Rubenerd

This post originally appeared on the Annexe.

Zine.

Yesterday, I mentioned that OS X 10.9 Mavericks wasn't remembering the key mappings for my PC keyboard. Since then, I chanced upon a utility called KeyRemap4MacBook, dubbed "a powerful and stable keyboard customizer for OS X".

Buried in its inexplicable option list, I was able to find Alt/Command and Windows/Option remappings, as well as a few other tricks. Best of all, it remembers the mappings after a system restart, and when the keyboard is removed and plugged in again.

It still feels weird using a third party utility to compensate for a feature that's supposed to work in the base system, but for now it's a solution and I'll take it. Thank you Takayama Fumihiko for saving me much frustration!

This post originally appeared on the Annexe.

Martin Kettle quoting Cameron in The Guardian:

“We are sticking to the task. But that doesn’t just mean making difficult decisions on public spending. It also means something more profound. It means building a leaner, more efficient state. We need to do more with less. Not just now, but permanently”

No matter that austerity has failed. The good news is the UK Conservatives have broken almost every promise they’ve made.

This post originally appeared on the Annexe.

“The first recorded use of Teal as a color name in English was in 1917”

From Wikipedia, so it has to be right.

This post originally appeared on the Annexe.

Behold, my reincarnated side weblog on the internets. I was going to roll my own from scratch, but Tumblr just works out of the box. This will be my mental dumping ground for all the things, including tech, news, anime and everything in between. Well, not everything, that would be impractical.

The title is a homage to our beloved but now sorely outdated DES cipher. If AES is so much better, we should use it in the same way ;).

Cheers!

NoScript and CS Lite Mod make it easy to maintain dynamic site and cookie whitelists. About the only sites that routinely give me trouble are ones that require authentication with third parties, because once you get to the next stage in the login process, you have to repeat the whole process again with lightning speed.

Outlook Web Access is an extreme example of this. For those of us wanting to access our UTS webmail, we’re bounced between no fewer than four sites. Before you can click the NoScript and CS Lite icons to allow the latest site in the chain, you’re presented with an error saying your browser is blocking cookies and JavaScript.

I eventually got it working by whitelisting all of the following domains:

• microsoftonline.com
• microsoftonline-p.com [sic]
• live.com
• outlook.com

By comparison, it took just whitelisting Google.com when I was a Gmail user.

I was living in Singapore when Kevin Rudd became Prime Minister of Australia. I remember cringing from afar when his predecessor discussed Asian relations, and was relieved to hear his erudite successor who could even speak Mandarin, no less! Suddenly, Singaporeans were interested in Australia beyond being one giant university. People were genuinely impressed.

I remember how high my eyebrow was raised when he was ousted, and watching with dismay as the custodian party of mainstream progressive politics battled itself instead of the party who wish (in my industry) to leave us mired in the subterranean copper ages.

I’ll remember Kevin as the guy who brought Australia closer to Asia again after the Howard years, and I hope to see him continue to represent Australia abroad. With the current guy in charge, we’ll need all the help we can get.

I promised myself I would never run a GM or .0 release of software again, but despite all my previous experience and logic centre pleading for sanity, I upgraded my production machine to Mavericks on Tuesday. All seems to be great, with the exception of my PC keyboard.

In a nutshell, there's usually a nut

I'll spare you lots of what you're already read before. The new Finder tabs are wonderful and long overdue. Skeuomorphism didn't bother me, but the new app designs are classy, even if still a little visually inconsistent with the standard system. The new Dock design is pretty, as too is the redesigned System Preferences which maintains its usability advantage over the post-XP Windows Control Panel. I'm not sure if I'll ever get into Finder Tags, but we'll see.

Under the hood, we have the 2.x and 5.16.x streams of Ruby and Perl respectfully, which really brings OS X into 2013. Unfortunately, we're still stuck with ancient versions of tcsh and rsync; I guess its back to building from source and tapping homebrew/dupes again.

Overall, it feels like a solid release. There's just one problem.

Why art thou scared of PC keyboards?

Since 2009, I've been the proud user of a Unicomp SpaceSaver, a buckling spring keyboard made from the same machines that manufactured the legendary IBM Model M. As is to be expected, its a 104 key PC layout, though I've since modified the Windows and Alt keys to be Option and Command respectfully.

My wording there was very deliberate. PC keyboards lay out their keys as Control Windows Alt. On the Mac, its Control Option Command. If you use a PC keyboard, this can be corrected by going to Keyboard in System Preferences, and swapping the Option and Command modifier keys. I blogged about this procedure in 2009.

Unfortunately, Mavericks doesn't store these settings persistently. If I unplug my MacBook Air, then return later, I have to reconfigure the keyboard. Worse still, sometimes the machine will just revert the layout back, leaving me with a trail of characters on my screen instead of the Command-Something shortcut I wanted.

It's a shame this bug has persisted into the GM. At present the other features are enough to keep me here, though if it gets too frustrating I might have to switch back to Mountain Lion.

I noticed this message when downloading the latest Mac Gimp binary:

SourceForge, once a useful and trustworthy place to develop and host FLOSS applications, has faced a problem with the ads they allow on their sites – the green “Download here” buttons that appear on many, many adds leading to all kinds of unwanted utilities have been spotted there as well.

We’ve probably all witnessed this dodgy advertising trick on many sites. While insidious, I tended to think the fault lay with ad networks that pushed such dodgy messages onto their clients. They know exactly why such ads are crafted in that way, and they do nothing to stop it. Few other industries I can think of could get away with this.

But then it got worse.

The tipping point was the introduction of their own SourceForge Installer software, which bundles third-party offers with Free Software packages. We do not want to support this kind of behavior, and have thus decided to abandon SourceForge.

Strictly speaking, SF have every right to do this. That said, when FlipForMac tried to install Silverlight on my Mac and hid the preference for doing so unless I chose “Customize”, I can appreciate what a sour taste this leaves.

I think this whole issue raises the idea of “reasonable expectation”. If we download GIMP from SourceForge, I think all but the most hardened marketing guru would agree we don’t reasonably expect other stuff to install as well. This distinction is only more important when one considers the technical competency of the (albeit mythical) “average” internet user.

Of all the subjects I’ve taken at UTS, Network Security has been one of the most fascinating. My mathematics and networking have never been great, but I’ve been keenly interested in ciphers and encryption for years, and have been tasked with applying them in various contexts.

This semester, we were tasked with developing our own SSL implementation from scratch, and demoing it to the lecturer. This included writing functions for hashing (I chose SHA2), public key crypto (RSA for me), and symmetric key crypto (I wanted to do my beloved Twofish, but settled on AES).

The ever marching march of progress

Well, that subtitle was inspired. During the writing of the CipherSuite data structure for the client and server hello messages, I came up with something interesting. This is section 9 of the TLS 1.0 RFC:

In the absence of an application profile standard specifying otherwise, a TLS compliant application MUST implement the cipher suite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA.

And the TLS 1.1 RFC:

In the absence of an application profile standard specifying otherwise, a TLS compliant application MUST implement the cipher suite TLS_RSA_WITH_3DES_EDE_CBC_SHA.

And the TLS 1.2 RFC:

In the absence of an application profile standard specifying otherwise, a TLS-compliant application MUST implement the cipher suite TLS_RSA_WITH_AES_128_CBC_SHA.

This means we’ve seen a steady transition from Diffie-Helman to RSA for public key crypto, and from TripleDES to 128bit AES for symmetric crypto.

What this means

The implications are interesting, even if largely symbolic. I’d expect most parties to have a defined set of CipherSuites, meaning they’d never fall to what amounts to a default. Even if they did, precious few browsers mandate TLS 1.2 anyway (or even 1.1).

Still, the switching of TripleDES to AES seems long overdue. There are practical reasons for still needing 3DES in certain circumstances, but for computers equipped with AES hardware acceleration and no backwards comparability requirements, they’re better served using it.

What I’ve been most surprised about is the perpetual foot dragging of system administrators refusing to implement anything beyond SSL 3.0, let alone TLS 1.1 or 1.2. But that’s a topic for another day.

UPDATE: It’s due to shitty, outdated browsers with wide install bases. This is why we can’t have nice things.