Older blog entries for pipeman (starting at number 11)

I just noticed that Slashdot reports that the US National Oceanic and Atmospheric Administration has adopted their new information access policy. What is interesting with this is that this new policy supposedly is heavily influenced by what hundreds of Slashdotters has said, pushing them in the direction of open standards and public access.

This made me think about something that has been discussed briefly in KOM since Staffan became obsessed with laws: why doesn't the Swedish government provide, for example, our complete law texts in a vendor-neutral, machine-readable format for public download? In fact, they even go so far as to block robot access to the primary source of law texts, Rixlex, using robots.txt! (Possibly violating our "free press act" (Tryckfrihetsförordningen)? Staffan has blogged about this, too.) Swedes often talk about our open and transparent society, with rigid bureaucracy in place to ensure that all citizens have access to all public records and writings, with few exceptions. One would think that, given Swedens willingness to commit to an open government, the government should provide raw data and free access to any electronic information available. This obviously isn't done.

Now, the discussions that were in KOM was: how do we actually lobby for a change for the better in this area? Who do we talk to in order to make the government aware that standardised and free access to public records and laws would not only be "the right thing to do" in a democratic sense, it would also allow ambitious entrepreneurs to figure out new ways to publish and index that information in pursue of new businesses?

What struck me when I read the NOAA post on Slashdot was that we would need something like that to get the ball rolling - a frontpage Slashdot story might be a little overkill an issue that concerns a mere 9011273 people, but on the same time, it feels like the Swedish Slashdot equivalent Gnuheter is a forum a little too narrow to gain enough activism that can be heard. What we want in this case is to target three communities: the software people, the law people and the politically aware, all of which should be interested in a more open and information-aware society.

We recently decided to change the name of one of our projects (more about that project soon, when it opens), and since I tend to be awake when others are not, I decided to replace the little logo GIF image on the web page spelling out the project name. Of course, I didn't know what font that was used, but I recalled that someone had blogged about a web tool that would let you upload an image and have it try to determine what font the image contained. After a bit of thinking (and much Googling without finding the right web page, much to my surprise), I realized that it was Staffan that had blogged about it, and after wading through three months worth of entries, I found the entry I was looking for, pointing me to WhatTheFont. The tool worked flawlessly in identifying the font (which turned out to be Palatino Roman, which I probably should have known just by looking at it), so I fired up GIMP and made us a new neat little logo. And once again, the braindeadness of trying to port a Unix/X11-style GTK application to Win32, without considering the look and feel of the target platform, hit me. GIMP suffers from the exact same problems as Gaim, which I pointed out in my previous post: the windows (and there are three of them just to begin with) are totally independent entities with no sense of interconnection. This might work fine - it might even be natural - in an environment where multiple virtual desktops are the norm and the user is accustomed to switching between desktops for different tasks, but in Win32 it certainly is not, and you end up hammering away on Alt-Tab many many many times each time you realize that you want to switch to another application and back (since you want to bring all the GIMP windows to front again and just Alt-Tab'ing once will only give you one of them).

I know this debate was raving all over the GIMP community even back in the days of the last century when I actually was using Linux/X11 as my preferred desktop system: why not have an MDI-like GUI with a single parent like Photoshop does? Back then, all I remember is that the developers kept touting that the "X11 principle" with free windows were the most natural and best approach, with no regard for the fact that different approaches might be better for different kinds of platforms. It saddens, but doesn't surprise me, that nothing seem to have change in the latest GIMP releases.

All that said, GIMP once again got the job done - extremely efficiently and, my alt-tabbing abuse aside, without annoyances. I surprised myself with instinctively pressing Ctrl-H to anchor my text selection to the current layer. Being able to use such a professional program for free is really a gift, and I am very grateful for all the blood, sweat and tears that many skilled developers has donated to the free software community through GIMP.

I think Skype is a good example of when things doesn't quite turn out the way that the OSS and open standards community would like it to, primarily due to the failures of that same community. Skype is a proprietary and quote mysterious implementation of peer-to-peer VoIP. It does exactly what we want it to, it's a small and easy install, and there's no ads or expensive hardware required. And it does it in the uttermost incompatible and proprietary way. No SIP. No H.323. Skype just works. And it's interface is clean. In the end, that's all that matters, now matter how proprietary and evil it's foundations are. (I was reminded of this when I was catching up on Joi Ito's blog and read his post about the cute estonian "echo123" girl.)

This reminds me of another OSS strangeness I ran across the other week: Downhillbattle.org's GAIM filesharing proposal. This whole project gave me a weird feeling of missing the point. There are several great ideas lurking behing it: I am using WASTE for trusted encrypted file-sharing among a small group of my friends, and I like it a lot. WASTE in itself is however quite an obstacle to get running, so simplifying the concept is a good idea. Also, they are offering a bounty for the development of the idea, which might be a good idea: I like the thought of the Street Performer Protocol to be used for software development. Their initial bounty was a little too modest: $500 wouldn't quite give me the incentive needed. I would calculate something like a man-month worth of time (for a good programmer) to finish a roughly cut proof-of-concept of their idea, but then it'd take a lot more to bake it into a finished product. Anyway, they have since collected more than twice that sum, so that may not be an issue. But the most annoying feature of this would-be project is that it is based on GAIM. I have been used GAIM a couple of times when I've booted Knoppix because I've messed up my boot partition or something like that, or when I've just felt the need to try it out to make sure I haven't missed out on anything geat. It always turns out that I haven't missed out on much at all. The Gaim interface is, in my opinion, bloated and annoying. The program has all of the features but none of the usability. New windows pop-up everywhere and, true to it's X11 heritage, you never know which dialog belongs to a certain window (because the notion of child-parent and modal dialogs is yet to enlighten the world of GTK, or at least many of the people coding for it) or how to get them nicely aligned or stacked. And when I first start it, it occupies something like a fifth of my 1024x768 laptop screen. And it's friggin' five megs in size. (Okay, that might not be a valid point, especially since I just praised Skype, coming in a whoppin' 10 megs install package. More about that very soon.) But its suckyness is not so much its own fault as it is the brilliance of another open-source program: the Windows-only IM client Miranda. The install executable is somewhere around 800 KB, and the program has got almost all the UI details right: an extremely un-intrusive GUI that occupies a minimum of desktop real estate, and shortcuts that makes it extremely easy to quickly access the program when you need it and just as quickly hide it when you don't want to see it. And it's default configaration is not perfect, but it still gives you that warm welcoming feeling of "I don't want to be in your way". GAIM, on the other hand, has a default configuration that makes annoying noises (when you send a message for example - extremely pointless if you ask me) and showing big icons and fonts everywhere, just giving me an impression of an extremely well-willing but slightly retarded concierge that just gets in your way and in fact wants attention rather than to be helpful. I want the concierge to just do what I want it do, with just small and efficient hints. Just as when I, using Miranda IM, simply press the key sequence Ctrl-Shift-A (un-hides and brings Miranda to front) J (moves cursor to first contact beginning with "j") RET (opens a conversation window with the selected contact) to start typing a message to my friend Jonna, regardless of what other program that was active at that time.

Other news

iKobo blocked my account yesterday. Supposedly, it was because I attempted to buy from myself. The reason I did this was because I wanted to test their Instant Payment Notification feature that we are implementing in our new web shop (a feature that lets us integrate the purchase process with our servers so that we can deliver instantly - basically a HTTPS GET to an URL of your choice with all transaction details when the purchase is cleared). So now they want me to send a photo-copy of a photo-ID and a household bill. That wouldn't be so much of a problem if it wasn't for the fact that my wallet was stolen last weekend, and it takes at least three weeks before I receive my new ID card. So this basically incurs a three-week delay for our new project. I have mailed them explaining my peculiar situation, but if they can't come up with an idea to solve this within days rather than weeks, we'll just use another company for our credit-card needs. The reason for going with iKobo was that I already happened to have a verified account there, so the set-up was minimal, and the fact that you get a debit card to access your money is very nice. If anyone have a suggestion of an online merchant company like iKobo, I'd be very grateful. Basic requirements are: must accept VISA/Mastercard, must be international (must accept a Swedish merchant and international buyers) and must provide Instant Payment Notification (IPN). Being able to get an international ATM/debit card (like Neteller and iKobo does) is a plus.

Now someone has applied for a patent describing a method of determining whether or not two pointers refer to the same memory address - that is, the IS NOT or != operator for pointers.

I wonder what Paul A. Vick, Costica Corneliu Barsan and Amanda K. Silver get paid to put their name on such a wacko patent application. According to Groklaw, Microsoft is behind this application, but as Staffan pointed out in KOM, there seems to be no mention of Microsoft in the actual application.

But: Amanda Silver seems to be a Visual Basic Program Manager and Paul Vick is the Big Kahuna of VB.NET - but I couldn't Google any sense in who that Barsan person is.

Incidentally, Amanda was also the name of my first "girlfriend" - we used to date when we were like six or seven years old. :-)

Question: What does the numbers next to the names in the Advogato recentlog mean? I first thought it was some kind of advogato trust metric-related value, mostly because I thought my entries lacked one. This was due to the fact that I'm still uncertified, and my recentlog-entries are background-coloured in grey, which accidentally is the same colour as the mysterious numbers' foreground colour. But looking a bit closer, I realized that there was a space between my name and the permalink "»". Now, selecting that space revealed "(8)", which incidentally is the number of diary posts I've submitted to advogato. But other people have numbers like 2.2 or 5.6, so I don't think that's it.

Looking out through my window, I gratiously see a lancscape covered in white powder. It's as magnificent as every year. Cars with decimeter thick layers of snow stand parked alongside the rows. The spruces getting their branches weighed down by the big flakes sailing down from the sky.

I can't help but getting a little romantic. Now I just need to start planning this winter's skiing.

It's 5:13 am. I should get some sleep.

According to this quiz, I am Amiga OS, and I am flattered.

My head hurts

Spent the night out yesterday. A friend of a friend played at a pub where you can get a 33 cl bottle of Strongbow cider for 20 SEK (which is under 3 USD, which is really cheap by Swedish standards). Now that is not healthy, and after that we went to the local night club where you get two beers for the price of one. I ended up in a friend's apartment drinking rosé and Beck's. After I left, he apparently jumped from the balkony and wandered away. His girlfriend called me and we went looking for him, without any luck. Even later, she called and told me she'd found him sitting somewhere downtown, totally lost and confused. She dropped by earlier tonight and told me he had no recollection of what had happened after we left the night club. As for me, I spent the entire day sleeping and ignoring the constantly ringing cell phone that was disturbingly out of reach. For some reason, I had placed the laptop next to my bed, though. I guess Internet addictiveness doesn't wear off even when I'm hopelessly hammered.

SWT

I got an e-mail from someone using my program Nular Shell (Swedish only) on Linux. He gave me a very good bug report with screenshots showing how the program (not) worked in Linux/GTK. This gave me the incentive I needed to recode parts of the SWT GUI, which suffered badly from me not being very good at SWT programming at the time I wrote it. I couldn't figure out some layout tweaks, so I resorted to fixed positioning using setBounds(), which made the app really ugly on Linux since all the widgets had different sizes in SWT. Also, some widgets differ in functionality, too - for example, when using the ToolBar, you can create a SEPARATOR item and assign a widget to it (using setControl()) in order to embed it into the toolbar. This, however, doesn't seem to work in the GTK2 port of SWT, so I had to make a Linux-specifik hack for a small text box I wanted in the toolbar. Now, however, I rearranged the main window a bit, so I don't have to embed the text box in either Windows nor Linux (before and after), and with no stupid fixed-positioning code, it should look decent in Linux too.
Update: it seems that the SWT GTK2 ToolBar widget doesn't support the SWT.VERTICAL style either, and the Button widget in GTK2 lacks SWT.DOWN. Annoying.

Java class loaders

When publishing my development version of Nular to the web, I learned that you must explicitly assign a parent class loader when creating new ones, in order for class searches to be delegated upwards. I discovered this because the new version of Nular actually has a plugin API (which no one will ever use) which uses some class loader hacks to dynamically load class files dropped in a "modules" directory, either as JAR archives (with a property file in the JAR specifying which class to be loaded), or as plain .class files. In the latter case, the class must be in the anonymous package, or the class loader will fail. I never figured out how to determine a class' package from it's .class file.

Fiddler and MSN search

I did some random ego-searching on Microsoft's new search engine and discovered that the author of Fiddler had tried to communicate with me regarding my Fiddler plugin. I kind of expected that all those web boards sends an e-mail when someone replies to your post, so I never bothered to go back and check the forum.

Speking of MSN search, apparently they are getting back at Google. Makes you wonder if it really is a bizarre result of search engine ranking algorithms or playful engineers in action.

Other

I'm thinking about registering a Freshmeat entry for web hammer, but I'm kind of hesitant since I tend to never update those things anyway. We'll see about that. The Freshmeat entry for Duper has 10 subscribers, which is kind of weird, but it sort of proves that some people actually wants me to tell them about new versions via Freshmeat. Compare to the Roxen Web Server which has 20 subscribers and conclude that my software is at least half as popular as an obscure web server. :-) Staffan is doing an impressive work with lagen.nu, a collection of all Swedish laws and more. MrFriday will (hopefully) proudly sponsor lagen.nu with web hosting when it gets out of beta.

A few days ago, I wrote a small utility program to help out stress test a client's web site. I wanted something small and simple, that I could send to (non-tech) clients and colleagues to allow them to run the tests from their own computers. Tonight, I tidied up the user interface a bit and packaget it for Java Web Start, so that the user only has to click on a WWW link to start the program. Once started, he or she only fills out an URL pointing to a file describing which URLs to stress test.

I haven't released the source yet (it's time to get some sleep), but I plan on doing that soon.

Oh, and it's available here.

On another note: anyone know who MikeLowe is (removed link, thanks ncm for pointing out my stupidity)? Seems to me he's just Google-whoring. Haven't seen that on Advogato before, is it common?

I am currently implementing a tiny SOAP middleware for a client, and while reading up on SOAP I realized that Advogato has some simple XML-RPC services. So using Apache XML-RPC, and a smallish Java hack, my homepage now includes the latest diary entry from Advogato. Sweet! This is how it works: the code checks if /tmp/diary.cache exists. If it doesn't, it sets off to asynchronously fetch the latest diary from Advogato, while displaying a short note informing the user that the data is unavailable and an auto-refresh Javascript snippet reloading the page after a few seconds. When the XML-RPC requests are completed, the diary entry is stored in that file, and upon subsequent requests to the home page, the code will simply include the HTML found in the cache file. Every once in a while, a cron job deletes the cache. This way, I don't have to poll Advogato needlesssly to see if there is new data; I will only make the request if someone actually access the page. Yes, there are probably some race conditions and such, but this was what I could wrap up while waiting for the coffee to finish. :-)
update: I noticed that the time from Advogato that my Java code printed out was in some weird time zone, and somewhat surprised assumed that my JSP container had a broken locale/time zone setup. So I went about to manually point it to the time zone I wanted to use, but that didn't help: the time stamps were still many hours apart from my own local clock (which is UTC+1). After checking into what was actually sent over the wire behind the scenes of my XML-RPC calls, I noticed that the ISO 8601 time stamps didn't contain any time zone data. The XML-RPC client thus assumed that the received dateTime.iso8601 strings (eg. 20041102T11:32:32) were in the local time zone of the client computer. Appearantly, they are not, but rather in what I assume is some US time such as EST. I guess I should point this out to raph or whoever it was that developed the XML-RPC backend for Advogato, as it would be very helpful for people in different time zones to know what offset the returned time has. My guess is that all that has to be done is adding something like "-0500" (or whatever timezone Advogato uses) to the iso8601 string in order to make it possible for the XML-RPC client to correctly translate into something like a timezone-neutral DateTime object.

Securing my WLAN, sort of

Earlier this year, my WLAN PC Card for my laptop broke, since hardware hates me. I had been using a D-Link WLAN card together with a combined D-Link firewall/NAT gateway/WLAN access point until then, and since I don't exactly live in a high tech area where war driving is common, I had settled on using the 256-bit WEP encryption that the D-Link hardware provided (however aware that WEP in general isn't secure all, it probably keeps my average neighbor from peeking into my network).

When faced with being WLAN-less, I got to borrow an old spare card from a friend. Tre problem was, that the card in question was a stoneage-ish Lucent WaveLAN Bronze - i.e., quite slow and no encryption. So I was forced to accept that my wireless network would be wide open to anyone (or buy a new network adapter, which would cost me at least ten beers and is thus out of the question). Also, when trying out my new-old WLAN card, I noticed that one of my neighbors, too, had set up a wireless access point. No encryption, but a very friendly DHCP server and all - I could use his/her AP for my Internet surfing with a few mouse clicks.

Anyway, so I set out to secure my network with the assumption that it was untrusted. I have briefly mentioned this before: the solution was found in OpenVPN. Set up was a breeze - I configured my (wired) desktop computer as a server and a new private RFC1918 subnet, and let it hand out IP dynamic adresses in that range to the clients. So with OpenVPN, I had a secure authenticated channel between the laptop and the desktop, regardless of whether I was using my unencrypted home WLAN or an office broadband connection (well, assuming a firewall in the way doesn't block UDP port 5000). The next step was to assure that no war driver could use my WLAN for sending spam. That was quite easy: on my NAT box, I can configure the built-in firewall rules quite flexibly (it's not iptables or pf, but hey, it works): I can configure the rules per interface (WAN or LAN), source and destination adress and ports, and finally IP protocol. The end result looked something like this:

1. ALLOW from SERVER to ANY/ANY
2. ALLOW from LAN to GATEWAY port 53/UDP
3. ALLOW from ANY 0.0.0.0/0 TO SERVER port 5000/UDP
4. DENY FROM ANY TO ANY

Here, SERVER represent IP adress of the desktop computer and LAN includes both WLAN and Ethernet interfaces. The packets that travel from the WLAN interface to the Ethernet network isn't filtered at all. Basically, I only allow DNS to the gateway (which includes a DNS relay) and UDP port 5000 to the OpenVPN server. This way, someone connecting to my WLAN may use DNS (and can potentially use that through IP over DNS, but if they go through that hassle, they're worth the few kbit/sec they can get from it), and can connect to my desktop computer (which hopefully is quite secured even though it's a Windows 2000 box), but they can't leech warez or send spam using my broadband connection. Meanwhile, I connect to the SOCKS proxy on the VPN interface on the server machine (the SOCKS software denies connections on other interfaces), and through that proxy connect to anywhere on the Internet, with OpenVPN protecting my privacy for the parts that are wireless.

As an extra bonus, I can let friends that I trust take part in my VPN if we want a secure way of sharing files via otherwise insecure means (such as SMB) - all they have to do is set up a minimal OpenVPN configuration and get me to sign their public key. Also, an added level of obscureness, my laptop now connects to my Waste network through the VPN via the Waste node running on my desktop computer. As a friend put it: you should PGP-encrypt some files written in pig latin before sending them over the Waste network running on top of the VPN to be really sure Echelon gets something to chew on. :-)

I just installed Unreal Tournament - 1999 Game Of The Year edition. It's been couple of years since I played it. At my old employer, Halogen (PBUH), we hade a period of some serious UT festing during the years 1999-2001. It was real fun.

I had completely forgotten about the tremendous joy of blowing people up with a huge rocket launcher.