XXX

fuzzy notepad

Articles

  1. Blog
Page 6
Atom feed

[articles] A little bit Rusty

Yelp had a hackathon a couple weeks ago. These affairs are mixed blessings for me: a fixed chunk of uninterrupted time to work on a single project is great, but I tend to have at least a dozen ideas that I want to do all at once, none of which can be reasonably “finished” in a scant 30 hours, and most of which are obscure enough that nobody can work on them with me.

For example, during this most recent event, I wrote a roguelike. In Rust.

Long-time readers may recall that I’ve attempted to write a roguelike before, in Python, but fell prey to architecture astronomy. This time would be different! Because I would only have 30 hours. Also because static typing limits my options, thus making it easier to overcome choice paralysis. (It’s a working theory.)

But first: a bunch of people have asked what I think of Rust, and now I’ve actually written something approaching a real program in it, so let’s start there.

[articles] Stripe CTF 2.0

This is a thing I did. It was a cracking contest held by Stripe (who run a pretty neat service, btw), and it ended today. I was third to beat level 7 and twentieth to beat level 8, so here is the tale of how I came upon the solutions.

I haven’t reproduced the entirety of each puzzle below, because that would suck, but if you’re lucky maybe you can still sign up and follow along. If not, Stripe has promised to release the puzzles (and solutions) tomorrow. I think.

[articles] Quick doesn’t have to mean dirty

From TechCrunch:

Anyway, my sympathy for PHP’s deviltry is because I appreciate its ethos. Its just-get-it-done attitude. Or, as Melvin Tercan put it in his recent blog post, “here’s to the PHP Misfits. The pragmatic ones who would pick up anything – even double-clawed hammers – to build their own future. Often ridiculed and belittled by the hip guys in class who write cool code in Ruby or Python, but always the ones who just get shit done.”

He’s on to something there. The best is the enemy of the good, and shipping some working PHP code is approximately a million times better than designing something mindblowing in Haskell that never actually ships. I fully support Jeff Atwood’s call to replace PHP once and for all–but I hope that everyone realizes that eliminating its many, many, multitudinous flaws won’t be enough; they’ll have to somehow duplicate its just-make-it-work ethos, too.

This is a recurring sentiment: developers telling me, well, yeah, Python may be all cool in your ivory tower, man, but like, I just want to write some programs.

To which I say: what the fuck are you people smoking? Whence comes this belief that anything claimed to be a better tool must be some hellacious academic-only monstrosity which actively resists real-world use?

But, hey, I’m sick of talking about PHP. So let’s talk about Python. In honor of the 90s, let’s make a guestbook.

[articles] Python FAQ: Passing

Part of my Python FAQ.

How do I pass by reference? Does Python pass by reference or pass by value?

[articles] Python FAQ: Descriptors

Part of my Python FAQ.

How does @property work? Why does it call my __getattr__? What’s a “descriptor”?

[articles] Python FAQ: Webdev

Part of my Python FAQ.

I only know PHP. How do I write a Web application in Python?

[articles] PHP: a fractal of bad design

(This article has been translated into Spanish (PDF, with some additions) by Jorge Amado Soria Ramirez — thanks!)

Preface

I’m cranky. I complain about a lot of things. There’s a lot in the world of technology I don’t like, and that’s really to be expected—programming is a hilariously young discipline, and none of us have the slightest clue what we’re doing. Combine with Sturgeon’s Law, and I have a lifetime’s worth of stuff to gripe about.

This is not the same. PHP is not merely awkward to use, or ill-suited for what I want, or suboptimal, or against my religion. I can tell you all manner of good things about languages I avoid, and all manner of bad things about languages I enjoy. Go on, ask! It makes for interesting conversation.

PHP is the lone exception. Virtually every feature in PHP is broken somehow. The language, the framework, the ecosystem, are all just bad. And I can’t even point out any single damning thing, because the damage is so systemic. Every time I try to compile a list of PHP gripes, I get stuck in this depth-first search discovering more and more appalling trivia. (Hence, fractal.)

PHP is an embarrassment, a blight upon my craft. It’s so broken, but so lauded by every empowered amateur who’s yet to learn anything else, as to be maddening. It has paltry few redeeming qualities and I would prefer to forget it exists at all.

But I’ve got to get this out of my system. So here goes, one last try.

An analogy

I just blurted this out to Mel to explain my frustration and she insisted that I reproduce it here.

I can’t even say what’s wrong with PHP, because— okay. Imagine you have uh, a toolbox. A set of tools. Looks okay, standard stuff in there.

You pull out a screwdriver, and you see it’s one of those weird tri-headed things. Okay, well, that’s not very useful to you, but you guess it comes in handy sometimes.

You pull out the hammer, but to your dismay, it has the claw part on both sides. Still serviceable though, I mean, you can hit nails with the middle of the head holding it sideways.

You pull out the pliers, but they don’t have those serrated surfaces; it’s flat and smooth. That’s less useful, but it still turns bolts well enough, so whatever.

And on you go. Everything in the box is kind of weird and quirky, but maybe not enough to make it completely worthless. And there’s no clear problem with the set as a whole; it still has all the tools.

Now imagine you meet millions of carpenters using this toolbox who tell you “well hey what’s the problem with these tools? They’re all I’ve ever used and they work fine!” And the carpenters show you the houses they’ve built, where every room is a pentagon and the roof is upside-down. And you knock on the front door and it just collapses inwards and they all yell at you for breaking their door.

That’s what’s wrong with PHP.

[articles] Python FAQ: Equality

Part of my Python FAQ.

What does is do? Should I use is or ==?

[articles] On principle

Alice shows some code to Bob. Something about it catches Bob’s eye; he tells her that some mechanism is a bad idea and she should find another approach. She asks why.

Bob, despite being absolutely correct, can’t answer.

Or maybe he can, but is worse off nonetheless: for every pitfall or potential consequence he dreams up, Alice fires back with how she’ll compensate or why it doesn’t apply in this case. Eventually Bob runs out of ideas, and Alice carries on with what she’s doing, now feeling more vindicated—she’s fought for her work and won, after all.

Bob is arguing from principle, and Alice is scoffing at the idea of principle for its own sake. Principles are for academics; out here in the real world, whatever gets the job done is good enough.

Right?

[articles] tmux is sweet as heck

People occasionally ask me why tmux is significantly better than screen, and I end up mumbling the first few things that come to mind. This has yet to sway anyone. Here, then, are some things that I enjoy about using tmux.

First, some terminology, so the rest of this makes any sense at all.

  • tmux and screen, if you were not aware, are multiplexers—they let you run multiple terminals (or terminal programs) at the same time, switch between them, and disconnect or close your terminal without killing everything you were running. If you didn’t know this then you should probably stop now and poke around tmux’s site or something.
  • A session is a particular group of terminals owned by tmux (or screen). When you run tmux bare, you get a new session.
  • A window is a numbered terminal inside a session.
  • A pane is each compartment within a split window. (I lied above; a window might actually have several panes and thus several terminals. But a window is identified by one number.)
  • An xterm is a single GUI terminal window (or tab). You may be using another terminal emulator, or you may be in a non-GUI virtual terminal; I’m using “xterm” as an umbrella term for all of these.

I’m also assuming that ^A is your multiplexer trigger key, although tmux defaults to the more awkward ^B.

Works out of the box

Here’s my .screenrc, fiddled by hand over the course of many months after I started using screen.

1caption always "%{= kw}%?%-Lw%?%{Kw}%n*%f %t%?(%u)%?%{kw}%?%+Lw%? %=%{= dw} %H "
2
3# terminfo and termcap for nice 256 color terminal
4# allow bold colors - necessary for some reason
5attrcolor b ".I"
6# tell screen how to set colors. AB = background, AF=foreground
7termcapinfo xterm 'Co#256:AB=\E[48;5;%dm:AF=\E[38;5;%dm'
8# erase background with current bg color
9defbce "on"

What the fuck is any of this? The only real configuration here is the first line, which sets a fairly simple status bar. The rest is unreadable sludge picked off of Google to make terminals inside screen work the same way as terminals outside it. I see this as a serious failing in the one core feature that defines a multiplexer: being invisible.

Some of this might not be necessary any more; maybe termcaps have been improved in the meantime. Part of the very problem is that I can’t know; the best I can do is delete bits of it and see if screen still behaves correctly, assuming I remember all the quirks I was trying to fix in the first place. It’s 2012. I shouldn’t ever see the word “termcap”.

Contrast with tmux, which just worked. The only terminal-related fudging I ever had to do was set my $TERM to xterm-256color for it to respect 256-color sequences. Not entirely unreasonable.

tmux can also inherit parts of the environment when it’s detected a change; by default it looks for some common X and SSH stuff. The upshot of this is that your SSH agent continues to work across SSH connections; the new environment only applies to newly-created windows, but zero hacks are necessary.

By default as of tmux 1.6 (I think), when you create a new window, it’ll get the same current working directory as the current window.

[articles] FUCK PASSWORDS

I’m so tired of passwords. So, so, so tired.

Most people don’t understand this. Most people use the same password everywhere. Most people can just mechanically type out password3 in every password box, smirking to themselves at how clever they are, because who would ever guess 3 instead of 1?

I don’t do that. Let me tell you what i do.

I generate a different password for every service, based on a convoluted master password and the name of the thing. I do this because it’s what you’re supposed to do; it’s what security nerds (including myself for the purposes of this post) tell everyone else to do. “Ho ho!” we all chuckled to ourselves after the Gawker leak, and the subsequent breakins to various other things that used the same passwords. “If only these chumps had been generating different random passwords for every service!”

So my passwords look like 'fC`29ap5w78r3IJ, or Ab3HE4 2Iv5hJk\K, or mw@\_h<~o04neHiJ{. Those are actual examples i just generated. I’m eating my own dogfood, so to speak.

It’s not without its drawbacks.

[articles] In which i use GitHub, and IRC is awesome

I just wasted way too much time migrating all of my git repositories to GitHub. It’s way less janky than the old thing, and the guys running it seem to be acceptably hipster-nerdy.

I’m still using Redmine as a bug tracker, and i have a cron going that updates the old repositories regularly, so commits will still appear in tickets and whatnot. This is just a change of canon.

I am considering giving GitHub Issues a shot for small new projects, just to get a feel for it. Redmine is powerful but feels like it’s targeted at my manager. GitHub is, i must admit, very much targeted at the people on the ground doing the hacking.

Anyway, here is a story.

[articles] Google postdecrement

It’s reasonably well-known by now that, if you don’t have a Google+ name that looks sufficiently white and Anglo-Saxon, they’ll suspend your account and require photo ID.

This raises a couple questions that i don’t think have gotten adequate attention.

[articles] informative title

Hello here is what’s going on.

[articles] GNOME 3 revisited

How did I write this? I don’t know what happened. I was just jotting down notes and prose came out.

I wrote a whole thing about Shell and Unity before, but it was kinda knee-jerk ranting. With my newfound blog fame, here’s a lame attempt at a more constructive list of specific criticisms of GNOME 3, now that I’ve actually used it for a while on my laptop.

[articles] Python FAQ

I lurk in #python. It gets a lot of questions that are, shall we say, frequently asked. This is my attempt to catalogue interesting and useful questions. The answers will gradually become separate posts—perhaps on other blogs if someone else gets to them first. Let me know if there should be other questions, if the answers are unclear, or the answers have bugs in them!

[articles] Perls of Wisdom

Ha, ha! A hilarious and original pun.

I’ve had several conversations now about Perl 5’s level of deadness and Perl 6’s level of disastrousness. So here is a followup, which surely won’t get as much attention because it’s not as potentially inflammatory.