GFX::Monk Home

- page 13

Richard Stallman on the Reasons People Use Cloud Computing

Richard Stallman:

I suppose many people will continue moving towards careless computing, because there’s a sucker born every minute.

(“careless computing” is Richard’s stupid replacement term for cloud computing).

This seems incredibly naive. People will continue moving towards cloud computing because:

  1. installing apps breaks computers1
  2. cloud data is available from anywhere, not just your home computer

#2 is difficult to combat (you need infrastructure, not just software). But #1 is a long-running failing of the software industry. Modern smartphones are doing well in this space, but desktop systems are still failing miserably.

I hope this is something that zero install’s ebox might make popular, although it’s a pretty big challenge.

  1. No, installing apps does not often break computers. But “not often” and “not ever” are worlds apart - particularly for computer-illiterate users, who often end up superstitiously mistrustful and scared of their own computer because of such breakages. 

Keeping Your Password Safe From Incompetent Websites

This week, user accounts for every website in the gawker network were compromised, and passwords were stolen. Passwords were evidently readable in cleartext1, and have been used to hack into accounts on other services where the same password has been used.

Folks, this is why you should never use the same password for both websites like gawker and for your bank account (or your email account, or anything else you actually care about). I use supergenpass for exactly this purpose - it gives you a unique password for every domain, and you still only have to remember one password. And it’s not one of those lame password databases that require you to carry them around with you - you can use supergenpass on a public computer with no preparation.

If you’re extra paranoid (I am), you should use the python implementation - it’s open source, and written by my friend Matt (with some additional platform integration by myself): supergenpass-python. That way, your master password never even touches a browser.

Update: According to Joseph Bonneau, the passwords were indeed salted and hashed, so they were not in cleartext after all. But it was done with a poor implementation of DES, an encryption scheme that has been considered insecure for many uses for over a decade. This just further strengthens the point that even if a website is trying to do the right thing, a number of factors can very easily ruin those good intentions.

  1. If you run any login service, do not store any passwords in cleartext. I have no idea why anyone would do this, and yet here we are. You don’t know how the websites you use store their passwords, so it’s always better to assume they are incompetent. Plus, cleartext passwords are not the only danger (a hacker with enough access could certainly modify the server to log passwords as each login request comes in). 

Background Make for GVim

I haven’t used vim’s :make command much, mostly because I don’t often use compiled languages, and setting :errorformat correctly for nonstandard programs is a dark, dark art.

Recently I got :make and :errorformat working well enough with sbt, so the only remaining problem is that vim completely locks up while the make task is going. That really sucks, as sbt can take a good 20 seconds to even just compile and install an android app.

Enter background-make (for GVim only, sorry terminal freaks). It’s not perfect, but for non-pathological makeprg settings it seems to work very reliably. It adds a :Make command that does exactly what :make does, except it does it in the background.

And it tries its very best to not disrupt you - by default, it’ll send a system notification the moment that make finishes. But it will then wait until you are in either insert or normal mode, at which point it’ll take the opportunity to pop up the error window and restore your cursor position / mode. (It has to wait for normal or insert mode because these are the only ones I can figure out how to restore ;))

It’s implemented by firing off a background make process with the current vim instance’s v:servername so that it knows where to send the results (thus the GVim requirement). Once complete, it uses --remote-send to tell the originating vim instance to open the now-complete errorfile. Oh, and it also requires a python-enabled vim, because vimscript makes me wince.

Gingerbread Goodness

On the weekend, some friends got together to make and decorate gingerbread houses. Not being a fan of the standard “gingerbread” house, I thought we should have a go at making the android mascot, in honor of the still-yet-to-be-released-for-most-of-us Android Gingerbread release (2.3). So this is what Nys and I concocted:

It may be not quite as posh as the official mascot (there was some structural misfortune while cooking the torso cylinder), but I think he’s rather cute. And sure to be delicious :)

What The Scala?

Here’s a puzzler for scala fans: What will be the console output of the following program:

def foo1() {
	println("> foo1()")
	return "foo1"
}

def foo2() {
	println("> foo2()")
	"foo2"
}

def foo3() = {
	println("> foo3()")
	"foo3"
}

def foo4():String {
	println("> foo4()")
	"foo4"
}

println(foo1())
println("---------------")
println(foo2())
println("---------------")
println(foo3())
println("---------------")
println(foo4())

Look carefully at each of the def lines, and write down what you think the output will be.

The First 50 Digits of Pi

The other day I finally got to hear “I Am The First 50 Digits of Pi” again, after what must be at least 6 years. I never saved a copy, and I’m pretty sure that I tried to find it a few times to no avail. Surprisingly, I haven’t forgotten the words in 6 years (I may have recited it a number of times since then, often with company ;)).

Go have a listen. And, perchance, a memorisation…

(view link)