Password Horror

Posted on 2013-02-17 by jcs

This isn’t the usual post about some nincompoop making yet another foolish security mistake. It’s about a guy who does (almost) everything right and almost loses it all. Over at the White Hat Security Blog, Jeremiah Grossman tells a chilling tale about the day he forgot a password.

Grossman works in security and deals with a lot of sensitive material, much of which he keeps on his MacBook Pro. As a result, he’s extremely paranoid about his data protection protocols. His protocol involves two layers. First, his entire hard drive is encrypted with FileVault, the OS X full disk encryption utility that provides 128 bit AES encryption. This is already more security than most users have but he has a second layer that creates encrypted disk images (another OS X feature) each of which is encrypted with 256 bit AES. Thus, even if an attacker is able to breach the full disk encryption, there are still encrypted disk images that contain especially sensitive information. The images are mounted while needed and then unmounted so that their data is rarely available in plane text. Grossman also changes all his passwords on a regular basis. All those passwords are kept in one of the disk images and are protected by a master password.

This is doing security right. The data is always secure because of the full disk encryption and especially sensitive data is hidden away in virtual disks images that look like normal files and are easy for an attacker (or government agent, for that matter) to overlook. There’s only one thing missing: a backup for the master password. Some people will tell you to never write your password down. Grossman’s story is about what happens when you take that advice and then forget your password.

Follow the link for how he recovered and how hard it was. He only succeeded because he remembered most of the password. His story is interesting and enlightening but the post is valuable for another reason: it lays out a way to secure your data against most attackers (those that don’t come with 3 letter initials or a $5 wrench). If you’ve wondered how to secure your laptop against loss or other breach, this is a post you need to read. If you have a Mac and want to know how to set up encrypted virtual disks, Scott Jordan has a post that gives you the full explanation. If you’re working on another platform (or want another option on the OS X) take a look at TrueCrypt. It’s portable and can do everything described here.

Finally, I should mention that Jordan’s post on setting up virtual disk images shows you how to use it with Dropbox in a transparent and flexible way. If you use Dropbox and store sensitive information you need this because, as I’ve written many many times, if you store sensitive information in the cloud you better be encrypting it.

Posted in General | Tagged | Leave a comment

Elisp

Posted on 2013-02-16 by jcs

No wonder it’s so hard to learn.

Posted in General | Tagged , , | Leave a comment

Remarks on EmacsGolf Challenge 1

Posted on 2013-02-15 by jcs

Apparently I was a bit sloppy with my wording because everyone missed the fact that there was a second part to this challenge. Every line that started with an “open figure” was supposed to be deleted. That was just a matter of deleting every other line and is easily done with a macro in 5 keystrokes.

My original solution was

F3 start macro
Ctrl+f move to “puthash”
Meta+Shift+f select “puthash”
xmsi-add-cycle replace
Ctrl+f move after space
[
Ctrl+7 Ctrl+f move after strings
]
Meta+d Meta+d delete “xmsi-abrvs”
Ctrl+n move to next line
Ctrl+Shift+Delete delete entire line
Meta+0 F4 end macro and execute

That’s 28 keystrokes (not 29; I think I shaved off another by combining the end macro and execute). Notice that deleting the extra lines takes only two additional keystrokes. If you don’t worry about deleting the lines, you can do a bit better with multiple-cursors but then you have to use a macro to get rid of those lines. At least I couldn’t figure out a way to do it from within multiple-cursors.

Magnar Sveen had a nice trick to shave off two more keystrokes by using hippie-expand. I tried to integrate that into my solution but after the first time it picked up xmsi-add-cycle instead of xmsi-abrvs which resulted in cascading -adds on subsequent lines. Magnar uses a custom function that looks for the nearest match so his hippie-expand trick might have worked with a macro for him.

Fuco had a nice approach using his smartparens package. If anyone else has some good tricks it’s not too late to leave a comment.

If you want to contribute a challenge (please do!) you can mail it to challenges at the domain of this blog.

Posted in General | Tagged , | 5 Comments

Emacs Batch Text Processing

Posted on 2013-02-14 by jcs

Xah Lee has a page up on batch text processing with Emacs. The page is a recapitulation of several tips that Lee has published before. These tips were very helpful to me when I was trying to learn the Elisp environment. Anyone with some Common Lisp or Scheme experience will have no problem with the Elisp language; it’s the library of Elisp functions specific to Emacs that will be unfamiliar. Lee’s tips helped me understand and learn the Elisp idioms.

If you are trying the learn Elisp, it’s worthwhile taking a look at this page and some of the other in Lee’s Elisp Tutorial.

Posted in General | Tagged , | Leave a comment

Replace Emacs?

Posted on 2013-02-13 by jcs

Lord I get tired of reading this sort of thing. The tl;dr is that:

  1. N00bs don’t like Emacs because it’s not like Notepad and thus has a steep learning curve.
  2. Most Lispers use Emacs.
  3. Because of 1. and 2. n00bs won’t learn Lisp
  4. Therefore, we should stop using Emacs and replace it with something that won’t cause n00bs to whine.

I don’t know about you but this makes me want to slap those n00bs and suggest they grow up. Even if we stipulate that I’m crotchety and intolerant the post is still wrong on its own terms.

The fact is there are already plenty of alternatives to Emacs for Lisp. Many Lispers (Paul Graham comes to mind) use Vim. Oops. That’s not Notepad either. How about the LispWorks IDE? Edi Weitz, a world class Lisper, uses it. Want open source? How about MCLIDE or Clozure CL IDE for OS X? What’s that? You use Windows? How about LispIDE? It supports a large number of Lisp implementations. With the exception of the LispWorks IDE these all come with source code so you can fix any deviations from the Notepad key sequences.

And at the risk of becoming a poster boy for what’s wrong with the Lisp Community, I have to ask if we really want to recruit prospective Lispers who are too lazy to learn Emacs. Because if we do, I promise you that the next thing we’ll hear is whining about all those parentheses and an endless onslaught of proposals to use Python-like indentation instead.

Posted in General | Tagged , , | 1 Comment

More Multiple-Cursors Functionality

Posted on 2013-02-12 by jcs

On his Emacs Rocks twitter feed, Magnor Sveen announced some useful additions to his multiple-cursors package. If you active regions with multiple-cursors you can now perform the following operations on them

  1. Reverse the lines in the regions
  2. Sort the regions
  3. Insert line numbers

He maps these to

Ctrl+~ Reverse regions
Meta+~ Sort regions
Hyper+~ Insert numbers

These additions bring to multiple-cursors functionality that exists in other Emacs packages such as CUA-rectangle-mode and thus makes it even more of a go to package for efficient text manipulation.

I’m still experimenting with it but so far I really like it. If you’re using the multiple-cursors package (and if you aren’t you really should be) you’ll get the new functions the next time you update but you’ll need to set key sequences for them. I like the ones that Sveen is using but, of course, you can choose your own.

Posted in General | Tagged | Leave a comment

VimGolf In Emacs: A Numbered List

Posted on 2013-02-11 by jcs

The conventional wisdom is that Vim is much more efficient—at least in keystrokes—than Emacs. In working the various VimGolf challenges and reading (or watching) other peoples’ solutions I’ve found that that’s often true but not always. A non-trivial part of the time Emacs can do much better than Vim. This challenge is an example of that.

This VimGolf challenge is to convert a pandoc unordered list to a numbered list. That’s extraordinarily simple if we’re using Org mode but even treating the file as just text we can still do better. The challenge is to take the starting file

My cursor happens to be on this line

## Here is my unordered list
   * item 1
      + it has some sub-items
         - sometimes it has sub-sub-items
      - i list some information about it
   * here is another item
   * and another
      - with some random sub-item
      - maybe with something in **bold** to make asterisks suck
   * woohoo I'm listing stuff like mad
   * I'm a mad pandoc'ing fool
      - long-live **John MacFarlane**!
      + reasons why pandoc is awesome
         - there's just too many list
         - but i'll put some more sub-sub-items for example
         - superfluous - and + to make matching them a pain
   * woo look at these sexy bullet points
   * you almost don't want to turn them into integers
   * but then you do because you know it's the right thing to do

## Here's some other stuff in the file
   * blah blah blah
   * maybe I should go with #. but then it's not readable in txt format

and make part of it numbered.

My cursor happens to be on this line

## Here is my unordered list
   1. item 1
      + it has some sub-items
         - sometimes it has sub-sub-items
      - i list some information about it
   2. here is another item
   3. and another
      - with some random sub-item
      - maybe with something in **bold** to make asterisks suck
   4. woohoo I'm listing stuff like mad
   5. I'm a mad pandoc'ing fool
      - long-live **John MacFarlane**!
      + reasons why pandoc is awesome
         - there's just too many list
         - but i'll put some more sub-sub-items for example
         - superfluous - and + to make matching them a pain
   6. woo look at these sexy bullet points
   7. you almost don't want to turn them into integers
   8. but then you do because you know it's the right thing to do

## Here's some other stuff in the file
   * blah blah blah
   * maybe I should go with #. but then it's not readable in txt format

The best Vim solution is 20 keystrokes. Here’s my solution that does it in 12.

Ctrl+1 F3 Start macro with counter set to 1
Ctrl+s␠␠* Search for leading star
Return Exit incremental search
Backspace Delete star
F3. Insert counter and period
Ctrl+8 F4 Exit macro definition and execute it 8 times

Of course, if we treat the starting file as an Org buffer we can do it in 4.

Ctrl+3 Ctrl+n Move down to line of first star
Ctrl+c - Change to numbered
Posted in General | Tagged | 4 Comments

Some Common Lisp Resources

Posted on 2013-02-10 by jcs

Here’s a collection of some useful Common Lisp resources that I’ve come across recently.

Posted in Programming | Tagged , | 2 Comments

A First Emacs Challenge

Posted on 2013-02-09 by jcs

Xah Lee has contributed a challenge that serves as an excellent example of one of the types of problems I think we should concentrate on if we start an EmacsGolf site. I like this problem because it is a real problem of the type that Emacs users encounter every day.

Lee has a minor mode, xmsi-mode, that is useful for mathematical input (it’s very handy if you do that sort of thing; check it out). Recently, he was refactoring the code and wanted to change lines like

(puthash "■" "□" xmsi-abrvs)
(puthash "□" "■" xmsi-abrvs)
(puthash "●" "○" xmsi-abrvs)
(puthash "○" "●" xmsi-abrvs)
(puthash "◆" "◇" xmsi-abrvs)
(puthash "◇" "◆" xmsi-abrvs)
(puthash "▲" "△" xmsi-abrvs)
(puthash "△" "▲" xmsi-abrvs)
(puthash "◀" "◁" xmsi-abrvs)
(puthash "◁" "◀" xmsi-abrvs)
(puthash "▶" "▷" xmsi-abrvs)
(puthash "▷" "▶" xmsi-abrvs)
(puthash "▼" "▽" xmsi-abrvs)
(puthash "▽" "▼" xmsi-abrvs)
(puthash "★" "☆" xmsi-abrvs)
(puthash "☆" "★" xmsi-abrvs)
(puthash "♠" "♤" xmsi-abrvs)
(puthash "♤" "♠" xmsi-abrvs)
(puthash "♣" "♧" xmsi-abrvs)
(puthash "♧" "♣" xmsi-abrvs)
(puthash "♥" "♡" xmsi-abrvs)
(puthash "♡" "♥" xmsi-abrvs)
(puthash "♦" "♢" xmsi-abrvs)
(puthash "♢" "♦" xmsi-abrvs)

into lines like this

(xmsi-add-cycle ["■" "□"])
(xmsi-add-cycle ["●" "○"])
(xmsi-add-cycle ["◆" "◇"])
(xmsi-add-cycle ["▲" "△"])
(xmsi-add-cycle ["◀" "◁"])
(xmsi-add-cycle ["▶" "▷"])
(xmsi-add-cycle ["▼" "▽"])
(xmsi-add-cycle ["★" "☆"])
(xmsi-add-cycle ["♠" "♤"])
(xmsi-add-cycle ["♣" "♧"])
(xmsi-add-cycle ["♥" "♡"])
(xmsi-add-cycle ["♦" "♢"])

This isn’t a hard problem but how efficiently (in terms of keystrokes) can you solve it? You can use anything in core Emacs, ELPA, or any external tool accessed in the usual way from Emacs. As a baseline, I did it in 29 keystrokes without trying too hard. I’m sure many of you can do better. I’ll be trying too.

Thanks to Xah Lee for generously donating this challenge rather than posting it himself.

Posted in General | Tagged , | 8 Comments

An Emacs Minor Mode Tutorial

Posted on 2013-02-08 by jcs

Over at the Google G+ Emacs Community, Agu Monkey has a pointer to an excellent tutorial on writing Emacs minor modes by Christopher Wellons. Most of us probably have no interest in writing a full-fledged minor mode (although Wellons’ tutorial is complete enough for that) but it’s often an easy way to provide some custom key bindings for a major mode or otherwise provide additional functionality.

Wellons takes us through the development of a trivial minor mode that merely inserts the word “foo” when called with a 【Ctrl+c f】 key sequence and keeps a count of how many foos are inserted. He shows how to make a buffer-local variable to count the insertions, how to instantiate a hook-function variable that users can insert hook functions into to run their own code when the minor mode is toggled, how to define a keymap for the minor mode, and how to activate the minor mode when a major mode is activated.

This is a really useful tutorial that you should read and then bookmark for the day that you want to add a little extra functionality to some mode or when you want to write a full blown minor mode. Highly recommended.

Posted in Programming | Tagged | 2 Comments