Recent Events for foo.be MainPageDiary (Blog)

Page Collection for ^2007-11

2007-11-04 Small Is Beautiful and Sometime Secure

Reading the latest paper from Daniel J. Bernstein named "Some thoughts on security after ten years of qmail 1.0" [archive info], I was impressed by the overall tone of his paper. Often in scientific papers, we don't see the full path from the errors made by the author(s) to the solution that could help the reader to avoid the same pitfalls. I have really appreciated the following part : In retrospect, it was stupid of me to spend code not just this file parsing code, but also code to distribute message files across directories dealing with a purely hypothetical performance problem that I had not measured as a bottleneck. Furthermore, to the extent that measurements indicated a bottleneck (as they eventually did for the message files on busy sites), I should have addressed that problem at its source, fixing the filesystem rather than complicating every program that uses the filesystem. That's a great lesson of humility to all of us when we are programming. Moving the issue by creating complexity somewhere else instead of fixing the source of the problem. I made that too for various reasons but we should try harder to avoid such case. That's very difficult for me (and I'm pretty sure for you too…).

When you are more and more involved in software security assessment, you are more and more convince that simplicity and small code is a good helper to produce more secure software. The paper of Daniel J. Bernstein is reinforcing the point with his historical perspective on his own software. Again Edsger W. Dijkstra is cited and with a nice word of wisdom : ... idiot software managers measure "programmer productivity" in terms of "lines of code produced", whereas the notion of "lines of code spent" is much more appropriate. from [archive transcription of EWD962-4]. I just hope that simplicity in software engineering will be a requirement when distributing software. But I'm just dreaming and really need to get up this morning.

Tags :

When trying to get up, I was there : geo: Les Bulles, Chiny

2007-11-10 Dreaming Of Mediawiki Using GIT

Discussing the ability to have an off-line Mediawiki, I was wondering why there is no Mediawiki relying on git. Mediawiki is a de facto standard for the wiki users, every company has at least a Mediawiki for one or more project. Mediawiki strongly rely on the LAMP concept with a special emphasis on MySQL and the Structured Query Language (SQL) for the storage of the wiki content. At a first glance, it looks very difficult to move away from such centralized model to a decentralized model like git. The idea is not new and there are already some tentative :

  • mvs (a command line Mediawiki client bundled with the perl module WWW-Mediawiki-Client) provides a kind of SCM interface to Mediawiki. You can take offline some pages (via an update command), edit your changes locally and commit them back to mediawiki. When doing an update, mvs is discovering any conflict. The application will try to solve the conflict (à la scm) and inform you for the unresolvable conflicts. It works quite well but you must know in advance the part of the wiki that you want to edit and this is not very convenient for the non-SCM user.
  • Not related to Mediawiki, there is a wiki compiler called ikiwiki that can benefit from an SCM-style storage. ikiwiki can be configured to take advantages of any 'post-commit' hook in a SCM (like git) to publish the wiki right after the edit (and also benefit from the revision management from the SCM).

The main advantage of using a decentralized model for the storage in Mediawiki could help the off-line use of Mediawiki. Git works easily with branching without the hassle of CVS or Subversion. The techniques are there and freely available but the challenge is to provide a mix Mediawiki and git in an usable interface for the wiki users. Maybe someone is already working on a similar thing…

Tags :

2007-11-14 Hallam Foe

In those time where we are between autumn and winter, between an interim government and a potential one, between life and dead… it's time to enjoy art. We are currently enjoying the 27th European Movie Festival in Virton. I really loved Hallam Foe, a film full of life, optimism… a great moment.

Do we really need a government in Belgium ? no, we just need Art and Freedom.

tags:

2007-11-19 What About Belgium

When meeting people not from Belgium, they are always asking what do I think about the current political situation in Belgium ? That's a dawn good question… I was not feeling good because I really don't know what to understand from the today's situation. I always knew Belgium with such political status. For sure, starting from my birth, I have already lived more than 1 year cumulated without government. So it's not a big deal… Looking more deeply in the situation, I'm not feeling very well. I have not really an issue with the current status but I have more an issue with the fact of rising flags of a country or a region. For me, there is no real difference between rising a flag for a country or a region. That's a kind of nationalism and I don't feel comfortable with that fact. How to solve the current situation ? I think that understanding and communication are the golden keywords for "our" political representatives to solve the issue. They must also avoid the attraction of the mass media

I'll stop here and keep in my mind this quote from Banksy : "people who enjoy waving flags don't deserve to have one"

Tags :

2007-11-25 Telepopmusik Effect

Vincent and I made a past experiment with the purchase of some electronic music album. But now, we found a name for this experiment : the Télépopmusik Effect. The effect is the following, you heard from radio or in a club a nice electro song from a new band. You saw various nice critics about the band, the leading song and their album. But very often, the critics are made from a "journalist" who just received the leading song (a single) from the editors. But the journalist will make a great review of a song and he'll mix the leading song review with the new and upcoming album from this band. We first encounter this effect with Télépopmusik, one great song, the rest of the album good for background music nothing more. We named the effect as I just faced it again with the latest album of Justice. Two good tracks but the rest… nothing incredible. Except various positive reviews from "journalists". The experiment will continue to see if this is not only applicable to French electro band…

Tags:

Recent Events for foo.be MainPageDiary (Blog)
Administration

[FSF Associate Member] Librarything profile for adulau XFN Friendly
if not specified on the wiki page, Copyright © Alexandre (adulau) Dulaunoy. This work is licensed to you under version 2 of the GNU General Public License. Alternatively, you may choose to receive this work under any other license that grants the right to use, copy, modify, and/or distribute the work, as long as that license imposes the restriction that derivative works have to grant the same rights and impose the same restriction. For example, you may choose to receive this work under the GNU Free Documentation License, the CreativeCommons ShareAlike License, the XEmacs manual license, or similar free licenses.