Hacker News: jackalope

New comment by jackalope in "Old-school desktop using Debian Jessie"

jackalope — Sun, 14 Dec 2014 18:53:08 +0000

"mpg123 has no controls..."

It does with the -C option:

    -C, --control
        Enable  terminal control keys. By default use 's' or the space bar to
        stop/restart (pause, unpause) playback, 'f' to jump forward to the next
        song, 'b' to jump back to the beginning of the song, ',' to rewind, '.'
        to fast forward, and  'q'  to quit.  Type 'h' for a full list of
        available controls.

It's actually a very competent player, even able to play streams. Mplayer and cmus are also very good for audio playback in a minimalist environment.

New comment by jackalope in "Show HN: What's My Chain Cert?"

jackalope — Wed, 10 Dec 2014 18:44:26 +0000

Doesn't it seem that configuration is needlessly complex for certificates? I think it would be easier to list the entire chain in one directive:

    TLSCertificates /path/to/host.crt /path/to/intermediate.crt /path/to/root.crt

That would support any number of intermediates and remove the need to concatenate certificates into a single file. Terminating with the root certificate would be optional, but if present the server could perform a check to verify the chain to the very end when starting.

New comment by jackalope in "Are You a Robot? Introducing “No CAPTCHA ReCAPTCHA”"

jackalope — Wed, 03 Dec 2014 16:57:25 +0000

I'm guessing your third sentence triggered a penalty. Replace "current captchas" with a blank and you'll see why.

I agree that the reCAPTCHA experience is terrible and assume many others agree with you, in part spurring the development of this new approach. I don't believe that every reCAPTCHA has a solution, or at least a consistent one, so I always feel like a percentage of time wasting is built-in. To work around it, I usually regenerate it until I get one that looks easy, but it's still frustrating. Improving the odds of getting it right the first time will help improve the experience a bit. But my biggest gripe is that they can make direct downloads impossible for resources that don't require extra protection.

New comment by jackalope in "Are You a Robot? Introducing “No CAPTCHA ReCAPTCHA”"

jackalope — Wed, 03 Dec 2014 16:00:45 +0000

I always assumed Google's use of reCAPTCHA was to augment the OCR used to digitize Google Books, particularly in results the software couldn't confidently match to a word. Is this true? It's interesting that it's still the fallback for the new method.

New comment by jackalope in "Linux kernel coding style"

jackalope — Wed, 26 Nov 2014 14:31:39 +0000

"Get a decent editor and don't leave whitespace at the end of lines."

Trailing whitespace always raises a huge red flag for me whenever I look at someone's code. It's not just sloppy, it often makes diff output so noisy you can't detect real changes to the code.

New comment by jackalope in "High-DPI displays and Linux"

jackalope — Fri, 21 Nov 2014 15:18:58 +0000

I thought the whole point of High-DPI was to was to free us from the need to render graphics pixel-perfect at native resolution. While scaling bitmaps will probably be necessary for photographs and most video for a long time, can't everything else be rendered using SVG? Does such an environment already exist?

New comment by jackalope in "EIZO Announces Monitor with 1920x1920 Resolution"

jackalope — Thu, 20 Nov 2014 14:40:06 +0000

I've just set up 3 different work areas consisting of laptops with external second monitors. I've settled on the configuration having the external monitor above the laptop display as being the most optimum. I find that I never need to move my neck to glance from one screen to the other, and only require a slight tilt at the waist to comfortably switch for longer periods. Contrast this to a side-by-side configuration, where it feels awkward to merely shift my eyes sideways, so I move my neck more. This in itself isn't so bad, until I need to focus on one screen that's off-center for prolonged periods, keeping my head in an awkward angle that doesn't seem healthy. Naturally, any configuration should still be augmented with regular stretching/activity breaks.

tl;dr: Vertical: Mostly eye movement. Horizontal: Lots of neck movement.

New comment by jackalope in "Launching in 2015: A Certificate Authority to Encrypt the Entire Web"

jackalope — Tue, 18 Nov 2014 18:06:57 +0000

I'd still be more comfortable if the process never went anywhere near the private key (and I'm concerned that a proprietary competitor or look-alike would prey on naive users by leveraging your example). But I also applaud your effort and transparency. I admit I trust openssl to manage my own keys and certificates, and there is definitely room in this space for improvement and alternative approaches. But it does sadden me that we risk making administrators as trusting and ignorant of the underlying principles as end users already are today.

New comment by jackalope in "Launching in 2015: A Certificate Authority to Encrypt the Entire Web"

jackalope — Tue, 18 Nov 2014 17:05:07 +0000

My concern is that your reach is too far. Asking domain administrators to trust your software to manipulate private keys (and server configurations) is as troubling as asking end users to click past security warnings. The whole purpose of the CSR is to obtain the signed certificate without putting the private key at risk. This decoupling isolates the challenge of identity verification in a reasonable place (nobody is saying it's easy). With your client, you're essentially telling people you accept checks or credit cards, but only if they show you their gold. It sets a bad precedent.

I do want your certs for free! But I also want/need to trust you and know that you're following best practices, not just with me but with everyone.

New comment by jackalope in "Launching in 2015: A Certificate Authority to Encrypt the Entire Web"

jackalope — Tue, 18 Nov 2014 16:18:51 +0000

There is no reason for the CA to ever see the private key. All they need is a CSR. This approach is fundamentally broken.

New comment by jackalope in "Launching in 2015: A Certificate Authority to Encrypt the Entire Web"

jackalope — Tue, 18 Nov 2014 16:11:01 +0000

I run Apache httpd, and there's no way I'd let a wizard anywhere near my configuration files or private keys, much less run it on a production server.

I think it's about time for a free CA that is recognized by all clients, but you still need to establish a trust chain to exchange a CSR for a signed certificate. This service needs to be server agnostic. The barrier to adoption isn't configuration, and HTTPS isn't the only thing that uses certificates.

New comment by jackalope in "My favourite Zsh features"

jackalope — Sat, 15 Nov 2014 20:00:51 +0000

I have this to use the arrow keys without any modifier:

    # Use up/down arrows to search on partially typed command
    bind '"\e[A"':history-search-backward
    bind '"\e[B"':history-search-forward

Just type the first letter(s) and use the up/down arrows to scroll through the filtered command history. Incredibly convenient.

New comment by jackalope in "How many of you use a Linux distro as your primary desktop OS?"

jackalope — Wed, 12 Nov 2014 01:08:13 +0000

I use Slackware and run stock dwm as my window manager.

Once I tweak it to my preferences, I never have to think about it again. My configuration is portable to different versions, different distributions, and even different *NIXes to a large degree. Once in place, the system stays out of my way and I can focus on the task at hand. I used to keep an Arch Linux box around to keep up on the latest versions of things, but I got tired of the constant updating and breakage.

I also use Macs, relying heavily on homebrew (MacPorts before that), but the experience isn't as seamless as it is on Linux. OS X is a great consumer OS, though, so that's what I set my family up with.

I can't get anything done on Windows. I feel like I spend more time maintaining it than using it. The updates are disruptive and kill performance, the endless notifications are annoying and often meaningless, and the interface is byzantine. I haven't tried Windows 8, but I'm curious about it since I love my Windows phone.

Since I'm very keyboard-centric, I doubt that Mac or Windows will change in a direction that interests me. I've been thinking about trying out a ChromeBook because of the instant-on capability. If I don't like it, I'll just wipe it and install Linux (which is another reason I love Linux: I can easily repurpose old or odd hardware).

New comment by jackalope in "Google’s Chromebooks Rule Schools as IDC Pegs Them as Top Sellers in K-12"

jackalope — Tue, 11 Nov 2014 12:53:48 +0000

I think it's fair to say that if your kid comes home with a ChromeBook that you didn't purchase, it's being subsidized somewhere. My local high school just issued them to all freshmen. What I find a bit odd is that if there is any paperwork involved, it's not "Do you give us permission to lend a laptop to your child?", it's "Your child must sign this pledge not to abuse this device." I support the program, but the responsibility goes two ways, and I expect the school district to advocate student privacy over the lure of "free stuff."

New comment by jackalope in "Gow – The lightweight alternative to Cygwin"

jackalope — Sat, 08 Nov 2014 17:27:10 +0000

When I used to install Cygwin, it was to get (in order of importance): ssh, vim, rsync & X11. Gow doesn't include the last two, so it feels like an apples/oranges comparison (for my use case). Still, it's pretty amazing what Windows doesn't include by default in this day and age, so a simple, lightweight set of tools like this definitely has its place.

I don't use Windows anymore, but if I did, I would probably just spin up a VM with a tiny live Linux ISO, because it would bring in so much other goodness without any extra effort.

New comment by jackalope in "Microsoft Band"

jackalope — Thu, 30 Oct 2014 10:39:16 +0000

There are times I wish I could leave GPS tracking on all the time, with a simple way to add markers either now or later, and with the ability to share the data with any app I want. There are times I just want to hop on my bike and ride without doing some dance with a finicky GPS app that I have to remember to stop at the end (and hope it doesn't crash during my ride).

New comment by jackalope in "A Unix-style mail setup (2012)"

jackalope — Tue, 28 Oct 2014 11:35:09 +0000

Mutt has had excellent built-in SMTP/IMAP/POP3 support for years. I'm always surprised to see guides suggesting helpers like msmtp, offlineimap, etc. And with a few macros and save-hooks that you'll only write once, you'll have a fast, flexible mail client that will beat nearly any GUI client in mail processing speed.

New comment by jackalope in "Pgweb: Web-based PostgreSQL database browser written in Go"

jackalope — Tue, 28 Oct 2014 00:05:44 +0000

Vim users might consider the dbext plugin: http://vim.sourceforge.net/scripts/script.php?script_id=356

It supports a long list of databases, a variety of common development languages, has a command history, prompts for variables in statements, and more features I haven't touched. As a Vim plugin, it's fairly light on the CPU, but with all the expressive power you expect from Vim (including syntax formatting/highlighting and the availability of your other favorite plugins). I like it because I can dedicate a plaintext file to a specific task, develop my queries, save my results, and come back to it at a later date if the need arises. Some of these files are an important part of my workflow. The only thing I'd change is a more secure handling of login credentials, but it sure beats the standard command line tools bundled with most databases and requires less overhead than the GUI or web-based ones.

New comment by jackalope in "The Fire Phone Is Officially a Failure"

jackalope — Fri, 24 Oct 2014 21:07:51 +0000

Surprise, that's a software-based feature you could build for just about any phone.

That's an interesting comment. Isn't "phone" a software based feature you could build for just about any computer? I wonder if a fully featured general purpose mobile computer and ubiquitous wifi could make smartphones a thing of the past...

New comment by jackalope in "Using GNU Stow to manage your dotfiles"

jackalope — Tue, 21 Oct 2014 18:14:16 +0000

You can do something similar to target *nix platforms like Darwin|FreeBSD|Linux|NetBSD|OpenBSD with:

  if [ -f ~/config/bashrc_$(uname -s) ]; then
      source ~/config/bashrc_$(uname -s)
  fi