1. On Conferencing ...

    So far in 2016 I've been to LinuxConf, PyConAU and Compose, and if it hadn't been the same weekend as PyCon I'd have gone to DDD as well. I've also been along to plenty of smaller meetups including MelbDjango and BuzzConf Nights. So why all this relentless conferencing?

    read more
  2. The Internet of (Not Shit) Things

    Sat 07 May 2016

    Category: etc.

    Tags: IoT

    Far down the vault a man was screaming. His fists were tightly clenched and he was screaming out imprecations against the humming computer. There was a hopeless rage in his eyes -- rage and bitter, savage defiance. Even as he screamed he began to slouch forward, with the terrible weariness of ...

    read more
  3. Postgres without SQL

    So some ludicrous proportion of SQL these days is generated by one ORM or another. And all the cool kids have decided to move on to the next thing anyway. So that got me thinking ... when we talk to an SQL database through an ORM, we're turning a bunch of operations on objects into a human readable query language, then turning that back into a query plan. Why?

    read more
  4. A Canticle for Diff3

    A brief and not necessarily totally accurate history of diff3

    Diff3 is one of the most amazing, historic pieces of software in use today. It is an amazingly simple idea which changed the way we think about software. And even most of the people who use it don't really ...

    read more
  5. Credit Gateway Policies


    Jack Skinner and I were talking at BuzzConf on the weekend, and it turned out this is something we've both noticed and been annoyed by.

    He tweeted:

    Anyone at #BuzzConf interested in adding permission scopes to token payments and drafting a standard? Hallway track with @mnemote & I tmz ...
    read more
  6. ShellShock: 'bash' vulnerability

    A vulnerability in 'bash', popularly called 'ShellShock' has been all over the news this week. I've spent a lot of time talking to clients about it over the last couple of days, and checking up on systems, so I thought I'd write some of those conclusions down.

    read more
  7. You've got NO MAIL

    Thu 21 August 2014

    Category: etc.

    From the "Ideas I'm Never Going To Implement Myself" bucket:

    NoMail is an email service which doesn't store anything. Anything at all. Email received by NoMail is ephemeral and exists only in your client.

    read more
  8. Programming for Startups

    Sat 19 July 2014

    Category: etc.

    I presented a session on 'Programming for non-Programmers' talk at General Assembly Founder's Bootcamp ... here's some notes which I jotted down afterwards ...

    read more
  9. The Selfish Secret: Logins Without Passwords

    Fri 27 June 2014

    Category: etc.

    Perhaps instead of looking at cookies as a proxy for passwords, we should be looking at passwords as a transport mechanism for secrets! The desired result is to share a secret key between the server and one or more browsers, and the password is merely a mechanism to prove the browser worthy of the secret ...

    read more
  10. Make your own Client-side Certificates with a Pseudo CA

    I've used this authentication method on a couple of different client projects so far, so I thought it might be useful to write up a quick explanation of how it works.

    Client-side Certificates

    The webserver can be configured to ask for a client-side certificate, for example in apache:

    SSLCACertificateFile ...
    read more
  11. Multiple Inequalities in Google AppEngine

    So I’m playing around with Google AppEngine (still!) trying to put together some kind of sensible use for it. AppEngine is neat-O, but it is also quite limited in what it can and can’t do. One of the most glaring problems (for my toy app) is the datastore ...

    read more
  12. SyntaxError: keyword argument repeated

    It turns out that repeated keyword arguments (kwargs) were illegal in python 2.4, ignored in python 2.5 and illegal again in python 2.6. This means that if some have crept into your codebase, you’ve now got a handful of syntax errors!

    For example, here’s test ...

    read more
  13. GCC 4.6 linker switches

    Thu 16 February 2012

    Category: etc.

    Tags: C unix

    An odd little one: I was compiling some older code on gcc 4.6 / Ubuntu 11.10 and it failed to make, with the traditional error:

    undefined reference to `sqrt'

    My Makefile was trying to do something like this:

    gcc -c -o eg.o eg.c
    gcc -lm -o eg ...
    read more
  14. Fibonacci Regex Perversity

    Repeated Substitutions

    Consider these two regex substitutions:


    (For those unfamiliar with Perlish regexes: that first one says “replace the string fb or fib with the string i”. The second one says “replace a string fiiXb with fXbfiXb, where X ...

    read more
  15. Some thoughts on AWS

    Sun 01 May 2011

    Category: etc.

    Tags: aws

    There have been a lot of very interesting articles posted recently about the cause and effects of the April 2011 AWS outages. This article is an attempt to tie some of them together.

    The Great EBS Outage of 2011

    According to Amazon, the outage was caused by:

    [... H]igh error ...

    read more
  16. Virtual Localization

    Virtual Localization is a technique for Mesh Network routing. It tries to make it easy to route packets across the mesh by assigning each node a “Virtual Location”, which can then be used for Greedy Forwarding. It is a fully distributed algorithm … no one node holds the whole map of ...

    read more
  17. VRML: Very Odd.

    So the VRML rendering thing isn’t panning out so well. “Making the simple things simple by making the difficult things impossible”.

    We’re talking, here, about a language which has a clock, but no way to display the time. You can display strings on billboards, and the billboards even ...

    read more
  18. FreeTDS without udp 1434

    Just a quick note for anyone trying to do FreeTDS through a tunnel or a firewall pinhole or whatever: If you specify an Instance name, FreeTDS goes and probes UDP 1434 to determine the port number for that instance, even if you also explicitly specify the TCP port number you ...

    read more
  19. More Trickiness With SSH

    I saw an article on reddit about SSH trickery. SSH is a very subversive protocol, able to work around many kinds of unwise security policies. Here’s a couple more useful things to know.

    1. Better Lurking Through .ssh/config-ery.

    Where you’ve got machines lurking behind other machines, inaccesible ...

    read more
  20. (sort of) First Class Classes in C#

    I find myself writing some C# code while still thinking in Python. One thing in particular caught me out … it seems, at first, that C# doesn’t have first class classes. This is annoying, because I’d started writing some device driver classes where each class is a type of ...

    read more
  21. Templates Fugit

    Ever since I started working on Internet Stuff, I've been wrestling with crazy Template Languages. This article is an attempt to compare some of the more common template languages out there.

    I've consolidated this from a series of blog articles I wrote back in 2009. As a result ...

    read more
  22. wget –certificate=$X –private-key=$X

    wget 1.10.2 seems to silently fail to use an SSL client certificate unless you specify both –certificate and –private-key:

    wget --certificate=$PEMFILE --private-key=$PEMFILE

    Even though both things are in the same .PEM file. It does read and check the PEM file if you specify only the former ...

    read more