Content-type: matter-transport/sentient-life-form

Guardian Unlimited Special reports How planespotters turned into the scourge of the CIA

Guardian Unlimited Special reports How planespotters turned into the scourge of the CIA - Article in the Guardian about how the CIA was "caught" by plane spotters (and possibly continues to be caught).

Super-DRM Architecture of the Future

And the DRM nonsense continues

EFF member Cory Doctorow warns that the widespread use of CPCM would mean the end of free software. The requirement to make the system robust against any modification is incompatible with FOSS concepts. Furthermore, national copyright policy could be easily circumvented by CPCM, as US cultural exporters dictate the political rules. The EFF wants to prevent the standard at all costs. "This is," according to Doctorow's opinion, "no specification that can be used for good purposes, period."

If you read through the description of the whole thing, someone is ultimately demanding total control over any form of computer or media device - ultimately over any device that could even come close to media content. Complete madness, the whole thing. The frightening thing about it: with the brainless prolethicians like we have running around in Berlin and in Europe in general, it is almost to be feared that such nonsense will prevail and the freedoms will simply be traded for dying industries with bloated and outdated business models to cover up their management errors.

And will anyone get upset about it? Oh well. You can still drive faster than 130 on the highway, we are free ...

And we all make the same mistakes again

There is currently a lot of activity in the area of Microformats - the idea behind it: to store information blocks not in XML, but in predefined HTML. CSS classes are then used to define what a single format is. Logically, there are problems with colliding styles - what a surprise. I myself am always amazed at how much energy developers can spend on stupid ideas.

We once had HTML that not only dealt with semantics but also with layout. And that produced the all-time favorite FONT-TAG orgies on HTML pages. Over time, most people have come to the realization that separating semantics and layout makes sense - semantics as a basis for marking up content, layout in the CSS files, and as a connection between these, the IDs and classes on tags. Additionally, with DIV and SPAN "anonymous" tags without predefined semantics (except "this is a block of text" and "this is an inline stretch of text" - where this meaning can be easily overloaded), for things that don't work with the normal semantic markup (which is mainly due to the rather stupid idea of HTML that there are markings for headings, but no markings for sections of text to which these headings would belong).

What do Microformats do now? Well, the same stupid idea of misusing something - namely in this case the connecting pieces between semantics and layout mentioned above. Microformats give these a meaning - for example, a DIV with a class 'description' would then be the description of a review - read the details in the hReview reference. Sorry, but this must inevitably lead to conflicts - have the idiots never heard of namespaces? The Microformats explicitly address XHTML - and that has exactly the purpose of embedding namespaces. And if you think you have to implement such a stupid idea - couldn't you at least be smart enough to give the parts more cryptic but unambiguous classes?

As I said, it's amazing how much energy goes into such stupid ideas that are doomed to create more problems than solutions.

Deadlock

Deadlock - interesting article about deadlocks in systems and about zombie processes, signal handling, etc.

Questions You Should Ask Yourself

Would actually hacking the security system for securing the one-way deposit be a terrorist act?

Delusional Music Publishers

Concerted action against freely accessible sheet music and song lyrics

MPA President Lauren Keiser expressed extreme annoyance to the BBC about the allegedly illegal sites with guitar licks and sheet music templates and would prefer to see their operators behind bars. Basically, music is subject to copyright not only as a concrete performance, but also in any printed notation.

Soon you'll end up in jail if you accidentally fart to the beat of "All My Ducks" ...

Fighting Language

UCI's response to the Grand Tours' ranking idea of the three major tours:

"As the only actor in this reform who does not want to defend or promote its own economic interests, the UCI will never share such a superfluous and dangerous vision that harms the development of cycling," said an official statement. The introduction or amendment of the regulations is solely the responsibility of the international federation.

You can already see how the UCI troops are forming to infiltrate the offices of the three major tour organizations and arrest the ringleaders. After that, there will be a penal camp for recalcitrant tour organizers who do not want to submit to the UCI. Maybe they will also get support from 'Mad Eye' Serlet?

Climate Summit: USA Threaten Veto

The US of A, Land of the Free and the Stupid, is once again playing the top bully:

Even experienced summit participants from Western Europe are shocked behind the scenes by the boorish behavior of the American chief negotiators, who act here like John Bolton at the UN, and "hide their academic education well."

I am shocked at most by the naivety of politicians who are so surprised by America's behavior - as if the current reports do not speak a very clear language that the current US administration does not give a damn about the wishes of others and that international law does not have a particularly important status for them. Why should they behave differently at the climate summit?

Even more shocking, however, is how Merkel is constantly talking about how relations with the USA need to be improved - I would be happy about that, but please only with a next, possibly rational administration that is accessible to arguments. The current one is not coalition-capable, to use a term that is often used here for something as harmless as the PDS ... (fear of pale-red marked Ossies, but want to be with something like Bush - I call that shocking)

setting user passwords in admin

A rather ugly - but still useful - monkeypatch:

# monkey-patch for auth.users
from django.models.auth import User

def user_pre_save(self):
 if not self.password.startswith('sha1$'):
 self.set_password(self.password)

User._pre_save = user_pre_save

Put this into your model file (or somewhere else that is loaded early on) and you will be able to set passwords in the admin by entering clear text passwords. If the password starts with 'sha1$', it is seen as already encrypted and nothing happens. If it doesn't start with that string, it is converted using the standard Django function for password encryption.

No, this isn't something that should go into core - it's far too ugly for that. But at least it allows you to set passwords through the admin, without requiring the user to calculate the actual password hash.

Sony falls again

Sony caught in another DRM snafu

Stop me if you've heard this one before. A record label uses DRM to sort of keep its customers from copying the music. It turns out that the software poses a threat to the user's PC. So the label issues a patch... which opens up another security hole. If you guessed that the label in question is Sony, you'd be correct. If you guessed that I'm recapping last month's rootkit debacle, you'd be wrong.

Oh well. Rarely so stupid at Sony. Will they ever learn?

Oh, and the fact that I probably won't get an Aibo offered now is, to be honest, pretty irrelevant to me.

SystemExit and exception handlers

Frequently used: SystemExit. A Python exception that many people don't know. The special thing about this exception: it is not an error. It also does not occur unexpectedly. It is simply triggered by sys.exit. The idea behind this is that you can insert an end processing in the dynamic flow (e.g. some file cleanups), without linking into global exit processing (with all the problems that entails).

The problem is that many programs and libraries install a global exception handler. One that catches every error and sends it nicely formatted by mail, logs it somewhere or something similar. I do this all the time. It also works great - except when you actually want to initiate an early end in your program. Then nothing works anymore - because you get corresponding errors for a non-error.

This becomes particularly critical in connection with multiple processes. If you start a process during operation, you also want to terminate it without executing any subsequent code. You can best see this in an example program:

import signal
import os

try:
 pid = os.fork()
 if pid:
 print "Elternprozess", os.getpid()
 else:
 print "Kindprozess", os.getpid()
 sys.exit(0)
except:
 print 'Fehler aufgetreten in Prozess', os.getpid()

print "Das darf nur der Elternprozess ausführen", os.getpid()

This code simply has a global error handler that catches errors in a rather unspecific way. Within the code, a parallel process is started with fork. However, since SystemExit is treated like all other exceptions, the child process is not terminated correctly - a process copies the entire state of the parent process, including return addresses, open error handling, files, database connections and so on.

This is of course fatal - because here sys.exit is caught. So there is an error message for the quite normal sys.exit(0) call. And even worse: since SystemExit is not treated separately, it continues normally afterwards - and the child process runs into code for the parent process. Code runs double, which can have critical results under certain circumstances.

If you can fully control the entire software stack, the solution is simple:

import signal
import os

try:
 pid = os.fork()
 if pid:
 print "Elternprozess", os.getpid()
 else:
 print "Kindprozess", os.getpid()
 sys.exit(0)
except SystemExit:
 raise
except:
 print 'Fehler aufgetreten in Prozess', os.getpid()

print "Das darf nur der Elternprozess ausführen", os.getpid()

This simply re-raises the SystemExit - i.e. triggers it again - without making a message. In most cases, Python's standard handling will then kick in and convert the SystemExit into a normal termination.

But what to do if you have several stacked variants of the wrong error handling? I had something like this with Django and FLUP (the FCGI/SCGI server for Python). In Django I changed it, then the error hit in FLUP. What do you do then?

The solution is a bit more brutal:

import signal
import os

try:
 pid = os.fork()
 if pid:
 print "Elternprozess", os.getpid()
 else:
 print "Kindprozess", os.getpid()
 os.kill(os.getpid(), signal.SIGTERM)
except:
 print 'Fehler aufgetreten in Prozess', os.getpid()

print "Das darf nur der Elternprozess ausführen", os.getpid()

Ultimately, the process simply commits suicide - it sends itself a SIGTERM, i.e. a termination signal. The same one you would normally send from the shell. However, you must then ensure that any necessary post-cleanups are either already done, or then run in a SIGKILL handling routine - otherwise you may have problems (e.g. database transactions should already be committed).

With this solution, you also have to be careful that no open resources block the process - otherwise you may produce zombie processes. Often it is better for such multiprocessing to start a management process much earlier in the system - outside the error handling chain - and then use it to start processing processes. However, this then has the disadvantage that processes started in this way do not inherit the environment of the parent process. Therefore, you usually have to make more preparations to perform the desired actions. Incidentally, Apache pursues a similar approach - there the processes are created from a very early basic state, so that they come as resource-free as possible.

Vampire

Vampire - An extension of mod_python that makes it more developer-friendly. For example, it can also perform automatic code reloading.

Yellow-Box for Windows

Is she alive? At least there are rumors about it. However, sentences like this one make me a bit irritated:

Leiter des Dharma-Projekts soll Bertrand 'Mad Eye' Serlet sein, Senior Vice President of Software Engineering bei Apple, der auch schon an der Entwicklung von iCal und iSync beteiligt gewesen sein soll.

I mean, come on, what kind of names are these? Mafia? Mercenaries? Lost Wild West figures?

Apple Aperture Review - or: Beware of Version 1.0 | The Voice of the Free World

Apple Aperture Review - or: Beware of Version 1.0 | The Voice of the Free World - found in my comments (originally on the old site) a scathing review of Apple Aperture. The article is in German and very interesting, as it is written from the perspective of a regular user.

Shocking is ...

... to find a website about erectile dysfunction medications, penis enlargement, and all that junk that's offered in spam, which has a seemingly correct German imprint with address, VAT ID, and all that. Ouch. Did the operator read a bit too much spam?

Even more shocking when such a website is then apparently promoted by the owner in blogs by entering it as a homepage in comment functions. Double ouch.

Learning Seaside

Learning Seaside - cool demo of what can be done with Seaside (Smalltalk web framework) and AJAX. Essentially a database interface with a freely configurable database model - something like Google Base, only cooler.

Switching Complete

So, I have just completed the switch: on the old address, only the big redirector is running now, which pushes everything here. In the process, all the old redirects from the time before WordPress have also been eliminated. It's incredible how many still want to collect old RSS feeds from the PyDS era. Never mind, they are finally gone now, the WordPress stuff is largely redirected, and otherwise, pure Python is working here again.

Ajax Sucks Most of the Time (Jakob Nielsen's Alertbox December 2005) - why Jacob Nielsen is right - sometimes.

Commentary

Commentary - Sticky notes for websites, implemented as WSGI middleware. Very interesting, could be particularly interesting for source views or similar, or for longer texts.

France wants to tighten copyright law

France is going completely crazy now:

The background is an EU copyright directive from 2001. However, the French draft law goes far beyond its approach. For example, the use of free software to play multimedia files should be prohibited, as these can also read copy-protected DVDs. Even the dissemination of information about such tools should become punishable in the future.

This is absolutely outrageous. Now France is taking the lead, and certainly others will follow - if this nonsense goes through. And this clearly shows what the whole thing is about. Against the consumer - who is only allowed to use software approved by the respective industry - and especially against open source, which is a thorn in everyone's side anyway.

File-sharing software that does not prevent infringements from the outset is also to be prohibited.

This clearly shows how little technical knowledge the responsible parties have - or who is bribing them.

angry face

Is Sony in Trouble with Apple Now?

Secret function in Sony BMG copy protection

As computer scientist Alex Halderman discovered, the free software «DRMS» is included in «XCP», which can be used to circumvent the «FairPlay» copy protection used by online music market leader Apple. However, «XCP» does not use «DRMS» to crack music: «Instead, the program's code is used to supplement Apple's copy protection.» The routine is currently inactive, however.

It would be nice if Apple were to cause a bit of trouble for them now - after all, Sony BMG was one of the labels that caused Apple trouble over prices. It could be amusing to watch. The slowly mounting lawsuits against Sony could also be interesting. And never forget: BMG stands for Bertelsmann Music Group.

pyinotify

pyinotify - very nice, finally a usable wrapper for the notify function in Linux. With it, Python programs can be informed about changes in the file system - ideal for directory monitoring.

Strange Statements by Condoleezza Rice

USA ban cruelty in interrogations:

After massive European criticism, US Secretary of State Condoleezza Rice announced new guidelines from her government for interrogations of terrorism suspects during her visit to the Ukrainian capital Kiev. From now on, representatives of her country are worldwide prohibited from treating prisoners cruelly, she said. This applies "to US officials, wherever they are, whether in the United States or outside the United States."

Does this imply that it was previously allowed, or am I misunderstanding? Because if it was not allowed before, there would be no reason for the explicit ban - then they would have talked about the incidents being condemned most severely and investigated with the utmost rigor - or whatever politicians say on such occasions when they have to lower their pants due to lack of control. But if she really said what Tagesschau reported here - then there was definitely a tolerance, possibly even an order, to torture.

Discover Music - Pandora

Discover Music - Pandora - automatic music recommender - I should take a closer look at it when it works.

Campaign against free software in France

Campaign against free software in France - the madness from the USA regarding activities against free P2P software is now spreading to Europe. France is certainly just the beginning, more is to be expected ...

Immortal Letter Exchange

Immortal Letter Exchange - and pigs can fly. Somehow.

Blog Move

Well, here it is - I'm finally moving my weblog here to the new software - no more PHP for my main blog. Right now, both systems are running separately, I'm just synchronizing the content to the new blog. In the next few days, however, I will install a redirector here that redirects all important URLs to the new system. Most comments are transferred, only the comments on blogmarks are lost, the new software no longer has a separate page for links where comments could be placed - it doesn't make sense anyway, anyone who wants to discuss the links should use the contact options of the linked page.

Otherwise, the new system is of course completely created with Django - finally everything in Python. That was also the main reason. Moreover, the ever-increasing PageRank, all the many links and the - for my expectations huge - traffic became increasingly unsettling, something had to be done about that. And the simplest solution is still to change the domain.

Oh, by the way, feeds are also redirected, but if you want, you can already subscribe to the new feed at the new address.

If you notice anything about the new system, either write here or over there in the comments (where it then works). I have tested almost everything, but errors still creep in from time to time ...

Aperture at Ars Technica

Ars Technica tests Aperture - and is less impressed by the program than by the size of Apple's manhood:

Jumping headfirst into the fully mature digital imaging market requires the shameless bravado of a one-legged man at a butt-kicking contest or any number of contestants on So You Think You Can Dance?

That's quite a vivid expression.

Based on the description, I'll stick with iView MediaPro - it runs well on old machines and does almost everything Aperture does. And where it doesn't, external programs do. And I still find Aperture's system requirements obscene.

Oh Man, with such judges we don''t need criminals anymore ...

I'm sorry, but the judge at the Hamburg Regional Court apparently interpreted the current legal situation in a very strange way:

The panel explained that it was convinced that the publisher could be held liable for the contents expressed in the forum solely through dissemination, even without knowledge. After all, he could check the texts automatically or manually beforehand. The way the publisher operates the forum so far even potentially incites infringements, emphasized a judge. It was unacceptable that "those whose rights are violated have to chase after you". The publisher's objection that automatic filtering had proven not to work and that manual checking of each contribution was simply not feasible given over 200,000 postings per month was not accepted by the panel.

It's strange that the legislator wrote something completely different into the law - which explicitly only requires knowledge for action. And this absurd belief in technology, that something like this can be automatically filtered out - the judge certainly did not demonstrate technical competence.

Hopefully Heise will defend itself appropriately against this and hopefully fare better than, for example, in the "Link to Brenner Software" story ...

Paj''s Home: Cryptography: JavaScript MD5: sha1.js

Paj's Home: Cryptography: JavaScript MD5: sha1.js - JavaScript implementation of SHA1 - practical if you want to avoid plaintext passwords in web forms. Of course, you should always have a fallback, because not everyone has JavaScript available or activated. The site also has MD5 and MD4 implementations and a few other snippets on the topic.

Off with the barriers

To those involved in the investigations by federal authorities:

As Schäuble explained, currently, for example, the Federal Criminal Police Office can only intervene if there is a "criminal procedural initial suspicion." This condition is to be abolished. Schäuble justified this by saying that the path from the intelligence service's findings via the state police to the BKA is too cumbersome.

And what do you think, will these special rights be used only for combating terrorism? Or are the control functions that still exist in the executive gradually being lost?

It's nice how the Union and the SPD agree on the curtailment of civil rights and the curtailment of control functions ...

Is it finally Otto Orwell's turn?

At least Schily knew about the CIA renditions:

The "Washington Post" reports that the US government informed Schily in May 2004 about the illegal rendition of the German Khaled al Masri. The then US ambassador Daniel Coats personally visited Schily, the newspaper writes, citing several intelligence sources.

It would be nice if one of the SPD's biggest agitators against data protection, civil rights, and common sense were to be politically held accountable, even if he is already out.

Geißler (and others) about his (and their) party

CDU state premiers criticize Union election campaign - Geißler is not one of them, but still part of it:

The former CDU General Secretary Heiner Geißler leveled serious accusations against his party in the same publication. The electorate had rejected the market-radical politics of the CDU just as much as the "ideologically akin Agenda 2010" of the SPD, according to the politician. Geißler called it a "historical irony of party history" that those within the party ranks who had been denouncing the alleged "social democratization of the CDU" for years and had pushed the party leadership into a neoliberal position with this argument, had thereby contributed to the SPD being able to continue governing for another four years.

I admit, I kind of like Geißler, even though he definitely belongs to the wrong political direction. Especially in recent years, he repeatedly manages to point out to his people what they are doing wrong. And since it is the Union, we can be sure that his opinion will continue to be ignored.

Trolls in comments - failed the intelligence test

How cute. I have this little question game against spam on my site. And I personally find the questions to be exceptionally simple. Downright banal, so to speak. Not worth mentioning, really.

Well, now the question arises as to how the brilliant comment with the text "You are so stupid" could come about - and with the text added by my system that the corresponding commentator gave the wrong answer to my little question game.

Devil's grin

Cute, really cute.

Image as a Cultural Problem by Gerhard Henschel

"Bild" as a Cultural Problem by Gerhard Henschel - harsh settlement with the worst sleaze sheet of Germany.

Boßdorf falls again

This time not because of the occasionally stupid cycling race commentary, but because of possible contacts with and activities for the Stasi.

Whether you make him the program director or fire him - please just make sure he is spared from us as a commentator in the next Tour de France (and bring Aldag on board for that, he can do it).

EU will store telephone data for six months

EU will Telefondaten sechs Monate speichern - and the sheer incompetence (some call her Federal Minister of Justice) is so busy patting herself on the back that she completely misses the mark. That this minimal consensus is a total disaster for data protection and privacy is, of course, completely irrelevant ...

Does the FDP have to pay a million fine?

Does the FDP have to pay a million fine? - the Möllemann time bomb continues to tick.

Userscripts.org - Universal Repository

Userscripts.org - Universal Repository - a hub for Greasemonkey scripts. Mountains of scripts. For almost everything, and a bit of the impossible.

Did RWE know about defects in power pylons?

Did RWE know about defects in power pylons? - since the Spiegel article will soon disappear behind the paywall, here are the most important facts in the Tagesschau report.

akismet.py

akismet.py - Python interface for the (central) Akismet Spam Scanner.

Data Non-Protection Declarations in Insurance

Because I'm currently interested in dental supplementary insurance (and my health insurance is trying to sell me a private insurance), I've read through the hints and explanations. In doing so, I came across the following nice paragraph under the title "Release from confidentiality clause":

I am aware that the insurer verifies information about my state of health before concluding the contract, to the extent that this is necessary for assessing the risks to be insured in the case of the contract conclusion I am applying for and my statements give cause for it. For this purpose, I release doctors, dentists, members of other healing professions as well as employees in hospitals and health authorities from their confidentiality, to the extent that I have been examined, advised and treated in the last 10 years prior to the application. This declaration is valid beyond my death.

It gets even worse - but I'll spare you the details. Great - the legislator is cutting back on the benefits of the statutory health insurance. Ultimately, the insured person is forced to take out supplementary insurance, at least if they cannot afford the treatments on their own and need to plan ahead. For this, however, they must then simply waive any confidentiality obligations towards the private insurance company - and even permanently, as death does not apply. Now, let's put all this into perspective - I pay a multiple of the measly 6.42 euros that the supplementary insurance would cost me to the statutory insurance. But there, I don't need to waive my confidentiality so drastically and unrestrictedly for dental services (in the above paragraph, the type of request is not even limited to the medical field of the insurance!) - but for the private insurance, I have to give up all rights to my data.

That's complete nonsense.

angry face

Additionally, of course, it also bothers me that the insurance company advertises in a leaflet about dental supplementary insurance that it has been tested with "very good" by Finanz Test, for example - but not for dental supplementary insurance, but for "single room rates". Which is really very informative for the assessment of the dental supplementary insurance ...

Development « Akismet

Development « Akismet - the Akismet API

Louie

Louie - a new event dispatching module for Python. Builds on PyDispatcher.

New Health System Cuts

It's quite amusing how Schmidt continues to play incompetent doctor games with the healthcare system, and the Union complains - because they weren't allowed to participate, and because the poor pharmaceutical industry is allegedly disadvantaged.

By the way, neither of the two coalition partners talks about the patients - the real victims of this concentrated incompetence ...

Sometimes you doubt Apple

When you send an email to support, for example, to register for the Apple Care Protection Plan (which constantly produced a strange error in the online system), and you include the serial numbers, contract number, and order date right away - and then receive a friendly email from Apple signaling their willingness to help. Along with a series of questions. About every single one of the points already provided.

Can't they read at Apple, or don't they want to read? Apart from the fact that I understand something different by a response time of one working day than answering a mail request from Sunday only on the following Thursday ...

I have almost accepted that I have to manually register an APP purchased in the Apple Store for hardware purchased in the same order, no matter how braindead that is.

SQLAlchemy README

SQLAlchemy README - another ORM for Python, heavily oriented towards SQL and offering a lot of magical syntax. Fascinating how in this area programmers try to abuse every language feature just to avoid writing SQL ...

Stockpiling of telecommunications data: The major factions give in

EU Parliamentarians cave in:

During a meeting between the leadership of the Christian Democratic European People's Party (EPP), the Social Democrats, and the Liberals with British Interior Minister Charles Clarke, the representatives of the two major political blocs significantly accommodated the wishes of the London negotiator on Tuesday. For example, they agreed to a planned obligation for telecommunications providers to store telephone data for up to two years.

An absolute catastrophe for data protection - the national governments will then retreat to "we have to do it, it's EU law" and data protection and the informational self-determination of citizens will continue to go down the drain. And the providers can stack terabytes of data waste, just because some overzealous data snoops have prevailed in their absurd data collection frenzy.

axentric. a web designer's “tackboard”.

axentric. a web designer's “tackboard”. - generalized version of the yellow-fade technique by 37signals. Nice for highlighting parts of pages that shouldn't stay permanently.

Court Hears Residence Permit of the 'Bremen Taliban'

Court hears case of "Bremer Taliban" right to stay - it's absurd that a foreign office actually believes that an absence due to (detention in Guantanamo, which is questionable even under US law and definitely far outside any German jurisdiction) can be considered a reason to terminate a residence permit.