A Short Rant on Passwords

Posted on 2023-03-16 by jcs

It’s been a while since I’ve grumped about the dumb password rules you find on some sites. They have limits on password length, insist on some custom requirement concerning the number of digits, capital letters, and special characters, or, worst of all, they restrict the character sets you can choose from.

Anytime I see “you can use only the special characters…” I know that the site is insecure and probably storing the passwords in plain text, Why else would you care? The sad thing is that this is a solved problem. We KNOW how to hash and salt passwords and there are turnkey solutions in almost every language used to build Web sites that do so with a simple call. There’s no excuse for the moronic homegrown schemes that do nothing but decrease security.

If you want to enrage yourself, take a look at Dumb Password Rules and the list of sites and their rules. Again, there is no excuse for those stupid artificial restrictions. Anytime you see a limit on password length or a limit on the characters you can use, you can be sure the site isn’t doing the right thing. Sites that do these things should be shunned and shamed until they clean up their act.

But, of course, they won’t be. Instead they’ll continue to promulgate non-sensible rules that serve only to make you and their site less secure. And we’ll all suffer.

Posted in General | Tagged | Leave a comment

Dashes

Posted on 2023-03-15 by jcs

It will not be news to Irreal partisans that we here at Irreal are enamored of em-dashes. Some say that they are seldom used but I love em-dashes and probably tend to overuse them. Back in the dark ages before ubiquitous personal computers there were typewriters and they had only one type of dash: the hyphen. There was a convention of using a double hyphen for an em-dash but most folks who weren’t professional writers or typesetters had never heard the term “em-dash”.

Until I learned TeX, I wasn’t aware that there are, in fact, three types of dashes: hyphen, en-dash, and m-dash. The TL;DR is that you use a hyphen as a break within words at the end of line, or to connect compound words; the en-dash to separate numerical ranges; and em-dash as a clause separator, sort of like a comma.

The rules are, of course, nuanced and the above doesn’t capture them precisely. For those of you who want to better understand which to use and when, Mister Punctual has a post on the use of hyphens, en-dashes, and em-dashes. Now that reasonable typesetting software is available to everyone, it behooves us all to learn the differences between the various dashes and when to use them.

Posted in General | Tagged | Leave a comment

Asimov’s Three Laws and the Future

Posted on 2023-03-14 by jcs

I just came across this link to a 1965 short BBC interview of Isaac Asimov concerning his famous three laws of robotics. Those laws, as Asimov stipulates, are purposefully ambiguous to that he can use that ambiguity as a vehicle for his many stories that invoke them.

What struck me most about the interview was his discussion of synthetic organic matter and the possibility of robots and human beings growing closer to each other as the robots are built with more synthetic organic matter and humans incorporate more metal and plastic in the form of artificial organs. What impressed me particularly was that his vision contained echos of Bank’s Culture novels. He envisions a time when humans and robots will share a single culture although he does not foresee—or at least doesn’t mention—the extraordinary AI that the Culture’s robots, especially the Minds, are capable of. Of course, this was in 1965 and computers, let alone AI, were much more primitive than they are today.

The video is only 5 minutes, 42 seconds long yet still manages to raise some provocative points. It left me wishing it was longer but it was nonetheless very enjoyable and something I bet almost all Irreal readers will enjoy.

UPDATE [2023-03-15 Wed 13:43]: Azimov → Asimov

Posted in General | Tagged | Leave a comment

Removing Emacs Key Bindings

Posted on 2023-03-13 by jcs

Once you’ve been sucked into the event horizon of your Emacs configuration, you’re always adding new bindings. Sometimes it’s for a homegrown function, sometimes it’s to configure a new package. If you longer needed one of those bindings, it’s trivial to simply remove it from your init.el or whatever you’re using.

Sometimes, though, some other package steals one of your bindings. You can either change yours or disable theirs. The question is: how do you disable a binding that’s not in your configuration?

Bozhidar Batsov over at EmacsRedux has the answer. It’s pretty simple: you simply set the binding to nil. He gives the example of paredit adding a binding the conflicted with one used by one of the REPL modes but we’ve all experienced the phenomenon. You can remove a binding globally or locally. Batsov also mentions using global-unset-key or local-unset-key to remove a binding.

Thankfully, this is not something the we have to do very often but it’s nice to know how to do it when the need arrives.

Posted in General | Tagged | Leave a comment

Using Org Mode

Posted on 2023-03-12 by jcs

Aditya Athalye has a long(ish) and interesting post on how he uses org mode for writing and more. Like many of us, Athalye has used a lot of apps for keeping notes and publishing his blog and slides for his talks. He’s settled on Org for the sames reasons that many of us have:

  • It’s plain text so there’s no data lock-in.
  • It’s easily exportable to a variety of formats.
  • It has the ability to embed code with syntax highlighting.
  • It has the ability, through Babel, to execute that code and capture the results.
  • It offers a unified workflow for a variety of tasks.
  • Its Org markdown syntax is being adopted by a variety of (non-Emacs) apps.
  • It’s “local first” meaning that by default your data is held locally.

His post details how he uses Org and some of the Org features that he doesn’t use. He has no interest, for example, in using it for planning, time tracking, calendaring, or as a “second brain”. He’s content to use it for note taking and publishing.

He’s found, as have I, that Org can take over your life in the sense that it replaces most of your other applications. Sure, there’s still Email, RSS, music, and the rest but Org can subsume most of your record keeping requirements.

As I said, the post is a bit long but it’s a good example of one man’s use of Org mode and how it came to dominate part of his digital life.

Posted in General | Tagged , | Leave a comment

Org Pretty Table

Posted on 2023-03-11 by jcs

Just a quickie today about something you may or may not care about. The reason you may not care about it is that it only affects the display of your local Org buffer—in particular, the display of tables. If you’re like me, you don’t care about that type of stuff; the default Org display is fine. Other folks disagree and they are no more nor no less correct than I, they simply have different opinions and sensibilities. Some people really enjoy having even their intermediate results look as nice as possible.

For those folks, Matus Goljer (Fuco1) has a nice package that overlays the bare-bones default table boundries with their unicode equivalents. My first thought was that the package would be more useful if it exported these changes to HTML, PDF, and the rest but, of course, that’s just silly. The export backends already take care of that so there’s no need for an external package to do it.

The org-pretty-table package simply makes the Org version of your tables look better. If this appeals to you, by all means install it. If it doesn’t, don’t worry about it: your final product will still look good.

Posted in General | Tagged , | Leave a comment

Happy 50th Birthday to Dark Side Of The Moon

Posted on 2023-03-10 by jcs

Every year on this date, Irreal interrupts its normal programming to celebrate the birthday of Pink Floyd’s iconic Dark Side of the Moon. As I’ve mentioned before, the album is one of the best selling albums of all time. It spent just a couple weeks short of 3 decades on the 200 best selling albums list.

This year is special. It’s the 50th anniversary of the album. My daughter reports that even kids in her middle school class are talking about it. Think about that: kids talking about an album that was probably released before their parents were born.

The Irreal tradition is to feature a video of one of Pink Floyd’s songs to celebrate the event but this year is different. Because it’s the 50th anniversary, the band is holding a competition for the best animation featuring one the songs from Dark Side of the Moon. Here’s Nick Mason, the band’s drummer, explaining the competition:

It’s certainly possible that a few Irreal readers could produce an entry for this contest. I have no idea of what the prizes are but what could be better than having your animation and name linked with the best rock band of all time?

Posted in General | Tagged | Leave a comment

The Programmer Who Broke The Internet

Posted on 2023-03-09 by jcs

I just came across a story that offers us several lessons. It’s a tale about a programmer who withdrew a trivial function from NPM and subsequently caused several applications to fail. Some of failures were second order effects in that the failing application’s authors had never heard of the function but it was used in functions that they did use directly.

The function itself simply padded a string on the left with spaces to reach a specified a specified string length. As I said, it’s a trivial function (the implementation is only 11 lines) that anyone—even a rank beginner—could write but it was available in some random library so why reinvent the wheel?

All went well until a billion dollar corporation wanted to use the name of one of the programmer’s other packages and asked him change the name of his. When he refused, they threatened legal action and got NPM to side with them and assign the name to the billion dollar corporation. In a fit of—justifiable in Irreal’s opinion—pique, the programmer withdrew all his code from NPM including the aforementioned left padding function. Things went south immediately as several applications started failing to build.

There are a couple of obvious lessons here. First, exhortations to avoid the NIH syndrome notwithstanding, it pays to avoid deep dependencies, especially those you can’t rely on. It’s fine to depend on, say, the C library (or whatever) and other libraries that are part of the programming language environment, but when you start depending on random libraries untethered to the language runtime you’re asking for trouble.

Second, it’s wise to avoid depending on repositories like NPM that may side with big corporations rather than do the right thing. At least according to the story at the link, the programmer was clearly in the right and the corporation had no argument other than muscle in the form of money on their side.

It seems almost paranoid to say you should avoid using NPM packages on the ground that it’s extraordinarily fragile but as this story demonstrates, sometimes a little paranoia is called for. Of course, some packages offer services that are far too complex to be worth implementing on your own but a left padding function is not among them. Neither the primary application developer nor the secondary library developer should be depending on such things.

Afterword

Over at chaitanya.dev there’s a post that gives a few more details about the controversy. He reaches pretty much the same conclusions that I did: beware gratuitous dependencies.

Posted in General | Tagged | Leave a comment

⋆Scratch⋆ For iOS

Posted on 2023-03-08 by jcs

Alvaro Ramirez has a cute iOS application called ⋆scratch⋆. The idea is that it provides an Emacs-like scratch buffer on your iPhone. If you’re like me, your first reaction is, “why would I want this?” But the use case is those situations where you want to capture a note as seamlessly as possible. One reason you wouldn’t need it is that iOS has the Notes app that’s for exactly that purpose.

I use Notes all the time. In particular I use it for my Memo Book where I record the significant events of my day. But notes has a bit of friction. You have to choose the appropriate note or start a new one. The nice thing about ⋆scratch⋆ is that you just bring it up and write whatever you want. It’s got some simple Org-like formatting but that’s not really necessary.

I wasn’t really convinced I needed it but it was only 99¢ so I bought it on a whim. A couple of days later I was out to dinner with some friends who told me about a wine they really liked. I thought it was worth trying out so I brought up ⋆scratch⋆ to capture its name. It was seamless and easy and just like that I became a ⋆scratch⋆ fan.

I’ve only had the app for a few days so I am by no means an expert on its use but the nice thing is that there’s not much to know. Bring it up and capture your data. You can share it or erase it or start a new scratch buffer but all that is after that fact. When you want to capture some data, you just bring up the app and capture it. I recommend it to iPhone users who occasionally want to capture some data.

Posted in General | Tagged | Leave a comment

ChatGPT From Within Emacs

Posted on 2023-03-07 by jcs

We Emacs maximalists are always on the lookout for tasks that we can integrate into Emacs in our never ending quest to stay in Emacs as much as we can. Vivek Haldar has added another task to the list of things we can do within Emacs. He has a short video demonstrating his code to access ChatGPT from within Emacs. His method depends on a Python script to do the heavy lifting and some Elisp to deal with the Emacs interaction. There are links to both pieces of the code with the video.

If you’re an Emacser and interested in experimenting with ChatGPT, this may be a worthwhile app to include in your setup. I still think, perhaps erroneously, of ChatGPT as a sort of magic trick. It seems magical when you see it but if you look under the hood, it’s actually fairly easy to see what’s going on. The key to the results—given how it works—is the training data. If you’ve ever noticed how much nonsense there is on the Web, you’ll also understand some of the anomalous results ChatGPT occasionally produces.

Regardless, ChatGPT can be useful if you keep in mind what’s going on in the background. And, of course, it’s going to get better. Probably a lot better so it’s worthwhile laying down some infrastructure for it in your Emacs configuration.

Haldar’s video is a couple seconds short of 4 minutes so you can watch it pretty much at will. It’s definitely worth a watch if you have any interest at all in the intersection of Emacs and ChatGPT.

Posted in General | Tagged | Leave a comment