Lisp Types

Posted on 2014-04-27 by jcs

There’s been a lot of talk lately about static versus dynamic typing. The partisans on both sides are adamant in their positions and absolutely secure in their righteousness. It has, in other words, become a religious issue.

Although I’ve used many languages over my career, these days I do virtually everything in either Lisp or C so I have a foot in each camp. I believe, as do most who can shake off their religious fervor, that either paradigm is fine and that each has advantages—and disadvantages—and one should pick the most appropriate choice for the situation at hand.

Lisp, especially, has a bad rap because of it’s supposed dynamic typing but the reality is much for complex. Bob Krzaczek over at The Bit Bucket has an excellent post on the Lisp type system and how it works. Although Common Lisp is nominally dynamically typed, you can, in fact, specify types at compile time. That, of course, means that the compiler can use the additional information to generate better code. Often the code will be essentially the same as a C compiler will generate.

Krzaczek’s post starts with an example that demonstrates an important point: Lisp will do everything it can to compute the correct result given the arguments it’s passed. That’s something that, say, C won’t necessarily do. For example if you tell C that an input argument is a 32-bit integer and pass it a 64-bit integer, the chances are that C will truncate the input to the lower 32 bits.

Read Krzaczek’s post for an explanation of the Lisp type system and how sophisticated it is. If you’re a static type partisan, it may be counter-intuitive but Lisp’s type system is much more intelligent and flexible than what’s found in the typical C compiler.

Posted in Programming | Tagged , | Leave a comment

Irreal Turns Three

Posted on 2014-04-26 by jcs

Three years ago on April 26, 2011, I published the first post in this instantiation of Irreal. I guess that means that the terrible twos are finally over.

Posted in General | Tagged | Leave a comment

The Ultimate Privacy Guide

Posted on 2014-04-25 by jcs

From time to time I’ve mentioned articles that help you maintain your privacy. Some of us grumpy and misanthropic types have nothing to hide but do everything we can to maintain our privacy out of orneriness. If that sounds like you, let me recommend The Ultimate Privacy Guide.

It’s a long (almost 13,000 words) article that covers just about everything you need to know to keep your online activity as private as possible. Pretty much every expert agrees that if the NSA really wants to snoop on you in particular, there’s not much you can do except to abandon all communication technology. Fortunately, the government doesn’t have the wherewithal to give everyone that sort of individualized attention so taking steps to secure your communications makes sense.

The authors suggest that you not try to read to whole thing at once but rather that you choose the topic that you’re interested in at any particular time. Probably your best bet is to bookmark the article so that you can look up topics as you need them.

Posted in General | Tagged | 1 Comment

Guile and Emacs

Posted on 2014-04-24 by jcs

Three years ago, I wrote about a talk by Andy Wingo on the new Guile architecture. One of the most interesting things in the talk for me was Wingo’s plans to integrate Guile into Emacs by replacing the Elisp engine with the Guile engine. Guile already has an Elisp mode so the idea is that existing packages wouldn’t need to be rewritten and new code could be written in either Elisp or Scheme.

Since that talk I haven’t heard much about the project except for an occasional question on reddit or HN as to whether it was still alive. It turns out that it is alive and one of this year’s Google Summer of Code projects is to complete the integration of Guile into Emacs.

Sadly, I can’t find much useful information about the project but this article on the Emacs Wiki gives some useful background. It’s not clear that the Emacs maintainers would accept Guile as the new Emacs engine so Guile-Emacs may be just a curiosity. On the other hand, it may turn out to offer enough advantages that it does get accepted. It will be interesting to see what happens.

Posted in General | Tagged , | 1 Comment

Sacha’s Emacs Beginner Resources

Posted on 2014-04-23 by jcs

Speaking of Sacha Chua—as I did yesterday—she’s got a nice page on beginner resources for Emacs. Chua tasked one of her assistants to seek out resources for learning Emacs and published the results.

She’s got all the sites you’d expect: the Emacs Wiki, Mickey’s Mastering Emacs, Xah Lee’s Tutorial, and others. But there are also some resources that I wasn’t familiar with so even if you’re an experienced Emacser, you might want to take a look. Definitely a useful resource. If you’re just starting this is an excellent place to find useful tutorials.

Posted in General | Tagged | Leave a comment

Sacha Chats with Jānis Mancēviĉs

Posted on 2014-04-22 by jcs

Sacha Chua has another Emacs chat up. This time it’s with Jānis Mancēviĉs. It’s a far ranging talk but one of the interesting aspects is Mancēviĉs’s use of Org mode for Literate Programming. He and his team mate use Org to pass around their code and documentation and then tangle the code for compilation. Mancēviĉs talks a bit about the benefits of Literate Programming and why they use it even though the up-front costs are a little greater. My impression is that he uses the Literate Programming paradigm not so much to produce finished documentation à la Knuth but to keep information about the algorithms and functions together with the code.

Another nice strategy that Mancēviĉs uses is cold folding. I used to use that occasionally with Vim but forgot about it when I moved to Emacs. Org mode has built-in folding, of course, but the more general Emacs folding can useful in non-Org files such as your .emacs, programming source, or text files.

The video is a little over an hour so plan accordingly. As with all of Chua’s Emacs chats, you’re apt to learn a thing or two so it will be worth your time.

Posted in General | Tagged , | 3 Comments

More Password Field Silliness

Posted on 2014-04-21 by jcs

The other day I wrote about the stupid password policies and handling that many sites have. It appears that I’m not alone in being infuriated by this nonsense.

David Pashley has his own post documenting some of the silliness. In the unlikely event that those of you in Europe believe yourselves immune to this madness, many of his example are from European sites.

One of the points in my original post was the rule of thumb that any restriction is an indication of security problems. Sadly, sometimes the indications are a bit more subtle. Pashley gives the example of a site that appeared fine but then he discovered that his 30 character password had been truncated to 20 characters. Just knowing that is a sure fire tip off that the passwords aren’t being hashed but it gets worse. Pashley says he discovered the truncation because when he exercised the “lost password” option they emailed him his password (truncated to 20 characters) in the clear. So not hashed; original passwords stored. Inexcusable.

Let me say it again: if a site is handling your password correctly, there won’t be any restrictions on length or characters. If a site does have such restrictions, proceed cautiously.

Posted in General | Tagged | Leave a comment

The Iron Law of Data Collection Strikes the UK

Posted on 2014-04-20 by jcs

I’ve written before about the Iron Law of Data Collection, the idea that no matter the rationale given for the collection of the data or the promises made about its confidentiality there will always be mission creep that finds new uses for the data and its eventual abuse. The two links above give examples of it in action. Now, we have another example, this time from the UK.

In a sense, this is the worst betrayal of those I’ve written about. The government promises you that they have to collect your financial information in order to administer the income tax system but that that information is held in absolute confidence and will not be released outside the government1. That promise is necessary to prevent large scale cheating and resistance to the HMRC.

The UK case is particularly troubling because the reason for breaking the promise is so venal. The HMRC is proposing the sell the information to “third parties,” including private companies. As one of the commenters said, “…it has proven there is still life in the 19th century adage ‘the political classes would sell their own grandmothers for a shilling’.

Sadly, the Iron Law marches on. Here’s the next example of its application.

Footnotes:

1

In the US, at least, the release of tax payer information is a serious felony. I assume the same is true in the UK. Of course, even in the US there’s been recent abuse for political reasons. One more reason, if you needed it, not to trust their high sounding promises.

Posted in General | Tagged | Leave a comment

Cyberterrorism

Posted on 2014-04-19 by jcs

An excellent suggestion from Ryan Paul (via Jean-Philippe Paradis)

Posted in General | Tagged | Leave a comment

Encrypt Everything?

Posted on 2014-04-18 by jcs

Klint Finley over at Wired has an article that discusses the pros and cons of encrypting the Internet. By that he means using SSL/TLS instead of plain HTTP for every connection. It’s not a new idea. For example, the EFF has its HTTPS Everywhere program that includes a plugin for many browsers that always tries to establish an HTTPS connection even if the site defaults to HTTP.

I really like this idea, at least in principle. It makes man-in-the-middle attacks difficult if not impossible and goes a long way towards keeping the NSA’s nose out of our business. On the other hand, does it really make sense for, say, me to force HTTPS connections to Irreal? There’s certainly no first order reason to do so. There’s no sensitive data being transferred and Irreal is hardly subversive enough that anyone would worry about having the government or anyone else see what they’re reading on the site.

Of course there’s the benefit that it makes the Internet a sea of unintelligible bits and thus makes government snooping really difficult. Perhaps that’s reason enough. What do you think? Should all sites—even the innocuous like Irreal—use SSL/TLS or is the benefit not worth the cost?

Posted in General | Tagged | Leave a comment