Rust vs. Go

Posted on 2017-01-19 by jcs

As most of you probably know, Eric Raymond (ESR) is part of an effort to rewrite the Network Time Protocol (NTP) suite to be smaller and more secure. You can follow the project’s progress on their blog. The NTP daemon itself is written in C but ESR and the other developers are already considering the possibility of rewriting it in a safer language.

At this point, they are looking at two languages: Rust and Go. ESR being ESR, he decided to test their suitability by writing a small but realistic program in each language. He’s written up his results in a post that anyone considering learning either of those languages may find useful. The TL;DR is that while each language has some advantages over the other, Rust is not yet mature enough for NTP.

Bear in mind that the comparison was made with NTP in mind and that the conclusions might change for another application. This is a point that ESR stresses but many commenters ignored that nuance in favor of flamethrowers. Regardless, the post is a useful comparison and well worth taking a look at.

While you’re at it, take a look at the NTPsec blog posts to see some of the engineering decisions that the team has made and the rationales behind them. If you’re working with a team that doesn’t have the same discipline, you’ll learn things that will make your own efforts more effective.

Posted in Programming | Tagged | Leave a comment

Dangerous Phishing Attack

Posted on 2017-01-18 by jcs

There is a dangerous phishing attack being targeted (mostly) at Google Mail. It’s clever enough that it has fooled even sophisticated technical users. What happens is that you get an email from someone you know that includes a clickable image. When you click on the image you are asked to login to Google again. As soon as you do, you’re compromised.

That sounds like a vanilla phishing attack but what is different is that the location bar appears to point to Google so an unwary user will feel safe clicking. If you carefully examine the contents of the location bar you will see that the protocol is slightly wrong. The post linked above has all the details so you should definitely check it out.

The post discusses this in terms of the Chrome browser but from the comments it appears that—at least—FireFox is vulnerable as well. Google is aware of the problem and is working on a fix but if other browsers are vulnerable you will need to be careful regardless of what Google does. Enabling two-factor authentication may or may not help but is always a good idea.

If, like many people, your Google account is tied many other services, having it compromised can be disastrous. Again, you should definitely follow the link and read the post so you know what to look for.

Posted in General | Tagged | Leave a comment

More Experiments with Indexing Org Files

Posted on 2017-01-17 by jcs

A couple of weeks ago I wrote about John Kitchin’s use of SQLite to index his Org files. Kitchin uses Org mode as a centerpiece of his workflow and has about 5 years of files spread across his local file system, Dropbox, Google Drive, and other places. His idea was to index the files on headline, tags, citations, and a bunch of other fields that you can see by following the above link.

Now Kitchin is continuing his experiment by using the noSQL database MongoDB. It turns out that there are some advantages to using MongoDB but also disadvantages. Follow the link to see how easy it is to build the database and some strategies for getting the information out again. He continues the experiment in a subsequent post on implementing CRUD operations in MongoDB, which you should also read.

Kitchin’s work on indexing Org files along with Karl Voit’s approach to the same problem is really interesting. Those of us who put more and more of our lives and work product in Org files are, sooner or later, going to need something like this. Currently, I rely on tags or, if all else fails, a text search to find the entry I’m looking for but that only works for agenda files. So unless I’m careful to put a link to my work product in my journal (or one of the other agenda files) searching for tags won’t work. There is also, I suppose, a scaling problem. Once I get enough data, searching for tags or text is going to be too slow.

If you find yourself using Org for a significant part of your workflow, you should read these posts to help you get ready for the day that your own files get too large for easy searching.

Posted in General | Tagged , | Leave a comment

You Are Not Expected to Understand This

Posted on 2017-01-16 by jcs

I recently came across a post that explains the famous comment in the 6th Edition Unix source code: * You are not expected to understand this. I haven’t seen or thought about this for years but it was once quite famous and appeared on all sorts of geek paraphernalia. The post describes the comment as notorious but it really wasn’t as flippant as it seems. The code it was describing is very hairy because it makes use of an artifact of a particular compiler for a particular machine. As Dennis Ritchie explained (see blow) this broke when they ported Unix to the Interdata and the code was rewritten.

Rob Pike tweeted that a few years later they understood the problem better and could use simpler code

Dennis Ritchie shows the code and explains (scroll down a bit) what it was doing, what they really meant by the comment, and admits that the real problem (as suggested by Pike’s tweet) was that they didn’t understand the problem very well either. Nowadays context switching is well understood and not considered the least bit hard so it’s interesting to read that real programming gurus like Ritchie and Steve Johnson struggled with getting it right.

If you have the Lions book, you can see the code in its original context (you can get the book here or from Amazon). By the Seventh Edition of Unix the code had been rewritten and the comment was gone.

UPDATE [2017-01-17 Tue 12:04]: There’s a great thread on all of this from the The Unix Heritage Society mailing list.

Posted in General | Tagged | Leave a comment

Recurring Org Events

Posted on 2017-01-15 by jcs

Karl Voit has published an instructive post on how to specify recurring events in Org mode. As most of you know, you can annotate an Org TODO entry to specify that it should occur every day, every week, every 3rd day and other more complex criteria.

Even if you’re familiar with the above, Voit has an alternative method that I wasn’t aware of. That method is org-clone-subtree-with-timeshift that will duplicate the current entry but apply different time stamps. This has some benefits over the more common method. In the first place, if you have a meeting on Tuesday for the next 5 weeks, you can make the first TODO entry and then call org-clone-subtree-with-timeshift with a repeat of 4 and a timeshift of 1w. That gives you the exact number of entries and can edit or delete one or more as necessary. Another benefit is that you can add notes to each entry separately rather than having everything together in a single entry.

Take a look at Voit’s post for the details and more advantages of this method. It’s also a nice summary of how you can specify dates and times whether or not they’re recurring.

Posted in General | Tagged , | Leave a comment

A Reminder about Emacs Keybindings on MacOS

Posted on 2017-01-14 by jcs

Recently, I’ve seen tweets such as this one:

It’s been a few years since I last wrote about that so here, as a public service, is a link to my post that explains how to install Emacs keybindings to MacOS apps. The process is simple so if you’re a heavy Emacs user on a Mac be sure to check it out. I use this and would be lost without it.

Posted in General | Tagged | 1 Comment

An Org Workflow

Posted on 2017-01-13 by jcs

Gregory J Stein, an MIT Ph.D student in Electrical Engineering and Computer Science, has an interesting post on how he uses Org mode and the agenda to organize his projects and daily tasks. Like all graduate students, he leads a busy life so seeing how he leverages Org mode in his workflow is interesting and instructive.

Like me, Stein uses his agenda as a journal of what he’s done on a given day as well as keeping track of tasks that need to be done. Part of that is a fairly rigorous use of clocking to track his time. While that’s mostly a matter of developing the right habit patterns, he also has Org set up to automate it as much as possible.

One interesting strategy is his use of the MEETING keyword for his agenda. That keyword is used for scheduling meetings, of course, but he also uses it if some drops by his desk while he’s working. He has a capture template for meeting that automatically stops the clock on his current task and resumes it when the “meeting” is over. That’s a nice way of handling interruptions to your timed tasks. You could, of course, just stop the clock manually but if you’re like me you’ll almost never remember to do that so Stein’s method is a win.

There’s some other useful ideas in the post so you should be sure to give it a read. He also has a link to his configuration so you can see the details of how he set up his environment.

Posted in General | Tagged , | Leave a comment

The Iron Law Strikes in Baltimore

Posted on 2017-01-12 by jcs

Baltimore has an aerial surveillance program that uses a small plane equipped with high resolution cameras flying over the city for hours at a time.

When the program was announced there were many privacy concerns but the public was assured that

  1. The data would be used only for major crimes.
  2. The data would be destroyed after 45 days unless it was being used in an active investigation.

If you’re familiar with the Iron Law of Data Collection, you know how this story ends.

The data was not destroyed after 45 days and was subsequently used to charge individuals with crimes without informing the court or defense council where the evidence came from. Worse, the company running the program, Persistent Surveillance Systems, admits that they have archived all the data—not destroying any of it—and is now considering selling the data to third parties. Follow the link to see some of the consequences of that.

At the risk of being tedious, it’s worth repeating the lesson that this and similar stories are trying to teach us: Never believe anything the snoopers tell you and resist their pleas for “just one more small program that is, of course, for your own good.”

Posted in General | Tagged | Leave a comment

A PSA from Sacha

Posted on 2017-01-11 by jcs

Here’s a useful public service announcement from Sacha Chua:

Posted in General | Tagged , | Leave a comment

Mobile Org on iOS

Posted on 2017-01-10 by jcs

If you live in the Apple world and are an Org mode user, here a bit of good news. The iOS MobileOrg maintainer has announced that he and others are resurrecting the iOS Mobile Org app.

I keep seeing queries on Twitter and elsewhere asking about Org on iPhones and lamenting that MobileOrg appeared to be dead. Those folks can join me in rejoicing that there’s some movement in the project. If you’re interested in what MobileOrg can do, here’s a link to the MobileOrg Github page.

Posted in General | Tagged , | 2 Comments