Documentation is good, so therefore more documentation must be better, right? A few examples where things may have gotten out of control.

more...

Whenever I plug an external monitor into my laptop, nothing happens. Then I run xrandr, and gears turn, and displays appear. Not too surprising. Whenever I unplug an external monitor, nothing happens. Then I run xrandr, gears turn, and all those hidden offscreen windows come screaming back. This is absurd, right? Shouldn’t my desktop software be, I don’t know, desktopping?

more...

Why don’t unix commands have any vowels in the name? cp and mv are obviously devoweled standins for copy and move. But they’re less intuitive for new users. The user wants to copy a file. Why shouldn’t the name of the command be exactly the operation the user wants to perform?

What exactly does the user want to do? Instead of copying files, maybe I want to link two files. What does that mean? In unix, we have hard links and symbolic links. If I replace the “original” file, do I want the link to refer to the original file or the replacement? Or maybe what I mean by link two files is to combine two object files into an executable. Do we call that loading instead? ln is the name of a command, but link is the name of a concept. And sometimes the concept evolves over time. The linker is called ld because it used to be the loader. (I think.)

grep is a remarkably useful tool, but with a most unintuitive name. Why not call it find like Windows does? I want to find some text, I run find. So obvious. But some users may want to find files in the filesystem, not strings in a file. What command do they run? Probably locate.

There may be a great deal of historical accident in the names of commands (what if the inventors of awk had different initials?), but that doesn’t mean we can’t recognize the value of unique and precise identifiers.

Who wore it worst?

The Post is pretty bad. Beware the scary glow in the dark hacker.

The Journal is less alarming, but rather useless. Hey, look at the tubes.

Motherboard skipped the tech and went with the meteorological imagery.

Ars Technica decided to forego their usual backlit keyboard gallery for some generic secret art. Inoffensive, but irrelevant.

And finally, The Verge comes through with a completely relevant image. An actual screenshot from the bug report.

Nicely done. That’s what real cyberjournalism looks like.

I found it hard to locate a good reference explaining how various hash attacks apply to password hashing. Somebody might reasonably ask how the SHA1 collision, or an extension thereof, would apply to bcrypt. Can bcrypt have collisions? It’s a strange question if you know the answer, but knowing that much requires synthesizing a fair bit of knowledge that’s not all in one place.

more...

Some reflections on life, the universe, and everything after posting 1000 links to inks. I started inks on a lark because one day I was annoyed with HN or Lobsters or something and it seemed easy enough to make my own cooler version, but there wasn’t much of a mission statement. Maybe Daring Fireball but without the fucking Yankees. It’s been a few months and 1000 links is enough to notice some trends and evaluate results.

more...

Another little adventure in web page rewriting. I wanted to use a few more go features, and make something that would work on at least a few different sites via the Host header.

more...

Last week I gave a talk for the security class at Notre Dame based on features are faults but with some various commentary added. It was an exciting trip, with the opportunity to meet and talk with the computer vision group as well. Some other highlights include the Indiana skillet I had for breakfast, which came with pickles and was amazing, and explaining the many wonders of cvs to the Linux users group over lunch. After that came the talk, which went a little something like this.

more...

Everybody is getting real excited about yubikeys recently, so I figured I should get excited, too. I have so far resisted two factor authorizing everything, but this seemed like another fun experiment. There’s a lot written about yubikeys and how you should use one, but nothing I’ve read answered a few of the specific questions I had.

more...

Back in November I subscribed to a few newspapers, the theory being that paying for a newspaper was the only way to save journalism, and thus democracy. Instead of choosing one, I just subscribed to them all, figuring I could sort it all out later. Here we are, a few months later, with the introductory rates expired, and it’s time to evaluate which of our contestants can advance to the next round. Our entrants are the New York Times, the Washington Post, and the Wall Street Journal.

more...