This is another "maybe this will help someone" kind of post. Long story short--if you stop getting login verification text messages from twitter, try texting GO to 40404.
At some point I enabled the login verification feature for my twitter account (@carl_welch). So whenever I want to log in to twitter.com on a PC or laptop, I type my username and password, and then twitter sends a 6-digit numeric code to my cell phone via SMS. Then I type that code into the form on twitter.com, and I'm logged in. I have my browsers set to delete cookies when I close the browser, so I end up doing this somewhat frequently.
(It works a little differently logging in to the twitter app on my phone. I have to log in to twitter.com on a laptop or PC and generate a one-time password that I use for logging in on the app. I generally only have to do this once, because I don't log out of the app on my phone.)
I got a new phone a couple of weeks ago: same number but a different provider. And I immediately stopped getting the login verification messages from twitter. So I couldn't log in. I'd managed to get logged in on the phone's app before restarting the browsers where I was logged in to twitter, so I could still use twitter while this was going on. But before I realized that I had a problem, I'd restarted my browsers, and I couldn't log in (on a PC or laptop).
I submitted a help request to twitter explaining the problem, speculating that it might be because I changed provider, and asking them to disable login verifications for my account. I'm quite disappointed that--other than automated responses--I never heard back from them at all. Lame.
So I kept poking around on their help pages, and I stumbled upon a page talking about how to tweet via SMS. Seems like you start that process by adding a phone number to your account (which I'd already done) and then texting GO to 40404. For lack of a better idea I tried doing that on my new phone. And login verifications started working again immediately.
Lucky.
01 January 2013
Software Choices
I switched to Xubuntu a few days ago, and I've been trying a few changes in some of the other software that I use, too.
So I looked at the Best Audio Player page of the recent readers' choice awards from Linux Journal to see what other people are using.
I tried VLC, but it seems like more of a file player. I didn't see a way to import and browse my music library. I may not have given it enough of a chance, but I was disappointed with it.
I rejected Amarok, because I'm not running KDE. I looked at installing banshee, but I was turned off by the long list of mono-related dependencies.
So I gave up and went back to rhythmbox. To my pleasant surprise, the list of dependencies didn't look too long (no longer than banshee's, anyway), so I decided to stick with what I know.
Next I tried asunder (which I'd also used previously), and it worked on the first try, ID3 tags and all.
BTW, easytag is good at fixing problems with ID3 tags (and so is id3).
A couple of the gripes I had with grisbi (I was running v0.5.9 in Ubuntu 10.04) were minor, but annoying. The transaction dates are formatted for Europeans, and I just couldn't get used to that (in fairness, it looks like that has changed in the meantime). And I never had much success with the reporting feature. I typically ended up exporting the data in CSV format and then getting what I needed from a spreadsheet.
A more significant problem involved what is for me a common practice. When I go grocery shopping, I typically buy groceries and beer or wine and get cash back at the register. The credit union sees that all as one transaction, but I like to track groceries, booze, and cash separately. In grisbi I'd have to make three separate transactions and then remember to put them together when reconciling with the bank statement.
So this year I started a little earlier and read through the sections of the GnuCash documentation in time to make the transition at the new year. GnuCash has "split transactions" which should address my gripe about what to do with my grocery bill. I'll still have to do arithmetic to figure out how much is booze and how much is other stuff, but it may make it easier to reconcile when the end-of-month statement arrives. Dates look the way they "ought to," and the documentation makes the reports look easy and helpful. This one is a pretty big experiment, so we'll see how it goes.
In the past I've used XEphem for my virtual stargazing, but I've recently discovered Stellarium. I like Stellarium, and you don't have to build it, so I'll give it a try.
Audio Player
After using rhythmbox for a couple of years, I really tried to like gmusicbrowser, but I just couldn't. Even with the rhythmbox skin, I just didn't like the way the browser worked. I like to click on an artist and see the albums, and then click on an album and see the songs. gmusicbrowser didn't seem to do that (or I couldn't make it do that, anyway).So I looked at the Best Audio Player page of the recent readers' choice awards from Linux Journal to see what other people are using.
I tried VLC, but it seems like more of a file player. I didn't see a way to import and browse my music library. I may not have given it enough of a chance, but I was disappointed with it.
I rejected Amarok, because I'm not running KDE. I looked at installing banshee, but I was turned off by the long list of mono-related dependencies.
So I gave up and went back to rhythmbox. To my pleasant surprise, the list of dependencies didn't look too long (no longer than banshee's, anyway), so I decided to stick with what I know.
CD Ripper
I got a couple of CDs as gifts last week, and I wanted to rip and encode them, so I tried ripperX (which I'd used previously). For ripperX to work correctly, you need cdparanoia (to rip the CD to WAV files) and lame (to encode the WAV files to MP3 files). I'd installed cdparanoia, but had overlooked lame. When I tried ripping a CD with ripperX, it dutifully created MP3 files without a word of complaint. But then the audio player refused to import them. It took me a while to figure out that lame was missing, and it's disappointing that ripperX couldn't give me an error message about it. Even after installing lame, ripperX wasn't adding the ID3 tags: the CDDB lookup worked, but the generated MP3 files had no ID3 tags. That's important, because audio players use the ID3 tags to organize the music files.Next I tried asunder (which I'd also used previously), and it worked on the first try, ID3 tags and all.
BTW, easytag is good at fixing problems with ID3 tags (and so is id3).
Personal Financial Manager
I've used grisbi for years, but I've never much liked it. I looked at GnuCash a year ago. I even exported a QIF file from grisbi and imported into GnuCash. But despite the excellent documentation from GnuCash, I was overwhelmed by the transition, so I stuck with grisbi for another year.A couple of the gripes I had with grisbi (I was running v0.5.9 in Ubuntu 10.04) were minor, but annoying. The transaction dates are formatted for Europeans, and I just couldn't get used to that (in fairness, it looks like that has changed in the meantime). And I never had much success with the reporting feature. I typically ended up exporting the data in CSV format and then getting what I needed from a spreadsheet.
A more significant problem involved what is for me a common practice. When I go grocery shopping, I typically buy groceries and beer or wine and get cash back at the register. The credit union sees that all as one transaction, but I like to track groceries, booze, and cash separately. In grisbi I'd have to make three separate transactions and then remember to put them together when reconciling with the bank statement.
So this year I started a little earlier and read through the sections of the GnuCash documentation in time to make the transition at the new year. GnuCash has "split transactions" which should address my gripe about what to do with my grocery bill. I'll still have to do arithmetic to figure out how much is booze and how much is other stuff, but it may make it easier to reconcile when the end-of-month statement arrives. Dates look the way they "ought to," and the documentation makes the reports look easy and helpful. This one is a pretty big experiment, so we'll see how it goes.
Other Stuff
I think I'll try LibreOffice this time, rather than OpenOffice. I don't use either enough to feel strongly one way or the other, but it seems like I've read that LibreOffice may be getting more active development. *shrug*In the past I've used XEphem for my virtual stargazing, but I've recently discovered Stellarium. I like Stellarium, and you don't have to build it, so I'll give it a try.
28 December 2012
Xubuntu
I've been running Ubuntu 10.04 for a couple of years, but it goes end-of-life soon. I knew that upgrading would more-or-less mean learning a new window manager: Unity or something else. I decided to try going with XFCE in Xubuntu 12.04 (which will have support until April 2017).
I have so far been pretty happy with it. I backed up everything I could think of to a second hard drive, and then did a fresh install off of a USB drive. It didn't take long, and then I spent a couple of hours restoring files and setting up software and stuff, such as...
I have so far been pretty happy with it. I backed up everything I could think of to a second hard drive, and then did a fresh install off of a USB drive. It didn't take long, and then I spent a couple of hours restoring files and setting up software and stuff, such as...
- installing google chrome and importing bookmarks (I'd exported them prior to the upgrade)
- restoring ~/.purple so that pidgin would work
- installing postfix and configuring it to relay off of gmail, so that logwatch and my cron jobs would land in my gmail inbox (I'd already done this, so I just had to restore a couple of files)
- installing VirtualBox and restoring ~/.virtualbox (and my guest machines booted without much complaint)
- pointing gmusicbrowser at my MP3 collection and skinning it to look like rhythmbox (there are some minor differences I'm still getting used to, but it looks like the playlists I exported from rhythmbox import right into gmusicbrowser, so that's a pleasant surprise)
- setting up an encrypted subdirectory in $HOME
20 December 2012
Red Hat and CentOS process locks do not belong in /var/lock/subsys
I have a bash script that runs via cron every night. It's a software package repository mirroring process, so it has the potential to run for a long time. I don't want two of them running at the same time, and I want to know if one is running for more than 24 hours.
So the first thing the script does is to check for the presence of a lock file in a particular location. If the lock file exists, that means that the previous instance didn't complete, so it spits out an error message (which will land in my email) and quits. If the script does not find the lock file (which is the normal condition), it creates the lock file (via touch) on the very next line. The very last thing the script does is to remove the lock file.
if [ -f /var/lock/subsys/mirror ] ; then
echo 'previous instance running--quitting'
exit
fi
touch /var/lock/subsys/mirror
# long-running mirroring process...
rm -f /var/lock/subsys/mirror
We have scheduled downtime from time to time to do operating system upgrades and other maintenance. I typically create the lock file manually at the beginning of maintenance, because I don't want my local repository changing while I'm running updates. And then I manually remove the lock file at the end of maintenance.
We did maintenance last night, and the server that runs this mirroring process was having some kind of problem. We ended up rebooting the server (which, in this case, resolved the problem we were experiencing).
Turns out that part of the reboot process on Red Hat (and CentOS) is to clear out the /var/lock/subsys directory, which is where I'd been putting the lock file for the mirroring process. Oops.
Fortunately, the reboot happened after the cron job, and so the cron job didn't run unexpectedly. But that was just a matter of lucky timing.
So today I'm moving the lock file to /var/run. And I may as well make it work like the other files in that directory. So instead of
touch /var/lock/subsys/mirror
I'll do
echo $$ > /var/run/mirror.pid
25 November 2012
Travel-related tech
I recently took a trip, and here are a few notes about some of my technology-related experiences.
I knew I'd probably want Internet access at the hotel, but I figured it would be wireless, and I was hoping for some kind of VPN. In the past I've used ssh's socks proxy feature, but I've found it to be pretty slow. So I thought I'd give wonderproxy a try. You can get a VPN account for a month for around $5, and I thought it worked really well. It was fast, and it made me feel a little better about using the hotel's wireless.
I bought a Macbook Air not long ago, and I like it. So I took it with me on the trip. I took some pictures, and I used iPhoto to copy the pictures off the camera onto the laptop. Then I tried using iPhoto to upload the photos to flickr, and that didn't work well for me. iPhoto crashed at one point during an upload of a bunch a photos, and there was no obvious way to resume the upload. I was able to figure out where it quit, and then I just told it to upload the photos it missed. But many of the photos on flickr don't have the original size--the largest version of many of them is 1024x768 (there should be three larger sizes). So I have to upload those images again or just be OK with the smaller sizes on flickr. So I'm glad I hadn't told iPhoto to delete them off the camera.
I also told iPhoto to mark several of the photos as private, and they ended up as public on flickr.
So I probably won't be using iPhoto any more.
And although southwestvacations.com did a great job of booking the trip, they totally FAIL in password security. When I created the account, I used a password generator to create a long password with all four character classes, and I saved the password in my password wallet. At one point during the trip, I needed to access something in my account. But when I tried to log in, I got invalid username/password errors. I ended up using the "forgot my password" link, thinking it would send me a login token. Nope, it sent me my password. It wasn't even my original password (which is why I was having trouble logging in). The original was around 20 characters long, but what they sent me was the first 10 characters of the password I'd created. So southwestvacations.com
Otherwise, it was a lovely trip. Have a look, if you like.
I knew I'd probably want Internet access at the hotel, but I figured it would be wireless, and I was hoping for some kind of VPN. In the past I've used ssh's socks proxy feature, but I've found it to be pretty slow. So I thought I'd give wonderproxy a try. You can get a VPN account for a month for around $5, and I thought it worked really well. It was fast, and it made me feel a little better about using the hotel's wireless.
I bought a Macbook Air not long ago, and I like it. So I took it with me on the trip. I took some pictures, and I used iPhoto to copy the pictures off the camera onto the laptop. Then I tried using iPhoto to upload the photos to flickr, and that didn't work well for me. iPhoto crashed at one point during an upload of a bunch a photos, and there was no obvious way to resume the upload. I was able to figure out where it quit, and then I just told it to upload the photos it missed. But many of the photos on flickr don't have the original size--the largest version of many of them is 1024x768 (there should be three larger sizes). So I have to upload those images again or just be OK with the smaller sizes on flickr. So I'm glad I hadn't told iPhoto to delete them off the camera.
I also told iPhoto to mark several of the photos as private, and they ended up as public on flickr.
So I probably won't be using iPhoto any more.
And although southwestvacations.com did a great job of booking the trip, they totally FAIL in password security. When I created the account, I used a password generator to create a long password with all four character classes, and I saved the password in my password wallet. At one point during the trip, I needed to access something in my account. But when I tried to log in, I got invalid username/password errors. I ended up using the "forgot my password" link, thinking it would send me a login token. Nope, it sent me my password. It wasn't even my original password (which is why I was having trouble logging in). The original was around 20 characters long, but what they sent me was the first 10 characters of the password I'd created. So southwestvacations.com
- restricts password complexity (they truncated my password at 10 characters--the 11th was a percent sign, so I don't know if it was the length or the character)
- they truncated my password without warning me
- they store non-hashed passwords
- and they'll send passwords by email
Otherwise, it was a lovely trip. Have a look, if you like.
03 November 2012
shadow passwords with openssl
I once had to break in to a CentOS box, because I'd forgotten root's password and didn't know the passwords to any other users (I think it had been shut down for a while). So I booted with a rescue disc (I think it was a CentOS installation disk, and I typed "linux rescue" at the prompt). The rescue disc mounted the filesystems, and I tried running passwd in a chroot. I got some kind of error message, and it wouldn't reset the password for root in /etc/shadow on the filesystem. I ended up editing /etc/shadow by typing in a password I got out of /etc/shadow on another box.
As I'm writing this, it occurs to me that if I knew the password to some other user (at this point I don't remember if I did or not), I could have just edited /etc/sudoers to give root to that other user, rebooted, logged in as that user, and done "sudo passwd" to reset root's password.
But if you ever need to create /etc/shadow entries by hand for some weird situation, here are a few suggestions involving openssl's passwd utility.
Incidentally, if you have trouble finding the man page for openssl's passwd ("man passwd" is likely to get you the man page for thing that resets your login password), try "man 1ssl passwd" (Ubuntu) or "man sslpasswd" (Red Hat 5).
The hashed passwords in /etc/shadow look something like this:
$1$.oDCRZmb$mYZm6IzfMWVfe38Pr4fHt0
As I'm writing this, it occurs to me that if I knew the password to some other user (at this point I don't remember if I did or not), I could have just edited /etc/sudoers to give root to that other user, rebooted, logged in as that user, and done "sudo passwd" to reset root's password.
But if you ever need to create /etc/shadow entries by hand for some weird situation, here are a few suggestions involving openssl's passwd utility.
Incidentally, if you have trouble finding the man page for openssl's passwd ("man passwd" is likely to get you the man page for thing that resets your login password), try "man 1ssl passwd" (Ubuntu) or "man sslpasswd" (Red Hat 5).
The hashed passwords in /etc/shadow look something like this:
$1$.oDCRZmb$mYZm6IzfMWVfe38Pr4fHt0
The shadow entry has three parts delimited by dollar signs. The 1 indicates that this shadow entry was computed with the MD5 password algorithm. The next section (".oDCRZmb") is the salt, and the final portion is the hashed password.
You can generate these yourself. If you type the following (the "-1" requests the MD5 algorithm)
echo password | openssl passwd -1 -stdin
you should get something resembling
$1$DcuakEM4$c4WDkEXKd6YXNYjAfN2Sh/
echo password | openssl passwd -1 -stdin
you should get something resembling
$1$DcuakEM4$c4WDkEXKd6YXNYjAfN2Sh/
You can reproduce this by providing the salt:
carl@stilgar:~$ echo password | openssl passwd -1 -stdin -salt DcuakEM4 $1$DcuakEM4$c4WDkEXKd6YXNYjAfN2Sh/
And it looks like openssl is smart enough to strip the newline:
carl@stilgar:~$ echo -n password | openssl passwd -1 -stdin -salt DcuakEM4 $1$DcuakEM4$c4WDkEXKd6YXNYjAfN2Sh/
Without the "-1" argument, openssl uses the standard crypt algorithm. The first two characters from crypt output are the salt, and this is what the Apache webserver's htpasswd uses for making passwords (at least, crypt seems to be the default algorithm for the Ubuntu and Red Hat 5 packages):
carl@stilgar:~$ echo password | openssl passwd -stdin BxZPctq22eZ4M carl@stilgar:~$ echo password | openssl passwd -stdin -salt Bx BxZPctq22eZ4M
passwd also knows the Apache variant of the MD5 algorithm:
carl@stilgar:~$ echo password | openssl passwd -apr1 -stdin $apr1$z4cUIQjr$fXbDk6ypzyZIIIb/OIp0I. carl@stilgar:~$ echo password | openssl passwd -apr1 -stdin -salt z4cUIQjr $apr1$z4cUIQjr$fXbDk6ypzyZIIIb/OIp0I.
Looks like Ubuntu uses the sha-512 algorithm for hashing passwords, and openssl's passwd doesn't support this. If you want to try making /etc/shadow entries w/ sha-512, try saving the following file as passwd.c:
#define XOPEN_SOURCE #include#include int main(int argc, char *argv[]) { if ( argc < 2 ) { printf("usage: %s password salt\n", argv[0]); return; } printf("%s\n", (char *)crypt(argv[1], argv[2])); return; }
And then try this:
gcc -lcrypt -o passwd passwd.c ./passwd password '$6$salt$'
24 August 2011
setting the session.cookie_path in PHP (redirection loop)
This is a quick note about a bug in some PHP code I was working on the other day. It took me a while to figure it out. I was developing and initially testing in google chrome, which is evidently forgiving of this kind of error. Maybe writing this will help someone (and maybe it'll help me not to make the same mistake again).
This was for an application which requires authentication. The controller sends the browser a redirect (to the login URL) if the user is not authenticated. I had set the cookie path with something like the following:
$baseUrl = 'https://www.example.com/gakkk/';
// several lines later...
ini_set('session.cookie_path', $baseUrl);
This worked OK in chrome, but Firefox and MSIE both got locked up in redirection loops. After scratching my head for a while, I finally figured out that I should be doing this:
ini_set('session.cookie_path', '/gakkk/');
The cookie_path (it has that name for a reason) should exclude the protocol, hostname, and port. Information security auditors like to complain about web applications that don't set the cookie path.
14 July 2011
Testing an SSL-enabled service for cipher strength
Vulnerability scans sometimes find that an SSL-enabled service allows clients to connect using ciphers which have key lengths shorter than 128 bits. Most services have configuration directives to disable these connections. Here's how to test a service for key length (without doing a new nessus scan, or whatever).
openssl ciphers -v
This gives a list of ciphers that the openssl client can use, and the output indicates the key length. openssl's s_client command can take an argument which specifies the cipher(s) to use. So after reconfiguring the server, run the following two commands (the first should fail, and the second should succeed):
openssl s_client -ign_eof -connect target:port -cipher RC4-MD5
openssl s_client -ign_eof -connect target:port -cipher DHE-RSA-AES256-SHA
(You should replace target:port with something like www.example.com:443)
04 February 2011
Safari Issues
I learned a couple of things about Safari yesterday. When using the @import syntax for CSS, make sure you remember the semi-colon after the URL (outside the quotes):
Firefox and Internet Explorer are forgiving about a missing semi-colon, but Safari won't load the stylesheet without it.
And by default Safari has only limited support for tabbing through Web pages (something that's probably pretty important to keyboard users). The default setting will allow you to tab from form field to form field, but you can't focus on links by tabbing. You can enable this behavior (which is behavior I've come to expect from using Firefox and Internet Explorer) by going to the Advanced tab of the Preferences menu and clicking the checkbox that says something like "Press Tab to highlight..."
<style type="text/css" media="screen">@import "styles.css";</style>
Firefox and Internet Explorer are forgiving about a missing semi-colon, but Safari won't load the stylesheet without it.
And by default Safari has only limited support for tabbing through Web pages (something that's probably pretty important to keyboard users). The default setting will allow you to tab from form field to form field, but you can't focus on links by tabbing. You can enable this behavior (which is behavior I've come to expect from using Firefox and Internet Explorer) by going to the Advanced tab of the Preferences menu and clicking the checkbox that says something like "Press Tab to highlight..."
14 March 2010
added READONLY option to password wallet
Made an update to my password wallet. You can now have the READONLY attribute in your .walletrc file: this disables updates to the wallet (w/ the -e option). I keep my wallet in two places (work and home), and a cron job copies from work to home daily. So I need to make sure that I only update the wallet at work. I once updated it at home, and the next run of that cron job overwrote the update (a new password).
29 January 2010
panopticlick
I've seen several posts about the panopticlick project in the last few days. If you go to the panopticlick Web page and click the "test me" button, it'll tell you how identifiable your Web browser is. The idea is that it might be possible for someone to track your Web browsing based solely on certain characteristics of your Web browser (without using cookies or even IP addresses).
So I hit the "test me" page with several different kinds of browsers to see what kind of results I would get. The results are given below (all Firefox browsers below have the NoScript extension). In terms of security, these are like golf scores: you want low numbers in the second (BII="bits of identifying information") and third (NIF="number of identical fingerprints") columns. And in terms of security, being unique is bad (it makes it easy to identify you).
Firefox 3.6 on XP did pretty well, so I captured the HTTP request headers from that browser:
Then I installed the Modify Headers extension to Firefox on Ubuntu and set the User-Agent header to the value from the request headers above. After doing that, Firefox 3.6 on Ubuntu got panopticlick scores like Firefox 3.6 on XP.
An interesting side effect of this is that the Firefox Add-Ons site uses the User-Agent header. So if you do this and want to add extensions later, you will probably need to disable the header. And I've just done this today, so I don't yet know what effect this will have on updating extensions.
So I hit the "test me" page with several different kinds of browsers to see what kind of results I would get. The results are given below (all Firefox browsers below have the NoScript extension). In terms of security, these are like golf scores: you want low numbers in the second (BII="bits of identifying information") and third (NIF="number of identical fingerprints") columns. And in terms of security, being unique is bad (it makes it easy to identify you).
| browser/platform | BII | NIF |
|---|---|---|
| MSIE7 on XP | 17.64 | unique in 204,788 |
| Firefox 3.6 on XP | 8.62 | one in 392 |
| Firefox 3.6 on Ubuntu | 12.64 | one in 6,364 |
| MSIE6 via wine on Ubuntu | 17.66 | unique in 207,713 |
| lynx on Ubuntu | 14.67 | one in 26,001 |
| elinks on Ubuntu | 17.67 | unique in 208,111 |
| wget on Ubuntu | 9.57 | one in 761 |
| curl on CEntOS | 17.67 | unique in 208,688 |
Firefox 3.6 on XP did pretty well, so I captured the HTTP request headers from that browser:
GET / HTTP/1.1
Host: vmware:8000
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Then I installed the Modify Headers extension to Firefox on Ubuntu and set the User-Agent header to the value from the request headers above. After doing that, Firefox 3.6 on Ubuntu got panopticlick scores like Firefox 3.6 on XP.
An interesting side effect of this is that the Firefox Add-Ons site uses the User-Agent header. So if you do this and want to add extensions later, you will probably need to disable the header. And I've just done this today, so I don't yet know what effect this will have on updating extensions.
03 November 2009
pager in wallet program
I recently got an email from someone who has been using the password wallet program. The reader asked about the possibility of using a different pager when viewing the password file (the "less" pager is hard-coded into the program).
I thought this was a good idea, so I've changed the wallet program to allow the user to specify the pager using the WALLET_PAGER environment variable (which defaults to "less"). You can also put this in the .walletrc file. The reader wants to use w3m, so this should now work in .walletrc:
WALLET_PAGER="w3m -o bg_color=blue"
I've updated the program in the google code repository.
I thought this was a good idea, so I've changed the wallet program to allow the user to specify the pager using the WALLET_PAGER environment variable (which defaults to "less"). You can also put this in the .walletrc file. The reader wants to use w3m, so this should now work in .walletrc:
WALLET_PAGER="w3m -o bg_color=blue"
I've updated the program in the google code repository.
24 October 2009
Zendcon 2009
Got home last night from Zendcon 2009. Good conference.
Here are a few of the main things I'm taking away from it:
Update (Monday 26 October): I took some pictures, and I've posted them to flickr.
Here are a few of the main things I'm taking away from it:
- I'm a fool not to be using APC (and maybe memcache)
- Zendconners really like twitter (I got sucked in: @carl_welch)
- I need to learn more about dependency injection and better OOP methods
- I need to give git a try (had a good visit with the guy at the github booth)
Update (Monday 26 October): I took some pictures, and I've posted them to flickr.
16 May 2009
Barnswallows' return
The barnswallows are back. Considering the placement of the nest, I assume that it has to be the same ones as last year. I've been taking a few pictures.
26 April 2009
belated Earth Day
Here are a few interesting articles I found this past week:
- The Next Generation of Biofuels (Scientific American) and California Takes on King Corn (The Daily Climate) talk about alternatives to corn-based ethanol
- How to Fix a Climate Emergency (Newsweek) is a pretty interesting look at some radical ideas about slowing down global climate change (and it makes a good point about how this shouldn't be a replacement for cutting emissions)
- and Wil Wheaton found a cool video of Earth rising over the moon's horizon (must have been taken near new moon)
29 March 2009
bad news for iron fertilization
I follow a few environmental blogs, and for a while I was occasionally seeing posts about the possibility of using iron fertilization for carbon sequestration. The idea (as I understand it) is that scientists would dissolve a bunch of iron near the ocean surface, phytoplankton would consume the iron (causing the phytoplankton to flourish), the phytoplankton would inhale a bunch of carbon dioxide, and the phytoplankton would sink to the bottom of the ocean, taking the CO2 with it, forever.
So they tried it.
They dumped a bunch of iron in the ocean, and the phytoplankton dutifully multiplied (and presumably inhaled a lot of CO2). But before the phytoplankton could sink, it ended up at the bottom of the food chain of a series of increasingly large sea creatures that live near the surface.
Nice try.
So they tried it.
They dumped a bunch of iron in the ocean, and the phytoplankton dutifully multiplied (and presumably inhaled a lot of CO2). But before the phytoplankton could sink, it ended up at the bottom of the food chain of a series of increasingly large sea creatures that live near the surface.
Nice try.
25 March 2009
Batman logos
There's a post on /Film highlighting a youtube video showing various incarnations of the Batman logo. The video includes logos from various comic book titles, TV series, and films. It's not exhaustive, but it's a cool presentation of a good sampling.
18 March 2009
saving space in firefox
I found a cool Firefox extension a day or two ago. It's called Menu Mod, and it's good for saving some space on the Firefox window (particularly if you have a small screen, like on a netbook). It can collapse all the standard menu items into a single menu item (after installing/restarting, do Tools->Add-ons, click Menu Mod, click Preferences, select "Place all menus inside another"). This isn't all that helpful on its own, but try also doing the following:
- do Menus->View->Toolbars->Customize
- drag all the stuff from the navigation bar (Back/Forward/Refresh/Stop/Home buttons, address bar, etc.) up next to the newly-collapsed menu
- get rid of the search field by dragging it to the "Customize Toolbar" window
- do Menus->View->Toolbars and uncheck the Navigation toolbar
- go to www.google.com (or whatever your favorite search engine is)
- right-click in the search field and select "Add a keyword for this search..."
- add something descriptive for the Name field (like "search" or "google")
- add something short for the Keyword field (I used "g")
- next time you want to do a search, open a new tab (Ctrl-T is as easy as Ctrl-K), then type the keyword ("g" for me) followed by a space and your search term(s)
17 March 2009
xampp
At times I've wanted to try doing some development work on my eeepc, but the default distribution doesn't come with a LAMP stack (and so far I've been too chicken to try installing something else).
Today I tried installing xampp, and that seems to work pretty well. So far my only complaint is that it doesn't seem to come with any version control tools (like svn), and I don't see an easy way to add/compile them (the eeepc doesn't have gcc).
Today I tried installing xampp, and that seems to work pretty well. So far my only complaint is that it doesn't seem to come with any version control tools (like svn), and I don't see an easy way to add/compile them (the eeepc doesn't have gcc).
16 March 2009
ESC key alternative in vim
I've been using vim for a couple of years now, and I really like it. But one thing that's always been a nuisance to me is reaching for the escape key. I often hit the wrong key (like the tilde or F1), and/or I have to glance at the keyboard to find it.
A recent post by Matthew Weier O'Phinney suggested binding the 'jj' sequence to <ESC>. I've been trying that for the last day or so, and I'm finding that to be a pretty good trick. Here's what I added to
A recent post by Matthew Weier O'Phinney suggested binding the 'jj' sequence to <ESC>. I've been trying that for the last day or so, and I'm finding that to be a pretty good trick. Here's what I added to
~/.vimrc to make it work:
:map! jj <ESC>
Subscribe to:
Comments (Atom)