Having fun with Google and Wolfram Alpha

Wolfram Alpha

vs

Google

keeping your inbox tidy with mutt

I use mutt for mailing. It is a very powerful commandline email client. What I generally like about programs on the command line is that they usually start up very fast, so you don’t have to keep them running in the background in order to get back to them, but can just start them up when you need them.

In principle, this is also true for mutt. But mutt has the problem that it is not able to load a huge number of maildir messages effectively on startup, as it does not cache the titles and has to read all of the messages to show you the inbox.

This is no problem if you always have an empty inbox.

Having a really empty inbox is no problem with mutt, as it automatically moves read mail to a folder called mbox with the setting set move=yes.
This was not enough for me, as I wanted to keep the read mail of the last two weeks so that it does not move mails that I have already read but that still need processing (like answering..).

So this what I put into ~/.mutttrc to achieve this:

folder-hook =INBOX 'push \
"<tag-pattern>~r>2w~R!~F<enter><tag-prefix-cond><save-essage>=mbox"<enter>'

This moves all messages that are older than 2 weeks, but keeps messages that are flagged and/or unread, when I enter my INBOX.

remote python debugging with winpdb

While hacking cplay a bit for fun, I was annoyed that using pdb for debugging does not really work out for curses applications, as the console is used by the app. So I looked for a remote python debugger and found winpdb. This is really nice and also more comfortable for programs where pdb would work.

Although the name suggests otherwise, winpdb is platform-independend, runs fine on unix and is free software (free as in freedom).

abs, subversion, and kwallet to store svn passwords encrypted

A long time ago, I wrote down how to make a gnuplot ubuntu package with gnu readline support on ubuntu. I often used this as a reference when I had to build deb-packages from source packages and forgot how it is done.

Today I came by a similar problem in Arch Linux, which ships with subversion 1.6 at the moment. Subversion finally got support for storing the password in an encrypted form, or rather support for using kwallet or GNOME keyring to store the passwords (very unixy, although I’d prefer a more suckless alternative for storing passwords – preferably an open standard that a suckless keyring could implement).

For historic reasons I use some KDE apps from time to time (mainly konqueror when I am lazy and need a swiss army tool). So I decided to try the kwallet support as it was already installed.

The problem is that subversion is compiled without kwallet support on Arch. So I used the great abs – Arch Linux Build System to make a package. That is much easier than it was on ubuntu. First, install an configure abs:

  • install abs
    $ sudo pacman -S abs
  • configure it by editing /etc/abs.conf, I just changed the last line so that it looked like this:
    REPOS=(core extra community !testing)
  • update the abs tree
    $ sudo abs

These steps have to be done only once, obviously.

Then, configure and build the subversion package:

  • copy  the subversion slim ABS from the abs tree to a build directory in ~
    $ mkdir -p ~/src/abs; cp -r /var/abs/extra/subversion ~/src/abs
  • edit the PKGBUILD, just add --with-kwallet to the ./configure step
        ./configure --prefix=/usr --with-apr=/usr --with-apr-util=/usr \
                   --with-zlib=/usr --with-neon=/usr --with-apxs \
                   --with-sqlite=/usr --with-kwallet \
                   --enable-javahl --with-jdk=/usr/lib/jvm/java-1.6.0-openjdk
  • build the package
     $ makepkg -s

    the -s Flag tells makepkg to automatically fetch all dependencies and build-dependencies via pacman, so you might have to type in your password if you try that.

  • install the package
     $ sudo pacman -U subversion-1.6.3-1-i686.pkg.tar.gz

Done. Annoyingly, I had to install Kwalletmanager to configure Kwallet to stay open when svn exits (so I don’t have to re-type the kwallet password in subsequent svn runs), which is not in a package of its own, but in kdeutils – another 250 MB largely wasted. But storage and bandwidth is cheap nowadays, so I don’t really care.

Using different Firefox profiles for save browsing

Recently, I read this interview with security researcher Joanna Rutkowska on Tom’s Hardware Guide. The interview is hardcore stuff, but it is interesting to read. In the interview she  talks about her personal security measures regarding internet browsing. Joanna uses three different browsers, each in their own virtual machine. An “insecure” browser for everyday surfing, a browser used for shopping on the internet, and a very secure one that is only used for online banking.

What I particularly like about the idea is that you can roll back the “surfing”-VM to a known good snapshot once in a while, so that you’ll know it is not infected.

I think this idea is rather compelling, but using three different virtual machines is just too much overhead for my old computer at home. So I use the poor men’s solution for now:

Using different Firefox profiles.

To create a new firefox profile that you will only use for internet banking:

  • start the Firefox profile manager:
    $ firefox -ProfileManager -no-remote
  • create a new profile (lets call it “secure”), and start it.
  • go to https://addons.mozilla.org/en-US/firefox/ and install the noscript extension for Firefox. You can also install the CookieSafe extension, it will make things a little bit easier.
  • open Firefox Preferences (Edit -> Preferences on Unix, Tools->Preferences on some other Systems), and disable Java and Cookies.
  • clear your private data and restart Firefox
  • enter the full URL you use for homebanking in the URL-Bar, make it your homepage (Preferences -> Main) if you want.
  • allow Javascript for this page using the NoScript – Icon in the Control-Bar
  • allow Cookies for this page using CookieSafe or add an exception manually if you know how to do it and don’t want to install that extension.

Use this profile when, and only when, you want to do online-banking, and your default profile for all the rest. To make that easier, add an alias to your shell’s initialization file, e.g. ~/.bashrc if you use bash:

alias banking = "firefox -no-remote -P secure"

The “-no-remote” enables you to use both profiles at the same time. If all your firefoxes start with the banking profile, start firefox with the “-ProfileManager” switch and select your default profile.

You get the idea. I’ll create another profile with cookies and javascript turned off by default and only enabled on sites that I trust. And one that has all the bells and whistles of the internet enabled, but which is configured to clear private data every time it exits.

While using different profiles is not as secure as using different virtual machines, it should save you from most attempts of cross-site-scripting/cross-site-request-forgery.

Of course this is just a small addition to the more important security measures:

  • Use your brain.
  • Keep your software up to date.
  • Use a privileged account (root/Administrator) only if you really need to. Seems like Redmond has finally learned that lesson, too.

Hello World

Hello World.

I am me.

This is 0x89

It is not a blog, just a random mind dump.


Fatal error: Call to a member function get_error_string() on a non-object in /home/www/web233/html/wp-includes/class-simplepie.php on line 1790