Ed in Emacs

You live long enough, you see everything. I just came across ed-mode. If you’re an Emacs user who also has retro tendencies and likes to play around with old-time editors, now you can explore the “standard Unix editor” from the comfort of Emacs. Ed-mode allows you to run an ed emulation on the current buffer.

It is, I suppose, a nice way to practice with ed against the day that you need it for a rescue operation but I do the same thing by firing up ed on a log file and using it to perform basic operations. By doing that regularly, I’m confident that I have enough ed skills to see me through a boot disaster. Of course, as a macOS user I’m not apt to need that but I do occasionally boot Linux system where that knowledge could definitely be useful.

Truth to tell, I don’t expect to ever need to use ed in anger but it’s nice to know how to use it if only because every Unix-head should. The ed editor is actually pretty easy to learn and suffers only from being a line editor. If you’re interested in learning it, ed-mode may be a good vehicle. Take a look at Brian Kernighan’s excellent tutorials (1, 2) and then fire up ed or ed-mode. You’ll be able to amaze your colleagues.

Posted in General | Tagged | Leave a comment

Red Meat Friday: Star Wars and the Light/Dark Controversy

The minions at Irreal, it appears, refuse to let the light-mode/dark-mode debate die. Here’s the latest offering:

I’ll talk to the minions but it probably won’t do any good.

UPDATE [2020-06-01 Mon 12:36]: Read → Red

Posted in General | Tagged | Leave a comment

Dubious Password Advice

Jacob Bergdahl over at Towards Data Science has an article discussing what makes a good password. His advice is not entirely wrong but has some problems. His main point is that greenelephantswithtophat is a better password than jK8v!ge4D. That’s probably correct but only because jK8v!ge4D is fairly short while greenelephantswithtophat is reasonably long. He’s not wrong that longer is better than shorter but it’s a little more complicated.

One of the main problems with jK8v!ge4D, according to Bergdahl, is that you can brute force it reasonably quickly. That’s true but ignores how passwords are cracked. If a site has robust password processing, the password isn’t just hashed—let alone left in plain text—it’s salted and then run through a hash function many times so that the time to arrive at the hash is non-trivial. And, of course, no one is trying to crack just your password. They typically have a list of hashes stolen with an exploit and are running the brute force attempts against the entire list. All of that means that jK8v!ge4D isn’t as vulnerable as Bergdahl makes out.

Still, it’s not a strong password. Bergdahl’s other main point is that even as it stands, it’s difficult to memorize while greenelephantswithtophat is both more secure and much easier to remember. To make jK8v!ge4D a strong password it would have to be much longer making it effectively impossible to remember.

On the other hand, passwords like greenelephantswithtophat aren’t as secure as you might think because humans will always pick words in a predictable way. Back in 2013 I wrote about how hackers recovered the seemingly impossible password Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn1, a line from Lovecraft’s The Call of Cthulhu. In order for correct horse battery staple to work, the words have to be chosen at random so they form no pattern. Even then, they’re a lot easier to remember but not if you have one or two hundred.

Bergdahl dismisses password managers as something for power users but

  1. Modern password managers like 1password are easy to use, even for the relatively unsophisticated.
  2. Password managers are the only robust method I know of for dealing with passwords

With a password manager you can have a long random password like nD34$@ckwS.-33SBx!+4.gsac4 that you don’t have to remember and a single password of the correct horse battery staple sort to protect your password database.

You may not like it. Bergdahl may not like it. But the only secure way of managing your passwords is with a password manager.

Posted in General | Tagged | Leave a comment

Emacs Through Macros 7–9

Once again, I lost track of Sahas Subramanian’s Emacs through macros videos and while I wasn’t looking he’s posted 3 more. Number 7 is about grep and doesn’t use macros in any significant way. Number 8 is an exercise that you can try to test your keyboard-macro-fu. You can check those out yourselves. The last one, number 9, considers the common task of renaming files. There are, of course, lots of ways of doing this using things like mutliple cursors, iedit, or even the Dired R command.

Subramanian shows how to do it with a simple macro. He’s in a dired buffer and wants to change the names of the files containing his videos. They’re all of the form

Learning Emacs with Macros - nn.webn

where nn is the number of the video. He wants to change them to better reflect the name used on YouTube so he wants them in the form

Emacs Through Macros - nn.wbm

He steps through the first recording a keyboard macro and then applies the macro to the remaining entries. It’s a pretty simple operation and if you have macro experience, you’ll have no problem figuring out what he did. If you’re new to macros, take a look at the video to see how he did it.

The video is only 2 minutes 55 seconds so you should have no problem finding time for it.

Posted in General | Tagged | Leave a comment

An Org Refile Workflow

Yiming Chen has an interesting post on his org-refile workflow. Before you read his post, though, you should (re)read Aaron Bieber’s Organizing Notes With Refile that I wrote about back in 2018. Bieber’s post gives you the background you need to follow Chen’s.

If you’re a little hazy on the Org-refile concept, the TL;DR is that you can move an Org tree node someplace else. Some like Matus Goljer use it to deal with items from Org-capture. Others use it to move items to a more appropriate place or as a sort of archiving operation. If you use Ivy or Helm, when you call org-refile you’re presented with a list of possible targets to which to move the node.

That list is completely configurable. A common choice is to include all the headers from all the Org files that make up your agenda, but that’s not the only possibility. You can add other Org files, including the current one, or as Chen demonstrates, you can add all headers in all Org files on your system. Most people probably won’t want to do that but it’s possible.

One of the reasons that Chen includes everything in his target list is that he likes to use it as a way of jumping to a specific Org node. You can do that by specifying the universal argument to org-refile. Take a look at his post for all the details. Org-refile can make many workflows easier so it’s worth taking a look at these posts to see if it can reduce some friction in yours.

Posted in General | Tagged , | Leave a comment

Eshell Demo

Protesilaos Stavrou is all in on Eshell. On the very rare occasions that he needs a “standard shell,” he fires it up in Emacs using vterm but mostly he uses Eshell because he considers it a superior solution. He’s posted an excellent video that shows how he uses Eshell in his workflow.

One of the things he likes the most about Eshell is that you can write and execute Elisp as well as traditional shell commands. That means you can have bits of Elisp to provide shortcuts that make your work easier. Stavrou demonstrates several of those in action and while he doesn’t show the code in the video, he does provide a pointer to them so it’s easy to use or adapt them in your own workflow.

If you’re an Eshell user or considering becoming one, be sure to take a look at Stavrou’s video. It shows you some of its built-in features as well as the helper functions that Stavrou built. The video is just over 23 minutes so you’ll have to schedule some time.

Posted in General | Tagged | Leave a comment

Websockets: Why We Can’t Have Nice Things

Websockets are a handy device that allow for snappier browser/server interactions. Like all useful things, the usual bad actors have found a way to abuse them. It turns out that a Web site you are visiting can port scan your machine’s private address space (localhost, 128/8) to infer what software you using. Charlie Belmer, who posted the above link, speculates that sites are probably doing this as a way of fingerprinting and tracking although he notes that it may also may be being used as a means of threat detection.

Apparently, a number of major sites are guilty of this behavior. Belmer’s post shows a bit of code that caught Ebay doing it. That sort of behavior is annoying and arguably illegal but it’s easy to shrug it off as small potatoes. That would be a mistake.

Steve Stagg wondered what would happen if after finding an open port, an attacker tried to connect to it. It turns out that it is possible to capture useful data although it’s not really a very efficient exploit. Read Stagg’s post for the details. Stagg didn’t find any evidence that anyone is actually using the exploit but we can be sure that someone, somewhere will find a way to make it pay.

I’m sure browser manufacturers will move to close these holes but in the meantime it would be nice to see an investigation into this sketchy behavior. Maybe it will give some of these companies pause. But probably not.

Posted in General | Tagged , | Leave a comment

Elfeed Tweaks

On Thursday, Mike Zamansky published a video on some tweaks he made to Elfeed. As soon as I wrote and published a post about it, I found two more posts on hacking Elfeed to make it better fit the tweaker’s workflow. The first, by Álvaro Ramírez, was directly inspired by Zamansky’s post and shows a way of opening an Elfeed entry in a browser without losing focus. That’s convenient if you like to skim through the entries and open the ones you find interesting in a browser tab for later reading.

As Zamansky demonstrates in his video, Elfeed does allow you to open multiple entries but you lose focus to the browser. Ramírez’s method keeps you in Elfeed until you’re ready to change to the browser and read all the interesting articles.

The second post, by Karthins, considers several hacks to adjust Elfeed to his liking. These include:

  • Split pane for index and current entry
  • Navigating the Elfeed database with the space bar
  • Easier tagging
  • Using EWW on a per entry basis to display posts

If you use Elfeed—and if you’re an Emacs user, you should be—be sure to take a look at these two posts. You may or may not like the changes they implement but even if you don’t, they show nice examples of how easy it is to adjust Elfeed to your needs.

Posted in General | Tagged , | Leave a comment

Zamansky 72: Customizing Elfeed

Mike Zamansky has a new video up in his Using Emacs Series and an update on his last video (Zamansky 71: Openwith). Let’s deal with the update first.

As you’ll recall, the problem Zamansky was trying to solve was being able to open a file in Dired with an external application. He found a solution but then discovered that it interfered with his mail client, mu4e. It turns out that Dired already has a built-in solution although you can be forgiven for not knowing about it. It’s not on the Dired reference card for Emacs 26 and even knowing what it was and the name of the function implementing it, it was still hard to find.

The answer is to press W on a Dired entry to open the file in your default browser. Despite the name of the function, browse-url-of-dired-file, it will open any file that the browser can display. That’s exactly the behavior that Zamansky was looking for: problem solved.

The current video documents a change Zamansky made to the behavior of Elfeed and the process he went through to accomplish it. When I’m reading my Elfeed entries, I usually start at the top and go down the list by pressing n after I finish an entry. If the original post/article looks interesting or offers more information, I may press b to bring it up in my browser. That’s the default behavior of Elfeed.

Zamansky’s workflow is different. He likes to stay in the index and rather than reading the RSS entry, he presses b to open the entry in his browser. When you do that, Elfeed marks the entry as read but many times Zamansky just glances at the entry in the browser with the intention of reading it later. That means he has to mark it as unread so it doesn’t disappear from the index. He wanted to find a way of displaying the entry in the browser but not mark it read.

Most of the video shows the process he went through to discover how to do that. His point is that Emacs makes such discovery fairly easy. He did have a problem with an anaphoric it but solved that too with a little experimentation. The takeaway is that you don’t need to be an Emacs internals expert or even an Elisp expert to make Emacs suit your work flow.

Take a look at the video for all the details. It’s about 12 and a quarter minutes so plan accordingly. Also be sure to read his post if you want the details on the update.

Posted in General | Tagged | Leave a comment

The NYT and Customer Surveillance

Irreal has been railing against adtech and the malware that advertisers download onto our computers to facilitate their tracking for a long time. Despite pretty compelling evidence that it doesn’t work, its use continues unabated. There is, however, a modicum of good news. Sort of.

The New York Times has announced that beginning next year they will no longer use 3rd-party data to target their advertisements. That means that they will no longer buy customer data from third parties to use in targeting their advertisements. That’s not great; they’re still collecting our information but at least it’s information we’ve revealed to them directly rather than data vacuumed up by tracking cookies and other sketchy methods.

Part of their decision is apparently because of the growing backlash against spying on our Internet activities and a desire to be seen as on the right side of the privacy debate. That and the fact that most of the major browsers make collecting meaningful data and associating it with a given person much harder than it has been.

Some other publishers are following suit but the strategy of using your own data doesn’t scale very well. The NYT has 6 million subscribers and millions of registered users who have signed up for occasional access and newsletters. Small publishers don’t have the wherewithal to rely on their own data.

As I say, this isn’t unmitigated good news but it may be a leading indicator of a trend to move away from surveillance capitalism. Best of all, it’s bad news for Facebook, Google, and others who make their money spying on us and tracking us across the Internet. Their demise can’t come too soon to suit Irreal.

Posted in General | Tagged | Leave a comment