Sacha Does Org

The ever-energetic Sacha Chua uses Org mode to organize her life. If you follow her at all you know that

  1. She has an extremely busy schedule.
  2. She documents everything.

If Chua can run her life with Org Mode, just about anyone can.

Follow the link to see how she arranges her Org files. She has links to her Emacs configuration so you can see her customizations and templates. As usual, her set up probably won’t be an exact fit for your needs but there’s lots of good ideas and you can take her configuration and customize it to be just what you need.

Posted in General | Tagged , | 2 Comments

SBCL 1.1.11 Is Out

The latest version of my favorite Common Lisp environment, SBCL, is out and available at the usual place. If you’re running Linux there’s a binary available, otherwise just grab the source and compile it yourself. Compiling is very easy—just follow the excellent directions. You’ll also need a C compiler and a CL compiler. If this is your first build you can grab one of the older SBCL binaries or use another CL compiler. Again, it’s all explained in the Getting Started page.

For Windows users, there’s a fork that supports threads. This hasn’t been incorporated into the mainline yet so if you need threads on Windows you can use this fork until it gets folded in.

For the rest of us, the update is mostly bug fixes with a couple of enhancements to building the documentation and the Windows port. As usual, my build went without problems. If you’re new to SBCL and running on Windows, see yesterday’s post for a pointer to an excellent article on getting started.

Posted in Programming | Tagged , | Leave a comment

Lisp and Slime on Windows

I haven’t used a Windows machine in decades but my general sense is that using Emacs on Windows can be—er—challenging. Even more so, apparently, is using Slime with Emacs on Windows.

It’s nice, then, that Jisang Yoo has come to the rescue with a nice piece on installing Common Lisp and Slime on a Windows machine. Yoo walks you through installing and testing both CLISP and SBCL. Then he talks about installing and configuring Slime. Finally he talks a bit about how to use the Slime documentation features (including downloading a local version the HyperSpec).

My only complaint is that he doesn’t mention Quicklisp. That’s relevant to Yoo’s post because of Quicklisp’s special handling for Slime. As Yoo points out, loading and configuring Slime can be a bit involved and finicky but Quicklisp let’s you do all this with a single command. It also automates keeping Slime up to date.

If you’re a Windows user and want to try Lisp, this article is a great resource. Be sure to check out Quicklisp too: it makes package handling, including Slime, so much easier.

Posted in General | Tagged , , | Leave a comment

Common Lisp versus Emacs Lisp

As a user of both Elisp and Common Lisp I sometimes have a hard time remembering the small differences. Many of these are “hidden” in the sense that identically named functions behave differently. One such example is that functions such as assoc and member behave differently because Elisp uses equal as the predicate whereas eql is used by default in CL.

Jisang Yoo has published a lengthy post on some of the differences between the two Lisps. It’s not encyclopedic but it does cover the most important differences and the ones that are apt to bite the unwary practitioner.

He also covers the cl-lib package, which is the new CL compatibility library for Elisp. One nice touch is that he shows how to programmatically list all the cl-lib functions with an indication of whether or not they have a built-in version.

Some differences are trivial, defconst versus defconstant for example, while others, like the difference in member are subtle and hidden. Even if you’re experienced in both languages, you may find some differences you didn’t know about. This is a great post and well worth the time it takes to read it. You’ll also learn an interesting fact about the Korean language.

Posted in General | Tagged , , , | Leave a comment

A Surveillance Timeline

The revelations from the NSA scandal are coming so fast and furious that it’s easy to become confused. Now, the EFF has come to our rescue with Timeline of NSA Domestic Spying. It starts with the ratification of the bill of rights and ends with the release of the FISA Court ruling on NSA’s violations of the Fourth Amendment.

Take a couple of minutes out of your busy life to peruse the timeline. It will probably be a revelation to you.

Posted in General | Tagged | Leave a comment

Another Emacs Challenge

Over at the Emacs reddit, zoldberghoneydew presents an interesting problem and solution. The problem boils down to creating a hosts file of the form

host1    ip-address-of-host-1
...
host64   ip-address-of-host-64

where the address of host-n can be looked up in DNS with dig.

Zoldberghoneydew’s solution is nice but a bit over complicated. The challenge is to produce this file with the minimum keystrokes possible.

Posted in General | Tagged | 3 Comments

Fourteen Years of SQL Injection

Mavituna Security has a nice post up on SQL Injection. They give a brief history of SQL injection and the three common mistakes that enable it. They have some astounding facts. Here’s a small sampling:

  • In 2012, 97% of all data breaches world wide were SQL injection attacks.
  • In one month, from the end of 2011 to early 2012, over 1,000,000 sites were successfully attacked with SQL injection.
  • SQL injection has remained in the top 10 list of vulnerabilities compiled by the Open Web Application Security Project.

I’ve written several times before about SQL injection. Every time it’s because some new article has astounded me that this attack is still possible. Mavituna is promising further articles on the technical aspects of SQL injection and how to avoid falling prey to it. Be sure to check back or sign up for their RSS feed.

Posted in General | Tagged | Leave a comment

Dinner With General Alexander

Jennifer Granick has an excellent article, My Dinner With NSA Director Keith Alexander, in Forbes. Unlike most reporters, Granick doesn’t waste her (and our) time with sideshows such as the whereabouts of Edward Snowden. Instead, she zeros in on the real issues.

She takes the balanced view that Alexander is a good man but one who is badly mistaken. Although he believes he is doing good—and, of course, to the extent that he protects us from terrorists his work does have some merit—he is, in fact, systematically destroying the democracy that’s he’s sworn to protect.

Unlike almost every other reporter, Granick understands the dangers that metadata represents and, most importantly, what a serious, serious danger the collection and storing of all this information represents. She shows how anemic the safeguards the government keeps touting really are and how many completely innocent citizens have their data swept up and examined at will simply because they know somebody who knows somebody who knows a target. Unmentioned by the government—until the recent release of the “primary order” controlling NSA data collection—is the fact that if you’re within 3 hops of an NSA target your records go into a pool, the “corporate store,” that can be accessed at any time by NSA analysts without any showing of probable cause or other supervision. Read this ACLU article for more about the corporate store and how it works.

Granick understands and carefully explains how this data, once collected under the aegis of protecting us from terrorists, is subject to mission creep and future abuse. We’re already seeing mission creep. The DEA and IRS have started tapping into the NSA data and other agencies are eager for a place at the trough. As Granick and the New York Times article at the last link remark, even those investigating copyright violations want access to the data.

As for possible abuse, our recent history paints a dismal picture. One needn’t believe in a cataclysmic event such as the Nazi takeover of the German government to be concerned. In the lifetime of many of us, the FBI spied on Martin Luther King, discovered that he was having an extramarital affair and threatened to expose him unless he committed suicide. When he didn’t, they sent the tapes to his wife. A little closer to today, President Nixon famously insisted that the IRS go after those on his enemies list. If all that seems like ancient history to you, consider that there’s reasonably compelling evidence that the current administration used the IRS to target nonprofit organizations that opposed their policies.

It should be clear to anyone who cares to know that no government can be trusted with this sort of data. If they have the data, two things are guaranteed:

  1. No matter the reason for its collection, it will be used for more and more purposes.
  2. It will inevitably be abused.

Read Granick’s article. It’s one of the few serious analyses by the Press on what the NSA scandal means.

Posted in General | Tagged | Leave a comment

Is the NSA Really Abuse-Proof?

President Obama, General Alexander (the Director of the NSA), and Senator Dianne Feinstein (Chairman of the Senate Select Committee on Intelligence) have all assured us that we needn’t worry about NSA snooping on Americans because the NSA has several systems in place to monitor and prevent abuse. Putting aside for the moment what future governments might choose to do with this information, should we feel reassured by these assurances?

Those of you familiar with Betteridge’s Law of Headlines already know the answer. Anyone familiar with problems arising from restricted data know that one of the most frequent abuses is the tracking of spouses, ex-spouses, and love interests. One frequently hears, for example, of someone abusing police databases for these very purposes. It turns out that the NSA is not immune. These abuses are, the NSA apologists assure us, very rare and harshly dealt with.

What to make of, then, this AP story? It appears that Edward Snowden had no problem defeating the logging and monitoring systems that should have alerted the NSA to what he was doing. The truth is that the NSA has no idea what documents Snowden took because he made sure to leave minimal footprints.

These two stories together suggest that NSA management really has no idea who’s abusing the system and that all their assurances are worthless. These are smart people and they surely know this. That makes it worse because it means they’re lying to us and that leads to the next question: what else are they hiding.

It seems that, once again, Betteridge was right.

Update: needed → needn’t

Posted in General | Tagged | Leave a comment

Keeping the French Safe From Terror

Rick Fallvinge has a jaw droppingly funny (or sad, depending on your point of view) story about French efforts to stop terror. His story is at the expense of the French but, really, I’m sure no country is immune to this sort of silliness. Politicians everywhere want to be seen as “doing something” even if it makes no sense.

Posted in General | Tagged | Leave a comment