Friday, January 30, 2009

Solar storm -- a worst-case analysis

=== this is not completely my own info/analysis. this includes info from various articles I read on this topic. ===

In simple terms, a solar storm releases huge amount of energy in terms of electro magnetic radiations of all wavelengths into space. This outburst is not a rare phenomenon. The earth's magnetic field apparently acts as a shield to the earth in deflecting a considerable amount of energy away from the earth -- thus keeping us safe in most cases. This is one of the reasons why a solar storm is not such a feared threat.

However, there are times when the solar storm reaches its maximum intensity. It seems that we are not completely safe against such intense storms. So how does it affect us? The intense EM (electro-magnetic) waves will have a huge impact on our ionosphere -- thus affecting all the communication methodologies that we use. This issue to me is not that catastrophic (actually it is, but when compared to the next issue) if the attack was known ahead. When imagining a world without communication during the period of the storm is seeming awful, would you be able to survive in a world without electricity for months/years?? huh!! but that's the next issue.

It is feared that the intense EM waves/field will have huge interference with the power-grids and blow them up. Be it anywhere in the world, high-voltage step-down transformers are inevitable in delivering the electricity to the household (Theorum studied in school: The lesser the current transmitted, the lesser the loss in energy -- so a high voltage is essential). The EM interference might blow up the heavy duty transformers across the globe. And if that happens, even after the solar storm ceases, there is no way to deliver electricity to the home until the transformers are replaced. It is not just the question of replacing the transformers but it is also about manufacturing those many (millions?) transformers across the globe. That's going to take realll time. And till then there is no electricity!!! OMG!! It seems the only way out of this is to shutdown the distribution of electricity (in effect the transformers) during the solar storm. But a planned total blackout is not a simple task nevertheless. Maybe better than the counterpart?

From what I read, a previous solar maximum occured in 1958 when there was not a big impact on the human race. Today that's not the case. This isn't a fictional possibility, but might become a reality. The next solar maximum is expected to occur around 2010-2011, so buckle up!

Along with the LHC experiment "seeming" unsafe now after the claimed discovery of a huge flaw in their safety assurance theory, I think it is better to enjoy the time we've :) the doomsday does not seem far ahead.

Wednesday, January 28, 2009

Statistics on browsers usage

While I was analyzing some statistics on my blog, I came across this interesting info. Based on so many visitors who visited my blog from more than 100 different cities around the globe in the past two months (since it's inception), this is a summary of the browsers used by the visitors.

Browser % of users
--------------------------------
firefox 62.09
IE 28.83
chrome 6.28
safari 1.86



I think it is possible that these numbers are slightly skewed because the nature of the users visiting my blog are mostly similar (someone related to a computer profession most likely). However, from the huge gap that is existing between the numbers, I would not expect this order to change even if the numbers do.

At least to me, the numbers aren't surprising. That's what they deserve.

Wednesday, January 21, 2009

MoneySaver, HomeSaver, MaxGain -- what's special?

=== specific to India ===

Disclaimer: I am not providing investment advice or anything of that sort. I'm just sharing my experience and knowledge on this topic. Use your own conscience and decide on your investments. You can consider my inputs but the decision is solely yours. I'm not in any way responsible for any profit/loss that you might make based on the information available in my blog here.

What are these? These are the names of a special variant in home loans. Inspite of being many years old and having tremendous power/flexibility, this home loan variant usually goes unnoticed.

Even today, not all banks have this option. Even HDFC does not have one. ICICI calls it MoneySaver, Standard Chartered Bank calls it HomeSaver, HSBC calls it SmartHome and SBI recently launched its own version as MaxGain -- this may not be the complete list. Banks are slowly starting to catch up!

So whats so special about it? All the usual terms of a standard mortgage loan applies to this loan too. However, along with the loan you would also get a current account associated with it. The exact linkage between the current account and the home loan is being handled by different banks differently -- but whatever it is the essence and the effect of this loan type is the same.

You would be paying EMIs normally just like how you would on anyother home loan. In addition, you have the option to deposit more money into that current account. Any amount deposited into the current account gets debitted from your home loan's outstanding principal -- interesting? So you would not be paying interest on this portion anymore. In its effect, it is as good as you have prepayed a portion of your home loan without any prepayment penalities. In an investor's perspective, the current account earns your money interest at your home loan interest rate. What is even more interesting is that you have all flexibility to withdraw that money out of the current account anytime you want (maybe you are in a short credit crunch) and deposit it back whenever you want.

For any loan, the EMIs are devised in such a way that it is slightly more than the interest that you are supposed to be paying. So the rate at which the principal component is repayed is very small in the initial stages. Over time, the gradual reduction in the principal decreases the interest liability, which naturally increases the principal component that you repay in every EMI. These types of loans give you the flexibility to increase your principal repayment as you like it anytime you want -- now, this is a boon.

In the kind of downturn that we see and with the increased interest rates on loans, these kind of loans would generate stable risk-free return with total liquidity. Any money that you own and that you think cannot generate a return at the rate of interest of your home loan, would atleast have a reasonable place to reside. Even the high interest rate fixed deposits are not close to the home loan interest rates.

Then why would anyone not take this loan? Yes, there is a catch. This loan is availed at a premium on the interest rate. The interest rate margin might differ from bank to bank but usually it is around 0.5%-0.75% more than the normal interest rate (be it floating or semi-fixed or fixed). I think this loan in benefical for anyone who has a consistent increase in their annual income (ineffect a consistent increase in their repayment capability).

An example: A 20L loan at 11% p.a for a tenure of 240 months (20 years) will attract an EMI of around 20K per month. If you manage to save 5K more every month and deposit in the current account, the same loan would be closed in just around 140 months (~12 years).

Atleast consider this option before making your next choice!

Monday, January 19, 2009

Backing up backups

Be it a corporate or an individual, backups are essential -- though not many individuals realize until the disaster strikes. This post is only about individuals.

Are you an individual who regularly backs up your stuff and feel good about it? huh hold on. Maybe not, you might be missing to do something.

While the number of people even thinking about backing up their stuff is minimal, you don't have to ask about number of people who would want to backup their backups. But in my opinion that's very essential based on the backup medium that you have chosen to backup.

There are three things one has to worry about:
  1. The lifetime of the data in the media
  2. The lifetime of the media's technology
  3. Disaster recovery
In my opinion, the most common means of backing up is on CDs (and recently DVDs). But how long does the data stays on the medium? The answer depends on a variety of factors including the quality of the DVD, quality of the dvd-writer, storage environment (humidity, temperature etc.,). While there are PIE/PIF tests to measure the quality of the medium, it is still not very easy to manipulate and ensure the life-time of the data on a CD/DVD to an acceptable degree of accuracy. The lifetime can even be as low as few months to as good as 15+ years. On an average the data on a DVD is claimed to live for about 10 years (a side note: there seems to be some manufacturers to seem to be selling high quality DVDs which would last for 100 years -- possibly true on the quality of the medium). So on an average, what you had backed up 5 years ago is only going to live for another 5 years -- scary? but that's the fact.

This is when backing up the backups seems essential. For peace of mind, you might probably want to backup the backups every few years and shred the old copies -- this to me is the easier and safer approach, but expensive (btw, data is priceless). On the other hand, you can choose a media that has a longer lifetime. Well, I personally don't trust the magnetic hard disks for long-term backups. They have new factors coming in as issues like shock, magnetic exposure etc., (maybe solid state disks can be a future option). So another possible option is to choose an online backup mechanism, where you push your problem to someone else (for maintaining the data) and pay a premium. Yes, the factors of reliability and privacy comes in here. Privacy can be handled by key based cryptography but reliability is still a concern here -- what it the company goes bankrupt? -- nothing new as of today. I've no specific recommendation, neither do I know of enough options.

The second issue being the lifetime of the media's technology. I would not be happy to have backed up my data for the last 15 years but only to know that I can't read the data because it was all in floppy disks! Floppies are almost extinct now and it is many years since I used a floppy. This is mainly due to data explosion wherein 1.44 MB of data is almost negligible these days. It was fortunate that it turned out to be a smooth move from CD to DVD's as the technology is similar and the DVD drives were able to read CDs -- this isn't necessarily true as the technology evolves further. I know so many people who still have their marriage videos in VHS cassettes -- you should remember that this was a conscious decision they took to save those moments for the future. Today, either the cassette would have gone bad due to fungal growth or they would not find a VHS player to enjoy the show. They didn't intend to lose it, but they didn't know. Solid state disks are becoming popular and are seeming to be the best bet for portable use and being read/write'able. The point is not about what would be the next generation storage medium but about the fact that whatever it is, there is no guarantee for it to be backward compatible.

The last thing is the 'disaster recovery' -- what if there is a physical damage to the medium due to natural calamity, fire, theft etc., This is one of the difficult problems to solve for an individual. The only solution is to keep a copy but that risks privacy. Maybe an online backup coupled with a personal media backup might help...

So please be aware of the problems upfront; finally the data is yours and the decision is yours.

Friday, January 16, 2009

My pencil arts - #2

First 3 photos are photographed, while the last one is scanned. Hence the difference is the color levels.







Thursday, January 15, 2009

Abouticon


Male




My pencil arts - #1

This is one of my pencil arts. People who know me in orkut would have already seen this. Just publishing here to make my blog complete :) I will bring in my other pencil arts too.

[Click on the images to see a high resolution image]







Tuesday, January 13, 2009

The great indian petrol bunk fraud

This fraud is nothing new to most people who fill petrol to their bikes/cars in India. Neither to me -- but a recent recurrence was too enraging that I want to atleast shout out here in my blog.

For those very few who are not aware of this fraud (most likely because of not personally going to fill petrol), here is the how it works:

1. Assume a person in front of you fills petrol for Rs 100.

2. You go next and ask him to fill in the petrol for Rs. 200 (here is the catch, they would be able to do this easily and successfully when your fill amount is higher than the previous one).

3. He shows you zero and exactly then, a guy standing on the opposite side of the meter across your vehicle will call you 'sir how much sir' or 'sir is it by card or cash sir' or 'sir sir sir...' until you get distracted and turns towards him.

4. If you aren't aware of this trick, you would naturally react to your impulses and turn towards him (away from the meter) -- at this point, the person who is (actually pretending to be) filling just presses a button on the machine which shows the previous reading (which is Rs.100).

5. When you turn back, he pretends as if he has already filled for Rs.100. You would obviously say it is for Rs.200.

6. With the happiness of looting Rs.100 in a matter of few seconds, he would again configure the meter and fill in for Rs.100 more.

That's the end of the trick and you have just lost Rs.100. We would feel like an idiot and he is ready for the next attack. Someone is waiting in queue to get looted.

Having explained the fraud, let me come to the recent incident. I'm very much used to this fraud that I've never been cheated like this (except once -- when I learnt it the hard way). Last week, I was in a petrol pump (Beware: it is the BP petrol pump in udipi garden signal, BTM 1st stage, Bangalore) in queue. I could clearly see this fraud happening just in front of me and unfortunately that guy infact got cheated. I was atleast 5 bikes away that I could not do anything about it (maybe I should have). In some ways it was very enlightening to see those people's expressions at the time of fraud. The guy after looting Rs. 100 immediately became so polite to the bike rider; after all he is the one paid Rs.100 for nothing in no time. I felt like kicking him in his face. There is one guy who keeps a look out for the amount that people are going to fill so he can time their attacks. And if you somehow manage to crack their effort, they look at you like enemies. grrrr..

Ok, then came my turn in the queue. The guy in front of me filled in for Rs.100. I wanted them to try this against me and so asked him to fill in for Rs. 200. Ok, all set. This guy shows me the meter reading zero and puts in the nozzle into my bike's petrol tank. I could see the other guy coming around me to distract. I was just looking at the meter, it wasn't moving at all. The other guy calls me, I showed no response while still looking at the meter. After a delay of around 10 seconds, there was still no petrol and no meter movement (as he was waiting for me to turn around, to press that magic button to get him Rs.100 in no time). At this point, I really got pissed off and I shouted at him that I know what he was trying to do. He pretended as if he is innocent. Then I told him that I even noticed that they cheated a guy infront of me and I'm going to complain about this. This is when I got the shock of my life. He simply laughs at me and tells me 'Talk in Kannada, no english, no hindi'. I'm sure he understood whatever I said, but found an easy and daring escape. The kind of dare he had in his tone was so shocking; both were just laughing at me --- I should admit I felt like an idiot. After staying in bangalore for 4 years, I regreted that I never bothered to learn kannada (atleast bad words so I could have bashed them). The kind of confidence he had in this act, shows that he is not doing that alone or just with two. Almost every other filler in the bunk does this, and every bunk does this. If someone complains to their manager, they will play an immediate drama and bash that employee or even fire him infront of us -- but nothing really happens. I believe someone sitting in a AC room also has a stake in this.

It is really disgusting that we really have to fight for basic loyalty and that we are unable to do anything against such a common fraud. It has become so common and widespread that if you are ever cheated, instead of blaming them you would be blamed for your negligence.

I'm sure just like me you might have heard and experienced a number of such incidents.

Monday, January 12, 2009

EKSI -- an acronym of recent times

Recently I came across this acronymn EKSI being used widely in forums (Later I realized it was only used by those who know tamil). I had no clue as to what it means and googling does not reveal anything obvious.

Finally I had to ask one of those guys who used this and it turns out to be the abbreviation for the most famous tamil dialogue 'Enna Koduma Saravanan Idhu' --- EKSI :)

For those who don't understand tamil, this is a dialogue said by actor Prabhu to actor Rajini Kanth in the film Chandramuki (tamil). This dialogue became so famous and is used in various contexts generally to insult a work in a humorous tone :)

Watch the original clip and actor Prabhu's reaction: LOL!

Friday, January 09, 2009

Creating custom Holiday (.hol) file for MS Outlook

A holiday file (.hol) is used to add/share important dates in Microsoft Outlook calendar. This not only helps easing the process of adding the holidays, but also makes it easy to share them across with your colleagues or friends. eg., you can create a holiday file for 'holidays for the year 2009' and share it with your friends or create 'birthdays in our family' and share it without your family members.

A holiday file can have 1 or more sections each separated by an empty line. Each section is of the following form:

[Name of the section]<number of elements>
<Name of the holiday>, yyyy/mm/dd
<Name of the holiday>, yyyy/mm/dd
(as many entries as the number of elements)

<next section>

A sample holiday file with only one section will look like, (sample covers only upto Apr 2009)

[Public Holidays 2009]5
New Year Day,2009/01/01
Pongal,2009/01/14
Republic Day,2009/01/26
Ugadi,2009/03/27
Good Friday,2009/04/10

You can create as many sections as you need like this.

Installing holidays from a holiday file:

Installing holidays into your outlook is very simple. Make sure outlook is running. Double click the .hol file. A popup is opened which displays all the sections in your .hol holiday file. You can select the sections you want to import and all the associated holidays get added into your outlook calendar. Thats it.

If my mistake you tried to add the same section again, Outlook asks you if you want to add it again. Remember that, adding it again does not mean replacing it. If you add a section again, you will see duplicate entries in holidays for that section in your calendar.

Now, you can create your own holiday files as necessary and distribute them.

Think Twice, Act Wise

Courtesy: Pravs World

Don’t make promise when you are in joy.
Don’t reply when you are sad.
Don’t take decision when you are angry.

Think twice., Act wise.

Thursday, January 08, 2009

Caller Location Info v 0.2 for WinMo

Licensed under

[Update: 29-Aug-2009] A recent version of this app is available. See here.

Here is the next version of my Caller Location Info app for Windows Mobile (for India).

After I had release v 0.1, there was too many requests for making this app work for countries outside India and for landlines. Unfortunately, it is not feasible to implement a "similar" approach for most countries outside India. Please note that I do not claim that it is not possible at all. So when I got time, I extended the app for showing the city names for landlines -- based on the STD codes in India.

The installation instructions and other properties remain the same. See the earlier post for that.

Snapshots: (v 0.2)







Download the CAB installer.

Enjoy!

Wednesday, January 07, 2009

GeraldApp License


GeraldApp License

version 1.0, Jan 2009
Copyright © 2009 Gerald Naveen (http://geraldnaveen.blogspot.com)

The license imposes the following Terms and Conditions:

1. The application is free (free as in free beer; not free as in free speech) for personal use. Any commercial use in any form is strictly not permitted.

2. You are free to copy/distribute this application provided your distribution carries this license "as-is" in a TXT file.

3. The application is originally developed "only" for my personal use. I share this application for the benefit of others, "as-is" without any warranty. I'm not in anyways responsible for any damage of any sort caused as a result of using this application. Use at your own risk.

4. I respect open source and support it, but I'm not willing to share the source of this application to be on the safer side and not to attract any legal violations from my current or future employer(s). Please understand and do not ask for source.

5. The features of the application are based on my own requirements. You are free to comment on the features and enhancements at my blog. However, I'm not committed to making any change or even bug fixes, unless I find the need and time.

6. Any re-post of this application in a different website should include a HTTP URL reference to the corresponding page of my application in my blog. I find my applications being re-posted on various blogs/forums without any reference to me. This is not permitted.

Any reference to GeraldApp license without a version number will refer to this version (v 1.0) of the license.

=== end of license ===

Tuesday, January 06, 2009

Ask For More

Courtesy: Pravs World

It is not because things are difficult, that we do not dare.
It is because we do not dare, they seem difficult to us.

Dare to take on your difficulties.
Once conquered, you will ask only for more.

Monday, January 05, 2009

Botnets -- a dangerous threat

Botnets is a short form for network of robots. In this context, a robot (or a bot) is really a computer program. A bot in theory is not malicious always. Theoretically bots re computer programs meant for performing an automated task without any need for user interaction. But they have become a real scope for security threat these days. A maliciously coded bot just distributes itself across the network all over and tries to do the damage.

End-user computers might be highly vulnerable to viruses/malwares due to the ignorance of the users or being lethargic. However most servers are very well protected by qualified admins from any such vulnerabilities. But any server is still vulnerable to Denial of Service (Dos) attacks. Especially Distributed DoS is almost a impossible problem to solve based on the level of distribution. IP blacklisting is impractical in DDoS. This is the vulnerability that the botnets mostly exploit. They just bombard the server with requests that the server has to go down or become so slow that it's as good as dead.

The most worrisome part of botnets is that they are spread all over before they begin the damage. Even yours and my computer might have one or more botnets without we knowing about it. Botnets are difficult to identify as they mostly do not harm the infected computer -- after all that is not the intention. They use your computer as a shooting shoulder.

So how do they know when to attack and whom? They have the concept of command and control. There is a botnet commander who issues commands to all the botnets and assigns their next job. No, it is not possible to blacklist the commander from the network, as over time the hackers have matured and now there is usually a swarm of commanders. The commanders themselves are usually distributed ; there is usually a super commander which leads the swarm and they know how to elect a new superior if the existing one is found missing (probably shot down).

It is feared that there are thousands (or even more) of such botnets (not just bots, but networks) around the Internet -- and this is still growing at a fast pace. It is very difficult to spot the botnets as they reside on end-user computers as innocent and invisible applications. I read that some new versions of AntiVirus products detect the presence of bots on the end-user side -- but not sure on what basis (maybe rookits?) and how effective are they. So even though the botnets exist for sure, the extent to which they have spread in the Internet is still a dreadful speculation.

Now comes the scary part. It is feared that these botnets might form the future of cyber war. In years to come, these might have occupied billions of computers all over the world and someone remotely might have full control over all those computers and do what they want! With the pace of development in technologies and the reliance on the Internet for various services, in the future, these botnets might not just cause financial, technological, political damage but may even cause human casualty. It is also feared that some techies are cultivating these botnets all over the world and are renting it out on specific targets for a price!!! This apparently is a business!

It is really worrying that a wonderful platform like the Internet is being misused upon even before the technologies mature enough for the benefit of the mankind -- at which point, the damages that these culprints can cause could be vital!! The problem is complicated because it is to protect all the end-user computers; not everyone is aware of even the simplest of attacks, forget about botnets. In my opinion, this problem has to be addressed from being outside the endpoint security to be really robust. It's high time that security experts think of some fool-proof mechanisms to protect against these propagations and attacks -- I'm sure they know even without me having to tell them! I'm scared!

Sunday, January 04, 2009

Caller Location Info v 0.1 for WinMo

== I had developed this application in Sep 2008; posting it here to give a context to my other applications and future versions of this app ==

Licensed under

This application for Windows Mobile 5+ displays the service provider and the location to which the caller (on incoming call) or receiver (on outgoing calls) belongs. The application hooks into the Windows Mobile state notification infrastructure and the caller info is automatically shown whenever there is an incoming call or outgoing call.

This application only works for mobile numbers in India -- sorry I don't have information for other countries; rather it does not seem feasible in many countries (including the US). In fact many countries now allow the users to carry their existing number to other service providers. I heard such a scheme is on its way in India too.

This app should work on any phone running WinMo 5 or above. I've tested it only on my ASUS p320.

How To:

After installation just click on the shortcut from Programs. That's it. I've purposely not installed the shortcut in Startup folder to give full-control to the user to choose whether or not to run the app.

Sadly, there is no easy way to exit the app other than rebooting your phone - if you have applications like process explorer, you can terminate the process at your will.

Enjoy the app!


Snapshots:





Download the CAB installer.

Note:
  • It is possible that few recently allocated mobile numbers are not known to this app and will be reported as Unknown.
  • Also this version only supports location information for mobile phones (not for landline std codes).
  • The information might be wrong if the caller is roaming.

Saturday, January 03, 2009

Computer security - a complicated problem

Technology is advancing really fast..but so are security threats. With the fast growing Internet and its exposure to even a common man, security threats have become much easier to perform and much more complicated to deal with.

With only ~900 million IPv4 addresses remaining for use in the Internet (out of roughly 4294 million in total), you can imagine the number of nodes connected to the internet -- this ofcourse excludes those computers which are connected to the Internet over NAT and proxy servers. And a number of computers share a set of public DHCP IP addresses on different time slots. So you can imagine the total number of computers connected to the Internet -- it's huge! So what does it mean to me as an end user?

Earlier when computers weren't connected, the number of ways a virus can enter a computer was very limited. Infact only through removable media. This could not happen without the user interaction (atleast, the user had to insert an infected disk). But now that the computer is connected with billion others, there are billions of nodes which can affect your computer and more importantly "without" even you knowing about it!!

The traditional means of virus protection through signature will slowly go obsolete -- as there are just too many viruses. The rate of new viruses is slowly increasing and at some point, the round-trip time for the AV vendors to publish new signatures for new viruses would be too late to stop the damage. In addition, new viruses are also self-mutating (they change their own footprint while retaining the same functionality) which makes the signature based protection much more complicated and sometimes useless.

With the AV vendors already migrating towards behavior based protection, the problem is getting better but it has its own problems. The heuristics of behavior based protection has to be smart enough to catch and stop a malicious virus and liberal enough to allow a legitimate program to do its job. The problem is much more complicated than it sounds (if it didn't), and I believe it is impossible to achieve this unambiguously. To resolve such ambiguities, the applications will need to ask the decision from the user, which is mostly confusing to a common user. There is a good chance that a common user would not understand the question.

Like, what if my body asks me "The pituitary gland is trying to secrete an enzyme 'abc' and is trying to send it to your kidney -- this seems suspicious, do you want to allow this?" -- a question on a virus's behavior might look equally awkward to a common user. But for a computer user it is becoming necessary to know some intricacies about its functionality -- because the problem itself is complicated.

In spite of all these AV products, it also requires discipline from the user while using the computers (specially while having access to the threat-entry-points like removable media, email, Internet etc.,) to be really safe. I don't believe that any AV product can provide 100% security. I think 'having all possible AV products and not having self discipline is much more dangerous than not having any AV product but having self discipline'. Understanding the various security threats is crucial to protect oneself from such attacks.

A new form of security threat which is seeming the most dangerous one is "botnet". The more I think of it, the more dangerous it looks to me. It requires a separate post; will write about it later.

Friday, January 02, 2009

Google AJAX web search API

== readers through feed readers (like google reader), please visit my blogspot page to get the full context of this post. Sample scripts/formatting may not work in feed readers ==

While I was thinking about unique ways of enhancing my blog, this thought struck me -- the idea is to show a random search result from Google when searched for me. And here it is. You can see my own blogger widget on the right column, that shows a random search result.

The work needed to add our own stuff as a widget dynamically to a blog is a separate topic and I would not talk about it now. This post will concentrate only on how to use Google AJAX websearch APIs to get a search result and how to make use of it.

Obviously, Google's API would be anytime a better choice instead of trying to manage our own ajax requests to google search and parse the resulting HTML. Google AJAX search APIs are well structured, with WebSearch being one implementation of a generic Search interface. The other implementations implementing the Search interface include LocalSearch (classifieds), VideoSearch (youtube), BlogSearch, NewsSearch, ImageSearch etc., Effectively this design allows us to program any search in a very similar fashion.

For a simple user, google.search.SearchControl is an important class. This wraps the UI portion that formats and displays the search results.

A simple code:

google.load('search', '1.0');

// the UI wrapper
var search_control = new google.search.SearchControl();

// one can add any number of searchers to the search control.
search_control.addSearcher(new google.search.WebSearch());

// attach the search ctrl to a div element (ideally) -- where it populates the results
search_control.draw(document.getElementById("search_control_div"));

// this call would do a search and populate the results in 'search_control_div'.
search_control.execute("google api");
But for my requirement, this is not going to help. This will pollute my blog page. These are my requirements:

1. Only one search result required
2. Result should be randomly selected
3. Formatted in my own way to avoid cluttering

As I need to present my own UI, I don't need a SearchControl for my use. All I need is a WebSearch class. See this self-explaining code:

var srch = new google.search.WebSearch();
srch.execute("\"gerald naveen\"");
This would do the search and put the results in the "implied" read-only property named "results" of Search interface. results is an array of type GwebResult in the case of WebSearch. My script can make use of the results array to present the result in the required fashion in a blogger widget. However, the execute method (as expected) is asynchronous -- so you need to wait for the operation to complete before making use of the results array. To get notified, you need to register a callback for search completion as shown:

function when_done( srch)
{
// populate the custom widget from srch.results[ ]
// results[] is an array of GwebResult
// most useful GwebResult members : url, content, title
}

srch.setSearchCompleteCallback(null, when_done, new Array(srch));
All that is remaining for my requirement is to choose a random result. Every search page by default returns 4 results (this can be increased programmatically). There are a number of such pages. I had to randomly seek to a page and then randomly choose one result and show it to the user. To seek to a page, I used gotoPage(n) function in the Search interface.

In summary, the overall code for my search widget looks something like this: (click on expand source to view).

function my_random(n)
{
return Math.floor(Math.random()*n);
}

function search_gerald()
{
var srch = new google.search.WebSearch();
srch.execute("\"gerald naveen\"");
srch.setSearchCompleteCallback(null, when_done, new Array(srch, true));
}

function when_done(srch, first) {
if(first) {
srch.gotoPage(my_random(10));
srch.setSearchCompleteCallback(null, when_done, new Array(srch, false));
return;
}
var result = srch.results[my_random(srch.results.length-1)];
var my_ctx = "<a href='" + result.url + "' target='_blank'>"
+ result.title + "</a><br>" + result.content + "<br>";
document.getElementById("search_result").innerHTML = my_ctx;
}
For more information visit Google's official developer's guide for AJAX Search API.