Last Chance

Posted on 2013-07-14 by jcs

By way of a public service announcement, Google will be deleting all Google Reader information tomorrow. This is your last chance to get your subscription (and other) data out of the system. It’s easy to do so. Just go to Google Takeout and click on Create Archive button.

Posted in General | Leave a comment

GPG Tutorial

Posted on 2013-07-14 by jcs

If you aren’t already using GPG (or one of its OpenPGP brethren) you should start. Happily, Alan Eliasen has a nice tutorial on how to set up and use GPG. The tutorial covers everything you need to use GPG in a secure way. Definitely worth a read. You may also want to bookmark it as an easier to read man page.

Posted in General | Tagged , | Leave a comment

A Beginning Emacs Tutorial

Posted on 2013-07-13 by jcs

Jekor (aka Chris Forno) has an excellent beginning Emacs video up on YouTube. It’s the first in a planned series so it just covers the very basics. The video has great production values. Jekor highlights items he’s discussing so it’s very easy to follow. It’s a great video for n00bs.

I’m looking forward to subsequent installments. If you know someone who is thinking of trying Emacs this is something to point them to—especially when other videos are added so that there’s a series to get a n00b up to speed.

Posted in General | Tagged | Leave a comment

The Good Guys and Bad

Posted on 2013-07-12 by jcs

There’s a tiny ISP in Utah, USA. It has a sole proprietor and very limited resources. Still, it does what few others are willing or able to do. For the last 15 years, Xmission has refused to honor any request for user data unless it is accompainied by a court-issued warrant.

In those 15 years, it has only once provided data and that was when it was presented with a warrant from FISA. For owner Pete Ashdown it’s simple: if you don’t have a court-issued warrant, the request is unconstitutional and he’s not going to honor it. He has maintained that stance even in the face of a local law passed a few years ago that law enforcement could request data without a warrant. Ashdown says it’s easy to get a warrant and if you don’t get one you don’t get the data. The fact that he has only once acquiesced shows how easy it is to resist government extra-legal snooping if you have the courage and will.

Then there’s Microsoft1. A huge company with practically unlimited resources and substantial political clout. Unlike Xmission, they are only too happy to sell out their customers and then lie about it. Think that’s hyperbolic? Think I’m just Microsoft bashing? See for yourself2.

How can a company that provides the NSA with a backdoor to the Outlook encryption function before it’s even released be said to be looking out for their customers? How can a company that worked with the NSA to provide them easier access (through the Prism program) to their SkyDrive cloud service be said to respect their customer’s privacy? How can a company that, at the same time, provides the NSA with the audio and visual content of Skype calls and claims that “Skype is committed to respecting your privacy and the confidentiality of your personal data, traffic data and communications content” be said to be being honest with their customers?

If all that seems shocking, you’ve seen nothing yet. Go read the article. Microsoft’s whoring for the NSA is disgusting beyond words. They say, of course, that they have to obey the law, which is fair enough, but the thing is, there is no law requiring vendors to build in back doors for government snooping. We know this because the FBI has been whining for years about their sources going dark and asking Congress to pass laws requiring such back doors.

If you think it’s only about national security, think again. As the article makes clear, the NSA shares this data with the FBI and the CIA. They call it “a team sport.” Read, if you can stomach it, the effusive praise for Microsoft’s cooperation from the FBI and NSA.

This affects us all. If you’re an American, your fellow Americans are conspiring to spy on you. If you’re not an American, you don’t have even the presumption of rights so your situation is worse. If, after reading the Guardian story linked above you’re still using Microsoft products, you have only yourself to blame for the inevitable loss of privacy.

Footnotes:

1 Perhaps the other tech giants are equally guilty; we’ll have to wait to see. For now, this is the only specific information we have.

2 What follow assumes, of course, that the Guardian story is correct. Given their track record on the NSA story, I’m willing to give them the benefit of doubt on this.

Posted in General | Tagged | Leave a comment

AT&T: All Your Data Are Belong To Us

Posted on 2013-07-11 by jcs

Editorial Note: In the aftermath of the NSA revelations, I’ve been writing more and more posts on privacy and ways to help secure it. From this post on I will use the tag “Privacy” to mark these.

AT&T, my wireless carrier, has joined other large communication companies in deciding that our data really belongs to them and that they are going to sell it to advertisers. It’s OK, they say, because everyone is doing it. There’s the usual “no personal identification will be given to advertisers; we just want to give you better ads” nonsense. This is basically what Google is doing but this time we’re paying the carriers and they still feel free to appropriate our data and sell it. Really, it’s despicable.

Anyone with a clue already knows that cell phones—especially smart phones—are tracking devices but that doesn’t mean that our carriers should get to sell that information to anyone willing to buy it. Ideally, it would be illegal to collect and store this information (except maybe for engineering purposes and then only with identifying information removed). Of course, the usual 3-letter agencies would run screaming to Congress about the Four Horsemen of the Infocalypse so that probably isn’t in our immediate future.

Fortunately, at least for AT&T, you can opt out of this program as this Forbes article explains. I urge everyone to take the time to do this. If we don’t push back—now and hard—it will only get worse.

Posted in General | Tagged | Leave a comment

SBCL 1.1.9 Is Out

Posted on 2013-07-10 by jcs

The latest version of Steel Bank Common Lisp, 1.1.9, is out and available at the usual place. As always, the system built and tested without problems on my MacBook Pro and iMac.

The big news this month is that SBCL is now using libgmp for bignum support, a change that should increase bignum execution speed. There are also some minor enhancements and optimizations as well as the usual bug fixes. See the NEWS page for the details.

Posted in Programming | Tagged , | Leave a comment

Reproducible Research Redux

Posted on 2013-07-09 by jcs

Longtime readers know that I’m a big fan of reproducible research and, specifically, the way that Emacs and Org mode help make it possible. Here’s a very nice video presentation from SciPy2013 by John Kitchin. He describes how he writes his blog, his class notes, his papers, and his books using the principles of reproducible research via Org mode.

Kitchin is a professor of Chemical Engineering, not a computer scientist, so he serves as a poster boy for reproducible research: a scientist who collects all his text, data, programming code, and results into a single document. As he points out, when he wants to remember how he generated a complicated graph for a paper, it’s right there in the Org mode source for the paper.

This is a fairly short talk (about 25–30 minutes) so there’s no reason not to set aside some time to give it a look. At the end of the talk he gives a pointer to a github repository that has the (Org mode) source for the talk. Definitely worth your time.

Posted in General | Tagged , | Leave a comment

Locate and Emacs

Posted on 2013-07-08 by jcs

Bozhidar Batsov over at the excellent Emacs Redux tells us something that I didn’t know: It’s possible to call locate from Emacs. For those of you without a Unix background, locate is a utility that will return a list of any files on your system whose name contains a given string. The locate utility has been around for a long time and for years it was the best way of locating a file on your system.

I’m not a Windows guy so I don’t know what, if any, corresponding utility exists there1 but OS X has an additional, similar but more useful utility called Spotlight. Normally you access that directly from the GUI but there’s also a command line interface, mdfind, for it—another thing I didn’t know. The nice thing about the Emacs interface is that you can specify the command to use so if you want to use Spotlight you can just tell Emacs to use mdfind instead of locate. Yet another example of the flexibility of Emacs.

Footnotes:

1 The locate utility is pretty simple and should be easily portable to Windows—or most any OS—for those who might find it useful.

Posted in General | Tagged | 4 Comments

Perfect Forward Secrecy

Posted on 2013-07-07 by jcs

If, like me, you’re unsettled by the recent government(s) snooping you are probably looking for ways to secure your on-line activities. One obvious way is to use SSL/TLS whenever possible. If you use Firefox or Chrome, HTTPS Everywhere can help.

Sadly, even if you believe in the security of SSL/TLS, there is, for most sites, a single point of failure. When the client and server negotiate to agree on an encryption key, the negotiation is encrypted by the site’s static key. That means that if the key is later broken or exposed and, like the NSA, you have saved HTTPS sessions, you can retroactively decrypt them all.

What’s needed is perfect forward secrecy (PFS). That means that if one session is decrypted, the others are still safe. For SSL/TLS, perfect forward secrecy requires you to change the key used to encrypt the session negotiation for each session. All of this is beautifully explained by Michael Horowitz over at Computer World. Because he goes into reasonable detail, the article is a bit long but well worth reading. I urge you to take the time to give it a look.

Netcraft also has an excellent article on PFS that covers much of the same material and gives more information on the support that various browsers provide for it. It explains why some browsers, such as Safari, which support PFS nevertheless fail to apply it for some sites. Definitely worth reading.

As users, of course, there is little we can do except encourage the sites we use to implement it. Currently Google and a few smaller sites do this but most do not. That’s probably because you get a performance hit when you implement perfect forward secrecy. One happy note for the paranoid among us is that DuckDuckGo is now using PFS with all the major browsers.

Those of us who are technologits are in a position to make things better. Whenever we can, we should push to use SSL/TLS with PFS on our Web sites. That may mean making a case to management or beefing up the server if needed. Not easy, of course, but well worth it if it helps secure the Web and keep the Nosy Parkers at bay.

Posted in General | Tagged | Leave a comment

Take Your Lockdown and …

Posted on 2013-07-06 by jcs

For those of you still mourning the demise of Google Reader there’s good news and bad news. The good news is that, as usual, Netizens have stepped in and provided alternatives. I’m using Feedly and am happy with it but there are many other choices such as NewsBlur if you prefer something else. That’s all good; we certainly don’t want to make the mistake of entrusting our RSS feeds to a single source again.

The bad news is neatly explained by Marco Arment in his Lockdown post. While Arment agrees that part of the reason for shuttering Reader was decreasing usage—at least if you ignore API clients—he believes that there’s something else going on and it’s not the often claimed inability of Google to monetize Reader. Rather, it’s part of an effort on Google’s part to force us all into Google+. It’s easy to see why they’d want to do that. It’s all about being able to serve ads and one way to do that is be the single go to portal for users. In short, if you want to compete with Facebook, this is what you must do.

Even more alarming is that now everyone wants to do this. Instead of the 1000 flowers blooming in the form and small, interoperable Web services, the “big guys” are trying to make us all live in their particular walled garden and forget about being able to get our data out in any sort of convenient way.

Arment has a pithy response to all that, which you should read. Also follow his link to Jeremy Keith’s post for more on this. For my part, fighting back involves withdrawing my patronage of these sites. I don’t use Facebook so that’s already done. As for Google, I’ve already stopped using their search engine in favor of DuckDuckGo, I abandoned Blogger long ago, and my use of Gmail is restricted to funneling mailing list traffic. I’m now looking for an alternative to Gmail for even that function. Part of that is driven by my desire to make my email more secure from corporate and government snooping so that’s harder but in the meantime all they’re seeing is stuff from technical lists.

Realistically, Google isn’t going to notice my efforts and wouldn’t even if everyone reading these words did the same. Aunt Millie simply isn’t going to worry about this Geek stuff and will happily go right on using Facebook and Google. And there are a lot more Aunt Millies out there than there are Geeks. At least I am doing what I can to claw back some of my privacy and, at the same time, am refusing to feed the beast. As long as there are enough Geeks out there who feel the same, RSS and the Web will be just fine.

Update: After writing but before publishing this, I noticed this post, Distributed Everything, by Ven Portman that makes some additional points along the same lines.

Posted in General | Leave a comment