Fortran developer silently weeps:
! immutable 2D array as argument in Fortran integer, intent(in) :: arg(:,:) ! constant value character(len=10), parameter :: numbers = "0123456789"
(yes, I’m currently reading a Javascript book)
→ comment to The Tragedy of systemd where Benno Rice said that he’s impressed by the way how systemd was spread into most GNU/Linux distributions and that systemd was a source of ideas for BSD.
Looking at the methods used to force distributions to adopt systemd, i.e. by adding hard dependencies in the biggest desktop environment or by bundling udev and continuously tightening the dependency from udev on systemd, that’s a form of power-play against the distributions. A dependency I really don’t want.
You might know the reproducible-builds project, which tries to allow users to verify that what they install actually corresponds to the released source. Or GNU Guix, which provides transparent reproducible binaries — along with a challenge-function.
Given that Freenet is made for people with high expectations for integrity, it might not surprise you that Freenet has been providing a verifyable1 build and a verification script since 2012. However until release 1481, it was a hassle to set up, and few people used it.
But now that we’re on gradle, verifying that what I release is actually what’s tagged in the source is much easier than before.
The following instructions are for GNU/Linux, and maybe other *nixes, allowing you to verify the test release of 1482. You can easily adapt them for future releases.
Since Java puts timestamps into class files and requires signing of jars, the jar is not byte-by-byte reproducible, but the verify-build script unpacks the jar and compares the class-files, ensuring that they only differ in timestamps and similar that do not affect functionality. ↩
In the past decade there hasn’t been a year without a politician calling for real names on the internet. Some even want to force people to use real photos as profile pictures. All in the name of stopping online hate, though enforcing real names has long been shown to actually make the problem worse.
This article presents another solution, one that has actually proven that it keeps communication friendly, even in the most anonymous environment of the fully decentralized Freenet project.
And that solution does work without enabling censorship and harassment (as requiring real names would).
The European Copyright directive threatens online communication in Europe. On September 12th the European parliament takes the crucial vote which can still fix it. But the parliamentarians (MEPs) need to hear our voices.
Switching from GPLv2 or later to AGPL is perfectly legal. But if it is not your own project, it is often considered rude.
This does not relicense the original code, it just sets the license of new code and of the project as a whole.
Zilion Web conducted an Interview about Freenet with me. Zilion asked interesting questions and I kind of went overboard in answering them. They include:
To see the answers, just head over to the article:
Interview with Freenet Developer (ArneBab)
https://zilionweb.wordpress.com/2017/08/07/interview-with-freenet-developer-arnebab/
And do install Freenet and then connect confidentially to your friends to build the darknet one friend at a time.
Short answers to questions from a message in the anonymous Freenet Message System:
Ultra-short answer: Go to https://freenetproject.org/pages/download.html and run the installer. It’s fast and easy.
Now onward to the message:
psst@GdwO… wrote :
ArneBab@-jtT… wrote : Yes. And that’s one of the reasons why we need Freenet: to wrestle back control over our communication channel.
Good luck getting people to use it though.
Yes, that’s something we need to fix. And there’s a lot we can do for that. It’s just a lot of boring work.
Let’s go through your points and see which we could fix:
I can't use Freenet. It's illegal! It isn't? How do you know?
It’s created by a registered tax-exempt charity1, how can it be illegal?
The Freenet Project Inc is a 501(c)(3) non-profit organization, with the mission "to assist in developing and disseminating technological solutions to further the open and democratic distribution of information". It is registered under EIN 95-4864038. ↩
As example: Connecting to #youbroketheinternet.
emerge privoxy torsocks net-vpn/tor # rc-config start privoxy tor # rc-update add privoxy default # rc-update add tor default mkdir -p ~/.local/EMACS_TOR_HOME/.emacs.d echo "(require 'socks)" >> ~/.local/EMACS_TOR_HOME/.emacs.d/init.el HOME=~/.local/EMACS_TOR_HOME torify emacs --title "Emacs-torified" # M-x customize-variable RET socks-server RET # host: localhost # port: 9050 # type: Socks v5 # (C-x C-s to save and set) # M-x erc-select # server loupsycedyglgamf.onion # port 67 # the welcome channel is good to go.
a reply I wrote on quora.
Python is easy to learn and low ceremony. Both are pretty hard targets to hit. It also has great libraries for scientific work, for system scripting and for web development — and for most everything else. And it is pragmatic in a sense: It gets stuff done. And in a way which others can typically understand easily. Which is an even harder target to hit, especially with low ceremony languages.
Over the years I found a few things which in my opinion are essential for any Python script:
Everything in this setup is low-overhead and available from Python 2.6 to 3.x, so you can use it to start any kind of project.
Parsing command line arguments on the shell is often done in an ad-hoc fashion, growing unwieldy as time goes by, but there are tools to make that elegant. Here’s a complete example.
I use this in the conf project (easy setup of autotools projects). It builds on the great solution by Adam Katz.
Here I want to show you how to write a commandline tool in Fortran. Because Fortran is much better than its reputation — most of all in syntax. I needed a long time to understand that — to get over my predjudices — and I hope I can help you save some of that time.1
This provides a quick-start into Fortran. After finishing it, I suggest having a look at Fortran surprises to avoid stumbling over differences between Fortran and many other languages.
After I finished my Diploma, I thought of Fortran as "this horribly unreadable 70th language". I thought it should be removed and that it only lived on due to pure inertia. I thought that its only deeper use were to provide the libraries to make numeric Python faster. Then I actually had to use it. In the beginning I mocked it and didn’t understand why anyone would choose Fortran over C. What I saw was mostly Fortran 77. The first thing I wrote was "Fortran surprises" — all the strange things you can stumble over. But bit by bit I realized the similarities with Python. That well-written Fortran actually did not look that different from Python — and much cleaner than C. That it gets stuff done. This year Fortran turns 60 (heise reported in German). And I understand why it is still used. And thanks to being an ISO standard it is likely that it will stick with us and keep working for many more decades. ↩
→ comment to On EME in HTML5 by Tim Berners-Lee, taking a social angle to the problems of DRM via EME in web standards.
Dear Tim,
The previous commenters already addressed every technical comment I wanted to add. There is only one aspect I still feel missing here:
If you give EME your blessing, the social pressure on all free software communities to add proprietary blobs in their shipped browsers will rise enormously, because otherwise the proprietary developers will accuse them of not following the standard.
Update: The recording is now online at ftp.fau.de/fosdem/2017/K.4.601/naturalscriptwritingguile.vp8.webm
Here’s the stream to the Guile devroom at #FOSDEM: https://live.fosdem.org/watch/k4601
Schedule (also on the FOSDEM page):
This is a proposal I wrote for the NLnet Open call for funding 2016-12. It got into the short list but was not selected, so I’m sharing it here. Maybe it spikes your interest or serves as inspiration for something exciting you want to realize with Freenet. I still plan to do this, but in hobby-time it will likely take a few years to realize instead of the 6 months I had planned. Initial work is available in pyFreenet/babcom_cli
Building the darknet one ref at a time. That’s what we have to do. If you invite three people⁰ to Freenet and help those of your friends with similar interests to connect¹², and when the people you invited then do the same, we get exponential growth.
⁰: To invite a friend into Freenet, you can send an email like this:
Let us talk over Freenet, so I can speak freely again.
¹: Helping your friends to connect works as follows:
Short version (rename from $OLD to $NEW):
ROOT="$(hg id -qr 'first(roots(branch('$OLD')))')" MSG="$(hg log -r $ROOT -T '{desc}')" hg update $ROOT hg branch $NEW hg commit --amend -m "$MSG" hg evolve --all
Mercurial records in which named branch a commit was created. This can be inconvenient when you choose temporary branch names like "foo" or "justworkdamnit".
The evolve extension enables safe, collaborative history editing which removes this inconvenience while preserving the reliability guarantees of Mercurial.
Here I show in a quick example how to rename a branch in Mercurial using the evolve extension.
You can use this method for all changes which you did not transfer elsewhere yet (they must be in draft or secret phase).
Note (2016): The evolve extension is still in testing. Do not use it for production yet. If you want to help stabilizing it, please join evolve-testers. I’ve been using it for more than a year, but I know how to fix things when I hit a bug in the evolve extension.
GNU info
is lightyears ahead of man
in terms of features, with sub-pages, clickable links, topic-spanning search, clean html- and latex-export and efficient interactive navigation.
But man pages are still the de-facto standard for getting quick information on a GNU/Linux system.
This guide intends to help you change that for your system. It needs GNU texinfo >= 6.1
.
Update: If you prefer vi-keys, adjust the function below to call
info --vi-keys
instead of plaininfo
. You could then call that functioniv
☺
Update: Might not actually be targeted. See Evil 32. Thanks to Ximin Luo for giving me more peace of mind!
Update: I’m not the only one hit by this. Here’s a conversation on GNU social with more people hit - though no one else reported yet having two keys faked and cross-signed.
Update: At the very least you should do this: echo keyid-format long >> ~/.gnupg/gpg.conf
On the 29th of August a colleague asked me “which key should I use to encrypt to you?” I was confused, because I only have one key for that email address. So he showed me the keys he saw:
$ gpg2 --list-keys --fingerprint arne.babenhauserheide ------------------------------- pub 2048R/A70DA09E 2011-10-07 [expires: 2016-10-05] uid Arne Babenhauserheide <arne.babenhauserheide@kit.edu> sub 2048R/39829E5F 2011-10-07 [expires: 2016-10-05] pub 2048R/A70DA09E 2014-06-16 [revoked: 2016-08-16] uid Arne Babenhauserheide <arne.babenhauserheide@kit.edu>
I just put up a new pyFreenet release (github):
If you have Python3 and pip >= 8 you can get it with pip3 install -U --user --egg pyFreenet3
. It provides a cleaned up fcpupload script with --spawn support (requires GNU/Linux):
pip3 install -U --user --egg pyFreenet3
echo 1 > testfile
fcpupload --spawn --fcpPort 9486 testfile
→ An answer I wrote to this question on Quora.
Software Engineering: What is the truth of 10x programmers?
Do they really exist?…
Let’s answer the other way round: I once had to take heavy anti-histamines for three weeks. My mind was horribly hazy from that, and I felt awake only about two hours per day.
Update 2021: An improved version that is viable for analog password creation can be found at Letterblock Diceware Passwords.
Do you want to have secure passwords which are memorable and easy to type? Did you use diceware just to find out that the rate of typos when writing 6 words with 30 letters in total without seeing what you type can be aggravating — especially when you have to enter your password several times a day?
The algorithm here generates secure Letterblock passwords which are easy to type and to remember. Try it:
npm install securepasswords
A major part of this article is concerned with a security estimate of the generated passwords, but firstoff, here’s an example of a password which should survive an attack leveraging all smartphones on the planet until at least 2021 at the current development speed of technology:
hXFV!4Vgf-LrgS
And here’s one which should outlast a type II civilization:
HArw-CUCG+AxRg-WAVN-5KRC*1bRq.v9Tc+SAgG,QfUc
Let’s ramp up security of passwords while making them easier to remember.
Update Also see Keylength - ECRYPT II report on key sizes. The report provides a clean overview of several different recommendations. In short: Use 128 bits. With the method shown here this is equivalent to using 5 blocks of 4 letters (length 20).
Writing a NEWS file (a list of changes per version, targeted at end-users) significantly reduces the effort for doing a release: To write your release notes, just copy the latest entries from the NEWS file into a message. It is one of the gems in the GNU coding standards: Simple yet extremely useful. (For a detailed realization, refer to the Perl Specification for CPAN Changes files.)
However when you’re developing features in parallel, for example by using a pull-request workflow and requiring contributors to update the NEWS file, you will often run into merge conflicts. Resolving these takes time, though the resolution is trivial: Just use the lines from both heads.
To resolve the problem, you can set your version tracking system to use union-merge for NEWS files.
At the Institute we use both Python 2 and Python 3. While researching the current differences (Python 3.5, compared to Python 2.7), I found two beautiful articles by Brett Cannon, the current manager of Python, and summarized them for my work group.
The articles:
The relevant points for us1 are the following:
I have summarized them because I can not expect scientists (or other people who only use Python) to read the full articles, just to decide what they do when they get the channce to tackle a new project. ↩
Don’t want to rely on other’s opinions about the Hurd? How to run your own GNU Hurd, in 140 letters:
wget http://people.debian.org/~sthibault/hurd-i386/debian-hurd.img.tar.gz; tar xf de*hu*gz; qemu-system-x86_64 -hda de*hu*g -m 1G
My answer to the question about the best language on Quora. If you continue reading from here, please stick with me to the end. Ready to read to the end? Enjoy the ride!
My current answer is: Scheme ☺ It gives me a large degree of freedom to explore ways to program which were much harder hard to explore in Python, C++ and Java. That’s why I’m currently switching from Python to Scheme.1
But depending on my current step on the road to improve my skills2 and the development group and project, that answer might have been any other language — C, C++, Java, Python, Fortran, R, Ruby, Haskell, Go, Rust, Clojure, ….
Apprenticeship Patterns — Guidance for the Aspiring Software Craftsman ↩
For years I developed Freenet partially blindfolded, because I could not get the tests to actually run on my Gentoo box.
As of today, that’s finally over: The testsuite runs successfully. My setup is still unclean, but it finally works. No more asking other contributors to run the tests for me.
To reproduce:
The image of the blindfolded dog (original size) is from Takuma Kimura (photones), published on Flickr under CreativeCommons attribution sharealike (by-sa). ↩
A comment on largefile support missing in BitBucket, despite being a much-requested feature since 2012.
Note that it’s not Atlassian which got big with Mercurial. It’s Bitbucket which got big with Mercurial, and it was later bought by Atlassian.
Are trust relationships different in anonymous networks?