c't 11/2013, Schöner coden, Neun Texteditoren für Entwickler

p.132: "[...] Wir haben uns für den Test auf neun Programme mit Spezialfunktionen für Programmierer beschränkt und außerdem auf ein modernes Bedienkonzept Wert gelegt. Emacs und vi müssen also draußen bleiben."

p.136, regarding the 70$ editor Sublime Text: "Wer die puristische Oberfläche [...] zum ersten Mal sieht, will seine Texte und Codes künftig mit nichts anderem mehr schreiben. Ein Druck auf F11 aktiviert den Vollbildmodus, und schon ist man völlig allein mit sich und seinem Text. Da gibt es nichts, was den Gedankenfluss stört. Selbst die Maus kann man vom Schreibtisch schubsen, da sich jeder Handgriff konkurrenzlos schnell per Tastenkürzel erledigen lässt."

A real hoot, uproariously funny! In future, I can save the money for the Titanic!

And what's all this fuss about editors one can switch to full screen mode anyway? Why did we invent the graphical user interface and the desktop metaphor four decades ago?

Just recently, I got another brilliant example of the maximize madness. I was searching with a friend for bicycle parts for the restoration of my bikes and had firefox and zim arranged side by side to be able to quickly paste links from the browser into my notepad. Suddenly, my friend grabbed the mouse and maximized the browser. As usual, I couldn't resist asking why. He explained that it confuses him to see two windows at the same time. 😮

No wonder tablets are so successful.

Last December, I looked at my wishlist and decided to get myself a Christmas present: the complete Sherlock Holmes series produced by the British television company Granada TV between 1984 and 1994. This series is scrupulously faithful to Conan Doyle's original and impresses most Holmes aficionados to be absolutely authentic. Jeremy Brett as Sherlock Holmes is viewed by many, including myself, as the definitive interpretation of the Baker street detective, and David Burke as Dr. Watson delivers an equally convincing interpretation of Holmes' obligatory sidekick.

Now, the complete series has never been published on DVD in Germany, but of course in the UK. A few days before Christmas, Amazon offered the set as UK import for 60 €, and I happily ordered. The fact that the set has not been approved and rated by the FSK didn't disturb me in the least, naive as I am. 😄

Well, at 24th of December the postman arrived with the package from Amazon. He was one of these seasonal workers DHL employs around Christmas, and didn't quite know how to operate the hand-held scanner used to capture shipment information. He nervously fidgeted around with this gadget, and had to try three times to scan the bar-code on the package until he was finally successful. I was mildly surprised when he asked for an identification, and even more so when he started to type my name, address and even the number of my ID card into his scanner. Before I could tell him that I was never asked for any kind of identification when I ordered, the device beeped and he started to sweat. I asked what's the matter, and he turned the display towards me: "verification failed".

How is it possible that a verification fails when there's nothing to verify? Well, after some hemming and hawing he finally admitted that he probably mistyped the address, and according to Amazon that's enough to result in this message. I advised him to just start from the beginning and enter everything correctly this time. That, however, turned out to be impossible: once the data are entered into the system, there's no way back.

Isn't that totally absurd? I already paid the shipment, I'm certifiably above 18 years of age, and just because of this fucking gadget they are taking my Sherlock away? At Christmas eve? Now wait a second...

The guy saw my face, panicked and threatened to call the police. Since it was Christmas, I let him live and instead sent a mail to Amazon. Within half an hour, a very polite Indian guy wrote back, offered his most sincere apologies, assured me that he'll send the money back within the hour, and explained that they have to proceed in this way according to the German Jugendschutzgesetz (law for the protection of the youth). And right he is: thanks to Zensursula (beware: explicit visual content!), all movies without an FSK rating are automatically assumed to be R rated and require an age verification.

The story has a happy end. Two weeks ago, I discovered the same boxset on Rakuten's play.com for 37 € and ordered it. It was shipped by Royal Mail via Switzerland, and from there as an ordinary oversized letter by Deutsche Post. Naturally, I was not at home when it was delivered, and of course it was raining heavily when I went to the post office yesterday. But nobody asked me to verify that I'm 18 years or older, and so here it is:

Note the 15 certificate from the BBFC. This rather high rating is probably related to the explicit display of Holmes' intravenous use of cocaine whenever he's bored.

Took me 4 hours to transcode all 16 DVDs with handbrake, but now they are waiting on the NAS to be watched at my leisure. The game is afoot! 😊

If I have to explain what differential equations are, I always use the zombie apocalypse as an example. People seem to understand that better than the popular Lotka-Volterra equations modeling predator-prey dynamics, despite the fact that the zombie equations of Munz et al. are much more complicated. Well, to be eaten alive by an undead is just much more scary than being eaten by, say, a lion.

Both the Lotka-Volterra and the Munz models constitute a system of nonlinear coupled differential equations for which no analytical solutions exist. We thus have to solve these equations numerically, which is possible, for example, by pylab.

The basic code to solve the Munz model is simple and short:

The situation in Peaceville is discouraging. People are doomed:

Do we stand any chance at all against zombies? But of course we do! With the right spirit we fight them back and eliminate them from the face of the earth: 😉

What makes the difference is the resistance the people in Peaceville and Berserkhill offer:

What do we learn from that? Even apparently lost fights can be won by determination.

I bought my first electronic calculator when I enrolled in physics at the university (they were usually not permitted at school at that time). In the late 70s and early 80s, there were only two serious contenders in the calculator market, Hewlett Packard (HP) and Texas Instruments (TI). HP had RPN (reverse Polish notation), TI not. I found the concept fascinating, exhausted all financial resources over which I commanded, and acquired an HP-15c. Since then I'm an all-out RPN advocate. Hell, I can't even use the infix notation anymore.

The 15c served me well for many years, but got replaced by a HP-32s when I was working on my PhD. Only a year after, and on another continent, my employer presented me with a HP-42s. Since then (and that's 20 years ago), I use these two calculators day in, day out.

Here's my 42s in action. To show that it deals with complex numbers in a straightforward way, I let it calculate the logarithm of -5 and the inverse sine of 1.5:

The results are correctly rounded:

Every Unix system comes with an RPN calculator, and an extremely powerful one: dc (part of bc under Linux).

Here's dc in action, calculating this expression

$\frac{(1+2)(3+4)}{(5+6)(7+8)}{\small 9}-\small{ 10}$

to 20 digits. Below is the same calculation with bc. Ignoring the spaces (which are not needed on a calculator), the former requires 19 keystrokes, the latter 30.

On a computer, I use the number block on the right of the keyboard to perform such small calculatons. Depending on the distribution, the ',' key may return a comma for a German keyboard layout, but I need a decimal point there as neither bc nor dc recognize numbers such as 15,99.

The command

xmodmap -e "keycode 91 = period period"

changes the assignment for this particular key. For a permanent change, issue afterwards

xmodmap -pke | grep 91 > ~/.Xmodmap

The root partition of my desktop and my notebook are formatted with btrfs, the B-tree file system (or 'Butterfuss' for ease of pronunciation). I've chosen btrfs mainly for one of its many outstanding features (compared to ext4), namely, the possibility to take snapshots of a partition (more precisely, a subvolume), and to return to them if, for example, an update proves to be troublesome.

These snapshots can be managed either directly by the btrfs tools, or by snapper, a tool developed by openSUSE. Snapper is automatically installed when choosing btrfs as filesystem during the installation of openSUSE, and that's where I've encountered it first. I've found that it greatly simplifies snapshot management, and I much recommend it also for users of other distributions.

openSUSE

If you happen to have an existing openSUSE installation > 12.1, and if you use btrfs as default file system, snapper may be already alive:

snapper list-configs
snapper list

If the lists are populated, snapper is active and you've got nothing to do. Excellent!

Otherwise, issue

snapper create-config /

Snapper should now automatically take hourly snapshots of your root partition. It will also automagically take snapshots just before and after an update performed by either zypper or yast, so in case anything goes wrong, you could resort to the latest sane state of your system.

Archlinux

Snapper is also available for other Linux distributions, and in particular, for Archlinux. The instructions available are outdated and do not work, but the following steps should.

First of all, install snapper:

yaourt -S snapper-git

Next, create a subvolume (not a directory!) containing the snapshots with the mandatory (!) name .snapshots:

btrfs subvolume create /.snapshots

Then, configure snapper:

cp /etc/snapper/config-templates/default /etc/snapper/configs/root

vim /etc/conf.d/snapper
SNAPPER_CONFIGS="root"

vim /etc/cron.hourly/snapper
:%s/sysconfig/conf.d/g

Test the configuration by:

snapper list-configs

Do you see your config?

Try to create a snapshot:

snapper create -d "First manual snapshot." -c timeline

Look at your first snapshot:

snapper list

Now let snapper take care of the following snapshots. 😊

Q: Isn't it great that an increasing fraction of young people use Linux on their desktops or notebooks?
A: No.

First of all, they don't use Linux: they use Ubuntu. Exclusively. Not Ku-, not Lu-, not Xubuntu. Uhhhhbuntu.

And why? Well, according to my research, because it's different and has a certain coolness factor. It's poor man's Apple, and even the cage looks golden at the first glance.

So, second, they use it for all the wrong reasons.

Consequently, and thus third, they have no clue of what they are doing, and if an issue cannot be solved by clicking, they are lost. That's neither cool nor great.

A most amusing example of this particular species of users is Bastian, a 26 years old electrical engineer, member of the Pirate party, owner and avid user of Facebook, Twitter and Google+ accounts and a high-end Sony Vaio with Ubuntu 12.10 (which, I have to admit, was installed by my own stupid self).

Bastian wanted to install an 'app' (he calls all programs 'apps') which he couldn't find in the software store of Ubuntu. He wasn't able to tell me which 'app', but anyway, he claims to have installed something with the help of the internet. He didn't like what he installed, however, and attempted to uninstall it. Since this attempt, Firefox tends to pause sometimes for several seconds or even freezes indefinitely. Bastian's way to "deal" with this problem is to press the power button. *sigh*

There are several better ways. As a matter of fact, there are only better ways (and I'm not even talking about actually solving such issues, oh no):

• Clients of the X server which have locked up are most satisfactorily eliminated with the key combination ctrl-alt-esc, also known as Xkill.Try, it's addictive. 😄
• One can also switch to another console with ctrl-alt-F1 (F2, F3...) and kill the misbehaving program from there. Oh, I forgot: to kill the program, use 'htop' to find your program. Press F9. Try SIGTERM first, then SIGKILL. Or, if you don't have htop, type 'pidof misbehavinprog', and then 'kill -9 pid'. Or 'killall misbehavinprog', that'll also work.
• And if you can't change to another console, and even your system doesn't seem to respond, there's still the magic sysrequest. Check if it's enabled: 'sysctl -n kernel.sysrq'. If not, issue 'sysctl kernel.sysrq=1'. Don't forget to make this change permanent by editing /etc/sysctl.conf (other distributions may put this switch in /etc/sysctl.d/99-sysctl.conf). The next time your Ubuntu locks up, hold down alt-print and enter reisub. Yes: REISUB. Raising elephants is so utterly boring. Type it slowly so the system has time to do the job you're asking it to do.

Bastian told me he can't possibly remember that, and asked if there isn't an app for it.

I decided to warmly congratulate him on this idea. 😄

In the analog age, putting letters in an envelope was a common practice from which we deviated only when sending our greetings from the beach. Things changed in the digital age, in which letters are exclusively send as postcards. The few nutcases insisting on sending their letters in an envelope (i.e, encrypted) are viewed with suspicion and considered to belong to the same category as the microwave paranoids with aluminum hats.

What's the reason for this drastic change in perception? Well, for one, digital communication is frequently believed to be inherently secure since the message send from one device suddenly materializes on another one as if by magic. Obviously, nobody would be able to spy on this instantaneous transmission of information, not even Einstein, Podolsky, and Rosen!

Apart from this gross misconception, there's another reason for the fact that e-mails are not encrypted more frequently: the support of e-mail encryption standards such as S/Mime and PGP in modern operating systems is essentially nonexistent, or fragile at its best.

'Support' does not mean that one can download gpg and enigmail and thus realize within minutes a functional solution for sending and receiving cryptographically secure messages—if you know what you're doing. No, 'support' means a tight integration of encryption into the e-mail client, or even better into the operating system: a pgp key is useful not only for e-mails, but may also be used in all applications profiting from unique signatures and secure encryption (such as, for example, instant messaging).

Lacking such an integration, we instead have to rely on client-based solutions which are configured manually. Even with the best of intentions and a solid background in the working of these solutions, errors will occur and conflicts are inevitable. For example, I've experienced an insurmountable problem when trying to exchange S/Mime-encrypted e-mails between KMail on my side and Outlook on the other side. In this particular case, encryption was not only encouraged but indeed obligatory. However, not even the mighty "Fraunhofer-Institut für Sichere Informationstechnologie" was able to resolve this conflict, and I and my contact at Fraunhofer thus resorted to PGP-encrypted mails, which worked well, but were actually not permitted officially. As if we would give a flying fuck. 😄

A more recent example involves an up-to-date Thunderbird/Enigmail setup on Windows 7. From one day to another, my friend was unable to decrypt the mails I've sent to her. Now, I'm pretty sure that there's a mistake (perhaps even a trivial one) on her side, but to find and correct this mistake, I'd probably have to remote-administer her PC. And there you see how absurd the situation is, and why encryption of mails has never gained any popularity.

Isn't there any easier, more reliable way? There may be one just being developed, also taking care of the fact that many people now forgo of the traditional mail client and use webmail exclusively.

I'm talking about Mailvelope, a years old project for Chrome (and soon Firefox) destined to allow users of webmail services to encrypt their mails easily. In contrast to many of its predecessors, its technical background seems to be solid, in that it is based entirely on well-reputed open-source projects such as the Javascript library openpgp.js. But what about its handling in practice?

I've simulated a situation in which Bob, having a GMail account, wants to write to Alice, who is registered at Outlook, and of course vice versa. Physically, Bob was situated at my (low-end) notebook, while Alice was sitting at my (high-end) desktop. Both Bob and Alice followed all steps of the excellent documentation of Mailvelope, and there's little I can add.

Alice had no problem in generating a 4096 bit RSA key, but Bob invariably encountered an unhelpful error message when trying to generate such a huge key. Downgrading to a 2048 bit RSA key worked for Bob, but he's still puzzled and a little unsettled as to why he encountered this difficulty. After that, the key exchange worked best when the keys were simply copied to the clipboard and pasted into the Mailvelope editor, which is offered in the editor windows of both GMail and Outlook. Following the mutual key exchange and import, Bob and Alice could encrypt and decrypt with great ease.

I'm quite pleased with what I've seen so far. Don't get me wrong: I still much prefer a local, client-based solution. But if that is what it takes to get encryption to the masses, well, I'm all for it.

I've mentioned Acrylamid in my last entry. Today, I thought to have a closer look.

But there are so many things I've never heard of. I know of pip and gem. But what are jinja2 and mako? What are sass and compass? What is virtualenv? I know markdown, but what is textile or sphinx?

It's like meeting Pandora Junior, and opening her box unsuspectingly.

Here are the commands you need to temporarily setup the blog of Mark van Lent including all dependencies. What's definitely required is an installation of python and ruby, including their package managers pip and gem.

$ su -
# pip install virtualenvwrapper
# pip install virtualenvwrapper.gem
# exit
$ mkdir envs
$ cd envs
$ source /usr/bin/virtualenvwrapper.sh
$ mkvirtualenv www.vlent.nl
$ git clone <https://github.com/markvl/www.vlent.nl.git>
$ cd www.vlent.nl
$ pip install -r requirements.txt
$ gem install sass --version="3.2.1"
$ gem install compass --version="0.13.alpha.0"
$ vim conf.py           %change your name etc.
$ compass compile
$ acrylamid compile
$ acrylamid view

It's significantly easier without the virtual environment, which, however, enables you to work on setups with very different requirements.

Here're the two latest articles with the layout of Mark:

That's, by the way, an excellent example of the minimalistic style which is currently en vogue. It has advantages: as you see, it looks clean and clear. An even better example is the blog of the acrylamid author himself. He's an Apple user, so the design is dramatically minimalistic and is dramatically lacking the most useful functions.

For example, while I'm not insisting on a tag cloud, it is very useful to have lists sorting entries according to time or tags. And where's a search? Without a search, a blog is just a pile of junk: you never know what's hidden underneath, but you ain't got the time searching anyway.

Nanoblogger, the software behind this blog, is "a small weblog engine written in Bash for the command line". I really like it: it's easy to use and understand, and its only disadantage is its speed or the complete lack thereof (adding an entry takes about two minutes).

Unfortunately, n1xt3r, the developer of nanoblogger, has recently announced that development is suspended indefinitely. 😞

I don't like using dead software. So I got to find a new static blog engine soon. Haui, being particularly far-sighted or perhaps even clairvoyant, already transferred all of his nanoblogger entries to Tinkerer, a Python-based static blog compiler.

I tend towards Acrylamid instead, but I hope to get haui's help for the transfer of my blog entries in any case. Well, let's see, I haven't decided yet.

The near silence of my new system was lost in the noise produced by the fans of my wife's gaming rig. We both found that increasingly irritating and spontaneously decided to acquire a new setup:

Very similar to mine in many respects, though not a single part is identical (since Alternate made a mistake and delivered the system in the black Nanoxia case, instead of the anthracite one we had ordered, they actually look like twins). It's more tweaked towards games, of course, but even under full load it's just as silent as mine. Chapeaux, Asus!

We've briefly considered to order this system with Windows 8, but after some tests in a virtual machine my wife's verdict was clear: Windows 7 will do just fine. Perhaps next time, Microsoft! 😉 We've used Ninite to speed up the initial installation process. Still, compared to the installation of a modern Linux distribution, the setup of Windows feels hopelessly antiquated.

Both systems are running right now, but the most prominent sound is the sweet snoring of our cat. 😊