Older blog entries for cbbrowne (starting at number 17)

Android Security

The Android permissions model is, to my mind, a goodly improvement over pretty well any of alternatives out there at present, in that it at least declares what capabilities any given application demands and expects you to grant.

Applications are unfortunately quite readily able to abuse this a fair bit; a (recent, as of August 2010) example being
Evernote.

Evernote, and Why You Need to Think About Permissions describes the problem:

The Evernote app requests a fair number of permissions. Some make sense, such as the INTERNET permission (kinda important for a Web service). Some are a bit dubious, such as needing both coarse and fine location data.

It definitely demands too much permission, with two cross-sections that are troublesome

  • It asks for “the world” up front
  • It asks for permissions it shouldn’t need For instance, it shouldn’t need access to contacts – it should merely offer to share data, which pushes data to a boundary where the user, at run time, can choose whether or not to allow the data out.

In addition, some of the permissions ought to be optional.

  1. If you want to record locations on your notes, then granting access to location data may be a reasonable thing to do.
  2. If you don’t want to record locations, then Evernote doesn’t need that access.

Unfortunately, at present, you don’t have any of those shadings, your options are mighty binary:

  1. Grant Evernote all the capabilities requested
  2. Reject the access, and don’t install it.

I suggest that there is another shading that would be useful, notably for INTERNET access (and probably also for filesystem access), which is to “tie down” what places the application can go.

  • Evernote probably only needs to access evernote.com
  • Twitter only needs access to twitter.com
  • Shuffle (a GTD-like application) may access a domain of the user’s choice to synchronize data.
  • Web Browser needs the “wide open” Internet.

I expect that filesystem access could similar be tied down:

  • A file browser (such as Astro) might legitimately access “everything”
  • Most applications should be restricted to their own directory

Syndicated 2010-08-12 15:47:45 from linuxdatabases.info

Farewell, Solaris, we hardly knew ye

I had long had on my low level “to do” list to consider trying out OpenSolaris, likely either in the form of Nexenta or as Debian/OpenSolaris (nearest link: OpenSolaris @ CSC).

Alas, I didn’t get around to it in time for the license change which essentially eliminates interest in it. The precis of the change: You’re free to download it, and use it for as long as 90 days, but then, you’re expected to pay Oracle for a service contract.

I guess the good news is that I didn’t waste any time on something I’d have to be “sunsetting” by the end of June 2010.

Nope, not “April Fools.”

Syndicated 2010-04-01 20:03:22 from linuxdatabases.info

Helicopters and the Budget

The city of Indianapolis recently announced that they were cancelling use of police helicopters, to save $1.4-ish millions.

Locals complained that this is terrible and demonstrates that the city does not care about public safety.

I suggest that this is not nearly as obvious as it might seem.

By all means, helicopters are “sexy”, but that certainly isn’t good enough to justify it!

Helicopters can help solve some specific problems quickly, but there are perhaps three metrics by which they mayn’t actually be worthwhile.

  • Do they solve more crimes? If not, then that is a strike against choppers.
  • Do they merely catch some perps more quickly. Is faster truly worth the money? Do faster catches save them from extra crimes being committed? That may be nice for would-be victims… How does it actually affect the budget?
  • What would be the expected outcome from the addition or loss of the equivalent money spent on cops on the ground?

After all, it may be that a dozen extra guys (and ladies) walking or driving beats, 8 hours a day, 200-some days per year, may do more good than an aircraft sprinting around for a couple hours a day.

The answers are in the details…

Syndicated 2010-03-09 19:00:25 from linuxdatabases.info

My recent disappointment is that the 43 Folders Wiki is evidently down for extended extended maintenance. They had claimed it was down for a couple days, to be back July 6th; the "return date" seems to have gotten more nebulous :-(.

They had been suffering quite a bit from "spam," as it were; people logging in (possibly as scripts) to deface the site by adding links to link farms (e.g. - for viagra and the likes). Perhaps the intent is to do a more substantial upgrade to the MediaWiki instance, as there is rumour that modern versions can be set up to be pretty resistant to such attacks.

Regrettably, it means I don't get my "fix" of links to productivity changes for a while yet...

The self-important "we invented everything" blog people finally irritated me enough to comment on this with this "Official Google" entry that claims the nonsense that Star Trek predicted blogs

Which is a clear twisting of things, on about the level of saying that Google invented writing letters when they set up GMail.

All blogging is doing is to publicize the notion of writing a journal. Commanders of ships have been required to log ship activities for centuries. More recently, pilots of aircraft similarly have formal requirements to log flight activity. Falling square between that are the Expeditionary Records of Raymond Byrd , noted naval pilot, and explorer of the polar regions. Of Earth, that is...

The notion that Star Trek "invented" any of this when Byrd was writing such stuff in the 1920s is just so much codswallop.

Yay! There is now pl/scheme, a PostgreSQL procedural language handler for the Scheme programming language, specifically GNU Guile .

This allows implementing database stored procedures in Scheme.

It's a bit underdocumented at this point; it is not clearly documented how database parameters are passed into the Scheme level. The examples don't use Scheme functions; they instead use let structures, which is definitely more interesting...

What is also unclear is what the interaction between the database engine and the Guile interpreter is; open questions would include:

  • Does it spawn a separate instance for each backend?
  • Where does shared code reside, if anywhere?

It points me to wanting to get a PL/CLISP going...

I have been starting to learn Tai chi. Arguably the "least martial" of the martial arts... I'm not looking quickly to start beating people up :-).

It is a particular challenge in that there are so many little movements involved; I have never been a dancer, so coordinating hands, feet, legs, and body is something new to me.

While the art may appear langorous, that does not imply it is easy, either in terms of coordination, or, for that matter, use of strength. It is by no means an aerobic activity, but correctly moving slowly requires a pretty hefty degree of effort.

There are definitely places where the movements are counterintuitive; it's kind of neat that over time, I start recognizing a new intuition (which really is practice) that tells me both when I'm doing things right and when I'm doing things wrong.

What is kind of interesting is the impact on ordinary "walking around." The excruciating attention I need to pay to my movements during Tai Chi movements does map onwards. I'm becoming a bit more exacting about my steps when doing things completely unrelated to the martial art...

I am gradually moving towards the point where I will be able to, unattended, perform the Basic 24 Form Yang Form. That has the considerable merit that it is a not-very-long workout that provides some nominal health benefits, some stretching, some nominal exercise of strength, and a not-inconsiderable exercise of physical coordination. I could do way worse than to have this as a 5 minute morning exercise to get the blood flowing. And this has the merit of not requiring any special equipment, neither mats nor apparatus...

The question will be what to do once I can claim to have "mastered" the 24 forms of the "basic Yang form." It probably makes sense to start looking at the Zheng 37 form, which is supposedly a bit more martial. I'm not overly after the Ed Gruberman-esque "beating people up" , but having some means of self-defense seems no bad thing. The "martial" use of Tai Chi does seem to be strongly biased towards defense in its early application; the "offensive" parts would be way far down the road...

The Too Cool Thing that I discovered today is that there is now, many years later, a free software alternative to AMPL, namely ZIMPL .

What is that? It is a Little Language for transforming descriptions of mathematical problems into Integer Programming/Linear Programming formulations that may then be solved using an LP/MIP solver.

Why? Because the quasi-standard format for these problems, MPS, will make your ears bleed if you try to write up a complex model directly. If you're trying to describe a problem of interesting size (thousands of variables and constraints), you really do need to write a program to generate an MPS file.

AMPL, and now ZIMPL, allow you to describe your problem using reasonably nice looking equations, with two particularly pointed additions:

  • You can define model variables and parameters that draw their values from formatted data in external files, allowing you to use any sort of database / import scheme to define large portions of the problem and parameters

  • You can define sets of model variables with descriptive "subscripts," and have equation descriptions that generate gobs of model equations that are identically shaped by merely describing one of them

It's not difficult for 30 lines of AMPL/ZIMPL model description to combine with a data file with 50-100 parameter values to then expand to generate a planning model with tens of thousands of variables and constraints.

Of course, it would be bad news if this was insoluble; modern LP solvers on modern hardware can solve problems with hundreds of thousands if not millions of variables/constraints.

The one annoyance is that the default solver is anything but free; it's still all too common for Operations Research tools to be "free for purely academic use" but exceedingly proprietary anywhere else...

29 May 2006 (updated 29 May 2006 at 22:37 UTC) »

I think I busted some cfengine scripts the first time I remote-edited via Tramp; apparently, it doesn't preserve executable permissions :-(.

Ah, well, there are plenty of other cases where Tramping around to plain old config files works out fine. Yay, I can edit slonik scripts on application servers using Emacs.

Now, I just need to create an Emacs Slonik mode :-).

Emacs note du jour...

On Using Tramp which is a module that allows editing files on remote hosts using scp, ftp, or such...

To have it in place, you need, in $HOME/.xemacs/init.el, the following:

(require 'tramp)

Then, you can request editing a file on a remote host thus...

C-x C-f /[ssh/root@rg520-data-dotinfo]/etc/hosts

Tab completion works in various places...

Interesting protocols include ssh, ssh1, ssh2, scp, rsh, rsync, su, sudo, smb, ftp, telnet...

8 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!