digital id

Digital ID

I went to the municipal office this morning and fetched my digital ID card which had been waiting there for me since a few months (call me lazy). So, I now officially have a digital identity.

Of course, I already had a digital identity. My trusty GnuPG key that I use for my Debian work, amongst others, still has value. And I actually prefer to use that key for most things, really:

  1. I prefer to use a trust system that is based on how I think things are done safely, rather than having to trust a third party—even if that third party is the government
  2. The digital ID cards are made with my National Number as part of the X509 keys on them. This is a highly sensitive number wrt my privacy, so I prefer not to use it for everything and the kitchen sink.

These two things are unfortunate, though technically sound (if you want a key that is useful in a court office, having a government-signed key is of more value; and the National Number, though privacy-sensitive, already existed before the digital ID card and would be cumbersome to change; also, it would be silly to invent a new numbering scheme just for the sake of it). And technically sound is also how the rest of the card is built up—always nice if people with clue design something.

Posted
stylesheet updates

Stylesheet updates

Iemand met webdesigner-backgrounds is zo vriendelijk geweest om mij te tonen hoe je een échte Belgische vlag maakt, voor Planet Grep. Zag er zo verbluffend uit, dat ik het maar meteen overgenomen heb. Wel is het zo dat het niet van de eerste keer correct gelukt is, dus als je rond 15:00 vandaag naar Planet Grep keek, dan kan het zijn dat het er effe niet uitzag :-)

Als er trouwens nog opmerkingen en/of meer kandidaat-planetblogs zijn, hou ik me aanbevolen.

Posted
2.40

Belpic 2.40

When I had almost finished packaging belpic 2.3.13.full, I contacted upstream to notify them of this fact, also mentioning that I'd replaced their build system (which used simple makefiles with many bugs) with an autotools-based one. To which I got the reply that they'd already prepared a belpic 2.40 in the mean time (available at readers.eid.belgium.be), and that they'd switched to SCons as their build system in the mean time. Since I'd spent quite some time on 2.3.13.full already by that time, I decided to continue to prepare that package, and focus on 2.40 afterwards

Now of course I'm happy that they chose to use something different from plain buggy MakeFiles. I'm less happy that they chose something based on python, a language which I haven't liked, ever, and don't know much about either, but, well. That's their choice, right? I'm also less happy with the fact that it doesn't properly clean up after itself (requiring me to do ugly stuff in my debian/rules clean target), and that it doesn't work. Grmbl.

The build currently fails on a file that hasn't changed, because it can't find a symbol which is defined in a file in the same directory that hasn't changed, either. When I rerun the gcc call with the -save-temps argument and review the preprocessed source, I see that that include file is mentioned, but not included.

Something is clearly wrong here. Guess I'll have to start learning python... hrmpf.

If you care, belpic is the software required to read out the information and keys in a Belgian electronic ID card. Not of much use if you don't need to read Belgian ID cards, though :-)

Posted
debconf6

No DebConf6

I hereby make it official: I won't be at DebConf6. Unfortunately, I can't make it, since I have to give class during that week.

I find it unfortunate that a conference which was done during the month of July last time (which is an excellent time to do such a thing, IMHO) had to be done two months earlier this time; at that point, many of us won't be able to attend. But then again, I guess they have their reasons. Perhaps next year?

Posted
vs2005

Visual Studio 2005

Or: Why you should move away from Microsoft. Now.

Visual Studio 2005, the new version of Microsoft's development tools, is coming out. Among its new features are Branching, Bug Tracking, and Atomic Checkins. Yes, that's right: Anno 2004, Microsoft still did not sell a version control system that had something as basic and important as branching. Kinda reminds me of the time when Microsoft implemented a telnet service for Windows right around the time when the UNIX world finally decided that telnet and RSH are insecure by design and that you should use SSH instead.

If Microsoft keeps lagging behind on such fundamental issues, you shouldn't be using them.

Posted
bernhard p link cvs

On version control systems.

I never thought anyone would still seriously advocate CVS over anything else these days, but I was wrong.

Bernhard:

  • Ever heard of atomic commits? You modify three files, commit. Turns out that in the time between you starting to edit stuff and you committing, someone else changed some stuff, and your commit doesn't apply somehow. The first file is committed, the second breaks, and the third isn't committed. Congratulations, you just broke the build, and you'll have to manually fix it. When editing three files, that's manageable; when your commit is (say) about 15 files or so, it's not really as manageable anymore. CVS doesn't have atomic commits.
  • About it being rock solid, I only say Hah. I've seen way too many cvs pserver bugs out there—and that's still the only possible way to go if you want anonymous CVS access.
  • How about the fact that upstream CVS development is rather extremely dead, after most of their developers started to develop subversion because the CVS code is so extremely horrible to maintain?
  • Moving files around isn't just a nice thing to have; it's an extremely important feature. Far too often have I seen people afraid to reorganize their code because that would lose history on the files. If you can't move files, you can hardly ever reorganize code, which means that you let your version control system dictate how you should work—which is bad, very bad.
  • And finally, being able to tell someone that this is fixed in r132 rather than having to say this is fixed in r1.74 of foo/bar, r1.34 of foo/baz, and r1.82 of foo/quux is very helpful. Your suggestion about dates (there's normally at least a quarter of an hour between commits) only suggests that you haven't seen many large projects in the heat of code changes. And even if that weren't true, the fact that it normally isn't a problem makes it even more of a problem on the occasions that it, in fact, does take less than a few seconds between my commit and yours

Really. Have you tried comparing CVS to anything else, on a serious project?

There should really be a way for all those version control systems to talk to eachother. After all, they all have one thing in common: they're all ways to exchange patches. Surely there must be some way to device a protocol or something so that those patches can be easily sent from one version control system to the other and back again?

Posted
insane calendar

Crack

Whoever wrote gtk_calendar_get_date() was on serious crack.

void gtk_calendar_get_date_sane(GtkCalendar *calendar, guint *year, guint *month, guint *day) {
	gtk_calendar_get_date(calendar, year, month, day);
	(*month)++;
}

There. Much better.

Update: Some people referred me to localtime(3), which is on LSD in a similar way. Newsflash: you don't need to design a silly API just because someone else did so, too. APIs are supposed to help me, the programmer, to write sane programs without going mad. They're not supposed to be slapped together based on the ideas of other APIs.

It'd be great if the above function would be added to GTK+ proper.

Posted
comment spam

Hah.

Even though my blog doesn't enable comments by default (instead everything is moderated), someone still thought it was a good idea to spam on a (totally unrelated, though as it happens the first at the time) post on my blog for their blog aggregator that is totally content-less at this point in time (and no, I will not post a link).

That's the first time this happens, in all the time I've had comments on my blog; so moderating them seems to work well. Which obviously is nice.

Posted
3 systems

3 systems

I'm typing this on my laptop, an Apple PowerBook 12", at a customer's site while I'm waiting for my contact to return.

I'm configuring a server here; to do so, I'm logged in to one of their system, which has an SSH connection open to the server, and I have a second system which I'm using to test out the configuration. That second system is a laptop running Windows 2000.

Unfortunately, the system went into suspend mode because I hadn't plugged it into the power, and now it's locked. And I don't have the password. So I can't test my configuration, and will have to wait until my contact returns so that he can unlock it.

Since everything is preferable to waiting, I took out my own laptop and started reading some Usenet posts (they prefer me not to log on my laptop to the network here, but luckily there's leafnode). As I was sitting there, typing away on the laptop, one of the employees of this place walked and saw me typing. Quote: Isn't one computer enough these days?.

Heh. Well, no; I explained that I actually do need all three of them. What I didn't tell him, however, is that at home and at the office, three isn't even enough...

Perhaps I should rearrange my computers.

Posted
government spam

Whoa

I just got spammed by the government.

Well, almost so. I received a mail from the Belgische BrandwondenStichting. That's a Belgian Government-sponsored and -founded organisation created with the intention of providing information and prevention regarding fire and fire-inflicted wounds. Apparently, they discovered the "power" of the Internet, and sent me some email warning me about the danger of fireworks.

I couldn't care less; I do like to watch the fireworks, but I don't usually fire it myself. But I do think it's worrisome that my own government start sending out this kind of things...

Posted
2005-3534

NBD 2.7.6 and 2.8.3 (and 1:2.8.3-1)

I just released NBD 2.8.3 and 2.7.6, and the Debian packages with version 1:2.8.3-1, which all plug CVE-2005-3534 (for stable, there's already been DSA-924). I expect the impact of this to be less than I originally feared, but of course I still want the potential hole to be plugged.

Enjoy!

Posted
aptitude

Aptitude's killer feature

I didn't like aptitude. Its user interface wasn't much better (IMO) than that of dselect (for the full-screen interface) and apt-get (for the command-line one); and it did not offer any features that I absolutely needed and couldn't get with (e.g.), debfoster. But it did require quite a bit more time to do stuff, since it maintains its own package databases, on top .

When installing rock again, I accidentally used aptitude one time, and found out about it's new feature (that only exists since 0.4.0, IIUC) which allows one to more detailedly specify what to do in case of an upgrade conflict.

This is really great. I've since completely switched to using aptitude, on all my systems—even the stable ones, which do not have that feature yet; the latter is mainly because it allows me to have a similar interface on all my machines, rather than having to remember how something is done on this box again.

Thanks, Daniel!

Posted
crosswords

Crosswords

There's a particular piece of non-free software at that other job that I have which I've been playing with a bit. It's called Hot Potatoes, and it allows you to create puzzles, like this Open Source crossword puzzle. While that puzzle is quite nice to fill out, it'd have been even nicer had I been able to generate something like that with Free Software, and Free Software only.

As it is, that didn't happen. But does such a thing exist? Pointers would be welcome.

Posted
barok and newwave

Barok and Newwave

I just finished setting up barok, and newwave is now doing in its final stages.

barok.nixsys.be is a Macintosh IIci, featuring a 68030 processor. The machine has 10MB of RAM, and only had 40MB of disk space. To that, I added one of the 2G-disks of the AS/400 RAID array I have at the office, which is doing nothing there anymore anyway; I lowleveled that disk, and now barok runs its Debian installation on that one. It's on my desk, at the office.

newwave.grep.be is a Quadra 700, which externally looks as if it is the same machine; however, this one has a 68040 processor, and 20MB of RAM, so is a bit faster. It also originally had 250MB of disk space, which is a lot for the time, but by far not enough for today.

The problem of installing both of them was that neither of them has enough RAM to perform a d-i based installation (you need at least 20MB of RAM to do so, so technically the quadra has enough; but to do so comfortably (i.e., to have it finish within 24 hours), more is recommended). So I installed them using the woody installer, then upgraded their installation to sarge, then to unstable (which is what I'm really after).

That took quite some time, not in the least because I wasn't always there to babysit them and make sure they weren't waiting for input. Oh, and the fact that I sometimes tripped over their power cables or accidentally hit their reset button didn't help, either. But now they're mostly up and running, and I'll be testing EMILE on them; the Quadra 950 isn't really supported, which was getting problematic...

Posted
robin

Robin

Seen through Planet Grep: Robin, probably the worst waste of CPU cycles since I tried to run hercules inside aranym inside qemu-i386 on my powerpc laptop.

It's pretty fun to play with, though. For a minute or two.

Posted