Setting up Command Line Tools on Windows (no admin rights)

Step 1:

Download the tools

Step 2:

Extract them to somewhere easy, the simplest place is to extract the aws-mturk-clt-1.3.1 folder to the root of your H:\ drive.

Step 3:

Open the extracted folder (H:\aws-mturk-clt-1.3.1) and open the bin folder. Edit the file as follows:

Put your access and secret keys in on lines 11 and 12, removing the square brackets, e.g.:


On lines 20 and 24, edit the service_url lines to use https:// rather than http:// (this really does just involve typing an “s” in the right place). An example is shown below:

# -------------------
# -------------------
# If you want to test your solution in the Amazon Mechanical Turk Developers Sandbox (
# use the service_url defined below:

# If you want to have your solution work against the Amazon Mechnical Turk Production site (
# use the service_url defined below:

Save the file and close it.

Step 4

To make sure you have a working Java Runtime Environment (JRE) on the computer, open a command prompt (Press the windows key + R together, type cmd and press enter) and type in:

java -version

And press enter. If all goes well, you should see something similar to the following in the command prompt window:

java version "1.8.0_101"
Java(TM) SE Runtime Environment (build 1.8.0_101-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.101-b13, mixed mode)

If you get “java is not recognized as an internal or external command, operable program or batch file” you will need to install a JRE from or the software centre.

Step 5

Now we need to find where Java is installed. Open a windows explorer window (Keyboard shortcut: Windows key + E) and double click on the C: drive. Double click on “Program Files” and there should be a Java folder in there.

If there is not, go back to C: and check in the “Program Files (x86)” folder instead.

Double click on the java folder. There should be a jre1.x.x_xxx folder in there, the “x”s will be numbers depending on the particular version you have installed. Double click on the folder to open it.

Now, using the mouse, click in the address bar at the top of the window, immediately above the toolbar which says “organize, include in library” etc. When you click in it, the folder structure will change to a text field, with the absolute path highlighted. On the keyboard, press ctrl + c to copy this. Don’t close the window, in case you need the path again. It should be something like C:\Program Files\Java\jre1.8.0_101

Step 6

We need to set the MTURK_CMD_HOME environment variable, so that your computer knows where the tools are. Assuming you extracted the files where I told you to, the command to type in to your command prompt will be as follows:

setx MTURK_CMD_HOME "H:\aws-mturk-clt-1.3.1"

If you extracted them somewhere else, substitute the correct path in between the quotes. Press enter, and the command prompt should give a success message.

Now the slightly trickier one, we need to set the JAVA_HOME variable

Begin by typing (but NOT pressing enter yet)

setx JAVA_HOME "

Assuming you still have that path to your java installation copied from step 5, right click in the command prompt window and click paste. The command prompt window should now look something like:

setx JAVA_HOME "C:\Program Files\Java\jre1.8.0_101

Finish this off with a closing quotation mark so it looks something like this:

setx JAVA_HOME "C:\Program Files\Java\jre1.8.0_101"

Now press enter on the keyboard. You should see a success message.

Step 7

Important: Close your command prompt window and open a new one. 

In your new command prompt, type in, pressing enter after each line:

cd aws-mturk-clt-1.3.1

If the correct balance is showing, you have installed the tools correctly. Congratulations.

Experiments on Mechanical Turk

Mechanical Turk has a built in HIT builder which is basic at best. In particular, it doesn’t allow for between-subject design. The only tools available are HTML and JavaScript, which is not enough for feature rich experiments.

However, it is possible to program your experiment on your own server using any technology you wish.

Quick overview:

  • Once you have used the command line tools to load your HIT on MT, it will load on the Mechanical Turk website, in an iframe (which shows the content of your experiment on your own server).
  • The Iframe passes certain variables you need to keep hold of: workerid, assignmentid, and turkSubmitTo as an HTTP GET request to the address of your experiment.
  • The worker can now interact with your own experiment, which runs on your own server, as normal through the iframe. Store all the data you need from your own experiment as usual.
  • At the end of the experiment, you need to submit a form back to Mechanical Turk, with the variables given by the iframe earlier, so that you can pay the worker.

Step 1: Install and fix command line tools

What you need to use is the command line tools.

Download here.

Windows users, I have written a detailed guide on getting these working here

tl;dr instructions (all platforms) are

  • Extract the files somewhere sensible
  • Change the file in the bin folder to have the correct access/secret keys for your aws account, and edit both service_url lines to use https:// rather than http://
  • Set an environment variable that is called MTURK_CMD_HOME which is set to the path of the tools folder (yes the folder above bin)
  • Set an environment variable called JAVA_HOME which points to the path of your JRE (yes, the folder above bin).

Step 2: Code your experiment

So – now you need to code your experiment. You can use any language you like, but PHP is convenient as the University web server has PHP installed. If you want to use PHP v5 – you need to do some tinkering (the Uni web server defaults to v4).

Accessing the University Filespace off campus is easy using SFTP (on Windows, WinSCP is great). Address: Protocol: SFTP Port: 22

If you use Netbeans with the PHP addon installed (I recommend that you do!), you can set this up as a remote project by selecting “PHP application on Remote Server”. Then every time you save a file, it is updated in your filespace automatically.

2a) Set the university web server to use a newer version of PHP5 with register_globals off (for sanity) :

  • In the root of your DIT university H: drive, create a folder called public_html
  • Create a file called ht.access
  • Add the line: AddHandler x-httpd-php-rgoff .php

  • Save and close.

 2b) Set up your database

The university has a MySQL server that you can use to store data. If you haven’t used this before, you need to fill out the form here: for instant access.

After you have done that, you can create your database here:

Then you can use PHPMyAdmin to create your tables. Full userguide for using MySQL on the uni server is here:

 2c) Creating the start page

Create a folder INSIDE public_html to hold your experiment – eg exp1

In this folder create a file called index.php – this is what your workers will see in the preview AND when they first accept the HIT

 2d) Grabbing the workerId and assignmentId, and turkSubmitTo

MT shows workers a preview of your HIT, before they accept it. So you need to handle this.

On the first line-

<?php session_start();
//and you should probably connect to your db and make sure it’s working
//see PHP manuals for how to do that

Then add the standard html doctype etc

<!DOCTYPE html>
<title>My Hit</title>
<h1>My HIT</h1>
<p>This hit will ask you to do this that or the other and will store this stuff about you: </p>

Then you need to grab the workerid (if this is a worker PREVIEWING the HIT, this will be blank) and the assignment ID so MT knows who to pay.

In PHP $_SESSION is an array where you can store values from one page to the next so:

<?php if (!empty($_GET['workerId']) && !(empty($_GET['assignmentID'])) {
     //if this webpage was passed these two variables, the worker has accepted the HIT
     //store them in the session for when we submit later
     $_SESSION['workerId'] = $_GET['workerId'];
     $_SESSION['assignmentId']= $_GET['assignmentId'];
     $_SESSION['submitURL']= $_GET['turkSubmitTo'];

//make the start button appear, but you’ll need to comment this out until you’re finished programming and ready for sandbox testing.

//echo ‘ /*html to make your start button*/’;


Test that you can see something. Save the file. Then go to and follow the instructions

(note, you MUST use HTTPS)

Then your page will be visible at

where is the first part of your email address (before the @).

2e) Program your experiment. Can’t help you here 😀

If you’re using the uni filespace, you need to run the publish script each time you create a file, otherwise you will see 403 forbidden errors.

2f) Submit your data to MT

After Workers finish your task, they need to submit to MTurk for payment. So the final step is a form like this:

<form id ="mturk_form" method ="POST" action = "<?php echo urldecode($_SESSION['submitURL']).'/mturk/externalSubmit'; ?>"

<input type="hidden" id="assignmentId" name="assignmentId" value="<?php echo $_SESSION['assignmentId'] ?>" />

<input type="hidden" id="workerId" name="assignmentId" value="<?php echo $_SESSION['workerId'] ?>" />

<!-- any other data you want to send to MT send in a similar way, using hidden form fields. These appear on your requester interface on the MT website for when you approve/reject responses. I usually send the time taken, to reject those who did it too quickly etc.-->

<input id="submitButton" type="submit" name="Submit" value="Submit to MTurk"/>


You can add more variables using hidden input fields as above, which show on the MT interface when you are approving or rejecting results. This makes life easier as you don’t need to check each one in the db to see if their response is valid. I usually include the time taken to do the experiment.

3. Set up the HIT files for Mechanical Turk

The command line tools are responsible for telling mech turk about the HIT, and making it live on the system.

Inside the command line tools folder (eg C:\mech-turk-tools-1.3.1) there is a folder called Samples. In there are some basic samples, and the files you need to edit are in the external_hit folder.

Basically you edit the files: How much you are paying, and how long you want your experiment to run for (the file is commented).

I usually set the location to US only and the acceptance rate of workers to be >=90% to work on the HIT, to do this, paste:


To the bottom of the properties file.

external_hit.question: Put your URL of where your experiment is inbetween the <ExternalURL> tags. Replace whats there already eg

(note: make sure that you use https:// otherwise browsers will not display your HIT).

external_hit.input: If you want a between subject design (one worker, one variant, one response), add two lines:


If you have many variants of your study, and you want to allow workers to take your HIT many times and see each variant (and be paid many times), put the names of the variables to change in this file, along with their values. (Within Subject Design). This is documented on the MT website.

4. Testing

As you should have coded in that the 3 GET variables (workerId, assignmentId and turkSubmitTo) are needed for the HIT to start, this makes testing a pain. However, you can use my MT Simulator to get round this 🙂

When you are ready for a final test on the Mech Turk website, ensure that you have the sandbox selected in the command line tools:

Go into the bin folder in the mech-turk-tools-1.3.1 folder, and open the file. Comment out the production URL and uncomment the Sandbox URL (the file shows where these are).

Open the command line tools. Enter:

cd ..\samples\external_hit

(on mac/linux use a forward slash)

Then go to and sign in to take your own experiment to check it works. The command line also outputs the direct URL of your HIT.

If you have included qualifications in the properties file – comment these out (put a # in front of all the lines in the qualifications section) before deploying to the sandbox or you may find that you aren’t qualified to take your own HIT! 

5. Deployment to Live System

  1. Expire the HIT on the sandbox. You can do this at
  2. Clear your db of testing data
  3. Uncomment the qualifications in the properties file
  4. Change the file (in the bin folder) to use the production site instead of the sandbox
  5. Then run the same command as in section 3 to make your HIT live.

6. Approving and Rejecting Results

I find that the easiest way to approve/reject results is to not use the tools. Use the web interface here. Your external hit will be there and you can accept/reject the results as they come in.

Mapping your DIT filespace at Home.

Follow this guide to get at your filespace from home, (or if you’re on Eduroam/Resnet) and map it as a network drive.

Not for the faint hearted, but is possible. You need Putty.

1. Creating a loopback adapter

We need to add a loopback adapter, for various reasons, the primary one is to avoid conflicts in the windows networking system. This is completely safe. To initiate the process:

Windows 7/Vista:

Press the windows key + R together to bring up the Run box again. Enter devmgmt.msc and press OK.

This opens Device Manager. You need to click on the very first item (which will be your computer’s name) in the list of devices. Then click on the “Action” menu and click on “Add Legacy Hardware” and press next.

Windows XP
Go to the control panel and click on “Add Hardware“. Click on “Yes the hardware is already connected“. Then Select “Add a new hardware device” (at the bottom of the list).

Now click on “Install the Hardware that I manually select from a list (Advanced)” and press next.

On the next screen, scroll down and select “Network Adapters” and press Next.

Once the next screen has loaded, select “Microsoft” in the manufacturer panel on the left, and select “Microsoft Loopback Adapter” on the right. Then press next and the adapter will install.

2. Configuring the adapter

Press the Windows Key + R to bring up the Run box. Enter ‘ncpa.cpl’ and press OK. Right click on the adapter which says “Microsoft Loopback Adapter” and Click Properties. Untick “File and Printer sharing for Microsoft Networks” and Internet Protocol Version 6 (if it’s present). Click on Internet Protocol Version 4 (or TCP/IP v4) and then click Properties.

Select “Use the following IP address” and enter as the IP address and as the Subnet mask. Leave the other boxes blank.

Press Advanced. Click on the WINS tab at the top. Ensure “Enable LMHOSTS lookup” is ticked and “Disable NetBIOS over TCP/IP” Is selected. Then press OK.

Then press OK again. Then press Close. 

IMPORTANT: Reboot your computer now. 

3. Getting connected.

Win Vista/7 ONLY: open a command prompt as administrator on Win Vista/7 – start-> all programs -> accessories, right click on command prompt and select “Run as Administrator”).
then at the prompt type:
net stop server
and press Enter

Leave the window open.

Open Putty. In the first screen, the Host Name is “”

In the panel on the left, under connection -> expand the SSH group and click “Tunnels”.

In the Source Port, enter

In the Destination port enter: (PGRs from anywhere/Foresterhill Staff) OR (Staff based at King’s Campus)  OR or (Ugrads/PGTs)

Then press Add.

Then repeat the process to add as the local port
and yourserver:139* as the Destination

* use the same value as for the previous Destination port.

Then tick “Local ports accept connections from other hosts” at the top of the box.

For your sanity:

Click back on “Session” at the top of the left panel, enter “Uni” underneath “Saved Sessions” and press Save.

Then press Open.

Enter your DIT username and password when prompted to by Putty. Then minimize it (but DO NOT close it)

4. Finally. mapping the drive

Go to start-> computer

Click “Map Network Drive”. If you can’t see it, press the alt key and the menu bar will appear. Click Tools -> Map Network Drive. (On XP, just go to Tools-> Map Network Drive).

In the “Drive” box, you can pick a letter for this share. It doesn’t matter which you pick.

In the Folder box enter:


Tick the box that says “Connect using different credentials” and Click finish.

Then when prompted – enter uoa\dit123 (where dit123 is your username) as the username, and then your DIT password as the password.

Voila, you should see your H: drive.

Win 7/Vista only: now in your command prompt window enter
net start server
to restart windows networking. You can close the command prompt now. 

Reconnecting in the future

On XP you don’t need to stop and start the Server service.

To reconnect in the future, just do as in section 3. As you saved the session, you don’t need to add the tunnels again. Just double click on “Uni” in saved sessions to reconnect.

Your network drive should then still be there, and accessible as long as putty is open.

What about my CSD space?

It’s possible to use the same instructions to get at your csd space on filer.

Just use “” as the server to connect to in Putty

And use filer:139 as the destination server (same source ports) in the tunnels panel.

Facebook “Privacy Leak”

How is it that despite Facebook’s claims to the contrary, users of the site swear blind that their private messages have now appeared on their timeline?

Here is my explanation of it, and why it’s causing so much confusion, and why you may still need to worry.


Several users have asserted that their private facebook messages, sent from 2007-2009 have recently appeared on the timeline, like the example shown below:

However, Facebook have denied this, and state that the messages were always public.

Cast your mind back…

…to 2007. Facebook looked like this:

Note that:

  • Status updates were separate to wall posts
  • Commenting on wall posts was not possible
  • When someone posted onto your wall, to say hi, you would then write back in a separate post on their wall. Facebook even provided a “see wall to wall” button which would show the conversation.
  • It was extremely common to have conversations in this manner, as privacy concerns were not as widespread as now.
  • Chat did not exist.

Roll on 2009

Facebook did away with separate status updates. These became wall posts, and instead of replies being written in a separate post, comments arrived.

The feature for restricting the visibility of individual posts arrived, providing greater security. Networks also disappeared, along with the default security setting of “share with everyone in my networks”. Security changed to “friends only” by default on new posts.

But the privacy settings on older posts was unchanged unless you took action.

Roll on 2011

Timeline arrives. Previous status updates, and crucially, your old “wall to wall” conversations become visible in the timeline, giving the illusion of private conversations appearing. See the example on my timeline below:

This is especially convincing as only half of each conversation appears, making it look like some messages and not others leaked out. As the “See wall to wall” feature is now missing, they don’t make sense on their own.

Roll on 2012

After a user interface change which makes these posts more visible, someone in France spots this, panics, and causes a security scare. It’s easy to disprove: there is no duplicate message in your inbox as on your wall.

Facebook have checked every case, and have found that the conversations were always on the wall. It’s hard to remember the old incarnations of websites.

So no need to worry?

The moral of the story is to go back to 2007-2009 and check which conversations you had, and remove anything defamatory. Remember the privacy settings on older posts may still be global.