Planet Larry

cvechecker 0.2 released

I’ve made version 0.2 available of cvechecker. It fixes some build warnings and also supports the normal “make install” step. The pullcves command now also pulls in the latest versions.dat file. Special thanks to Per Andersson for reporting that the ./configure didn’t fail if sqlite3 or libconfig wasn’t available – that should be fixed now as well.

In my Gentoo overlay, cvechecker-0.2.ebuild has been put available. Thanks there to webkiller71 for helping out with a more sane approach to cvechecker-0.1.ebuild – I hope I didn’t screw up his changes in 0.2 too much ;-)

Public Infrastructure

cc licensed flickr photo shared by Jürgen Geuter (tante)

The picture you see on the right was taken a few days ago in our “new” house. We recently moved into a new place and the house we rent now was build in 1865 so the neighbors gave the owner this picture when he bought the place (a few years ago). It shows the house how it looked around 1955 and aggregates all the different owners and how the house was build and whatnot. I am not a historian but it is kinda neat.

In Germany we’ve had some discussions about Google Street View. Many people complained how a private company could do that and how it was a huge invasion into people’s privacy, especially considering how Google makes its money selling advertising and considering how good and effective Google is with crossreferencing and linking data.

The other side of the argument supported Google, pointed at the fact that those are just pictures (and you can get your house removed). This argument focuses on the possible uses of this neat technology.

Now I don’t want to rehash the whole thing (in fact I don’t really wanna link anything because most posts and texts about the whole discussion are borderline retarded, but I want to bring us to stand back and look at what’s really happening, apart from all the recent “Google hate” we’ve been seeing here.

Step one. Let’s restate what we can consider “fact”.

1. Taking photos is somewhat of a touchy thing, people and license plates etc should be anonymized.
2. Google will use the whole thing to profile its users better, to sell more ads and make more money.
3. The service can be really useful (for navigation, to estimate an area you think about moving to etc).
4. The problem is not only Google, we wouldn’t trust the government with that kind of data either.

Step two. Let’s analyze some further thoughts.

1. Many of the direct privacy concerns can be deal with through technical means (i.e. anonymizing people’s faces and stuff). While any software will make mistakes, it still is good enough and the errors can be fixed quite simply by the community.
2. We don’t want all that data in the hands of an entity that has interests that might go against ours.

Step three. Let’s draw conclusions.

1. We have to forbid untrustworthy entities from gathering that kind of public data.
2. We need a trustworthy entity to provide that kind of data in order for the public to benefit.

All those complaints about the bad bad Google or the bad bad Government are not without merit. In fact they do have a lot of weight: Google could take that data and close it off at any given time. And just cause they publish anonymized data does not mean that they won’t use the unfiltered images for something shady in the background. But should that mean that useful services shouldn’t be implemented?

As we have also seen, many people don’t trust “the government”. I wouldn’t either. Because it’s my job to always check on my government to see that they ain’t breaking the rules for the simple reason that we are the people which makes us boss.

So with the government dropping out of the equation and profit-oriented organizations also not sounding all too pretty there can be only one conclusion: We need to find ways to have non-government, non-profit organizations handle that kind of stuff. They can provide the data in a form that we can consider “clean”. They can also provide it for free. But the crux of the matter is: Right now we lack a framework to really finance that kind of endeavor.

Money for big projects that might help the public either comes from the government or from companies. And if you start pissing those off by not giving them what they want, you will find yourself without funding quite quickly.

If there’s one thing we can learn from the whole Google shebang it’s that right now we have no way to publicly fund infrastructure in a reliable and independent way. That’s what should scare us, not that Google’s engineers decided to kinda “fix” the situation.

Think of how much historians in 20 years would thank us for a yearly updated OpenStreetView that would allow them to analyze and show how a certain area changed. We need to find way to fund those infrastructure projects and we better do it fast. Because when those things are all privatized I don’t see a big push for an independent solution pick up any steam.

People care about things working. They want to get something done and if something gets it done good enough that’s fine. The whole license and freedom angle that some people (like me) might support does not interest many people in the least. Wikipedia (or maybe better WikiLeaks) are somewhat good examples for what we want: Independend data providers that allow people to get something done. But how can we get those projects funded?

creating c++ classes using python scripts

motivation

lately i had to create 31 classes( 31x .h and 31x .cpp), that is 62 files. i thought about doing that with Qt itself but i think this can be done much more elegant with python.

what i like most about python is the string handling using “”" and “”". this is very nice as one does not have to escape much. it’s basically copy’n'pasting the code and the places the script should replace some string names are altered using a $ sign.

the script

#!/usr/bin/python
# -*- coding: iso-8859-1 -*-
import os
import string
from string import Template

modules="""
Utils NoiseMapBuilderPlane      1 0 0
Utils RendererImage             1 0 0
Utils Image                     1 0 0

Generator Perlin                0 0 1
Generator Billow                0 0 1
Generator RidgedMulti           0 0 1
Generator Checkerboard          0 0 1
Generator Const                 0 0 1
Generator Cylinders             0 0 1
Generator Spheres               0 0 1
Generator Voronoi               0 0 1

Combiner Add                    2 0 1
Combiner Max                    2 0 1
Combiner Min                    2 0 1
Combiner Multiply               2 0 1
Combiner Power                  2 0 1

Modifier Abs                    1 0 1
Modifier Clamp                  1 0 1
Modifier Curve                  1 0 1
Modifier Exponent               1 0 1
Modifier Invert                 1 0 1
Modifier ScaleBias              1 0 1
Modifier Terrace                1 0 1

Selector Blend                  2 1 1
Selector Select                 2 1 1

Transformer Displace            1 3 1
Transformer RotatePoint         1 0 1
Transformer ScalePoint          1 0 1
Transformer TranslatePoint      1 0 1
Transformer Turbulence          1 0 1

Spring Mapgenerator             1 0 0
"""

myclass_h="""
#ifndef $MYIFNDEF
#define $MYIFNDEF

#include <DataAbstractModule.h>

#define ID "$MYMODULENAME"

// http://libnoise.sourceforge.net/docs/group__modules.html

/**
   @author Joachim Schiele <js@lastlog.de>
*/
class $MYCLASS : public DataAbstractModule {
public:
    $MYCLASS();
    ~$MYCLASS();

    QString identify();
};

#endif
"""

# testing code for the .h creation
#t = Template(myclass_h)
#s = t.substitute(MYCLASS=myClassName, MYMODULENAME=myModuleName, MYIFNDEF=myIFNDEF)
#print s

myclass_cpp="""
#include "$MYMODULENAME.h"
#include "ModuleFactory.h"

#include "registermodule_macro.cpp"

M_REGISTER($MYCLASS);

$MYCLASS::$MYCLASS() : DataAbstractModule($IN,$MOD,$OUT) {
  setProperty("FIXME", 112);
}

$MYCLASS::~$MYCLASS() {
}

QString $MYCLASS::identify() {
    return ID;
}
"""
# testing code for the .cpp creation
#t = Template(myclass_cpp)
#s = t.substitute(MYCLASS=myClassName, MYMODULENAME=myClassName,IN=portIN,MOD=portMOD,OUT=portOUT)
#print s

# this code will create directories, place cpp and h files into these directories
newlines=modules.split('\n')
for i in newlines:
 mylist=i.split()
 if len(mylist) > 0:
  myClassName=mylist[1]
  myCategoryName=mylist[0]
  myModuleName=myCategoryName + "::" + myClassName
  myIFNDEF=myCategoryName.upper() + "_" + myClassName.upper() + "__HH"
  portIN=mylist[2]
  portMOD=mylist[3]
  portOUT=mylist[4]
  t = Template(myclass_h)
  s = t.substitute(MYCLASS=myClassName, MYMODULENAME=myModuleName, MYIFNDEF=myIFNDEF)
  #print s

  # creating the directory for the module, based on it's class
  if not os.path.exists(myCategoryName.lower()):
   os.mkdir(myCategoryName.lower(), 0777)
  print "modules/" + myCategoryName.lower() + "/" + myClassName + ".cpp"

  # creating the .cpp file
  f = open(myCategoryName.lower() + "/" + myClassName + ".cpp", 'w')
  t = Template(myclass_cpp)
  s = t.substitute(MYCLASS=myClassName, MYMODULENAME=myClassName,IN=portIN,MOD=portMOD,OUT=portOUT)
  f.write(s)

  # creating the .h file
  f.close()
  f = open(myCategoryName.lower() + "/" + myClassName + ".h", 'w')
  t = Template(myclass_h)
  s = t.substitute(MYCLASS=myClassName, MYMODULENAME=myModuleName, MYIFNDEF=myIFNDEF)
  f.write(s)
  f.close()

summary

FCron in practice — my fcrontabs shared

I've already stated my allegiance to FCron, but after using it for quite some while and writing an article or two about it already (see Publications subpage), I think it's time I shared my fcrontabs.

Since FCron is such a nice and vertisable command scheduler, I can depend that everything's going to get done even though my laptop is not up 24/7.

fcrontab -e systab lets me edit my system fcrontab (note: systab ≠ root's fcrontab):

# All FCron notifications are e-mailed to normal user
MAILTO=hook
 
# Updates 'slocate' in 'man' every day.
%daily,nice(7),random,mail(no) * 10-14 makewhatis -u
%daily,nice(7),random,mail(no) * 16-18 updatedb
 
# Once a month (as soon as possible) my Portage tree is updated and the results e-mailed to my normal user's account.
%monthly,nice(7)mail * 16-23  * eix-sync; emerge -DNuvp world
 
# Once a month (on a random day in the second half of it) some general cleaning of the Portage tree; again e-mail of results.
%midmonthly,nice(7),random,mail * 16-23 * eclean-dist --destructive --nocolor; eclean-pkg --destructive --nocolor; eix-test-obsolete detailed

And here's my normal user's everyday stuff, accessible by fcrontab -e:

# Twice a week the weather report gets printed automatically and an e-mail notifies me when I can take it from the printer or whether there's been a problem
%weekly,mail * 06-23 sleep 500; wget <a href="http://www.yr.no/place/Slovenia/Ljubljana/Ljubljana/varsel.pdf" title="http://www.yr.no/place/Slovenia/Ljubljana/Ljubljana/varsel.pdf">http://www.yr.no/place/Slovenia/Ljubljana/Ljubljana/varsel.pdf</a> -O /tmp/vreme.pdf && lpr /tmp/vreme.pdf && echo "Weather report printed." || echo "ERROR: Weather report *not* printed!" ; rm /tmp/vreme.pdf*
 
%midweekly,mail * 06-23 sleep 500; wget <a href="http://www.yr.no/place/Slovenia/Ljubljana/Ljubljana/varsel.pdf" title="http://www.yr.no/place/Slovenia/Ljubljana/Ljubljana/varsel.pdf">http://www.yr.no/place/Slovenia/Ljubljana/Ljubljana/varsel.pdf</a> -O /tmp/vreme.pdf && lpr /tmp/vreme.pdf && echo "Vremenska napoved je stiskana." || echo "NAPAKA: Vremenska napoved *ni* stiskana!" ; rm /tmp/vreme.pdf*
 
# Using curl magic to automatically send updates to Status.net; I don't need e-mail notification of that ;)
%nightly,mail(no) * * curl <a href="https://identi.ca/api/statuses/update.xml" title="https://identi.ca/api/statuses/update.xml">https://identi.ca/api/statuses/update.xml</a> -u johndearheart:<password> -d status='GNU John Dearheart → !discworld'
 
%daily,mail(no) * * curl <a href="https://identi.ca/api/statuses/update.xml" title="https://identi.ca/api/statuses/update.xml">https://identi.ca/api/statuses/update.xml</a> -u dwtrivia:<password> -d status="`fortune discworld pqf -n 128 -s`"' → !discworld'

Note 1: I prefer to use the %*LY commands to define cronjobs, because they fit my needs the most. FCron itself uses all sorts of ways how to define the time when a cronjob should be executed — from strict date+time (like in "normal" Crons) to intervals and even defined by uptime.
Note 2: Of course, in the last two (f)cronjobs the passwords were censured ;)

I hope this whet your appetite and you'll be anxious to try it and find your own way of how to make your life easier with FCron :]

hook out >> doing "schoolwork" for my potential new legal counselling job
<!--break-->

appeal.kde.org Hijacked by Debian Gaming Ninjas

Uhhh what?

Oxygen Window Dragging

Hugo Pereira Da Costa and Thomas Luebking are geniuses. If you’ve used KDE 4.5, you’ve probably noticed that you can now drag windows by selecting any blank area. You’ve also probably read that, as expected, this only works with Qt apps. How does such hackery work? What in Qt allows this kind of interaction? How can a window decoration enable such an interaction with the window manager? How do we know which events on which widgets to intercept? I suggest that if you haven’t already seen it, you give oxygenwindowmanager.cpp a close read. It’s extremely educational.

cvechecker 0.1 released

cvechecker version 0.1 is out. This is the first publicly available development release, so it’s still far from production-ready yet. However, it is usable so it can now be publicly analyzed to remove all icky bugs and such. I’m not planning (m)any new features (apart from the reporting script as mentioned on the tools’ homepage) before the first general available release, but any request will be gladly documented and taken in scope in future versions.

What is cvechecker? Well, it is a tool that strives to scan your system for installed software. For each software it detects, it attempts to discover which version you have. This information is stored in a local database. The tool then matches this information with the (publicly available) CVE data (security vulnerability information). If a CVE entry mentions the software/version you have, the tool will report this to you.

Who needs cvechecker? Noone needs it, but it can be interesting nevertheless. Users that install lots of software themselves and don’t use the Linux distribution’s package manager might benefit from this as the tool will then help them verify if a security update is needed or not. Users of LinuxFromScratch can do some security validation tests on their installations. Developers of particular packages (or even tools) can use the tool to be notified when one of their software’s has a CVE (which most likely results in a new version of the software to be made available).

Who needs cvechecker? No, this is not a duplicate paragraph – cvechecker needs input. Most of the work goes in detecting the available software and version. The method cvechecker uses is very rudimentary: run a (predefined) regular expression against the file (which is parsed with the strings command as this command understands ELF structures) and if the expression matches, it will extract the version (which is found using the expressions’ groups) and store this in the database. The rules are defined in the versions.dat file (also available from sourceforge), but this file is currently microscopicly filled – so lots and lots of additional rules need to be added. I’ll be adding more and more rules as I encounter them (or have immediate need for), but I can definitely use additional help here.

If you are interested in enhancing the versions.dat file, check out the cvechecker manual page – it describes the format and how it is used as well as some examples.

And yes, an ebuild is available in my overlay, but I’m no ebuild developer (it’s just easy to have them so Portage can track it) and the ebuild is butt-ugly (and probably also violates all QA policies).

Developing for Android on AMD64

The last couple of days I have done some coding for Android. All my resentment towards java is coming back but getting some cool mobile app requires sacrifices! But I do not want to write about java today.

The problem I encountered when installing the Android SDK is that the some of the programs won’t run on non-multilib AMD64 installations. This is really annoying since I do not want to have 32bit libraries on my system (it is matter of principals!). But linux to the rescue! A simple multilib chroot allows me to compile and deploy my android apps!

Mounting (with bind) the source directory allows me to code in my normal env while compiling in the chroot. Which is not a big thing for me since I code in VIM but for IDE users this might be an advantage!

So for all native AMD64 users there is hope! But it would be better for the Android devs to fix the binaries!

“How a programmer reads your resume”

tl;dr: Sometimes stereotypes are true.

I came across this rather excellent comic about how people see your resume depending on who they are and after glazing over it and appreciating it as one of my ~5-10 daily interweb funnies, I looked over it again and noticed that it’s eerily accurate.

Positives

1. Has written a compiler or OS for fun.
   That’d be a yes.
2. Resume compiled from latex.
   Actually, from hand made xsl to latex. There was a time when I was all excited about single source publishing, so that’s what I did here. Xml to html/pdf/txt. (Last time I checked the latex->html bridge was seriously lacking anyway.)
3. Contributes to open source software.
   Check.
4. Has written compiler or OS for class.
   Check.
5. Has blog discussing programming topics.
   You’re here.
6. President of programming/robotics/engineering club.
   Nope.
7. Participated in programming/robotics/engineering contest.
   Nope.
8. Internship at Google or Microsoft.
   They know where to find me.
9. Has written non-trivial programs in dynamic languages (perl/python/ruby).
   Mhm.
10. Knows 3 or more programming languages.
    Right.
11. Previous position demonstrates similar skills.
    Not really.
12. Has internship.
    Has.
13. Founded a company.
    Only a pretend company, and we haven’t been active for about 10 years.
14. Personal web page uses Rails, PHP or Asp.Net.
    Been meaning to switch from PHP to Python, but there’s just no pressing need for it.
15. Email address at own domain.
    Not since 2005.
16. Has modified programs in dynamic languages (perl/python/ruby).
    That’s how I started out with dynamic web stuff in 1999, found perl scripts and tried to mod them without breaking them.
17. Has personal web page.
    Welcome.
18. High grades, top of class, etc.
    Meh.

Neutrals

1. Won scholarship.
   Have never applied for one.
2. Lists job at fast food chain.
   Haven’t had the pleasure.

Negatives

1. Looks kind of drunk in facebook picture.
   One of [apparently] few specimen in the human race who don’t find unending ecstasy in alcohol.
2. Has Ph.D.
   Not so much.
3. Generic cover letter.
   Might be tempted.
4. Mentions skills in Excel/Word.
   Over my dead body etc.
5. Spelling or grammar errors on resume.
   My typing is a bit dodgy, but I tend to proofread.
6. Resume font too small.
   Let’s hope not.
7. All programming experience in class.
   Nah.
8. Knows only 1 programming language.
   Once upon a time.
9. Resume more than three pages long.
   I try to make it in two.
10. Includes irrelevant objective section.
    Never knew what the point was of that one.
11. Took certification course in a technology.
    Never occurred to me.
12. Low grades in relevant courses.
    Nah.
13. Lists visual basic experience first.
    Don’t have any.
14. Topless in facebook picture.
    Only by mistake.
15. Resume uses combination of tabs and spaces to indent sections.
    I’m clean, narc. (Actually, if you use Tab in vim with wildmenu, it’s tricky to type a tab without a space first, because it will try to auto complete the current token. Haven’t tried to fix that yet.)

HP webcam on Linux

Okay, getting the HP webcam running on Linux wasn’t hard at all. Enable Video For Linux (CONFIG_VIDEO_DEV) which can be found in the Linux kernel configuration at Device Drivers, Multimedia Support. Then, select Video capture adapters and inside that menu, select V4L USB devices and then USB Video Class (UVC). Once installed, reboot (or load the kernel module) and ensure that your user is in the video group. You’ll then be able to activate the webcam (for instance, using mplayer tv:// or using skype).

The integrated microphone is also no problem. It is by default muted, so using alsamixer, press F4 (to get to the capture menu) and unmute the channels + enable capturing (press spacebar).

Trying to use only free/libre licenses under Gentoo

I decided as much as possible to use only free/libre licensed software etc.

So I changed my /etc/make.conf appropriately:

ACCEPT_LICENSE="-* @FSF-APPROVED @FREE-DOCUMENTS"

This is relatively strict setting, but I chose it because I want to see exactly how many and which ebuilds I need for normal use that are not fully free.

So far here's the roughly categorised statistics of my install:

   3 /etc/portage/package.license/emul
   3 /etc/portage/package.license/fonts
  10 /etc/portage/package.license/games
   3 /etc/portage/package.license/internet
   5 /etc/portage/package.license/media
  32 /etc/portage/package.license/system
   6 /etc/portage/package.license/text
  62 total

The packages that a Listed as system include 7 ebuilds of archiving/compressing software and 8 dev-perl ebuilds which are under Artistic license (seems in Perl Artistic license is quite strong). In text the majority comes from TexLive and the licenses are LPPL-1.3 or -1.3c (1.2 is already in @FSF-APPROVED). In games the most used license is Moria since I have quite a number of rogue-likes installed.

On a related note: I'll be applying for the Gentoo Licenses team. I figured that's the thing I can help with which I'm best suited for.

hook out >> just got my SmartCard reader for my Fellowship OpenPGP card, yaaaaaaaaaaaaaay! :D
<!--break-->

New laptop, time to play

I gave myself a nice treat and bought a new laptop. After some consideration, I decided to go with the HP Pavilion DV7 3150EB. Years ago, I didn’t take an HP laptop as the reviews were not that satisfying. However, it looks as if that is past. So I first took a stab at the Gentoo Quickinstall for LVM2 and RAID and gave myself a (software) RAID-1 system with everything except / and /boot using LVM2. To my satisfaction, following the guide was a breeze and it worked out just fine.

The real hurdle, that I just won, was to get the wireless up and running on WPA2. I noticed earlier (before I bought the laptop) that getting the Broadcom 43255 wifi (Broadcom Corporation Device 4357 (rev 01)) might be a challenge. Well, the open-source b43 driver didn’t detect the wifi card, but the (closed-source) Broadcom STA driver (as supported by Broadcom itself) does. To install it on Gentoo, it was as easy as unmasking broadcom-sta and installing it. It worked immediately, but not for WPA/WPA2 networks (and I am not going to put my wireless in non-WPA2 mode). Luckily, it was easy to discover that it was wpa_supplicant itself that was giving the card a hard time as non-WPA networks worked flawlessly. A quick stab at the wpa_supplicant.conf file gave me the final success I needed: ap_scan=2 did the trick.

Tomorrow: getting the webcam working…

Problem with HP Photosmart C4380 fixed

For the past weeks/months I had severe problems with my otherwise nifty printer.

The thing was that after an update CUPS stopped printing. If I used the hpijs drivers, printing from most applications and PDF via lpr didn't work; but the hpcups drivers didn't even seem to include the driver I needed and/or failed to print. If I knew the reason, I'd happily tell you and report a bug.

I did manage to solve the problem though with the help of HPLIP's Launchpad

Here's the solution that worked for me. I emerged the following versions of ebuilds with the following USE flags:

• emerged net-print/cups-1.4.4
  with USE="X acl dbus gnutls jpeg ldap pam perl png python slp ssl threads tiff usb xinetd -debug -java -kerberos -php -samba -static"
• emerged net-print/hplip-3.10.6
  with USE="X hpcups libnotify policykit scanner snmp -doc -fax -hpijs -minimal -parport -qt4 -static-ppds -udev-acl"
• emerged app-text/ghostscript-gpl-8.71-r5
  with USE="X cairo cups djvu jpeg2k -bindist -gtk"
• removed the the printer from the CUPS web interface;
• re-added the printer via hp-setup.

(of course not all flags are relevant here and I omitted the linguas_* flags)

Your milage may vary, but this combination worked for me.

hook out >> after a good week of housework, now enjoying air condition
<!--break-->

The Falcon programming lang is now on Git

The falcon programming language has finally moved its source code from its old (original) SVN servers to a new git server. This is awesome news for everyone. Unless you were a developer. I got stripped of all my access (aside from the “read only”). Don’t let me fool you, though, none of my commits were spectacular.

If you want the source code you can clone the following:

http://git.falconpl.org/falcon.git

Enjoy the Penguins!

Hello 4.5, hello ThoughtScore.

KDE 4.5 is out! (Yes, I am a little late) I was really happy to have contributed just that little bit to this release and hopefully that trend continues. Just wanted to say how much I appreciated this DE and to congratulate and thank everybody for their hard work.

Something else that could be interesting for some is an updated ThoughtScore video I found lying around the other day. You can find the low quality version on WIPUP (I do have a large version but will not host it online). It contains some small changes since the last video and I quite enjoy watching it.

In other news, I got my A Level results today (for those not under the British education system, that’s basically the grades that determine my entrance into university) and I’m exceptionally happy with my results. Any suggestions of stuff to buy to celebrate (recommended food is welcome – and big + useless items that catch my fancy win extra points) are welcome.

Sorry for the lack of blog posts. I am actually doing some stuff which can be seen on WIPUP, and some stuff just aren’t blogworthy enough.

Related posts:

1. Exams over!
2. WIPUP now supports video updates!
3. WIPUP 14.01.10 released!

Paludis 0.52.3 Released

Paludis 0.52.3 has been released:

• A bug causing screwiness with soft-blocking EAPI 3 packages where both packages installed the same file with an mtime in the distant past has been fixed.
• GCC 4.5 appears to be unhappy with dlclose being called in a static variable’s destructor. We no longer do this.
• ACCEPT_LICENSE is now automatically set based upon accepted licences that have been accepted by the user.
• ‘cave print-id-*’ now have ‘–all’ and will accept wildcards.
• CONFIG_PROTECT and CONFIG_PROTECT_MASK for installed packages are now accessible as metadata keys.
• Certain ‘cave’ commands will now suggest possibilities if there is nothing matching the target supplied. Fuzzy name matching will now also suggest packages whose names contain the target as a substring, as well as packages whose names are similar to the target.

Concepts transcending domain barriers

Today while cooking I was thinking about what kind of talk I might submit to the 27C3 this year. Not that my suggestions ever get accepted or there would be any feedback on why they aren’t but you can’t have everything and looking at how hard it was to get a ticket last year I think that getting a talk accepted is basically the only sane way for a non-Berlin resident to attend the whole shebang. So I thought about concepts, words and their domains. And analogies, can’t forget those!

The human mind can come up with basically unlimited concepts like love, property and speed for example. All those concepts do have a domain where they “work” (a mathematician might say: Where they are defined): The concept of a “server” is defined in the real world as somebody who does work for you. Now we started to build programs that kinda behaved similarly and we called those programs (or the machines they ran on) “server” as well. While both words are identical they mean different things from different domains. The similarity/identity of both words hints at a similarity of both concepts, it symbolizes the analogy between those two concepts.

But as we also know, many concepts don’t really travel well: The concept of property (which we have kinda figured out in the real world of real items) has huge problems when it switches domains and goes online: Where in the real world an item can be at one and only one place, in the virtual world an item can be cloned cheaply and so good that both copies are indistinguishable. Property in the real world and property on a virtual world are not “identical”, they are “analogous” at best.

We use those analogies all the time (not only when it comes to online vs. offline), our languages are full of examples: There are trees in the real world and in every computer science and math book worth its salt. But what is the quality of those analogies? As we have seen they often don’t work as exact as we might want them to be and they even create misunderstandings and completely stupid ideas (like intellectual property for example). Should we drop those analogies that make one concept transcend domain barriers?

While all the problems outlined above are true and severe, there is one great thing about analogies: They show us how we think. Things that we as human beings consider to be similar are not similar (they might be but they don’t have to), they appear similar to us. Whenever we find a similarity or when we see a structure in a new domain that we relate to some already well-known structure, we are not talking about the world, we are expressing how our wonderful brains work. How they find relationships and similarities between the weirdest things: We relate something we hear (music for example) to certain patterns we see in the real world, we find similarities between our ideas and smells, we transcend barriers all the time. And whenever we do, we can learn a lot about what makes us tick.

P.S.: No, I don’t want to talk about property at the 27C3, I don’t wanna beat a dead horse

Let's draw some pixels

I've been getting into pixel art a lot lately. It appeals to me on a lot of levels.

The coder in me likes it because it's so precise. Every pixel is placed just so. The color palette is limited to a dozen colors. Building a drawing out of such limited means reminds me of building programs out of primitives. There are design patterns in pixel art: dithering, manual anti-aliasing. There are abstractions that work and abstractions that don't. There's a lot of goofing around with RGB values and transparency settings; it's perhaps the most deeply computer-based art form you could come up with, and as a deeply computer-based human, I really like it.

The gamer in me is still partly stuck in the early 90's, so it's a huge injection of nostalgia to look at pixel art. NES- and SNES-era games had a charm that is unmatched by anything since. And I don't think that's entirely nostalgia talking; I still play old games and they're still so much fun. And the art in a lot of those games was just darned good. If you stop and look at it really carefully, and start to get an understanding of how it was made, you can't help but be impressed.

The "artist" in me (if there is such a thing in my brain somewhere) is blown away by some of the things good pixel artists can produce. Go look at foolstown.com and try not to slobber. Some of this stuff just looks amazing. Not "good for a pixel drawing", but good on a level anyone could appreciate.

Pixel doodles are also good practice for the RPG my wife and I are still ever-so-slowly creating. Creating art and music for a game are turning out to be much harder work than programming it.

In any case, I drew a cow standing beside a tree. And I made a new pixel art page to house my admittedly still-amateurish drawings.

Twitter intergration

In order to further comply to the Web 2.0 I now linked my twitter account to my blog (or vise versa). There now is a twitter widget (on the right) which shows my latest tweets. Don’t really know the use of this but it didn’t look to bad and follows the css rules pretty well. The other thing is that every time I blog (once every two months) this a tweet is send automatically.

Well I hope you are as excited as I am about this

P.s. The site also had a wordpress upgrade (finally on 3.x) and as a bonus I also upgraded the theme to a new version

Pixel Art

Made using Pro Motion 6.

Paludis 0.52.2 Released

Paludis 0.52.2 has been released:

• ‘cave perform’ now calls ‘_fail’ hooks.
• ‘cave print-id-contents’ now has ‘–type’
• ‘cave print-packages’ now has ‘–repository’ and ‘–category’
• Output buffering of commands has changed to better handle progress bars of the kind displayed by ‘wget’ and ‘git’. To avoid excessive hopping, ‘cave execute-resolution’ will now only switch between buffered outputs every few seconds, rather than 0.1s if new output is available.
• ‘cave display-resolution’ now shows flag changes in a more obvious manner.
• ‘cave purge’ and purge checking for ‘cave resolve’ are now significantly faster.
• ‘cave resolve –less-restrictive-remove-blockers’ is now much more likely to be able to fix breakages by reinstalls. A horrible error that was most easily triggered by use of this option is now fixed.

Short Rekonq 0.5.0 user review

Lately I've been trying Rekonq to see what all the fuzz's about. In short it's an alternative web browser for KDE, which uses WebKit^[1] and aims to be lightweight.

I don't intend to judge it by how it renders web pages, since many web pages still don't follow the W3C standards, so I usually have several browsers installed, so I have KHTML, WebKit, Gecko and for emergencies text-only. Also Konqueror in the newest release already supports both KHTML and WebKit, so that's not a relevant question.

Here's in short what I found out when using Rekonq 0.5.0 for a few days/weeks as the default browser (compared to Konqueror 4.4.4):

pro:

• no menu bar
• no status bar, but the URL show in the bottom of the window the webpage when hovered — I love that! In fact, I'd like to see that everywhere in KDE — Konqueror, Akregator, KMail, etc. etc.
• adblock subscription
• rearranging tabs with mouse works
• page previews are nice
• location bar filling up when loading is a nice touch
• the hack with the forced bright background makes badly written web sites work also under dark themes
• searching only parts of the URL from the location bar works (although it's not as good as Firefox' yet)

con:

• scrolling not smooth, sometimes autoscroll doesn't work
• middle-click in window does not (always?) open the pasted URL
• missing keyboard shortcut to move tabs
• i don't like the close buttons integrated into tabs — I prefer Konqi's close button on the far right of the opened tabs and the new tab button on the far left
• missing bookmarks: KIO slave (and others, but those are not so much browser-related)
• favicons don't work always
• a lot of missing features. Amongst others a quick way to add AdBlock rules from browser (like via right-clicking an ad)
• sessions would be nice ...maybe TabCandy is not the best way to tackle it, but it's not a bad idea
• I actually like that Ctrl pops up shortcuts in Konqueror
• the hack with the forced bright background does look quite ugly and still is just an ugly hack (works though)

Bottom line: for now I switched back to Konqi, but will continue to follow Rekonq's develpment closely. I feel comparing the two is quite similar to comparing the whole Mozilla Suite and Phoenix (= how Firefox was named initially) in the early 2000's — it's a clean, no bloat underdog, but as of now, feels underpowered and a bit clumsy compared to the beast it's trying to replace. I won't be as bold to predict their future to be the same as Mozilla Suite vs. Firefox, but I'll say I wouldn't be surprised if that happens.

Side note: both share the annoyance with how KDE handles cookies — the rules get wiped out every few days.

Also, it'd be a nice idea in general to have Stop and Reload in one single button. If the page (or anything else for that matter) is loading, reloading doesn't make sense; while if the page (etc.) is loaded, stopping it doesn't make sense. Therefore in turn one of these two buttons is always obsolete.

hook out >> sipping my bloody well deserved tea and deciding to apply for the Gentoo License team...

A Glimpse Into cave: Resolving Purges and Dependents

What happens when you upgrade a package, and the new version no longer uses a library that the old version did, and now nothing else uses that library either? In primitive distributions, you’re stuck with that library forever; in Gentoo and Exherbo the package manager will be able to tell you that the library is no longer used by any package in world. Until now, this has been a “do this once in a while, and try to remember what the heck all those things are” kind of affair. However, cave is cleverer:

And you can easily decide to take it as part of the upgrade process (safely, since cave supports mixing installs and uninstalls with dependencies etc):

This can also work with slots — however, doing so safely requires accurate slot information from packages, which sadly can’t take place in Gentoo until EAPI 4 is implemented in Portage.

Similarly, cave will tell you if you’re about to do something dangerous:

And if you decide to remove the packages that would be broken, rather than allow breakage to occur, you get to see more nice examples of purges:

This all works for downgrades too, as well as upgrades (although upgrades rarely break things, and when they do it’s time to yell at someone):

And finally, if you’re about to do something immensely stupid, you’ll be told:

All of this happens automatically, so there’s no need to remember to turn it on.

A Glimpse Into cave: Mask and Use Flag Overriding for Resolves

For a long time, Paludis has been able to work out suggestions for what unmaskings you might want to do when installing a particular package that is either masked or has masked dependencies. This functionality is also present in the shiny new cave client, which uses the much more powerful new resolver. Now this functionality is also available for unmet use dependencies.

For example, rather than getting pages and pages of errors when attempting to install gnome:

You’ll now get:

Note how you are told all the suggested changes up-front. You aren’t just given a single error, which you can fix and then re-run the command to get another error and so on. Nor are you just given all the errors in the initial resolution; the resolver carries on with its suggested changes and accumulates any additional errors that will occur if you take those suggestions. In the first example, parted isn’t mentioned at all in the initial set of errors, because it is only brought in to the resolution by udisks, which is only brought in via gnome-disk-utility, which is only brought in via gvfs if the gdu use flag is enabled, which we don’t have enabled by our config but that is required by gnome. The resolver is smart enough to work all of this out upfront, sparing you from an eternity of running things over and over.

We’re still experimenting with the UI for errors — it’s probably possible to make it even easier for the user to see what changes need to be made. There have also been requests to make cave able to add the necessary lines to your configuration files automatically (after confirmation, of course). However, I’m not convinced that this is a good idea in practice — for example, cave would suggest turning a particular use flag on for a half dozen packages, but would not realise that turning it on globally may be a better option.

As always, if you find that all these shiny new features save you from horrible torment, books or pens (pens being a vital part of the high tech design process) are much appreciated.

Paludis 0.52.1 Released

Paludis 0.52.1 has been released:

• glibc 2.12 changes the OS ABI used by its libraries. ‘cave fix-linkage’ and ‘reconcilio’ have been updated to ignore OS ABI mismatches to avoid marking every package that uses libc as being broken.