XXX

fuzzy notepad

Blog

Page 19
Atom feed

[articles] FUCK PASSWORDS

I’m so tired of passwords. So, so, so tired.

Most people don’t understand this. Most people use the same password everywhere. Most people can just mechanically type out password3 in every password box, smirking to themselves at how clever they are, because who would ever guess 3 instead of 1?

I don’t do that. Let me tell you what i do.

I generate a different password for every service, based on a convoluted master password and the name of the thing. I do this because it’s what you’re supposed to do; it’s what security nerds (including myself for the purposes of this post) tell everyone else to do. “Ho ho!” we all chuckled to ourselves after the Gawker leak, and the subsequent breakins to various other things that used the same passwords. “If only these chumps had been generating different random passwords for every service!”

So my passwords look like 'fC`29ap5w78r3IJ, or Ab3HE4 2Iv5hJk\K, or mw@\_h<~o04neHiJ{. Those are actual examples i just generated. I’m eating my own dogfood, so to speak.

It’s not without its drawbacks.

[articles] In which i use GitHub, and IRC is awesome

I just wasted way too much time migrating all of my git repositories to GitHub. It’s way less janky than the old thing, and the guys running it seem to be acceptably hipster-nerdy.

I’m still using Redmine as a bug tracker, and i have a cron going that updates the old repositories regularly, so commits will still appear in tickets and whatnot. This is just a change of canon.

I am considering giving GitHub Issues a shot for small new projects, just to get a feel for it. Redmine is powerful but feels like it’s targeted at my manager. GitHub is, i must admit, very much targeted at the people on the ground doing the hacking.

Anyway, here is a story.

[articles] Google postdecrement

It’s reasonably well-known by now that, if you don’t have a Google+ name that looks sufficiently white and Anglo-Saxon, they’ll suspend your account and require photo ID.

This raises a couple questions that i don’t think have gotten adequate attention.

[articles] informative title

Hello here is what’s going on.

[articles] GNOME 3 revisited

How did I write this? I don’t know what happened. I was just jotting down notes and prose came out.

I wrote a whole thing about Shell and Unity before, but it was kinda knee-jerk ranting. With my newfound blog fame, here’s a lame attempt at a more constructive list of specific criticisms of GNOME 3, now that I’ve actually used it for a while on my laptop.

[articles] Python FAQ

I lurk in #python. It gets a lot of questions that are, shall we say, frequently asked. This is my attempt to catalogue interesting and useful questions. The answers will gradually become separate posts—perhaps on other blogs if someone else gets to them first. Let me know if there should be other questions, if the answers are unclear, or the answers have bugs in them!

[articles] Perls of Wisdom

Ha, ha! A hilarious and original pun.

I’ve had several conversations now about Perl 5’s level of deadness and Perl 6’s level of disastrousness. So here is a followup, which surely won’t get as much attention because it’s not as potentially inflammatory.

[articles] Pyramid traversal: almost useful

Pyramid is, to skip a lot of history, a successor to Pylons. It’s a Web framework for Python. (And there goes half my audience.) This post is about dispatch: mapping URLs to the code you want to run. (There goes the other half.)

[articles] Redmine vs GitHub

I’m currently hosting a small pile of projects on a combination of self-hosted gitweb and self-hosted Redmine. I keep glancing meaningfully in the direction of GitHub; it’s code-oriented, it has wiki support, it has an issue tracker, and it can do simple site hosting via some contrived abuse of git. So why am I bothering to host my own stuff? There are actually a few reasons, thus I need the Internet to decide for me.

[articles] How to drive your new project into irrelevance

Here’s a question that should be really easy to answer: what is Diaspora?

Okay, well, I know what Diaspora is. It’s an attempt to make a decentralized social networking service. But my knowledge ends around there. What kinds of things does it share? What useful functionality does it provide for me? How does its concept of identity work? And the million dollar question, how does the decentralized bit actually work? Do I show up as eevee@diaspora.com on other sites, or do I auto-get a local account, or do I manually sign in with OpenID, or is there a central registration server, or do nodes sync their account lists… or what?

[articles] Something is wrong with American culture

Today, the Supreme Court ruled that the California law prohibiting the sale of violent video games to minors is unconstitutional, violating the First and Fourteenth Amendments. The idea here is that the government can’t prevent a group of people from being exposed to media they want to see; freedom of expression goes both ways.

Unless, of course, you are expressing boobs. For some reason, while any arbitrary level of cruelty and gore is Constitutionally protected, any level of human sexuality is not. Justice Breyer pointed this out:

But what sense does it make to forbid selling to a 13-year-old boy a magazine with an image of a nude woman, while protecting a sale to that 13­year-old of an interactive video game in which he actively, but virtually, binds and gags the woman, then tortures and kills her?

Of course, he’s actually arguing that both violence and sexuality should be off-limits to children. But the question is still a good one, underscoring the long-standing American conflict of loving violence while underscoring sexuality with shame. It need not be said, but I remind you that sexuality creates life, whereas violence destroys it. These are some funny priorities we have.

I know this has been said before. I’m not done yet.

[articles] Python needs more software

Consider this a companion article.

I love Python. It’s healthy and thriving and attracts a lot of clever people. It has its warts, but they’re mostly manageable.

Unfortunately, it still strikes me as a bit invisible. I haven’t really been able to articulate why, but after reading a bunch of those Perl blogs that bring up CPAN, I think it might actually be the software.

For example: there’s no good Python forum software. I’m sure there are some bits and pieces here and there, but nothing that’s attractive, feature-rich, and easy to deploy. That last one is a bitch, I know, but it’s important. Right now, if I want to throw up a forum, my viable options are really phpBB, vBulletin, and some other crappy PHP things. I think MyBB might be Perl, but who even uses that?

[articles] Perl 5 is dead, Perl 6 is a disaster

ADDENDUM Jul 3: I don’t know how, but this got a bit of attention. chromatic has compared me to Barbie, szabgab wondered if I’m a troll, and several people suggested that I’m trying to justify leaving Perl for Python.

Remember, I’m a long-time Perl developer. I’m the ideal target audience: someone who already uses your product. In recent years I’ve become disillusioned with Perl, having watched several similar languages eclipse it. I’m surely not unique in feeling this way.

So why is the reaction to downplay what I said, rather than to tell me why I should want to use Perl, or to make Perl something I’d want to use again? chromatic suggests I just haven’t done my research. But if I don’t know why I should use your product, that’s your problem.

I did have an interesting discussion in #perl6 about this, which led to an insight. Perl 6 is unusual, possibly even unique, in having a large spec written before an implementation. I think some of its communication issues stem from this: outsiders see a spec and take it to mean an implementation isn’t “1.0” until it reasonably matches the spec. Implementors, on the other hand, regard the spec as merely a direction to move in. So outsiders are waiting for a blessed 1.0 release, and think the insiders sound slow and stuffy for not giving them one. Insiders are working on an organic thing, and think outsiders are obnoxious and impatient for wanting something absurd.

Explaining the discrepancy to people who want to use Perl 6 is technically correct, but not practically helpful. It may be better to carve up the Perl 6 spec into discrete and useful milestones, with some big ol’ colored chart detailing what’s supported by which implementations. (I actually can’t tell right now what Rakudo supports and doesn’t. rakudo.org is just a blog.)


I feel the need to respond to this series of blog posts about Perl 6, whether it should be renamed, and what the implications are for Perl 5.

I’m a Perl person. I’ve been using Perl since I was eleven. I got paid to write Perl for the past four-and-a-bit years. Let’s pretend I’m qualified to say anything here.

A confession: I wince when I call myself a “Perl person”. I think it makes me sound crusty and obsolete. Because Perl 5 is crusty and obsolete.

Who is using Perl for new software? Besides a couple grumpy nerds I know personally, I haven’t the slightest clue—and I sort of pay attention to Perl. I have zero interest in Java or .NET, but I’m still dimly aware that things are built with them. I can’t tell you what Perl is actually being used for besides all the cool new modules on CPAN designed to make Perl suck less.

What has happened with Perl since 5.8? 5.10 brought us the smart-match operator, the defined-or operator, and given/when. 5.12 brought us… well, nothing. 5.14 allows push $arrayref. And that’s all! There are a lot of bullet points in the changelogs, yes, but almost all of them are arcane things like “the … operator” or “$, flexibility”. These are improvements, technically, but they’re not anything that’s going to make me jump for Perl 5 for my next project; they’re just going to make existing Perl 5 work hurt less. (And even that isn’t automatically true; my previous job is at least a year into an effort to move from Perl 5.8 to Perl 5.10. Note that Perl 5.10 is now so old it’s unsupported.)

The ecosystem is moving, sure, but if you buy into that then you’re still stuck with the language. Worse, if you use any other Perl software, you probably have to work with an object system you don’t use, an exception model you don’t use, some kind of bundling thing you don’t use, and on it goes.

I don’t see anyone talk about Perl except people who are really into Perl already. It doesn’t attract new blood; I certainly wouldn’t point anyone towards it. If it were a human language, we’d certainly call it dead, or at least moribund.

[articles] The deletion problem

floof does not, as of yet, support deleting artwork. It’s not exactly a high priority for getting an art site off the ground; we need to facilitate creating content before removing it is even a thing to be done.

Recently, I keep returning to the question of whether deletion should even be supported at all.

I hear complaints about this all the time on FA: people move accounts, people “clean up” their old art (what?), people just up and decide to leave and remove all traces of themselves in the process. Suddenly, a lot of people have tons of gaps in their favorites, with no trace of what used to be there or why.

Now, obviously part of this is purely technical: it’s easy enough to let favoriters know what’s been removed, and those gaps shouldn’t really exist in the first place.

But then, my whole philosophy so far has been about compromise. There are sites where producers have all the power, and sites where consumers have all the power, but not really anywhere that tries to appeal to both sides, and that’s the niche I’m either inventing or filling.

Consider a wiki: when you write an article, you’re creating something. The article is your prose, created by you, copyright to you. Yet nobody leaving a wiki project would think to delete all the articles they’d written in the process; the very idea is absurd, because we hardly even acknowledge that the individual writing itself is an individual creation. The project is the wiki itself, created by everybody and owned by nobody.

So can an art site do this? Can the site itself function as that kind of singular project, with individual artwork acting as mere contributions to the whole? I’ve always had the inkling that public art sites are for sharing the art, and features like disabling comments or restricting viewing ability run contrary to that goal; this is the same kind of idea taken to a further extreme.

I’m still not sold on this myself; I feel like there’s some obvious use case I’m missing that would drive many artists away. But most of the problems I think of aren’t actually solved by deletion from a single art site, since most art ends up mirrored in untold dozens of archives and imageboards. The only real difference is that the artist doesn’t directly see that it’s going on.

The biggest hurdle won’t be with discouraging artists from deleting art they upload. It’ll be discouraging artists from uploading art they might want to delete in the first place. If you don’t well and truly want to share it, then you probably just shouldn’t. This is a tricky problem; if the site resembles deviantArt-style sites, it’ll be easy to assume that it works the same way. Big scary warnings are helpful, but “no deletion” sounds more like lazy development than a nod to the subtle philosophy I’m gradually figuring out here.

I don’t know. Are you interested? Are you an artist? Am I crazy?

Addenda: Some things that were mentioned to me:

  1. Wikis tend to require that you (often passively) license your contribution under a free documentation license or similar. I doubt that would be amenable to everyone, but at the very least we’d need something granting permission to display the work indefinitely.

  2. One comment implied allowing an artist to remove art from his/her gallery without actually deleting it from the site. This is actually kind of interesting, and hints at another problem I haven’t much thought about: some artists let commissioners upload purchased work, but don’t bother to upload the works themselves. If “your gallery” is just all the art tagged as being created by you, how can we handle that?

[personal] What the hell am I doing

I guess I started a bad habit of writing big long posts About Things, and then blogging became this self-imposed chore, and then I didn’t do a lot of it. Oops. I’ll make a deliberate effort to write shorter things when they come to mind. (I also have half a dozen half-finished posts not committed, which by my count should equal three whole posts.)

Lately I’ve been drowning in an (even worse) inability to do things. Something dislodged all the cool progress I made at the end of last year and I don’t feel like I’m getting much of anything done. Numerous conversations with mel, strangely-relevant blog posts I stumbled upon purely by accident, and brilliant self-reflection are starting to help.

[articles] Unity vs. GNOME Shell

For those not aware, the GNOME world is getting shaken up lately. GNOME 3.0 was released last month, with a completely redesigned interface called GNOME Shell. Meanwhile Ubuntu, the biggest GNOME-based distribution by a gigantic margin, decided that they are super special snowflakes and do not want to use GNOME Shell, so they repurposed their netbook interface, Unity, and scrambled to make it tolerable on desktops for the 11.04 Ubuntu release next week.

Our media center is running some ass-old release of Ubuntu and its main partition is too tiny to even upgrade any more, so a few days ago I bought a new drive, slapped it in, cleaned out an inch-thick layer of dust, and installed the 11.04 beta for the hell of it. After using Unity for “long enough”, I installed GNOME Shell and gave that a spin too. Here is my impression.

Quick version: They are both terrible and I am sad.

[articles] Gotcha: Python, scoping, and closures

I’ve touched on this kind of thing before, but I just saw it come up again, and I think it’s worth its own post not buried in an avalanche of armchair psychology. Plus, I remembered that Blogofile does syntax highlighting.

Closures in a loop

If you’ve been linked here, you’ve probably complained that this doesn’t work as you expect:

1funcs = []
2for i in range(4):
3    def f():
4        print i
5    funcs.append(f)
6
7for f in funcs:
8    f()

The output will be 3, repeated four times. Gasp! Python is totally broken! It doesn’t support closures!

Well, no. Python supports closures all too well, and that’s causing the problem here. The issue is with scoping.