New blog created

I've decided to start a new blog using a static blogging engine called Hakyll.

The new location is:

Thank you for reading and following!

Constant variables in Python

Often Python is referred to as flexible and easy to learn programming language, mostly this is because it lacks some of the features you normally don't need that much. One of those features is const objects: being able to protect a variable against future change. Some languages call this "final", others "const", here is the best way I could think of to do this in Python:

import contextlib
def constant(vars):
    ''' Protect the return values of (callable) vars from change
    def f():
        def constants():
            return a,b
        with constant(constants):
            print 'Do something'
            #If you would use b=2309 it will raise an exception after the with block.
    __protection_information = [(id(i), hash(i)) for i in vars()]
    for i, v in enumerate(vars()):
        pi = __protection_information[i]
        if not pi[0] == id(v):
            raise Exception('id() of const variable %i changed' % i)
        if not pi[1] == hash(v):
            raise Exception('hash() of const variable %i changed' % i)

Same director, same booklet

The new movie "The Box", directed by Richard Kelly, featured a weird booklet. Don't get me wrong, the content was pretty normal, I've seen that before. But the weird thing was where I saw the booklet before: in the movie Donnie Darko. you guessed it, both Donny Darko and The Box contain the same skeleton in a booklet, and both are movies directed by Richard Kelly.

Take a look at the version from "The Box":

Now here is the version from "Donnie Darko":

Try to download all the dropbox data

Today I installed Dropbox and got an idea. It turns out that if the service has your file already, it will not upload it again. Syncing an 600 MB ubuntu iso took me less time then it took me to download the file, and my upload is not faster then my download. There must be some kind of hashing going on there (they would be stupid not to do it).

However, the speed of the sync got me thinking about a security bug that was discovered in SSH a while back. The problem was that it was possible to notice if a user existed or not because the time it took to respond to an existing user was different then to a non-existing user.

The same holds true for Dropbox: if I create a random file, I'm able to check whether a user on Dropbox already had it by timing the sync speed in correlation with my network output (or even just looking at the network traffic amount will do the trick). Now the question is: what kind of security related file, or personal information format, will be best to randomly generate and try to find?

Theoretically it should be possible to download all Dropbox data this way, hopefully somebody will one day find a good way to exploit this optimization.

IB-groep paranoia: content-injection en waarom laten ze mij hun proxy adres zien?

Met afstuderen komt natuurlijk ook afbetalen, in mijn geval dan. Dus besloot ik op mijn-ib-groep eens te kijken hoe alles er voor staat.

Twee dingen die ik niet leuk vond om te zien: simpele content injection (wel gedeeltelijk ge-escaped, maar toch). Kijk bijvoorbeeld hier. En dat ze als verificatie het ip adres van hun interne proxy laten zien (zie screenshot). Denken ze dan dat ik daar wat mee kan? De paranoia nerd in mij denkt dat de overheid niet te vertrouwen is met computers.

What is Firefox doing now?

I had some time to kill, so I pulled up my system monitor and had a look. One thing bugged me: Firefox was doing something while I was not doing something with Firefox. So I dove into the settings and documentation and this long post deals with all the things I could find.

gedit indent lines plugin removed, long live the TAB key

The gedit indent lines plugin was removed. I then looked at the documentation with F1, but the Shortcut keys manual page had a parsing error and yelp didn't want to show me more then the first few keys. I then turned to the internet and found nothing.

Turns out this is one of those: it's to easy, so it doesn't need any documentation cases. The indent key is now TAB instead of Ctrl+M and Ctrl+m. So now you can use TAB and Shift+TAB to indent and un-indent your selection in gedit.

Open Transport Tycoon Deluxe debian/ubuntu game data package

After installing Ubuntu Lucid alpha 1 I found out I had to download the OpenTTD data files again, so I decided to create a package for it. It is a very ugly package, but does the trick. Have fun!

Empathy: Could not create the rtp muxer element

I had the problem that Empathy would disconnect almost immediately when trying to make an audio call. I started it on the command-line and got the following output:

(empathy:12628): tp-fs-WARNING **: stream 1 0x2614a70 (audio) get_all_properties_cb: Error creating session: Could not create the rtp muxer element
(empathy:12628): tp-fs-DEBUG: stream 1 0x2614a70 (audio) close: close requested by connection manager
(empathy:12628): tp-fs-DEBUG: tf_channel_dispose
(empathy:12628): tp-fs-DEBUG: _tf_session_dispose

The solution was simple but also weird: remove the .gstreamer-0.10 directory from your home directory (so ~/.gstreamer-0.10), after that no more problems with the rtp element being created.

ccbuild version 2.0.0 released

After having some last minute problems with both the build system and the licensing, I finally released ccbuild 2.0.0. Bring on the issues! Reasons to expect issues to pop up are multi-threading support using OpenMP and using a single top-level o directory, instead of one per directory. Any command depending on the directory structure (like makefile).

Syndicate content