Web

My Firefox Add-ons

3 Comments

I simply need to have this list somewhere so that I can find out my own add-ons again when I’m running Firefox away from home!

Adblock Plus – since ads are too annoying these days

DownThemAll – because I like to be able to get whole batches of images or similar at times

Fission – just a silly eye-candy thing

Forecastfox – I like weather forecasts!

FoxClocks – helps me keep track of the time my friends around the world have at different moments.

It’s All Text – makes web based editing/posting a more pleasurable experience by allowing me to edit such contents with emacs!

Live HTTP Headers is a must when you want to figure out how to repeat your browser’s actions with a set of curl commands.

Open in Browser allows me to open more stuff within the browser itself, even when the Content-Type is bad.

Right-Click-Link is great when you quickly want to browse to links you find in plain text sections.

Torbutton lets me quickly switch to anonymous browsing.

User Agent Switcher lets me trick stupid server-side scripts into beleiving I use a different browser or even operating system.

What great add-ons did I miss?

(Some nitpickers would say that I don’t run Firefox since I use Debian and then it is called Iceweasel, but while that is entirely true, Iceweasel is still the Firefox source code and the Add-ons are in fact still Firefox Add-ons even if they also run perfectly fine on Iceweasel.)

Electronics

Fujifilm FinePix F100fd

1 Comment

Ok, I bought myself a Fujifilm FinePix F100fd camera the other day, as it fulfilled my requirements pretty good:

1. It’s compact, noticeably smaller than my previous Sony one.

2. While not a 3″ LCD it features a 2.7″ one, which is a tiny bit larger than my previous’ 2.5″.

3. Image Stabilizer. And in my test shots it seems to make a difference. I’ll admit I haven’t yet played a lot with it on and off, but especially when zooming it seems to do some good.

4. Good low-light images. Yes it does. I’ve so far seen it go down to ISO1600 on auto and while that isn’t the best pictures, using flash is certainly not a good way to achieve great pics either (in general).

5. It accepts SDHC cards. I put a 4GB one in to start with as it costs virtually nothing. My previous camera had 512MB so it’s still 8 times the size. Of course my Sony was 5 megapixels and this does 12 so it will of course produce larger image files.

Possibly I’ll try to make some comparison pictures with my old and my new cameras later on.

IT Politics, Security, Web

Snooping on government HTTPS

As was reported by some Swedish bloggers, and I found out thanks to kryptoblog, it seems the members of the Swedish parliament all access the internet via a HTTP proxy. And not only that, they seem to access HTTPS sites using the same proxy and while a lot of the netizens of the world do this, the members of the Swedish parliament have an IT department that is more big-brotherish than most: they decided they “needed” to snoop on the network traffic even for HTTPS connections – and how do you accomplish this you may ask?

Simple! The proxy simply terminates the SSL connection, then fetches the remote HTTPS document and run-time generates a “faked” SSL cert for the peer that is signed by a CA that the client trusts and then delivers that to the client. This does require that the client has got a CA cert installed locally that makes it trust certificates signed by the “faked” CA but I figure the parliament’s IT department “help” its users to this service.

Not only does this let every IT admin there be able to snoop on user names and passwords etc, it also allows for Man-In-The-Middle attacks big-time as I assume the users will be allowed to go to HTTPS sites using self-signed certificates – but they probably won’t even know it!

The motivation for this weird and intrusive idea seems to be that they want to scan the traffic for viruses and other malware.

If I were a member of the Swedish parliament I would be really upset and I would uninstall the custom CA and I would seriously consider accessing the internet using an ssh tunnel or similar. But somehow I doubt that many of them care, and the rest of them won’t be capable to take counter-measures against this.

cURL and libcurl, Linux, Web

Solaris 10 ships libcurl

I fell over this document named “What’s New in the Solaris 10 10/08 Release” and it includes this funny little quote towards the end:

C-URL – The C-URL Wrappers Library

C-URL is a utility library that provides programmatic access to the most common Internet protocols such as, HTTP, FTP, TFTP, SFTP, and TELNET. C-URL is also extensively used in various applications.

The project is cURL, the tool is curl and the library is libcurl. There’s nothing named C-URL and it isn’t any “wrappers library”… And the list of protocols is also funny since it includes 6 protocols while a modern libcurl supports 13 different ones, and also if you build libcurl to support SFTP you also get SCP (which the list doesn’t include) etc.

It just looks so very sloppy to me. But hey, what do I know?

Linux, Network

Nvidia chipset audio now works

I’ve mentioned some of my audio problems on my Linux desktop before, and just the other day a friend suggested I should remove ‘esd’ (“apt-get remove esound”) as a means to fix one of my complaints and frequent annoyance (to get the sound working I had to kill esd first, then reload some drivers etc).

Recently my standard “trick” to get the sound brought to life had started to fail so I needed to get a new angle at this and boy, when I did a reboot now without esound installed my on-board sound works! And this without me doing any manual fiddling at all.

My motherboard’s sound info is displayed like this with lspci -v:

00:10.1 Audio device: nVidia Corporation MCP51 High Definition Audio (rev a2)
Subsystem: ASUSTeK Computer Inc. Device 81cb
Flags: bus master, 66MHz, fast devsel, latency 0, IRQ 22
Memory at fe024000 (32-bit, non-prefetchable) [size=16K]
Capabilities: <access denied>
Kernel driver in use: HDA Intel
Kernel modules: snd-hda-intel

cURL and libcurl

curl presentation video

1 Comment

I held a 38 minute talk (in English) at the FSCONS conference 2007 about curl and libcurl, and now I’ve realized that the recording from that event is available online in various forms and ways.

You can get the pure Ogg Theora video files by using these links:

The slides from the presentation are still available.

fsfe.org hosts the complete collection of videos from that conference.

I haven’t yet had time and oppurtunity to watch it myself. I figure I’ll do that soon to see and learn from my own mistakes and odd habits when talking in public… and try to not get disturbed too much by my own accent!

Development, Technology

Cure coming for Wrap Rage?

4 Comments

This phenomena you thought you were alone to experience, the rage and anger you feel when you’ve bought some new toy and you get it packaged in tight and nearly un-enforceable plastic that demands a decent amount of violence and persistence to crack. It’s called Wrap Rage.

I’ve been told the packages (called blister packs or clam shells) are designed to be this way to be able to show off the merchandise while at the same time prevent thefts: it is hard for a customer to just extract something out of those things in your typical physical store.

Amazon’s initiative Frustration-Free packaging is indeed a refreshing take on this and apparently an attempt to reverse this development. Online stores really cannot have any good reasons to use this kind of armor around products since there’s no risk of stealing. I wish others will follow to make the manufacturers realize that there is a market for this. This needs to be done by manufacturers of stuff, the stores cannot be made to repackage stuff due to warranties and what not.

It wouldn’t surprise me if you could even find cheaper ways to package products once you let go of some of the requirements that no longer apply for online stores. Visibility of the products once packaged is another thing that is pointless for online stores but I would expect is very important to sales in physical stores. I’ve always thought it is pretty pointless and expensive that every single package is made to be able to be a display model. To be able to attract customers to buy it. When you buy the thing online it’s no longer just pointless, it’s plain stupid.

Imagine a future when you can just open your new toy without getting bruises or scratch marks!

cURL and libcurl

What is this yassl really?

yassl is said to be Yet Another SSL library and I’ve been told that for example it is the preferred library used by the mysql camp. I got interested in this several years ago when I learned about it since I thought it was fun to see an alternative implementation of OpenSSL that still offers the same API.

Since then, I’ve amused myself by trying to build and run curl with it like every six months or so. I’ve made (lib)curl build fine with yassl (and its configure script also detects that it is an OpenSSL API emulated by yassl), but I’ve never seen it run the entire curl test suite through without failing at least one test!

I asked the mysql guy about how yassl has worked for them, but he kind of shrugged and admitted that they hadn’t tried it much (and then I don’t know really who he spoke for, the entire team or just he and his closest friends) but he said it worked for them.

Today I noticed the yassl version 1.9.6 that I downloaded, built and tried against curl. This time curl completely fails to build with it…

Let me also point out that it’s not like I’ve not told the yassl team (person?) about these problems in the past. I have, and there have been adjustments that have been meant to address problems I’ve seen. I just can’t make curl use it successfully… libcurl can still be built and run with OpenSSL, GnuTLS or NSS so it’s not like we lack SSL library alternatives.

The same team/person seems to behind another SSL lib called Cyassl that’s aimed for smaller footprint systems and I’ve heard whispers about people trying to get libcurl to build against that and it surely is going to be interesting to see where that leads!

Technology

Times I listen

1 Comment

I listen to perhaps 4-5 podcast episodes per week. I figure they last a total of three hours or perhaps a little less. I don’t consider that to be much in any sense, but still I find that a lot of my friends ask me how I get time to listen to them while at the same time run a “normal” real life with two kids and hack on a zillion open source projects.

I honestly find the question a bit funny, since I know a lot of people listen to radio or music a lot more than so per week.

I just happen to always put the latest episodes of my favorite podcasts on my mp3 player and I carry the player with me. Whenever I’m about to do something on my own that doesn’t need my full brain present, like shopping groceries, doing the dishes, cleaning up in the house, mowing the lawn or in fact even when watching cartoons or children’s television I can just put an earplug into one of my ears and get quality shows and thus enrich the situation I’m in! I can tell you doing the dishes is a lot better with a great podcast!

I don’t commute or drive very long to and back from work currently which otherwise are the perfect podcast moments.

tech, open source and networking