Reproducible Research Redux

Posted on 2013-07-09 by jcs

Longtime readers know that I’m a big fan of reproducible research and, specifically, the way that Emacs and Org mode help make it possible. Here’s a very nice video presentation from SciPy2013 by John Kitchin. He describes how he writes his blog, his class notes, his papers, and his books using the principles of reproducible research via Org mode.

Kitchin is a professor of Chemical Engineering, not a computer scientist, so he serves as a poster boy for reproducible research: a scientist who collects all his text, data, programming code, and results into a single document. As he points out, when he wants to remember how he generated a complicated graph for a paper, it’s right there in the Org mode source for the paper.

This is a fairly short talk (about 25–30 minutes) so there’s no reason not to set aside some time to give it a look. At the end of the talk he gives a pointer to a github repository that has the (Org mode) source for the talk. Definitely worth your time.

Posted in General | Tagged , | Leave a comment

Locate and Emacs

Posted on 2013-07-08 by jcs

Bozhidar Batsov over at the excellent Emacs Redux tells us something that I didn’t know: It’s possible to call locate from Emacs. For those of you without a Unix background, locate is a utility that will return a list of any files on your system whose name contains a given string. The locate utility has been around for a long time and for years it was the best way of locating a file on your system.

I’m not a Windows guy so I don’t know what, if any, corresponding utility exists there1 but OS X has an additional, similar but more useful utility called Spotlight. Normally you access that directly from the GUI but there’s also a command line interface, mdfind, for it—another thing I didn’t know. The nice thing about the Emacs interface is that you can specify the command to use so if you want to use Spotlight you can just tell Emacs to use mdfind instead of locate. Yet another example of the flexibility of Emacs.

Footnotes:

1 The locate utility is pretty simple and should be easily portable to Windows—or most any OS—for those who might find it useful.

Posted in General | Tagged | 4 Comments

Perfect Forward Secrecy

Posted on 2013-07-07 by jcs

If, like me, you’re unsettled by the recent government(s) snooping you are probably looking for ways to secure your on-line activities. One obvious way is to use SSL/TLS whenever possible. If you use Firefox or Chrome, HTTPS Everywhere can help.

Sadly, even if you believe in the security of SSL/TLS, there is, for most sites, a single point of failure. When the client and server negotiate to agree on an encryption key, the negotiation is encrypted by the site’s static key. That means that if the key is later broken or exposed and, like the NSA, you have saved HTTPS sessions, you can retroactively decrypt them all.

What’s needed is perfect forward secrecy (PFS). That means that if one session is decrypted, the others are still safe. For SSL/TLS, perfect forward secrecy requires you to change the key used to encrypt the session negotiation for each session. All of this is beautifully explained by Michael Horowitz over at Computer World. Because he goes into reasonable detail, the article is a bit long but well worth reading. I urge you to take the time to give it a look.

Netcraft also has an excellent article on PFS that covers much of the same material and gives more information on the support that various browsers provide for it. It explains why some browsers, such as Safari, which support PFS nevertheless fail to apply it for some sites. Definitely worth reading.

As users, of course, there is little we can do except encourage the sites we use to implement it. Currently Google and a few smaller sites do this but most do not. That’s probably because you get a performance hit when you implement perfect forward secrecy. One happy note for the paranoid among us is that DuckDuckGo is now using PFS with all the major browsers.

Those of us who are technologits are in a position to make things better. Whenever we can, we should push to use SSL/TLS with PFS on our Web sites. That may mean making a case to management or beefing up the server if needed. Not easy, of course, but well worth it if it helps secure the Web and keep the Nosy Parkers at bay.

Posted in General | Tagged | Leave a comment

Take Your Lockdown and …

Posted on 2013-07-06 by jcs

For those of you still mourning the demise of Google Reader there’s good news and bad news. The good news is that, as usual, Netizens have stepped in and provided alternatives. I’m using Feedly and am happy with it but there are many other choices such as NewsBlur if you prefer something else. That’s all good; we certainly don’t want to make the mistake of entrusting our RSS feeds to a single source again.

The bad news is neatly explained by Marco Arment in his Lockdown post. While Arment agrees that part of the reason for shuttering Reader was decreasing usage—at least if you ignore API clients—he believes that there’s something else going on and it’s not the often claimed inability of Google to monetize Reader. Rather, it’s part of an effort on Google’s part to force us all into Google+. It’s easy to see why they’d want to do that. It’s all about being able to serve ads and one way to do that is be the single go to portal for users. In short, if you want to compete with Facebook, this is what you must do.

Even more alarming is that now everyone wants to do this. Instead of the 1000 flowers blooming in the form and small, interoperable Web services, the “big guys” are trying to make us all live in their particular walled garden and forget about being able to get our data out in any sort of convenient way.

Arment has a pithy response to all that, which you should read. Also follow his link to Jeremy Keith’s post for more on this. For my part, fighting back involves withdrawing my patronage of these sites. I don’t use Facebook so that’s already done. As for Google, I’ve already stopped using their search engine in favor of DuckDuckGo, I abandoned Blogger long ago, and my use of Gmail is restricted to funneling mailing list traffic. I’m now looking for an alternative to Gmail for even that function. Part of that is driven by my desire to make my email more secure from corporate and government snooping so that’s harder but in the meantime all they’re seeing is stuff from technical lists.

Realistically, Google isn’t going to notice my efforts and wouldn’t even if everyone reading these words did the same. Aunt Millie simply isn’t going to worry about this Geek stuff and will happily go right on using Facebook and Google. And there are a lot more Aunt Millies out there than there are Geeks. At least I am doing what I can to claw back some of my privacy and, at the same time, am refusing to feed the beast. As long as there are enough Geeks out there who feel the same, RSS and the Web will be just fine.

Update: After writing but before publishing this, I noticed this post, Distributed Everything, by Ven Portman that makes some additional points along the same lines.

Posted in General | Leave a comment

Snail Mail Too

Posted on 2013-07-05 by jcs

Here’s another reason, if you needed one, to forego snail mail. Forget the latency and cost; it turns out that the USPS takes pictures of both sides of every envelope they process. This is analogous to the NSA’s wholesale collection of phone metadata in case it may prove useful sometime in the future.

Of course, even if you use encrypted email, the government is undoubtedly collecting similar metadata. The FBI is always whining about how the switch to digital communications is making their wire tapping sources “go dark.” News like this story make you glad.

Posted in General | Tagged | 1 Comment

Multiparadigm Elisp

Posted on 2013-07-04 by jcs

I got a pointer to an interesting Wilfred Hughes post from this Magnar Sveen tweet. The post, Adventures in Multi Paradigm Programming, looks at the power and flexibility of Emacs Lisp. One often hears how Elisp is a crappy language so this is a refreshing point of view.

The post looks at several languages using various programming paradigms, gives a short code snippet in that language, and then gives a corresponding snippet in Elisp that attempts to imitate the style of the original snippet.

Many of the more esoteric examples—from Haskell, for example—make use of Sveen’s dash library. That may seem like cheating but I think it illustrates one of the powers of Elisp: you can grow the language to add the functionality you need. The operative word here is you. You don’t need permission from a standards committee or anyone else. You just write the needed functions and macros to build the language you need to solve your problem.

Update: Haskal → Haskell (Hap tip to Xah Lee.)

Posted in Programming | Tagged , | 1 Comment

Reprieve

Posted on 2013-07-03 by jcs

If you were a Google Reader user and neglected to retrieve your subscription data from Google, there’s a reprieve of sorts. Although Google Reader is no longer operating, Google is keeping your Reader data available until 2013-07-15. After that it’s gone forever.

If you haven’t already rescued your data, head on over to Google Takeout and get it before it’s too late.

Posted in General | Leave a comment

Phoneme

Posted on 2013-07-02 by jcs

It’s a good bet that most geeks have a gmail account. I use mine mostly for mailing lists but many use it as their main email account and consequently are apt to have sensitive data in their saved emails. If this describes you and the recent NSA revelations make you uncomfortable, Etherael has a solution for you.

Phoneme is a small python app that retrieves your emails, encrypts them with your public PGP key, sends the encrypted emails back to gmail, and deletes the original unencrypted copies. Obviously this doesn’t solve all your security problems but it does take care of that large cache of emails sitting on Google servers. If your account is compromised there’s nothing of value for the attacker. If some government demands your material, there’s nothing of value for them to see.

This is a nice little hack and may help round out your privacy toolkit. Be sure to read the part in the README about emptying your trash folder after running the app.

Posted in General | Tagged | Leave a comment

Byte Compiling Elisp

Posted on 2013-07-01 by jcs

I used to obsess about byte compiling my Elisp files but then I realized that

  1. The only thing I ever byte compiled was my init.el and updates to the packages I load.
  2. Byte compiling your startup file makes no appreciable difference.
  3. Once I started using ELPA, it took care of compiling my packages.

As I result, I don’t worry about it much anymore. Still, many Emacs users are working on packages and do need to keep things compiled.

For those in that position, there are a couple of useful recent posts worth your time. First, Bozhidar Batsov over at the invaluable Emacs Redux has a nice post about byte compiling with some Elisp that automatically deletes old .elc files when you save a new .el file of the same name.

Second, Xah Lee has a another nice post on the subject that includes some Elisp that will automatically recompile an existing .elc file when the corresponding .el file is saved. This is probably the behavior you want so you should take a look at his code if you regularly compile your Elisp.

Posted in Programming | Tagged | 1 Comment

Feedly

Posted on 2013-06-30 by jcs

Google Reader is going away on Monday. That means that Reeder, my RSS reader of choice, is going to stop working. So far, only the Reeder iPhone app has been updated. That’s useless to me because the iPhone screen is too small for me to comfortably read large amounts of text. I might be willing to use an up-to-date iPad app until the Mac version is ready but that’s not ready either.

I’ve heard good things about Feedly so, with time running out, I created an account and imported my data. The one button import worked perfectly and easily. It was literally just clicking the button and then signing into Google Reader. I haven’t set up the iPad app yet but so far I’ve been very happy with the Mac version. That’s really browser based but there’s a plugin for Safari.

In some ways having the Mac interface be browser based is an advantage. I don’t have to switch applications when I want, for example, to bookmark an article. The preview function is better than Reeder’s was and it’s easy to pop up another browser window with the article in it if you need the full browser functionality. That’s the case if you want to bookmark or clip to Evernote, for example.

The interface is simple to use and typing ? will pop up a help screen with the keyboard shortcuts. The syncing (between my two Macs) works fine so I’m confident that the iPad app will stay in sync too. That’s really my main requirement. I read RSS on my two Macs and my iPad and I need them to stay in sync.

My only concern is that the service is free—and we all know where that can lead—but my notes (that I’ve been accumulating about alternative readers) indicate that there will be a paid version as well. That’s welcome news. After the Google Reader Apocalypse, I’ve upgraded most of my free services to the paid version.

So far, I like Feedly and don’t foresee any reasons to switch. Just in case, though, I exported my subscriptions with Google Takeout. If you have a lot of saved posts, tags, and other information, you should take a look at this post from Mihai Parparita. It describes a tool that let’s you get all your Google Reader data, not just the subscriptions.

Posted in General | 3 Comments