Firewire Attacks Against Mac OS Lion FileVault 2 Encryption » frameloss. Apple must have made a huge mistake here. Because via Firewire DMA, one can access the password for full-disk encryption stored in main memory. Even if you have disabled auto-login and there is actually no reason to have the password in memory. Ouch.
Linkblog - 10.8.2011 - 28.9.2011
Face off: Facebook claims personal data is "intellectual property" | G! - gutjahr's blog. And the fun continues - now Facebook claims they can't meet the legally required deadline of 40 days and anyway, the data is Facebook's intellectual property. Quite amusing - but interesting is the hint that the data protection authority in Ireland is actively working on it, so it could indeed give Facebook a slap in the face. I think the whole thing about the alleged workload for Facebook is just an excuse - if you do it right, it's just a tool that collects and prepares a user's data from all the pots.
psycopg2-ctypes - GitHub. If you're playing around with PyPy and need a database driver, this could help - it's the classic psycopg2, but in a version that is based on ctypes and can therefore be efficiently integrated into PyPy.
django-tastypie - GitHub. This sounds very interesting as an alternative to django-piston - for example, it automatically provides all CRUD features via different APIs without any programming. This is particularly interesting for projects that are more focused on web apps (and where larger parts of the code run locally in the client in JavaScript).
coleifer/flask-peewee - GitHub. Interesting small project that works with Flask and Peewee and makes a somewhat more complete stack for Python web programming out of it. Also provides an admin interface, like Django - for this wtforms is used. Flask itself uses Jinja2 and Werkzeug underneath - this brings in good debugging tools and powerful templating, for example. By the way, PyCharm in the upcoming version 2 will also support Jinja2 at the same level as Django Templates (template debugging with breakpoints and stepping in the template!).
Diebold voting machines can be hacked by remote control - 2012 Elections - Salon.com. Hmm - where would these devices be used? Are there already any deployments of these machines in Europe?
Poor Mans IDE Plugin PMIP - Google Project Hosting. If you've been inspired by a post about PyCharm as a Python IDE and now want to expand the IDE as well - with this plugin you can build relatively simple scripts with Ruby and don't always have to pull out the full IntelliJ SDK.
Python for Facebook - Welcome. Since Facebook discontinued support for the Python SDK last summer and also emptied the entire bug tracker, Python developers for Facebook apps have gathered elsewhere - this is one of those places. However, there are probably still one or two other places on the net where people collect patches and fixes.
StartSSL and Nginx. StartSSL is a very good way to obtain SSL certificates for a web server that are actually accepted by browsers. However, these are issued by intermediate certificates that are often missing in browsers - for this, you have to deliver these with the server. With Nginx, this is a bit more complicated because there is no separate setting for it - you have to copy the certificates together for it to work. This is all explained in the linked blog post.
Launchpad-Control | chaosspace.de. Poorly blogged, because the Launchpad's auto-layout sometimes annoys me and a bit more control would be good. With this, you can at least influence the Launchpad a bit, filter out icons, etc.
facebook/python-sdk - GitHub. Also important, the official Python SDK for Facebook Open Graph applications. With this, you can access all the things directly from Python - so also completely without Django (if you want that).
Django Facebook 2.0 – Integrating Facebook. Since it's interesting at the moment (yes, yes, I know, everything is G+, but one should act counter-cyclically), here's a link to a Django library with which you can build Open Graph apps for Facebook. Could be interesting again, especially with the new Facebook Timeline. And G+? Well, as long as they only provide meager cut-rate APIs, it's simply uninteresting for tinkerers.
Photosmith - the iPad mobile companion for Adobe Lightroom | Latest news, challenges, and progress from the developers.. I should check this out, as it allows you to sync images from the iPad to Lightroom and with the upcoming new plugin, even set up a bidirectional sync via a Publish Service in Lightroom, so that you can keep your image collections up to date on both devices. Very interesting for on the go (Camera Connection Kit) and for presentations to the family, where you can e.g. immediately indicate with tags or color markings what prints the family wants. Although it remains to be seen what will become of Adobe Carousel - it is said to offer similar features.
Adobe Lightroom - Customising Camera Defaults. Because I always forget how to do this - you don't often get a new camera and therefore this is done only rarely and then it disappears from memory again. So blogged, so I can find it again later.
storm auf GitHub. Twitter has published its distributed event system as open source. Sounds very interesting - basically a load-distributed and fault-tolerant RPC dispatcher with a guarantee of execution for each event. Generally interesting where you need to process high events/sec - Storm offers easy scaling as needed by simply adding new nodes. And it's also quite independent of the programming languages used (Ruby and Python are already on board as additional languages besides JVM languages).
Nikon Announces J1 and V1 Mirrorless Cameras and New Lens System. Nikon is steadily building the second smallest interchangeable lens camera system. I mean, is it really something to strive for to be the eternal second? Nikon claims to be the smallest, but the Pentax Q is actually a bit smaller. Oh, and Nikon only achieves this small size by using chips below m4/3 - with a 2.7x crop factor, Nikon no longer has to worry about the usually terrible bokeh of Nikon - you can't see much of it anyway there (okay, it's a bit better than the 5.7x "crop factor" of the Pentax Q system - but it's only the second smallest). If this is Nikon's big move, the big answer to the EVIL market, well.
PLEAC-Objective CAML. If you know the Perl Cookbook, you might be interested in this - it's simply the problem statements from the Perl Cookbook in Objective Caml. Generally, the PLEAC project provides the same for various programming languages, but OCaml is the only language besides Perl and Groovy with 100% coverage.
Sony NEX-7 First Impressions. Very interesting article. The NEX-7 really sounds like the camera I've been waiting for - the NEX-3 has meanwhile become something like my favorite, simply because it is so wonderfully uncomplicated and usually works very reliably. The few quirks it has (for example, the anti-reflective coating on the display, which is slowly rubbed off by the fingers) I can easily ignore. And also interesting are the image examples of the Zeiss 24/1.8 - this lens atomizes the Leica 24/1.4. And it is significantly better in price than the Leica - and fully integrated into the AF of the NEX. Now I just have to convince the finance ministry at home ...
Offline Web Applications - Dive Into HTML5. It was somehow better described in the first glance than in other sources I have read so far. Therefore, I have blogged it.
Ricoh GR Digital IV Preview: 1. Introduction: Digital Photography Review. Suddenly, my nice little old GRD II looks outdated. Wow. The image stabilization is particularly interesting - sure, at 28mm you don't need it, but in low-light situations it would sometimes be really nice. And the even higher resolution screen is not to be sneezed at. Built-in HDR and the fact that the tilt sensor not only detects horizontal rotation but also front/back tilt (tilt) comes into play as well. What the hybrid AF actually brings remains to be seen - I never really had problems with it. The GRD III was, in my opinion, only a marginal update, but the GRD IV sounds really good.
albertz/Pyjector - GitHub. Interesting for Python hackers who don't mind destabilizing their system a bit, but in return get a Python shell in every Cocoa program. Can be well used to hack around in the browser, for example. The author shows one use case with his Chrome extension that allows creating web apps under OSX. This feature is not currently available in the released OSX version of Chrome.
Criticism of Emergency Service Organization: Emergency Service Sent Eye Patient 37 Kilometers to the Countryside - great logic, when the Association of Statutory Health Insurance Physicians messes up and ruins the emergency service and absurd situations arise, then the blame lies with the patient. And to really show how little the rights of the patients matter, there are also agreements to secure the extremely poor status quo. If there is no legal obligation for the ophthalmological emergency service - why can there then be agreements between the clinic and the doctors, in which exactly this poorly organized emergency service is imposed on the patients?
Euro-Crisis: China Offers Help and Wants Concessions. Of course. Money is scarce, so let's ignore human rights and political systems or exploitation of the population and quickly recognize the whole thing as a market economy, after all it's about our prosperity! For that, one must make sacrifices in China!
Adobe announces Carousel - cloud-based image service: Digital Photography Review. Doesn't sound uninteresting at all. The engine used should be the one from Lightroom, with everything fully automatically synchronized between devices and editing possible on all devices. It will be interesting to see if it offers integration with Lightroom - that's my main image editor - and whether it also supports automatic offloading or external drives (for all the many gigabytes of images I have).
2 Click Social Media Buttons « WordPress Plugins. Similar to the previous plugin, but this one is now based on the code from Heise. And it has a nice explanatory component with a link to the Heise article. I've integrated it, so you can like me, +1 me, and tweet!
Social Opt In « WordPress Plugins. Maybe interesting - Heise prepares its own code, but this seems like an alternative. Or you take this as a basis and then mix in the Heise code when it's ready (it looks really useful in use and certainly has the advantage that Facebook is much more likely to accept something from Heise).
SCO ultimately loses against Novell. Should this nonsense finally be over soon? It's not as if there aren't more absurd proceedings on the horizon (I just recall Lodsys), so it won't be boring. And the entertainment value of the longest-dying IT company has left much to be desired for quite some time ...
Panasonic launches Lumix G X Vario PZ 14-42mm F3.5-5.6 OIS pancake: Digital Photography Review. Due to the development of Sony, I am tempted to sell my Panasonic device and focus entirely on the larger chip (and possibly add a NEX 7), but this pancake zoom from Panasonic is really appealing for a compact setup. Even on the GH1, it would then be an impressively compact but flexible package.
Sony-August-2011-New-Products. Oy, take a look at the part about the NEX7. Two configurable dials, 2.3MP ELV and 24 MP APS chip. And only slightly larger than the NEX5. That thing really excites me.
PyPy Status Blog: We need Software Transactional Memory. Interesting article on why we want STM, even if it may not be obvious - namely to make the more complex primitives of higher-level languages like Python transactional. And if we have STM as an implementation detail, we can also easily make it available to the programmer.
Setup services on your Pod - GitHub. Saved for later, I've already set up the link to Twitter on my own pod. I'll probably set up Tumblr soon too, since I still use it quite often. Diaspora is still quite buggy (it's really Alpha), but already quite complete in terms of features. And it's fun to play around with. However, people on Diaspora pods should also post more there, otherwise the social aspect has its problems - I only knew after self-experiments on two pods and several days of waiting that posts actually arrive at me - not because of technical problems, but simply because no one wrote anything ...
Why I'm not on Google Plus - Charlies Diary. Charles Stross on things programmers often get wrong when thinking about names. Specifically about Google+
Luban: a generic “language” for creating user interface — luban v0.2 documentation. Check it out - it could help with my eternal search for a compact user interface to use. Specifically, web as UI is becoming increasingly interesting with all the things that have emerged in this area in recent years.
Sony NEX-7 full specs and images | Photo Rumors. Looks very interesting, even though I wouldn't really need the 24 megapixels. But the built-in electronic viewfinder would be nice. Besides, it looks quite nice and doesn't seem to be quite as absurdly small, so you can throw it in your backpack, but also hold it well. Of course, you have to see it in real life first - Sony is very big on leaking and then announcing but then never delivering (see the various optics that were on the roadmap and still don't exist). And the price of $1000 mentioned in rumors is not exactly thrilling. Let's see.
PyPy Status Blog: PyPy 1.6 - kickass panda. Getting better and better - ctypes are now properly fixed (this is one of the FFI options in Python) and there is beta support for C extensions from the cpython environment (which is only a stopgap, direct PyPy extensions will actually always be more efficient, but at least some of the extensions are available as long as they do not offer their own PyPy version). Oh, and there is a first approach for a numpy module that is directly integrated with the JIT of PyPy - not yet complete, but a start has been made.
Breaking: HP Makes Big Shift on WebOS, Exiting Hardware Business - Ina Fried - Mobile - AllThingsD. That's it for WebOS - the future sounds different.
The Python Standard Library By Example - Doug Hellmann. For all those who prefer a printed version of the internet: this is a book with all the PyMOTW (Python Module of the Week) articles in it, polished and beautified and nicely compiled. Certainly very practical, because sometimes you have a book quicker at hand than a computer - and computers are forbidden in bed anyway. (Warning: regarding bed, this is a 1344-page whopper!).
Python and fileinput - All this. I know the module, honestly. But somehow it has slipped my mind again. It's really a handy thing when you write command-line tools, simply because it takes care of the Unix-typical handling of input for you.
GNAT GPL for LEGO MINDSTORMS NXT – Ravenscar Edition. And for friends of robots made from Lego and bondage-and-discipline programming languages, there is now Ada for Lego Mindstorms NXT. After all, there are not many Ada links to report.
Cross-domain communications with JSONP, Part 1: Combine JSONP and jQuery to quickly build powerful mashups. Since I needed it for a colleague and therefore searched for it, I'll just bookmark it. JSONP is basically just a convention for JSON services that respond to a callback parameter by passing the generated JSON as a parameter to a function call and using the content of the callback parameter as the function name. This makes the data accessible from domains other than the one from which the actual script comes - normal AJAX does not allow this.
ipdb makes the Python debugger a bit prettier and more user-friendly by integrating the tools from ipython. If you're already using ipython, it might be a good idea to install ipdb as well. Alternatively, you can use pdbpp, which provides similar features without ipython (e.g., you could combine this with bpython).
Official Google Blog: Supercharging Android: Google to Acquire Motorola Mobility. Well, yes. Google is buying Motorola (ok, the part of them that is interesting for phones). Wow. Just spent 12.5 billion. Seen via Twitter by Don Dahlmann. I believe the next Nexus will then probably come from Motorola ...
Schneier on Security: New, Undeletable, Web Cookie. On to the next round: ETags are evil! Since they can be arbitrarily assigned by the server, you can simply insert a visitor's UUID there, and on the next visit, the browser sends the content for checking for file changes (provided it supports conditional-GET, but that's true for all browsers today). The user has no control over the use of ETags - and it actually doesn't make sense to give the user this control - so it's very difficult to defend against this method.
rad2py - Rapid Aplication Development platform for python. Wow, why didn't I know about this before? It looks interesting, although the description is a bit heavy. And it's still in a very early stage (first full prototype planned for November 2011).
RMoD: Fuel. And another Smalltalk link - here a persistence library completely in Smalltalk without special support of the VM, but still good performance and good mapping capability for all kinds of objects.
SandstoneDb, Simple ActiveRecord Style Persistence in Squeak. A very simple single-file database for Pharo, which is interesting, for example, if you want to build small desktop applications in Pharo. So the classic GUI tools that you make for personal use, for example. And yes, today is Smalltalk Day at rfc1437.
Coral — Pharo Smalltalk for scripting. Oh, that's nice, that's one of the problems I always have with Smalltalk: I can work in the IDE and in the image and then export a headless application for the server, but as soon as I need a quick script outside the image, I have to switch languages. Coral provides the answer to this problem: a small wrapper, a minimal syntax extension and a minimal image to be able to write normal scripts with Pharo Smalltalk.
ToDE - tODE - the Object centric Development Environment. A bit stagnant in development, but still interesting: an IDE that builds on Pharo Smalltalk. The special feature: it runs in the browser, but offers all the usual Smalltalk development tools there. In principle, you could therefore install a hosted Smalltalk image as a development environment for the iPad and play with it on the go (Pharo and Squeak fit well into the browser interface because they usually don't come as native Windows, but as Windows-in-Windows - and here simply Windows-in-browser).
CouchDB: The Definitive Guide. Oh, the CouchDB book by O'Reilly is also available as an online book and even in German. Certainly interesting for one or the other who doesn't feel like wading through English books. The translation is not (yet?) complete, so you will still come across English chapters. But it's a start.
Installable Web Apps - Google Code. There you can find some background information on how to convert web applications into installable web applications or hosted apps. This allows you to use Chrome as a runtime for applications that behave very similarly to regular applications - Amazon's online Kindle is a great example. Programming is done in JavaScript, which is much less intimidating than it was a few years ago. As Packaged Apps, you can also do everything that Chrome Extensions can do (and can go beyond the scope of regular web applications).