Common Lisp Features

Posted on 2013-10-31 by jcs

A couple of years ago, Lisp luminary Nikodemus Siivola rescued and reposted Abhishek Reddy’s Features of Common Lisp page. It serves as a nice introduction to what makes Common Lisp such a great development environment. It doesn’t, of course, cover every feature and it doesn’t examine the ones it does cover in depth. Still, it’s a useful resource for someone who wants to see what the excitement is about.Even if you’re an experienced Lisper, you may find it interesting. It’s well worth a look.

While you’re at it, you might also want to have a look at Siivola’s Common Lisp FAQ. I’ve mentioned that a couple of times before and highly recommend it.

Posted in Programming | Tagged , | 0 Comments

Building Password Lists

Posted on 2013-10-30 by jcs

A little while ago Ars Technica published an interesting article on how password crackers build their lists of trial passwords. The TL;DR is that they scan Wikipedia, Project Gutenberg, news websites, song lyrics, IRC logs, Twitter, and other sources of text that show how people put words together. Then they apply the usual mangling rules to the resulting phrases to generate lists of trial passwords.

Read the article for more details but note that the technique discovered the 51 character password Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn1 (it’s from H. P. Lovecraft’s The Call of Cthulhu). The take away from the article is that it is absolutely critical that your passwords be chosen randomly. The best way to do that is to use a password manager that will generate long random passwords for you. That leaves only your master password which must also be random. The problem is that something like b2qJ)spbgT4LxTtE+piK, while secure, is impossible to remember. The solution is to use something like Diceware to choose 5 or 6 random words (like the famous correct horse battery staple from XKCD). I wrote about a Lisp implementation of Diceware if you want to automate the process but all you really need is a die as explained on the Diceware page.

Note that you can’t just choose any 6 words. The choice has to be random. That’s why you roll dice to choose them. The Lisp program I mentioned above gets cryptographically strong random numbers from /dev/random to choose words from the Diceware list. One thing for sure, passwords or passphrases that appear anywhere on the Web will not be secure.

Posted in General | Tagged | 0 Comments

Running Ping in Emacs

Posted on 2013-10-29 by jcs

Last year I wrote about my delight in discoverying the Emacs Net Utilities. It’s nice to be able to run a quick ping, traceroute, or even some of the other network utilities right from Emacs. I’ve found, however, that there is a psychological barrier to using them. When you do a ping (or whatever) it opens a new window and leaves it and the corresponding buffer hanging around until you clean them up. That’s not much of a barrier, of course, but it is enough that I found myself using the terminal instead. Silly, I know, but there it is.

Of course, this is Emacs so I can have it my way. I decided to run ping and traceroute alone in the frame using the strategy suggested by Magnar Sveen for Magit. I wanted to see the output and then be able to press 【q】 to destroy the buffer and restore the previous window configuration. It’s hard to see, I know, how this is much easier than simply typing 【Ctrl+x k】 to cleanup but it seems like it is to me and you do end up with everything the way it was before you started, which may or may not be true of just killing the window.

It’s a bit trickier than for magit because there’s no quit function: ping just runs and then leaves the buffer in place. Also, there’s no convenient keymap to hook into. My first try was to wait on a keypress using read-key with a prompt of “Press any key to continue” but that was too ugly. For one thing, you couldn’t temporarily switch away from the buffer or doing anything else requiring keyboard input.

I finally settled on establishing a temporary keymap where 【q】 causes a separate function to be called that kills the buffer and restores the old configuration. Once I figured out what I wanted to do, the code was pretty simple: 

(defun net-utils-restore-windows ()
  "Restore windows and clean up after ping."
  (interactive)
  (kill-buffer (current-buffer))
  (jump-to-register :net-utils-fullscreen))

(defadvice net-utils-run-program (around net-utils-big-page activate)
  (window-configuration-to-register :net-utils-fullscreen)
  (let ((buf ad-do-it))
    (switch-to-buffer buf)
    (delete-other-windows)
    (set-temporary-overlay-map
      (let ((map (make-sparse-keymap)))
        (define-key map (kbd "q") 'net-utils-restore-windows)
        map))
    (message "Type \"q\" to restore other windows.")))

This only works with ping and traceroute because the other network utility functions call a different display routine. I could do essentially the same thing for them but I virtually never use them so I didn’t bother.

This isn’t a big thing, of course, but it does reduce my workflow friction a bit so it’s a win for me. And, of course, it demonstrates once again how flexible and extensible Emacs is.

Posted in Programming | Tagged , | 0 Comments

What Foiled Terrorist Plots?

Posted on 2013-10-28 by jcs

Rick Falkvinge has a great article that makes an obvious point. We can know for sure that government surveillance has foiled exactly zero terror plots. We know this because planning, let alone carrying out, terror plots is a crime but there have been no trials or convictions.

In my first ever post about the NSA scandal, I noted that the NSA’s director, Keith Alexander, claimed that the surveillance had foiled “dozens,” later updated to “over 50,” terror plots. Of course no details were offered. But as Falkvinge says, where are the criminal proceedings?

That brings us back to my original question. Where is the press on all this? The government is clearly lying but there’s nary a word from the main stream press. If it wasn’t for The Guardian (and yes, lately, the New York Times) we wouldn’t know what the NSA was doing and why it matters.

Read Falkvinge’s article. It serves as an excellent reminder of how no government can be trusted to tell us the truth. As I.F. Stone famously said, “All governments are run by liars and nothing they say should be believed.” The NSA scandal neatly illustrates this. Everything they’ve said about Snowden’s revelations have been shown to be lies. Believe them at your peril.

Posted in General | Tagged | 0 Comments

The End of Journalism

Posted on 2013-10-27 by jcs

Many of you know that I’m not a fan of newspapers or most journalists. When reporters aren’t pursuing an agenda or otherwise abdicating their journalistic responsibilities, they run around chasing trivia and sideshows like the seemingly never ending series of Where’s Waldo articles on Edward Snowden.

On the Snowden matter, one notable exception has been Glenn Greenwald who has pretty much owned the NSA snooping story. Now Greenwald has delivered a stinging rebuke to his fellow journalists. What kindled his anger was a column by Chris Blackhurst, an executive and, until recently, the editor of the UK daily, The Independent. In it, Blackhurst says he wouldn’t have published the Snowden material because, “If MI5 warns that this is not in the public interest, who am I to disbelieve them?” Really? “Who am I to disbelieve them?” It should infuriate even the Where’s Waldo division of the fifth estate that this man calls himself a journalist.

It certainly infuriated Greenwald who explains at length why it’s Blackhurst’s damn job to disbelieve them. Follow the link to experience his righteous anger first hand. If you think you’re being under served by the media, you’re sure to find much to agree with.

Posted in General | 0 Comments

CrptoSeal Shuts Down

Posted on 2013-10-26 by jcs

The U.S. Government’s overreaching has claimed another victim. The CryptoSeal VPN service has pulled the plug. These are good guys who did everything possible to provide a secure, private VPN service. They didn’t keep logs and could provide authorities only with user billing information.

In the aftermath of the Lavabit case they felt that the FBI or other government entity would use a pen register warrant as leverage to demand the site’s SSL encryption key thereby rendering all the site’s users vulnerable. As a result they have shut down their service and destroyed all customer records.

I’m of two minds about this. On the one hand their customers have been inconvenienced but are safe. In this regard, they are heroes; they shut down their business rather than be a party to what they consider crimes against innocent people by an out of control government. On the other hand, they are advancing the government’s cause by eliminating one more means for people who value their privacy to use the Web in a secure and confidential manner. That’s a tragedy that should concern us all.

This case shows, once again, how important it is to insist that the government knock off their thuggish behavior and start respecting citizens’ rights. They will, of course, scream “terrorist” and “think of the children” and all the other nonsense they always spout when they get caught with their hands in the cookie jar but it’s time to demand an end to their extralegal activities.

Posted in General | Tagged | 0 Comments

Update on OS X Emacs Battery Status

Posted on 2013-10-25 by jcs

Yesterday, I wrote about the problems I had with Emacs when I updated to OS X Mavericks. The problem was that the call to display-battery-mode failed. For OS X, Emacs uses pmset to get the battery status data. With Maverics, pmset was returning a string that began with “Now drawing from ‘(AC|Battery) Power’” but in previous versions returned “Currently drawing from ‘(AC|Battery) Power’.” Since Emacs was looking for the latter string, the output was corrupted and the call to display-battery-mode failed.

It was pretty easy to track this down using Edebug. The problem is that the regular expression used to search the pmset output is a constant string and not configurable. That means that fixing the problem pretty much boils downs to

  1. Fixing battery-pmset, where the problem occurs, to look for “Now” as well as “Currently” or
  2. Making a local copy of battery-pmset that looks for “Now.”

While I was pondering what to do, Bernd Berndsen wrote to tell me that a change had already been pushed to the development branch. Since this is not a critical issue for me, I’m content to wait to the next update. If it’s more important to you, the easiest thing to do is either to edit and recompile battery-pmset on your local version of Emacs or install the latest development branch. Follow the “development branch” link to see the change you need to make.

I’m not privy to Apple’s thinking on this, of course, but the change seems gratuitous to me. Yes, “Now” is slightly better wording than “Currently” but they had to know that it was apt to break programmatic processing of pmset‘s output. If anyone knows why the change was made, please leave a comment.

Posted in General | Tagged | 2 Comments

Mavericks and Battery Status

Posted on 2013-10-24 by jcs

I just upgraded my iMac and MacBook Pro to the new OS X, Mavericks. The upgrade went flawlessly—everything should work as well—and my iMac came up without a problem. I spend most of my time in Emacs, of course, so it was the first thing I checked out. No problems.

A bit later, my MacBook finished upgrading and again it came up without a problem but Emacs got an error very early in loading init.el and there wasn’t much indication of what was wrong. I was a bit confused because the same init.el is pulled from a Git archive for both machines so why was it working on the iMac but not the MacBook?

I drag in platform and system specific configuration with the code 

;; Just keep on going if the requisite file isn't there.
;; Manipulations in second load is for "gnu/linux" → "linux"

(load (car (split-string (system-name) "\\.")) t)
(load (car (reverse (split-string (symbol-name system-type) "/"))) t)

The MacBook is named manfred so I tried loading manfred.el manually and got the error. The manfred.el file is pretty simple 

;; -*- mode: Emacs-Lisp -*-
;; Time-stamp: <Sunday, October 28, 2012  16:21:00 EDT (by jcs)>
;; Emacs configuration specific to manfred

(set-frame-height (selected-frame) 53)
(display-battery-mode 1)

so the problem was obvious. Apparently the Mavericks battery interface changed from Mountain Lion so the display of battery status was failing.

I’ll probably take a look at the code to see what I can do but displaying battery status on the mode line is not a high priority so it’s not an urgent problem. The point of this post is to alert other Mac users who upgrade to Mavericks about the problem. It’s only a problem if you display battery status, of course, so probably only affects Laptop users.

Posted in General | Tagged | 1 Comment

The Aaron Swartz Legacy

Posted on 2013-10-23 by jcs

I’ve written before about Aaron Swartz’s last project, software to enable whistle blowers to communicate with news organizations anonymously. The New Yorker was the first to implement the system. Those with information about government misdeeds finally had a secure way of passing their information on to journalists.

Wired’s Kevin Poulsen, who collaborated with Swartz on the project, has headed the program until now. On October 15th the Freedom of the Press Foundation took over the project and renamed it SecuredDrop.

The project has received an extensive security review by well known experts, including Bruce Schneier, that should help assuage prospective whistle blower’s fears.

This is a great project that we should all support. The Freedom of the Press Foundation announcement has more details.

Update: Freesom → Freedom

Posted in General | Tagged | 2 Comments

List of Free Programming Books

Posted on 2013-10-22 by jcs

Victor Felder has an excellent list of free programming books over at Github. The list is indexed in several ways so it’s pretty easy to find books in the area you’re interested in. Among other things, I learned that there are a couple of free Lisp books I haven’t looked at.

This is a useful resource and worth bookmarking for the day when you need a pointer to a readily available programming book.

Posted in Programming | Tagged | 0 Comments