 Carrier Dome, Syracuse U Revolution 05:21
19831031 Marin Veterans Memorial Auditorium Revolution 05:20
19841009 The Centrum Revolution 04:57
19841020 Carrier Dome, Syracuse U Revolution 05:30
19850408 The Spectrum Revolution 05:08
19850702 Civic Arena Revolution 04:51
19851108 Community War Memorial Auditorium Revolution 06:02
19900328 Nassau Veterans Memorial Coliseum Revolution 05:09

This just in

QR Codes, Bank Notes and the Great Wall of China   Leave a comment

Centuries of invaders couldn’t break the Great Wall of China, but a Chinese yuan can. Well, the “Great Firewall,” at least.

A series of one yuan banknotes became a whole lot more valuable after being stamped with a quick response (QR) code — a type of matrix barcode that, when scanned by a smartphone, sends a user to a website stored in the code — that circumvents the infamous firewall.

Beneath the stamped QR codes are the words: “Scan and download software to break the Internet firewall.” Doing so leads to an Amazon cloud link that hosts downloadable software to get around the firewall.

Read the rest of the story here


Posted 2014/02/13 by Cloud2013 in Random Notes

The Day We Fight Back   Leave a comment



Posted 2014/02/11 by Cloud2013 in Internet

Tagged with

Jerry Garcia American: Freedom. Liberty. Leave Me Alone, To Find My Own Way Home. 1993-08-22   1 comment

If I was an eagle I’d dress like a duck  kantnergarcia
Crawl like a lizard and honk like a truck
If I get a notion I’ll climb this tree
or chop it down and you can’t stop me
Chop it down and you can’t stop me
Leave me alone
To find my own way home

Liberty.  (Giants Stadium 1993-06-06)

I have been spending some time with the 1993 Grateful Dead concert tapes on the Internet Archive.   The Modern Deadhead blog has a nice discussion of this year with the Dead here.  Jerry is drawing from deep within himself with both is playing and his singing during the summer tour.  There are some powerful performances during 1993 including:

The 1993-08-22 show at the Autzen Stadium an the University of Oregon has been in pretty heavy rotation on my mp3 player.  There is a lot to recommend this show including  a stand away version of Days Between with a great vocal and a strong end solo.  The first set opens with Jack Straw.  About 60 seconds into the show the mikes die and Bob’s guitar set up goes into cardiac arrest.  It takes several minuets for his setup to reboot and come back on line.  Jerry, who is no stranger to equipment failures and guitar solos takes the weight and carries the song with some real pyrotechnics. The first set ends with a fresh sounding The Music Never Stopped.  The second set is action packed starting with Help On the Way –> Slipknot –> Franklin’s Tower.  The closer is really a great Space followed by The Wheel –> I Need A Miracle –> Days Between –> Not Fade Away. WoW.  Liberty takes us home as an encore. Listen NOW!


1993-08-22 Autzen Stadium  (University of Oregon)

Click Track to Play or Steal

01 crowd/tuning 05:07
02 Jack Straw 09:12
03 Bertha 08:04
04 Little Red Rooster 09:26
05 Broken Arrow 05:25
06 Althea 08:02
07 Masterpiece 05:27
08 Tennessee Jed 08:56
09 The Music Never Stopped 08:48
10 crowd/tuning) 02:46
11 Help On The Way– 04:26
12 Slipknot!– 05:28
13 Franklin’s Tower 11:55
14 Samson And Delilah 06:46
15 Ship Of Fools 07:51
16 Corinna– 09:23
17 Drums– 07:46
18 Spacey Drums– 12:38
19 Space– 13:03
20 The Wheel– 06:59
21 I Need A Miracle– 04:05
22 Days Between– 10:51
23 Not Fade Away 11:41
24 Liberty 06:28
With film footage from all over space and time.

13 - 1

And while we are visiting the past here is a little snip from 1981:


Went to the well but the water was dry
Dipped my bucket in the clear blue sky
Looked in the bottom and what did I see?
The whole damned world looking back at me

If I was a bottle I’d spill for love
Sake of mercy I’d kill for love
If I was a liar I’d lie for love
Sake of my baby I’d die for love
Sake of my baby I’d die for love

Leave me alone
To find my own way home
To find my own way home
I’m gonna find my own way home

RIP, Jerry.

Chanting by The Guyoto Monks (1995-06-02)

John McAfee Strikes: How To Uninstall MCAfee Antivirus Software   Leave a comment

News Item from the New York Times:

Last week, Intel, which acquired McAfee in 2011, announced it was killing off the McAfee brand altogether, keeping only the company’s red shield logo intact. McAfee will now be known as Intel Security.

Analysts say the move is an apparent effort to separate the brand from its antivirus roots and from its founder, John McAfee, whohas gained notoriety for behavior that, at last count, included going on the lam after his neighbor in Belize was found dead, an arrest in Guatemala, a deportation to Miami and, finally, an expletive-laced video featuring Mr. McAfee trying to uninstall McAfee software while surrounded by scantily clad women, guns and “bath salts.”

The evil video can be found here:




Posted 2014/01/17 by Cloud2013 in Internet, mcafee, Thought Control

Tagged with , , ,

Poor Man’s Delegation: Web API Version 2, CORS and System.IdentityModel.Tokens.Jwt Part 2   2 comments

In Part 1 of this post I reviewed the goals of the project and how to create a simple JWT object.  In today’s post I will cover first, how to decode (validate) a JWT object and assign the Claims Principle created during that process to a thread on a running Windows applications.  Secondly I will cover the steps for using Web API to consume the JWT object and use its claims.  I will also review the new attribute based CORS filter (thanks again Brock Allen ).

Creating a Claims Principle from a JWT Object

Recall from Part 1 that we created a JWT object using an System.IdentityModel.Tokens.SecurityTokenDescriptor which we created specifically for our application.  Having received a JWT object the JWT is validated by creating a System.IdentityModel.Tokens.TokenValidationParameters object and then applying these parameters to the JWT object we wish to decode.  Note that the TokenValidationParameters mirror the values we supplied to the System.IdentityModel.Tokens.SecurityTokenDescriptor object to create the JWT.

var validationParameters = new System.IdentityModel.Tokens.TokenValidationParameters()
AllowedAudience = Constants.AllowedAudience,
SigningToken = Constatns.BinarySecretSecurityToken,
ValidIssuer = Constants.ValidIssuer

Given a JWT object called JWT we validate as:

var tokenHandler = new System.IdentityModel.Tokens.JwtSecurityTokenHandler();
tokenHandler.RequireExpirationTime = true;

var   principal = tokenHandler.ValidateToken(jwt, validationParameters);

The call to ValidateToken will fail with an exception if the TokenValidationParameters values do not match those used to create the object.  Further if the system time of the decoding system is outside of the Lifetime parameter of the JWT an exception will be thrown.  If all goes well the output of the call to ValidateToken is a ClaimsPrincipal object.  The ClaimsPrincipal object is a Framework 4.5 object which is the basis of the new look to Windows Framework security.  So far so good but at this point you are NOT delegating to the new Claims principle to do that you MUST assign the ClaimsPrincipal object to your thread and the HttpContext.Current.user

Thread.CurrentPrincipal = principal;
System.Web.HttpContext.Current.User = Thread.CurrentPrincipal ;

At this point the magic has happened, your thread is now running as a delegate of the JWT object.  There are limits (for your benefit) the user is marked as Authenticated and the Authentication Type is marked as Federated.  As a Federated user there are limits to your power.  You can not act as Local System in this delegated identity.  Ok that was easy.  Now lets turn to a slightly more difficult problem.

Web API and Authorization Delegating Handlers

In our simple design the user sends the JWT object as an argument to a standard HTTP Authorization Header  as a Bearer token.  Other methods (cookies, query parameters, form-encoded) are possible but the header method is a clean and very common.  Lets look now how Web API can process this header using a Authorization Filter.  The basic idea is

Derive a class from the Web API class DelegatingHandler, and

Override the SendAsync Method.

The model over ride looks like this  looks like this:

public class myJWTHandler : DelegatingHandler

      protected override Task<HttpResponseMessage> SendAsync(
HttpRequestMessage request, CancellationToken cancellationToken )

            var auth=request.Headers.Authorization;

           if ( auth==null || auth.Scheme != “Bearer” )
var response=request.CreateResponse( HttpStatusCode.Unauthorized, string.Empty );
var tsc = new TaskCompletionSource<HttpResponseMessage>( );
tsc.SetResult( response );
return tsc.Task;
HttpStatusCode statusCode=HttpStatusCode.OK;

           //request.Headers.Authorization.Parameter is the JWT string

           //in this example

           //  _ValidateJWT assigns the claims principle to

           //  Thread.CurrentPrincipal and  System.Web.HttpContext.Current.User

           // on SUCCESS
if ( !_ValidateJWT( request, request.Headers.Authorization.Parameter, out statusCode ) )
var response=request.CreateResponse( statusCode, string.Empty );
var tsc = new TaskCompletionSource<HttpResponseMessage>( );
tsc.SetResult( response );
return tsc.Task;
return base.SendAsync( request, cancellationToken );


Now we need to assign our Handler to a URL route.  We do this in standard file WebApiConfig.cs following this simple pattern within the Register Method therein:

           System.Net.Http.DelegatingHandler[] myRouteDelegates=new System.Net.Http.DelegatingHandler[]{
new myJWTHandler()
var myRouteHandlers=System.Net.Http.HttpClientFactory.CreatePipeline(
new System.Web.Http.Dispatcher.HttpControllerDispatcher( config ), myRouteDelegates
name: “myRoute”,
routeTemplate: “myApplication//{accountNumber}”,//your route goes here
defaults: new
controller = “myController”,
action = “Get”
constraints: null,
handler: myRouteHandlers

Ok we are Hooked! Any call to “myRoute” will pass FIRST through the delegate Hander, which in turn enforces that a valid JWT object appears in the Authorization Header and will assign (delegate) the thread for the call to the Federated user specified within the JWT.

The  Route Controller and Actions

Now we want to add the following functionality:

  • Allow only authorized users in certain Roles to access the route controller (a Role is a claim), and
  • Use additional claims associated information with the federated user on our controller’s method thread.
  • Enable CORS Support.

The first two of these are pretty straight forward,  but CORS support with authorized users requires some additional design and programming.  CORS support is however required with the design we are playing out here.  More on this bellow.

Our basic controller looks something like this:

public class myBookGroup1Controller : ApiController



        [Authorize(Roles = “Insured”)]

        [WebAPI.Handler.Enable_AIC_CORS()]  //CORS support derived from Wep API standard CORS Attribute

               public HttpResponseMessage Get( string prameter {}}


The attribute [HttpGet] filters requests and allows HTTPGet requests to call this action. The Authroize attribute leverages the claims Federated user.  In this case  [Authorize(Roles = “Insured”)] we are asking for Authenticated Users who have a Roles claim whose value is “Customer”;  In order for this to work correctly we use the registered Microsoft Namespace: use “” as the key for “roles” when we created the JWT initially (way back in Part I).

Once we have entered an Action Method we can access the Federated Users Claims as:

  public static IEnumerable<string> GetClaims(System.Security.Principal.IPrincipal iPrince, string uni)




                return from c in ((ClaimsPrincipal)iPrince).Claims where c.Type == uni select c.Value;


            catch (Exception x)


                throw new ApplicationException(“LINQ access Errors Key ” + uni,x);



The body of the Get method here could look like:

public HttpResponseMessage Get( string prameter) {}{

        var accountNumber = GetClaims(System.Web.HttpContext.Current.User, Constants.JWT);

//do something the “accountNumber”

         List<string> data=new List<string> data();

bool results=DoWork(prameter, out List<string> data);

if (results){

// good

                      return controller.Request.CreateResponse( System.Net.HttpStatusCode.OK, listTable );


//bad news

return controller.Request.CreateResponse( HttpStatusCode.BadRequest, “badness messages);


CORS Made Simple From Preflight Checklist to Take Off

The General Idea:  Cross Origin Resource Sharing is defined by the following scenario. A device connects to a web site subsequent AJAX calls from the device running “as” that  web application to a different web application must preform an additional handshake prior to authorizing the request.  The CORS specification requires additional handlers to be written on the server and the server must specify what the policy requirements imposed on the AJAX call. The user agent (the “browser” handles the device side of the handshake (this phase is called, for obscure reasons “Preflight”)  Brock Allen has done the heavy lifting for us and Web API 2 contains Attribute CORS support based on his design and code.  The policy requirements consist:

  • Allowed Origins:  What domains may make the call. Can be “*” for any if SupportsCredentials is false.
  • Allowed Methods:  “*” for all
  • AllowAnyHeader:    True/False. Incoming headers are not limited to the “standard” headers
  • SupportsCredentials:  true / false.  Supports equals Requires Authorization
  • Exposed Headers:  approved, non-standard headers which may be sent from the Server to the caller.

Wow.  There it is the good and the bad.  For an anonymous access action methods which can be accessed from ANY server, can be defined for CORS within Web API 2 with the attribute:


public HttpResponseMessage Get( string prameter) {}{

Things get form complex for authorization required sites. In this scenario:

Allowed Origins requires a list of allowed ULRs in proper form:  http:\\{}.  This can be a list of URLS.

If we want to expose a custom (non-standard) HTTP header from the server to the client we must list each header name here.

While this could be written out with constants, having this type of system parameter embedded in an attribute just seems wrong!  There is a way.

The Web API allows us to extend the EnableCORS attribute to allow us to read the list of actual values from …. somewhere (config file or database or whatever.

The basic idea is:

[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, AllowMultiple = false)]

    public class Enable_AIC_CORSAttribute : Attribute, ICorsPolicyProvider


        private CorsPolicy _Policy;

        private Dictionary<string, string> _AllowedOrigns()


                      //get the proper list from somewhere

             return object;


        private Dictionary<string, string> _ExposedHeaders()


                      //get the proper list from somewhere and format as a string

                   return Dictionary<string, string> obect;


private _FormatForCORS(){


return string object;


  public Enable_AIC_CORSAttribute()


            _Policy = new CorsPolicy


                AllowAnyHeader = true,

                SupportsCredentials = true,






  public Task<CorsPolicy> GetCorsPolicyAsync(HttpRequestMessage request, System.Threading.CancellationToken cancel)


            return Task.FromResult(_Policy);



OK.  I think that’s it for now.  Lift Off.  Good Hunting.

%d bloggers like this: