Slashdot Mirror

IMHO, we should ditch JS for Lua

Can I offer an alternative suggestion? How about we DON'T replace JavaScript with <insert favourite scripting language here>. Okay, part of the problem with web scripting is that we're using JavaScript, which sucks. But the majority of the problem is that we're using a programming language at all. We've just reinvented the biggest, clunkiest wheel on the planet.

Look at the number of projects that are taking programming code, or in some cases bytecode, and compiling it up to JavaScript (GWT, Pyjamas, Emscripten, CoffeeScript, and the rest). If we replace JS for Lua, we'll need to write a new generation of tools to compile everybody's programming language into Lua. Can we please have a standardised low-level virtual machine (hint) that will run in all browsers, which all languages can target, so we don't have to go through the ridiculous hoop of taking, in many cases, low-level statically typed code, throwing away all the type information and converting it into high-level dynamic scripting code, and then having the browser optimise the hell out of it and try to figure out the types? Google's PNaCl is apparently going to get the ball rolling on this, with LLVM.

I wrote a patch for VIM that did code folding the way I wanted it done, for example

That's it!

When I get out of college, I'll just send my .emacs folder and my email and wait for the calls to come :)

I use Password Gorilla. Written in Tcl/Tk, has standalone downloads for Linux, Mac OS X, Windows. Been using it for the last few years, works well for me.

From the wiki:
Password Gorilla is a Tcl/Tk application which can run on Linux, Windows and Mac OS X. The source files written are supposed to be compatible between platforms. They are tested to run on Linux kernel (less than or = to) 2.6.30.5, Windows XP, Windows 7 and Mac OS X 10.6. So it is possible to work with this password manager in heterogenous environments. The Password Gorilla generated database is besides compatible to actual Password Safe 3.2 databases. The password is SHA256 protected and the database contents are encrypted with Bruce Schneier’s Twofish algorithm. Brute force attacks are prevented by key stretching.

I use Password Gorilla. Written in Tcl/Tk, has Linux, Mac OS X and Windows standalone versions ready to go.

Description from the wiki:

Password Gorilla is a Tcl/Tk application which can run on Linux, Windows and Mac OS X. The source files written are supposed to be compatible between platforms. They are tested to run on Linux kernel (less than or = to) 2.6.30.5, Windows XP, Windows 7 and Mac OS X 10.6. So it is possible to work with this password manager in heterogenous environments. The Password Gorilla generated database is besides compatible to actual Password Safe 3.2 databases. The password is SHA256 protected and the database contents are encrypted with Bruce Schneier’s Twofish algorithm. Brute force attacks are prevented by key stretching.

You've already got 3 repository type systems for OSX : Fink, MacPorts and Homebrew.

And they all suck balls.

With the advent of App Store for OS X and problems getting GPL software in app stores (how to distribute source?), what is needed is an open source app store.

Can someone port Synaptic (or any other repository-based system) to OS X and Windows? The benefits are huge and should be obvious.

I'm not a programmer, but wouldn't mind paying a token sum to get a free app store for OS X.

You've already got 3 repository type systems for OSX : Fink, MacPorts and Homebrew.

Good point, facebook never opens things up.

https://github.com/facebook

No, you (and the GGP) are wrong.

I suggest that before installing the update you try for yourself to access the infamous database from your latest iPhone backup. (One of the "fixes" in the iOS 4.3.3 update is that the database will no longer be backed-up). You can get the instructions on how to locate the SQLite database and how to open the CellLocation table using the SQLite Manager plug-in for Firefox directly from the people that "discovered" the issue. The most relevant fields are Timestamp, Latitude and Longitude.

The timestamp field shows the time of an entry in seconds since January 1st, 2001, at 0:00. The first shocking thing is that the data is not acquired continuously or at a regular interval, but rather in "blobs". Each of these "blobs" of data will have several entries, some five or less, but most (in my case) have 60 or more, *many* more, sometimes over 100. All those entries have literally the EXACT SAME timestamp, to the microsecond. I can't believe that my iPhone sees more than 100 different WiFi stations and cell towers at the SAME time.

Furthermore, most of the many entries for each particular "blob" happen to be several miles (up to 25) from the location where I know I was at that particular timestamp (say, midnight on a Wednesday). And indeed the info is close to useless: the average of all the 121 entries in the blob in a particular case was over 1.5 miles away from my actual location, and even the average of the 15 points closest to me (note that that required a priori knowledge of what you are looking for: my location) was 0.55 miles away.

My point is: Apple may be collecting the data from the radio logs to create their famous "crowdsourced" database, but the CellLocation table, which is the center of the whole issue, is not data from the radio logs of your specific device.

It is deleted regularly on Android, only last four towers on mine. And this is all old new already, something like April 28th.

Here's some info, https://github.com/packetlss/android-locdump

http://petewarden.github.com/iPhoneTracker/

You mean like Sprixel? There are already a number of compilers for other languages, such as Java, Python, and Javascript, oddly enough. List of languages that compile to JS has many more.

I do just that for my company. I use the sequential numbering stamp, scan everything, (got a full duplex scanner with document feeder). The scanner numbers the scans automatically. I then use a small program where I can enter tags and then it emails it to a Gmail account. With the filtering features (filter on the tags) and great search options of Gmail I can always find stuff and download the scans. I keep all the originals in folders on their numbers. So if I ever need the original I can easily find it based on the number.

The big downside is that the scans are currently not yet encrypted. For that I started a small open source project at https://github.com/AlbertPluton/Tagnlock to make some software where I can easily tag the scans, encrypt and then email the scans.
The software would have been ready, but I want users to be able to easily create their own tags and options such as compulsorily or not. So we're not there yet. But it is already on Github (GPLv2)

For more information about the new Firefox release schedule, see http://mozilla.github.com/process-releases/draft/development_overview/ and http://mozilla.github.com/process-releases/draft/development_specifics/

For more information about the new Firefox release schedule, see http://mozilla.github.com/process-releases/draft/development_overview/ and http://mozilla.github.com/process-releases/draft/development_specifics/

Like this? http://cloud.github.com/

git-annex uses git to track your metadata and rsync to move your files around. It knows which repos hold what files and can enforce minimum copies, trust levels, etc.

Also, it can store transparently encrypted data with untrusted third parties like Amazon S3. You can even have it use bup as a back-end which gives you change tracking of actual data, not only metadata. Oh, and a FUSE front-end is in the works which means you get 100% transparent file tracking, distribution and backup. All based on FLOSS and you are in control.

If you know how awesome VCS are and want to use them to actually get some order into your files, configs and maybe even life, click the links below.

http://git-annex.branchable.com/
https://github.com/apenwarr/bup
http://lists.madduck.net/listinfo/vcs-home
#vcs-home on irc.oftc.net

i've been messing with http://petewarden.github.com/iPhoneTracker a bit. its pretty interesting. i'm just wondering what triggers the coords to be stored. it has places i have been at for more than a few minutes - home, work, in-laws home, mall, etc. but nothing for the routes in between (i have a 45minute drive from home to work) so is it triggered by calls made? specific times of the day? after X number tower changes? does anyone know?

Using location services triggers this. Like, using Google Maps or taking a photo (which gets location data embedded) or one of the myriad other apps that need location data. You see this indicated with an arrow in the status bar. If you don't use anything that needs location data, no location process is triggered and nothing is there to be saved.

i've been messing with http://petewarden.github.com/iPhoneTracker a bit. its pretty interesting. i'm just wondering what triggers the coords to be stored. it has places i have been at for more than a few minutes - home, work, in-laws home, mall, etc. but nothing for the routes in between (i have a 45minute drive from home to work) so is it triggered by calls made? specific times of the day? after X number tower changes? does anyone know?

this is exactly the sort of blind outrage the author is talking about. this isn't an apple issue. it's a smartphone issue. here's the SAME THING for android: https://github.com/packetlss/android-locdump people need to stop the apple-rage and get the facts straight. nobody is immune to this issue.

It's not the same kind of information at all. The android file (only available if you have root) is a temporary cache. That is totally difference then the Apple file which holds the data about your location since you bought the phone.

Talking about objectivity, where did you hear it holds data since you bought the phone ? The only date I've seen Wired's 10 months. Granted that's longer than the month (for cell) and year (for wifi) the data seems to be retained on Android but, crucially, we don't know the reason for this. There could be a technical reason, or it could be negligence but you choose to jump straight to maliciousness. You are making as many assumptions as the people you criticize, just from the opposite standpoint.

Secondary question: is there a similar location cache on Android? If so, the screech should be just as loud outside of Google's offices and every cell provider's offices. If it's evil for Apple to do, it is equally evil for Google to do, and you either call out both of them or neither of them. Selecting just one reveals the color of one's kneepads.

Yes it has, it seems data is retained for a shorter time than on iOS though.

TFA seems only to prove that Apple is not 'tracking your every move' in the literal sense, they are just 'tracking your every move within the accuracy a phone on standby is able to, aggregated to a weekly basis'. Oh, well that's ok, if it's that inaccurate, surely my privacy isn't threatened! The writer is an apologist for Apple - after all, why end it with 'well if that argument didn't convince, someone else is doing it too! If everyone's doing it, it must be right!' (majorly paraphased).

People are also concluding that this data isn't 'phoned home'. But I don't believe they have the sourcecode for the software on their iphone, and if they did, that they have looked through it.

And as for the parent - your 'cell'phone provider needs to know where you are in order to supply your 'cell'. Not saying that justifies them keeping a record of it, but on the other hand, your bank has a record of all the transactions you have made involving your bank account. I'm not sure what justification a cellphone maker has to record your whereabouts.

Well we have (old versions) of Android's sourcecode and guess what, they have a location cache too.

"This is a quick dumper I threw together to parse the files from the Android location provider.
The files are named cache.cell & cache.wifi and is located in /data/data/com.google.android.location/files on the Android device.
You will need root access to the device to read this directory."

Can't say I'm surprised. Apple seems to retain the data longer than Android does but they might be doing some analysis on it to improve connection or it could just be a lazy programmer at Apple somewhere.

If you want to know if it's phoning home the data, sniff the connection. A lot of paranoiacs do this all the time and from time to time they come up with interesting tidbits apps send home, nothing about location data though.

It's more than likely a file that contains the location of cells in the area? for aiding quick start positioning?

Either way, it doesn't matter since even if the phone doesn't have records of where you have been the phone company does.

The same information is also gathered by Android, so Google fucked up as well:

https://github.com/packetlss/android-locdump

You know what, people like you that cant be bothered to actually look at the data yourself or do any research but are loudly speculating are a big part of the problem. If you took a few minutes and looked you would see that it's cellphone tower locations. anyone that took a few minutes to correlate their data would have seen it. ALL CELLPHONES that do the "enhanced fake GPS" that uses cellphone towers for a fake gps in the phone as well as a faster location before the gps get's a real fix do this. The same data cache is in nokias and android phones.

But no, let's not find out what it is let's wildly speculate and try to punch holes in the story of the one guy that did take the time to look and then told everyone they were all being idiots. Me, I quietly sat there watching the fools go into panic mode over nothing. I got quite a laugh out of this over the past 48 hours.

You are the one that "fucked up" apple is doing what android phones are doing as well as most other cellphones are doing.

P.S. for the losers that are going to say "citation please" about the android phones... look for yourself.... https://github.com/packetlss/android-locdump

Read the FAQ. The iPhone triangulates your position using multiple nearby cells, and the extraction program intentionally, artificially removes the details:

"To make it less useful for snoops, the spatial and temporal accuracy of the data has been artificially reduced. You can only animate week-by-week even though the data is timed to the second, and if you zoom in you’ll see the points are constrained to a grid, so your exact location is not revealed. The underlying database has no such constraints, unfortunately."

The carriers already have this information from their end, this is a separate copy of the data. There's no evidence that the file is ever sent anywhere, but on the other hand there's no evidence that the file is never sent anywhere!

You must not have read yesterday's article. The forensic device the police use (similar to machines retailers use to transfer your info from an old phone to a new one) fully dumps all content. That file would certainly be among the data. Legal or not is another matter.

Check out this app that displays that data:

http://petewarden.github.com/iPhoneTracker/

Github, Reddit,^H^H^H^H^H^H^H Slashdot... the sewer is overflowing.

its a page with some python you tube clips on it.

No dude that's flash.

Yo dawg, I heard you didn't like Flash, so I wrote a Python script so you could get YouTube through 'yo tube without Youtube!

I wanted to pitch in and help if I could, but didn't have massive bandwith or storage to offer - turns out you can help by scraping Google Video for links.

Here's how:

Note: This will only work on Linux machines with X running - you can't run it on headless servers due to phantomjs requirements.

1 - Get and build phantomjs (a headless web browser) by doing the following:
        - Install build-essential, git and libqtwebkit-dev if necessary
        - Create a directory called phantomjs or something
        - In the terminal go into your new directory and run the following command to get the phantomjs source code:
                git clone https://github.com/ariya/phantomjs.git
        - Build phantomjs by issuing the command:
                qmake && make
        - Move the phantomjs binary somewhere in your path by issuing the command:
                cd bin && sudo mv ./phantomjs /usr/bin

2 - Create a folder called gvscript and download the file with the list of Google Video related pages to scrape: http://199.48.254.90/at/google_video_related.gz
        - Extract the above downloaded file (Right-click and Extract To.. or use tar -zxvf ./google_video_related.tar.gz)

3 - In a terminal, navigate to the folder where you extracted the google_video_related file (above) and run the following command to help scrape Google Video:
        while : ; do ./related.sh ; done

4 - Leave this script running, and head on over to #ggtesting on EFnet (IRC) if you need any assistance or in case the script has any issues. The script scrapes each page for related videos and sends them off to an archiveteam server. It takes very little processing and bandwidth on your end (a couple of kb/sec, if that) and seems to work just fine.

I prefer http://rg3.github.com/youtube-dl/ personally :)

youtube-dl is a small command-line program to download videos from YouTube.com and a few more sites. It requires the Python interpreter, version 2.x (x being at least 5), and it is not platform specific. It should work in your Unix box, in Windows or in Mac OS X. It is released to the public domain, which means you can modify it, redistribute it or use it however you like.

Have been using it for months now (mostly because youtube insist on cutting the streaming speed to 20kbps now and then), and it have worked perfectly. Put the urls in a text file, point the script to the file, and off it goes.

Oh, and a fork: https://github.com/pascalbertrand/OpenTLD/blob/osx-octave/ that supports OS X and uses Octave (open source) instead of Matlab. This means that the entire toolchain is now OSS, and compiles on OS X!

ClosedTLD is licensed under a commercial license; OpenTLD is under GPLv3. Eventually these will likely fork (if anyone else adds code to the GPL'd version).

More info (and code) for OpenTLD here:
http://groups.google.com/group/opentld
https://github.com/zk00006/OpenTLD

The source code was already released. https://github.com/zk00006/OpenTLD

There are a few more repos here.. http://www.google.co.th/#q=site:github.com+%22TLD+is+an+algorithm+for+tracking+of+unknown+objects%22&hl=en&filter=0

A license has to be purchased for using TLD in a commercial project. The licencing is managed by the IP owner, the University of Surrey and the fee is subject to negotiation.

1. Blog your progress. Whatever you did today, blog it. Let people know what you did that worked, or what was faster (Nginx vs. Apache), or what wasn't (ColdFusion?). Don't reinvent the wheel, use WordPress, regardless of whether you like PHP/MySQL or not.

2. Use a subscription/payment management company. You're just a small group of nerds, not accounts receivable clerks. Fastspring, Plimus are free; Chargify, Subsify, Cheddar Getter, BrainTree, Spreedly charge; and Zuora is expensive.

3. Use Google Docs and Slideshare to share documents.

4. Chat. Don't just rely on email. Emails can often read like "this way or the highway". Be collaborative. You can often accomplish more with 15-30min collaboratively as opposed to composing and responding to long emails. Skype, Jabber, SIP

5. Take notes on what you did. Made a server configuration or a setting change in your CMS, your compiler, or whatever? Copy and paste from xterm so you don't have to guess about those commandline switches next time. Take screenshots and make them available to others. Zim, Projly, DokuWiki.

6. Have a phone numbers. If not bog-standard landline phones, take advantage of Google Voice and SkypeOut and SkypeIn (people can call your Skype line on a normal phone number). I realize Google Voice might not be available in South Africa yet.

7. Someone mentioned version control. Use git if you're a cool kid. Or svn if you're old and busted. Read the RedBean book. I've had success in having non-tech colleagues using graphical clients like TortoiseSVN (integrates into Windows Explorer).

8. Write tests. Any member of your team, sitting anyplace, should be able to push a button and run all your tests. Tests document how you're supposed to use a given method, class, etc., especially valuable when you're so far flung. Use JUnit, PHPUnit, FooUnit for your language. Write the tests before you develop, and you're doing Test Driven Development.

9. If you're writing tests, that implies loose coupling, which might require dependency injection. Can be difficult to climb that mountain, but it's worth it when you can just run a test and be sure your project works.

10. Development processes: Scrum, Extreme Programming. UML lets you communicate graphically about objects.

a specific combination of super-popular website plus popular client software

Well, you're wrong on that part, at least. Chrome is happy to use SPDY protocol to all web servers, not just google's (verified by someone earlier in the thread, via https://github.com/donnerjack13589/node-spdy and chrome://net-internals/ ), and I'm sure google's servers are happy to serve content over SPDY to any browser that asks for it. There is a detailed draft around the protocol, and there's open source code out there implenting it (for example in chromium).

I see this as no different from, say, some browsers supporting webgl and audio/video tags before they're standardized. Or if apache added support for a new compression algorithm.

It is incompatible with all other websites and all other browsers - it only works with the combination of Chrome+Google's own websites.

This is flat out wrong. Just this morning I used Chrome to connect to a test server that was running a node.js implementation of SPDY. I verified the connection using chrome://net-internals. It worked well.

There is nothing in chrome that prevents this from working on other domains/websites.

There is nothing stopping anyone from implementing their own server.

End of FUD.

Frankly, I'd like to see SQL die and get replaced with something more modern. We don't program in Cobol anymore, so why the hell are we still using SQL?

I'm working on a relational alternative, as are others. But anyone trying to devise a SQL killer is 30 years late to the party. There's no way you'd be able to match the feature set of modern SQL DBMSs.

Even if you target people who aren't terribly interested in features, there are two big problems. One is convincing people to move from SQL to something else. In every aspect of the language, SQL is "good enough." The worst part is ostensibly the syntax, and I can't help but notice that no one tries to write C or Java without extensive support from their IDE. All you need to bang out SQL is auto-indent.

The second, and arguably bigger problem, is that people think that because they can write some SQL that they understand databases and understand the relational model. So a good portion of my work has been trying to explain relational theory while I'm explaining the language I'm developing. The math itself is dead easy, but for whatever reason, a lot of people just don't seem to get data.

One of the first things on that page is a link to the source code for the server.

A link to the actual site for the program: http://ilektrojohn.github.com/creepy/.

Anyway, yeah, the program is written in Python it seems. And it doesn't even run for me.
Possibly because some dependencies aren't in the Ubuntu 9.10 universe. Bleh.

The .deb will not convert to .rpm with alien. Not everybody uses Debian or some *buntu.

WINE does run the Windows version just fine, however. so users of other Linux flavors can ignore the poor Linux support.

A link to the actual site for the program: http://ilektrojohn.github.com/creepy/. Also, this program has copyright notices for 2010. So... (Though admittedly the article is dated 30 March 2011.)

Anyway, yeah, the program is written in Python it seems. And it doesn't even run for me.
Possibly because some dependencies aren't in the Ubuntu 9.10 universe. Bleh.

Anyway, I just wanted to say one other thing. I ain't worried, 'cause I don't use Social Networks! Hah! You crazy stalking types are going to have to try harder to find out about me than that. (Please help, I have no friends.)

https://github.com/diaspora/diaspora

Not to dismiss my earlier reply, but I couldn't resist passing this along:

HTML5 + CSS3 is Turing Complete

Neat, apparently Eli Fox-Epstein managed to implement Rule 110 in HTML5 and CSS3 -- check it out

I know it misses the point -- but it's absolutely hilarious given your last post.

Thought I'd write up a quick 'getting started' guide for anyone that wants to give bitcoin mining a go:

#1 - Download the bitcoin application from bitcoin.org, install and fire it up. It will connect and sync with the p2p network, downloading approximately 114700 blocks.

#2 - Download and install the OpenCL driver for your graphics card / OS.
You might also need the full SDK, my drivers were supposed to include OpenCL support, but the GPU miner still didn't work. For AMD/ATI cards, this link should work:
http://developer.amd.com/gpu/AMDAPPSDK/downloads/Pages/default.aspx

#3 - Download and unpack "PyOpenCL bitcoin miner" somewhere. You'll find windows binaries here (7zip-compressed):
https://github.com/m0mchil/poclbm/downloads

#4 - Using the bitcoin client, create a new 'receiving address' which you call 'mining income' to track payments.

#5 - Sign up for a mining pool. You'd rather have a few cents an hour than wait months for a random shot at 50 BTC. I'd go with:
http://www.bitcoinpool.com/newuser.php
as they're free, while the others charge a fee of 2-3%. Wallet ID is the thing you created in step 4.

You'll find the other pools here:
http://www.bitcoin.org/smf/index.php?board=14.0

#6 - Stuff the following into a .bat file and run it. Might want to try from the console first, to make sure all is ok.

start /DD:\bin\bitcoin\poclbm poclbm.exe -f 60 --host=bitcoinpool.com --port=8334 --user=username --pass=password -d0 -v -w 128

This of course assumes you're on windows, and installed to a directory named d:\bin\bitcoin\poclbm..

Setting the f options to a higher value will cause less stress on your system. 30 is the default, shoot for 120 if your screen is lagging too much.

The d option is the device id of your graphics card. Mine's device 0, it could also be 1, 2 or whatever.

If the above worked, you should see a console window containing output like this:

23/03/2011 17:18:55, long poll: new block
23/03/2011 17:19:27, b15bbc4d, accepted
23/03/2011 17:19:47, 97f98213, accepted
23/03/2011 17:20:04, 2a8d658f, accepted
23/03/2011 17:20:15, 96fd6e6e, accepted
160772 khash/s

My fellow supporters of market-friendly free software licenses (as opposed to the commie GNU crap) will be happy to hear that BitcoinJ has an Apache license, and hopefully it will be able to run on the Apache Harmony JVM in addition to the restrictive GPL one from Oracle.

The original Bitcoin client also has a Copyfree license, but it has some restrictive dependencies (ex. wx) and it's a pain to install on *BSD.

About that empty link in the last sentence of the summary - did the author intend to link to a story about commie thuggery against the Liberty Dollar?

I've been working on a full client implementation in python https://github.com/phantomcircuit/bitcoin-alt

Just so people know BitcoinJ is not a full p2p node.

I use youtube-dl and ffmpeg. (Sadly, youtube-dl is shared by many projects. I found this one in the Fedora repos and it works well for my use.)

Actually, this is Internet Exploder ;)

That is too bad for you that you are unable to make money working on free software.

I do, and other people working with me do too, and have for a long time:

    https://github.com/jdkoftinoff

    http://www.meyersound.com/opensource

--jeffk

I've had an Asteroids one on my bookmarks bar for a while now: Hello, want to kill some time?