Microsoft makes .txt files dangerous!

This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate rich text format file (.rtf), text file (.txt), or Word document (.doc) that is located in the same network directory as a specially crafted dynamic link library (DLL) file.
-- Microsoft makes .txt files dangerous

(Courtesy http://lwn.net/Articles/459240/ )


git for computer scientists -- my version


It's quite similar to the original, classic version, but extends the
whole thing to explain detached HEAD, and the difference between reset
and checkout


Fwd: Git - Authenticate from Active Directory....

India in general is very "age conscious" as in, "respect people [significantly] older than you".  But among Indians, Punjabis are particularly so.  Not unlike Japan and Italy [which I used to call our "country-in-law" at one time ;-)]

So anyway, I decided to shamelessly play on this; see the last sentence of the email below ;-)  It may not have any short term effect, but who knows...!

---------- Forwarded message ----------
From: Sitaram Chamarty <sitaramc@gmail.com>
Date: Tue, Aug 9, 2011 at 11:07 PM
Subject: Re: Git - Authenticate from Active Directory....
To: [an obviously Punjabi name elided]

Although this link sounds like it is only about ssh, if you read it carefully it answers your question and it should help you: http://sitaramc.github.com/gitolite/doc/authentication-vs-authorisation.html

On a more personal note, I won't help anyone with Microsoft stuff.  I won't actively prevent gitolite from working with MS, but I will not actively help either.  For example, if someone sends me a write up on how to get gitolite to work with OpenLDAP, I will either add it to my docs, or link to it (whatever he wants).  But if you send me a document about how to make it work with AD, I will not do that.

Sorry if that sounds rude, arrogant, or whatever, but at my age (I'm close to 50) I'm entitled to my opinions, puttar ;-)



On Tue, Aug 9, 2011 at 10:49 PM, elided
<elided> wrote:
> Hi,
> A question on gitolite:
> I have git repository hosted on a Linux RedHat Enterprise machine.
> I am able to checkin/checkout using http (apache is configured for this).
> The users are setup using .htpasswd.
> I want to authenticate from Active Directory instead. Is this possible with
> gitolite?
> Also this access has to be given only to certain Active Directory users.
> If not, is this even possible?
> Looking forward to your response.
> Thanks
> <elided>



(WTF, mac idiocy!) oh yeah, about that "silky smooth OS X style"...

"git gui" and "gitk" are nice GUIs that come with git.  The latter especially is *very* powerful and even Linus uses it when needed.

GitX (http://gitx.frim.nl/) is what folks use on Macs.  Per its website, "GitX is a git GUI made for Mac OS X. It currently features a history viewer much like gitk and a commit GUI like git gui. But then in silky smooth OS X style!"

Nice.  Except, I learn while casually hanging around on #git, that you cannot open two GitX views on the same repo.

And this is not a GitX limitation.  It's damn well not a *Git* limitation, since the tools that GitX claimed to be "much like" don't have that limit.

No... it's apparently an OS X limitation not to allow GitX to open a repo twice.  Apparently a repo is a "document" so it "makes sense" to the poor brain-washed guy who told me this.

Damn... all the trouble Linus goes to avoid the need for locking, with stable objects and NFS-safe renames, and such.

And Mac OS X says "meh!"

Tell me again, why do *developers* use this piece of shit?


IE users stupid?


quote: "The comparison clearly suggests that more people on the higher side of IQ scale have moved away from Internet Explorer in the last 5 years," AptiQuant concludes.

I wish this were actually true, but sadly, it isn't very likely to be.  I call bullshit.

I do believe most IE users are seriously lacking **in information technology skills**, but even in my worst anti-MS rant I have never equated that with stupidity as a general trait.

My doctor uses IE.  My accountant uses IE.  99% of TCS' senior management probably uses it simply because it is the damn default and *they* didn't feel there was anything wrong with it.

In fact, I am coming to the opposite conclusion.  I suspect that most IE users are of the kind (see previous para) who would not even *bother* to visit an IQ measurement site.  And I am saddened that among Chrome/Opera/FF users, the more intelligent ones actually have the time to waste on trivial pursuits like "gee I wonder what's my IQ" (here's a hint: if you care, it's not high enough!)

And that doesn't mean IE is somehow being credited here.  It just happens to be the "incumbent", as they say in politics.



placeholder for https://plus.google.com/115609618223925128756/posts/PDPdXTxAvZk

I posted my comments on veracity there because a lot *more* of my gitolite/git contacts are there.


meta comment on blogs and g+: at some point we'll have to choose one; we can't update both.  I'd love to move to G+ for my blogging also, but it doesn't have a search box anywhere that I can see.  I depend on that a lot to find stuff I wrote about long ago, and without that I can't really make it the main outlet for my random typing!


Dijkstra endorses perl (well, I'm stretching it a wee bit... ;-)

Dijkstra quote: If we wish to count lines of code, we should not regard them as "lines produced" but as "lines spent".


debugging "clever" code

""Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it."

— Brian W. Kernighan and P. J. Plauger in The Elements of Programming Style.

This came up in a comment about an LWN article on how subtle and tricky some of [the Linux kernel] core code has become.  Some of the more interesting quotes from that article and its links:

(in the original email from Hugh Dickins):
That -ENOENT in walk_component: isn't it assuming we found a negative dentry, before reaching the read_seqcount_retry which complete_walk (or nameidata_drop_rcu_last before 3.0) would use to confirm a successful lookup?  And can't memory pressure prune a dentry, coming to dentry_kill which __d_drops to unhash before dentry_iput resets d_inode to NULL, but the dentry_rcuwalk_barrier between those is ineffective if the other end ignores the seqcount?
Let's call this "establishing the baseline" -- anyone who did not understand at least 75% of this will be lost as far as the real problem is concerned.  But what about the people who *did* understand it (or at least, had the best chance to):
There is a sobering conclusion to be drawn from this episode, though. The behavior of the dentry cache is, at this point, so subtle that even the combined brainpower of developers like Linus, Al, and Hugh has a hard time figuring out what is going on. These same developers are visibly nervous about making changes in that part of the kernel. Our once approachable and hackable kernel has, over time, become more complex and difficult to understand. Much of that is unavoidable; the environment the kernel runs in has, itself, become much more complex over the last 20 years. But if we reach a point where almost nobody can understand, review, or fix some of our core code, we may be headed for long-term trouble.
uh oh...!


Forbes columnist on "Microsoft's Android Shakedown"


Nice quote: "Getting software patents takes a lot of work, but it's not primarily engineering effort. The complexity of software and low standards for patent eligibility mean that software engineers produce potentially patentable ideas all the time. But most engineers don't think of these relatively trivial ideas as 'inventions' worthy of a patent. What's needed to get tens of thousands of patents is a re-education campaign to train engineers to write down every trivial idea that pops into their heads, and a large and disciplined legal bureaucracy to turn all those ideas into patent applications."

But I think there's one more point to be made here.

The decades-old Sun/IBM incident, narrated as the intro to that article, doesn't describe what would happen today. The alternative the "blue suit" suggested was one where IBM would actually spend the time to find *real* infringements, if Sun refused to buckle.

That was the 80s. Today, if HTC resisted, MS would proceed directly to litigation even if they knew the specific claims being made were without merit.

In other words, while Sun capitulated due to the fear of real infringement being found, I believe today's defendants pay up due to fear of the litigation itself!

Big difference!


Jon's impressions of Chromium


I guess I'll stick to Firefox -- NoScript is kind of a necessity right now :-)

It might not be bad as a second browser though, although one has to watch out for the Chromium/Chrome distinction!

[And by the way, I never understood Google's need to call a browser by the internal name for the UI component of a competing browser!]


the new nook (aka Nook second edition, nook simpletouch, etc)

Well I happened to be in the US after many years, and despite being sent a nook 1, (wifi only model) by my brother a couple of months ago I was tempted enough by the reviews of the nook 2 to buy one.

[By the way, the nook 1 (wifi only version) was $150 when my brother bought it for me. A scant few weeks after he sent it to me, they announced the Nook 2 at $139, and dropped the price of the nook 1 to $119! Timing issues like this have been the story of my life, <sigh>...]

So here're the pros and cons of this one compared to the old one.

Summary: lighter and smaller and better navigation make it attractive. But there are lots of negatives to consider, and if I'd known all of them before I bought it I may not have done so. Even now, I'm sorta tempted to attempt returning it but that's only fueled by "righteous indignation" so I will probably just laze around until it's time for my flight home and then claim I didn't have time!


  • much better interface -- the main screen is a touch screen now! (For people who're wondering what's the big deal, remember this is e-ink, non-backlit display -- totally different technology to the normal stuff on your Androids!)

  • much smarter navigation. Both because the main screen is touch, as well as the fact that you can reverse the meaning of the top and bottom buttons if the size of your hand makes it so that the upper button is better for your thumb to hit when you hold it. Reading is a real pleasure with this thing!

  • reviews say it has a much better battery life. Sounds believable, because there's no longer a battery draining lighted touchpad! I can only hope, because the old one sucked rocks through a pipette in terms of battery life!

  • no touchpad means it's much smaller and lighter, while having the same actual screen size (800x600)

  • has a built-in dictionary (accessible only from EPUB files, not from PDFs... wonder why)

  • (minor: now actually knows about GMT+0530 in its time zone list! yeaaay!)
  • no device password. This is a big problem for someone like me; limits what I can use it for. I can no longer grab a quick PDF of some work document I need to read and take it with me, in case the device gets stolen.

    You may think you can use encrypted PDFs, but that won't work. There's no way to make it "forget" the password short of completely shutting down, so if you opened a document it's now visible to anyone who grabs the device. (In the old nook, the moment you open another document (even an un-encrypted one), the password for the previous one was forgotten. Not great but I was happy enough to use it as a workaround...)

  • no document delete. If you did take along a sensitive file, you can't delete it once you've read it, to limit exposure. The old nook would let you delete documents from its interface; this one needs a PC to do that. This is the worst problem from my point of view because it could have somewhat mitigated the previous one.

  • non-replacable battery. This is the second worst problem as far as I am concerned. For people who live outside the US, like me, this could be a killer. I'm crossing my fingers hoping I don't get burned...

  • mandatory registration. A new nook 2 won't even get to the home screen unless you register. Fortunately, it doesn't insist on a credit card for a new registration, but even so, that's badbadbad(tm)! [And I'm willing to bet some corporate fsckwit at BN will read this and make a note to make the credit card mandatory for nook 3!]

    I have no intention of ever buying any content -- most of my reading is PDFs from work or web pages converted to EPUBs with my own script built around calibre's ebook-convert program. So the question: at $139, do they still have to resort to the razor/blade revenue model?

  • probably for the same reason, only 236 MB for "sideloaded" documents. ["sideloaded" apparently is the phrase to describe docs you install through USB instead of from BN using their interface]. This is barely one-fifth of the 1.3 GB the old nook had. The nook 2 reserves the rest of the free space for BN content, which means in my case it's just sitting idle. To be honest, this is not a big deal, but one does feel somewhat cheated at the forced space wastage.

  • no music. I never used the music on the old nook anyway so I don't care.

  • no browser. Well the browser on the old nook was crap so I don't miss it, but it could actually have been usable on this one, because of the touch screen! Why did they do this?
And finally, here's the biggest WTF: when you start the machine and eventually read the 100-page user manual, it says somewhere toward the end "You can purchase a Nook only if you have a billing address in the United States".

Huh? Why? What earthly logic do you have for this? We're the best customers -- we don't have much opportunity to return it, call your customer complaints, and generally make your life miserable if we don't like it.

More importantly, how the fsck am I supposed to know that before buying it? The sales clerk at BN, Stevens Creek (CA) didn't even ask. Clearly he is smart enough not to lose a sale for crappy reasons, so what's with the corporate stupidity?

And don't tell me it's legal reasons to do with geography specific licensing for books, like DVD region codes. You're not going to let me buy content until I give you a credit card with a US billing address anyway ...

All in all, psychologically very disappointing. So now that I have "pensieve"d all these comments, I will try and purge them from my mind and try and enjoy the damn thing...


rule #1 for a home user

don't let your mom do your packing/unpacking. She'll drop the 1TB
hard disk that contains your only backup while trying to help you.

-- my son


happy passwords, here I come!


Interesting... I know what my future passwords are going to be themed around now!


scale fail: cloud addiction

I've always been wary of anything that is being hyped.  Until the hype dies, I'm prejudiced against it, and I won't give it a fair chance.

This is not just for technology issues -- I do that to movies and books also.  I still won't bother to read Da Vinci Code, although I finally did see Forrest Gump years later, when I became convinced it was OK.

But it's much more true for technology.  Here, unlike a movie I have not seen or a book I have not read, I can actually expect to have an intuitive feel for the truth already, so the prejudice lasts longer and very rarely reverses.


The "cloud", to me, has always been just that: a bit of water and a lot of hot air.  I can certainly see some uses for cloud computing in small and medium enterprises -- the smaller the better.  An extreme case is an individual running his own web-based business -- finding a cloud provider is ideal for him in terms of bang for the buck.

But I've always believed that the larger you get, the more you lose by going to the cloud.  At some point, the economies of shared infrastructure disappear simply because as you get bigger and bigger, you are less amenable to sharing.

Josh Berkus (of Postgres) wrote a very fantastic 2-part article series called "Scale Fail" for LWN.  Part 2 of this, at http://lwn.net/SubscriberLink/443775/a17084926dbefa54/ , has a section called "Cloud Addiction", which is well worth a read.  Here're some extracts:

Several of our clients are refusing to move off of cloud hosting even when it is demonstrably killing their businesses. This problem is at its worst on Amazon Web Services (AWS) because Amazon has no way to move off their cloud without leaving Amazon entirely, but I've seen it with other public clouds as well.


[restrictions on memory, processing power, storage throughput and network configuration inherent on a large scale public cloud, as well as the high cost of round-the-clock busy cloud instances] are "good enough" for getting a project off the ground, but start failing when you need to make serious performance demands on each node.


That's when you've reached scale fail on the cloud. At that point, the company has no experience managing infrastructure, no systems staff, and no migration budget. More critically, management doesn't have any process for making decisions about infrastructure. Advice that a change of hosting is required are met with blank stares or even panic.


(heard on slashdot) WMI

WMI is great. If you liked the complexity of CORBA, COBOL, VB Script, and the syntax of SQL, you will love WMI.


do you still want an Apple ipod/ipad/iphone?

Here's a completely different take on the issue than my normal "freedom" rant:


And by the way, this is not new. The suicides were reported months
ago. The response from the guilty parties is what is new.

And this is not the first time something like this has been found
about US companies either. I think the most famous such scandal
involved Nike, in 97 or so.

And I'm not saying Apple is the only guilty party -- I'm sure there
are many others. However, with the amount of customer mindshare Apple
has, it ought to be leading the way in preventing this sort of abuse.
It ought to be caring about ethics and morality, not just legality.

But I don't think it will -- most corporations have a "duty" to not
care about anything except making money, actually. And they made a
lot of it -- 14 billion dollars PROFIT, (after taxes) last year!

Now you have to think: do I want to help them make more?


facebook as the ultimate spy network



"Facebook in particular is the most appalling spying machine that has ever been invented. Here we have the world's most comprehensive database about people, their relationships, their names, their addresses, their locations and the communications with each other, their relatives, all sitting within the United States, all accessible to US intelligence. Facebook, Google, Yahoo – all these major US organizations have built-in interfaces for US intelligence. It's not a matter of serving a subpoena. They have an interface that they have developed for US intelligence to use.

Now, is it the case that Facebook is actually run by US intelligence? No, it's not like that. It's simply that US intelligence is able to bring to bear legal and political pressure on them. And it's costly for them to hand out records one by one, so they have automated the process. Everyone should understand that when they add their friends to Facebook, they are doing free work for United States intelligence agencies in building this database for them." (emphasis mine -- Sitaram).

unbelievable (operation pumpkin; prince william's wedding)


no words can summarise this.  I'm wondering if this is a joke...


I want!!!


very very cool! I would *love* to have a computer like this...


with friends like these, who needs enemies? [Gates and Allen]


Interesting article. The title is "Bill Gates tried to rip me off",
which sounds, to people who are taken in by Gates' so-called charity
work and his persona, like it might be a severe case of journalistic

However, to people who long ago realised that he's probably the most
unethical, even borderline criminal (white collar only, so far as the
public knows) individual they've ever heard of, the following quotes
from the article will not come as a surprise:

- "scheming to rip me off"
- "I'd been taught that a deal was a deal and your word was your
bond. Bill was more flexible; he felt free to renegotiate agreements
until they were signed and sealed."
- overheard Gates and Ballmer complaining about his declining
contribution to the company during his cancer treatment in 1982
- "...It was mercenary opportunism, plain and simple."


CS and the real world (seen on slash)

quote from http://developers.slashdot.org/comments.pl?sid=2054932&cid=35621288 :

"This is a CS program we are talking about. Much like economics, in these disciplines the real world is often considered a special case."



of winks and nooks...

So I finally got myself an ebook reader.  I'd been thinking about it for a while, but when my brother got a "wink" reader, I jumped.  In short order, I'd asked my other brother (currently temporarily in the land of the un-free) to get me a Barnes and Noble Nook.

My only reason was that it has a real browser.  Turns out the browser is more than somewhat crippled -- it can't even manage the redirection from chamarty.net to sitaramc.blogspot.com!

Getting stuff onto the device

It won't let you download anything using the browser either -- the only way to get PDFs and EPUBs on the box is either from B&N or via USB.

The wink, on the other hand, doesn't have a browser, for all practical purposes anyway.  What it does have is an email client, which -- surprise -- lets you download stuff to the device.  So you have two ways to get stuff onto the device, which is nice.

Deleting stuff you already read

The Nook will let you delete content from the device's interface.  The wink won't; you have to do it from a host computer via USB.

Reading oddball stuff

The biggest thing the wink has is that the reader software is much better than on the Nook (gasp!)  Firstly, it actually supports rotated reading for wide text if you want to do that, which is quite useful for some comics and cartoons.  Secondly, it does not force everything into "reflow" mode.  Of course, zooming while not in reflow mode makes a document wider than the screen and you have to pan left to right for every sentence, but at least it allows you to do that (this is important for figures in PDFs, for instance).

The Nook forces reflow on everything so it is crap at PDFs with bulleted lists, indents, tables, and such.


Now that i realise the browser isn't that great, about the only thing the Nook has going for it is the hardware quality.  It feels a little better built, and the buttons (there are only 4 by the way) have an "embedded" feel to them.  The wink's keyboard is bad -- sometimes you have to hit twice for a button to register, and sometimes you hit once and it registers twice.  (I guess a statistician would say that on the average the keyboard works fine then!)

I didn't get much of a chance to compare battery life but I suspect the Nook is crap.  I'm getting far, far, less than what the ads and even reviews led me to believe.  I'll have to wait till my usage stabilises somewhat, because the color LCD at the bottom is definitely a huge drain!


Oh yeah -- the other reason I like the nook is it actually has a device password.  There may be ways to get around it, but at least it'll keep out casual snooping...


Nook: if you absolutely need a password protected device.  And/or you absolutely need a browser, even if it can't do most sites.
Wink: if you want to be able to receive content via email while on the road without your own laptop.  And/or you want a better reader software in general (subjective opinion)


Indian English strikes again

Just saw a very detailed account of a wedding.  There was lavish
description of dress, decorations, and food, and the narration of the
ceremony included this:

"And the chanting of Mantras became louder, the sound of Shennai [sic]
became shriller and on dot [sic] at [elided] each of them placed the
Jeela Karra Bellam on the other's heads and the marriage was

I want to say to him: I do not think it means what you think it means.

Would have been *totally* appropriate too, since he also said the
bride looked like a princess ;-)


pointy-clicky on gitolite

someone was looking for a gitolite equivalent "with an interface". I first told him gitolite has a great interface; it's called "vim".

Then someone else said "but it's not pointy-clicky".

I told the original guy maybe he should use an ipad ;-)

I can just imagine vi on an ipad. Definition of hell I suppose (and yes, I know for most people the hell is the vi; for me it's the ipad!)


Oh Em Geeeee!

For a long while now, I've been ranting at kids (and many adults, sadly) who type "u" for "you", "gr8" for "great", "dat" for "that" (I mean really, how much did you save there?), and so on. I sometimes ask them: does your computer come with just a phone keypad? (And some of them even understand the joke!)

But a few days ago I saw this pathetic display of illiteracy move to a new dimension.

I heard a barely-teen kid say O-M-G in speech. I mean "Oh", "Em", "Geee" -- spoken out as 3 individual letters.

To all the people who lament the demise of Hindi, Telugu, and other mother languages, may I suggest that death by disuse is more dignified than this death by misuse?


lid starts closing on Nokia coffin

When people like Miguel Icaza start praising the deal, you know it's time to say goodbye to one of your favourite (till last week) companies.


Apparently he said "the Microsoft/Nokia partnership will save Nokia and increase the relevance of Microsoft's fledgling mobile operating system."

He didn't say "saved from whom" but I presume he means Apple and Android.

Personally, I was very much looking forward to MeeGo, which was looking to be a much more full featured Linux than Android (for hackers who hate Java, Android is just an appliance).

Oh well... I guess I'll stick to my plain (not even a camera or bluetooth) cell phone, and use a laptop/netbook if I really need something smarter.

starting to become mainstream!


look at item #4 :)



There was a fire at Bombay House last night which claimed 3 lives.

Very sad.

But here's what's even more sad: someone apparently asked "I wonder if there were any records lost in the fire".

I don't think what was implied is actually true.  The sad part is that before Radia no one would even have *thought* of that when it comes to the Tatas.

Of course, with Reliance, this will never happen.  They don't even keep records I am sure ;-)