While there are many efforts in the United States to fix the brokeness of their patent system – also in respect to Software Patents which have made more harm in the last decades than anything else – we here in Europe and especially in Germany are just doing the same mistakes again.

This is a very bad day for the Freeware, Shareware and also the Open Source scene – look out for patent trolls nearby you in the future…

[...] we can only conclude that the European Commission is giving strong preference to the viewpoint of a single lobby group. Regarding interoperability and open standards, key places of the consultation document were modified to comply with the demands of the BSA. Input given by other groups was not considered on this issue. Beyond ignoring this input, the Commission has apparently decided to ignore the success of the first version of the EIF, and to abandon its efforts towards actually achieving interoperability in eGovernment services.

EIFv2: Tracking the loss of interoperability – enjoy the read…

While Debian by default only hints you to these additional packages during the install phase, openSUSE installs them all by default. Try it with git and you’ll get everything here: cvsps git git-core git-cvs git-email git-gui gitk git-svn git-web libpurple-tcl subversion-perl tcl tk xchat-tcl.

There are two ways to get rid of this nasty behaviour:

1. Temporarily by adding the --no-recommends option to your call
2. Permanently by editing /etc/zypp/zypper.conf and configuring installRecommends = no in the [solver] section.

Hey, at least they have an option to disable it, though its completely beyond me why somebody wants to have this enabled by default. Maybe they get a cookie for every additional package download…?

While the web-based interface of the service is nice, some configurations and local builds require their command line client osc though, which is python-based and works similar to subversion. This client however was only packaged for the main distros the build service itself supports, but was unavailable for others like f.e. Mac OS X, so I created a MacPort for it today (installable via sudo port install osc).

Of course local Linux builds are not possible with it, as we’re missing the complete environment, but I think its still useful for maintaining and managing remote builds on the service itself. Have fun with it!

And yet again something repeats which I already encountered in other areas of my life: At the time I get to know to a particular band or in this case software evangelist, they already retired for unknown reasons from their work. All the best for you, you lucky stiff. I’m sure you’ll also do an excellent job in the “offline world”, wherever you are…

Actually, the only thing which comes into my mind here is a combination of Portable Firefox and FireGPG on an USB stick (possibly encrypted). This, of course, bears a couple of problems:

1. If you don’t know which OS your “target” computer has, you need to have this “tandem” in at least three different binary versions, Mac OS X, Linux and Windows. While this doesn’t sound too hard (three partitions on the same drive), it’ll probably harder to encrypt all three and have something like “plug-and-mail-ready” for the target OS.
2. If you use a non-standard webmailer (i.e. no public service, but an own setup, like I have with roundCube Webmail), you won’t have a really good integration with FireGPG (i.e. no interface buttons, auto-decryption and other stuff) unless the webmail software plans support for FireGPG. (roundCube targeted it for “later“.)
3. And maybe the greatest show-stopper is the question: Is it really secure in untrusted environments? After all, GnuPG needs to load your private key into RAM to decrypt your message, and if it resides unprotected there (does it?), it could be, at any time, be read out by some hidden daemon and boom, your private key would be compromised…

How would you solve this dilemma? A VPN to a trusted PC from which you send and receive emails?

If there are no other good solutions then I guess people will have to choose between accessibility from everywhere and email security. And I bet they don’t choose security…

Now, on Qt’s side of things using SSL is rather easy as well, the only thing you have to do is give the setHost method another parameter:

QHttp * con = new QHttp();
con->setHost("some.host.com", QHttp::ConnectionModeHttps);
con->get("/index.html");
// connect to QHttp's done() signal and read the response

1. Connect to QHttp’s sslErrors(...) signal to the QHttp::ignoreSslErrors() slot. This, of course, pretty much defeats the whole purpose of an SSL connection, because the user is not warned on any SSL error, so also legit errors (certificate expired or malicious) are just ignored. (*)
2. Make the root certificate of CAcert known to the local setup, so the verification process can proceed properly.

I decided to do the latter thing. This is how the code should now look like:

QHttp * con = new QHttp();
QFile certFile("path/to/root.crt");
Q_ASSERT(certFile.open(QIODevice::ReadOnly));
QSslCertificate cert(&certFile, QSsl::Pem);
// this replaces the internal QTcpSocket QHttp uses; unfortunately
// we cannot reuse that one because Qt does not provide an accessor
// for it
QSslSocket * sslSocket = new QSslSocket(this);
sslSocket->addCaCertificate(cert);
httpConnection->setSocket(sslSocket);
con->setHost("some.host.com", QHttp::ConnectionModeHttps);
con->get("/index.html");
// connect to QHttp's done() signal and read the response

(*) One could, of course, check the exact triggered SSL error from QSslError::error(), in our case this could be f.e. QSslError::UnableToGetLocalIssuerCertificate, but this is rather hacky and could certainly be abused by a man in the middle as well.

Anyways, with grep you usually end up with something like that:

$ grep -R myterm | grep -v ‘\.svn’ | grep -v ‘~:’

or, to speed up your searches a bit and let grep not even crawl things you don’t like to see anyways:

$ grep -R myterm `find . -type f | grep -v ‘\.svn’ | grep -v ‘~:’`

Anybody else thinks that this syntax is just hilarious and totally overkill? So I looked at grep’s manpage for some kind of .greprc which I could define in my homedir and in which I could set all the things I want to exclude, but apparently no such file is acknowledged by grep.

Finally I did a Google search for “grep ignore svn directories” and found ack – a Perl tool which resolves this and other problems with grep. My personal feature highlights:

• You can use real Perl regular expressions (no grep -r stuff needed)
• -A, -B and -C options work just like I know them from grep
• Output is highlighted with terminal colors and very much cleaned up in comparison with grep
• There are predefined sets of file extensions to search, i.e. ack --php foo will search all php files (php3, php4, php, aso.) for foo, also with an option to exclude these sets with f.e --noperl

So I’m more than satisfied with this – if I would have only found this earlier! This saves my day!

Oh, I think I forgot to mention one absolute killer feature of ack – to quote the author:

Command name is 25% fewer characters to type! Save days of free-time! Heck, it’s 50% shorter compared to grep -r.

Go, get it while its hot!

Lets start with an easy one: rms.

Yeah, that was easy. If you come across this nick in an IRC channel, make sure you don’t talk about the advantages of proprietary software, Richard Matthew Stallman may just jump at you and bash you with a big club.

Now, who might be esr?

Actually I learned about his nick not too long ago. He stumbled into the #monotone channel on OFTC last December and asked about the backgrounds of the monotone project. He prepared a paper of modern revision control systems at that time (I only have a dead link where it used to reside), but I guess most people will rather know him from one particular essay anyways, “The Cathedral and the Bazaar”: Eric S. Raymond.

Now, if esr is Eric S. Raymond, who might be rse?

If you’re working with web servers, and here in particular with the one from the Apache Foundation, you probably know of this one swiss army knife ™ which solves all your redirecting / load balancing / other weird use case problems – mod_rewrite! But actually, the person I’m talking about, is also highly popular for being the main author / founder of other popular Open Source software project, like OpenSSL, OpenPKG or RPM5: Ralf S. Engelschall. If you catch him somewhere and you’re using his software on a daily basis (like I do), do not forget to praise him .

Now the last, pretty hard one for me at least, I just learned today: Who’s famous for his nick drh?

I felt pretty stupid when I learned about his nick; after all I’m using his software on a daily basis as well – indirectly at least. He’s the author of SQLite (monotone’s database backend), the creator of CVSTrac (the inspiration for the nowadays widely used Trac project) and he has of course, like the other people I introduced here, his own wikipedia entry. I’m speaking of D. Richard Hipp.

So this was my Little Nickname Science. If you’ve similar anecdotes I’d love to hear them!

The Monotone Summit goes on and its quite fun to meet and work with all the people I just know from IRC or the mailing list. I mostly worked on automation stuff so far and improved some things in guitone. A longer blog entry with other impressions (and maybe some pictures) will follow within the next days…