Ben Sturmfels

Ballarat, Australia

Free software activist who loves riding bikes and flying kites. Lead developer at

  • Noob mistake

    2017-12-01T05:03:34Z via Pumpa To: Public CC: Followers

    Ok, so now I know that registering a .com domain with "app" in the title and using your real phone number is a bad idea. Have been getting about 4 cold calls a day from overseas app development companies.

    McClane likes this.

    But how much are they paying? Maybe I should exactly what you are saying. :-)

    Claes Wallin (韋嘉誠) at 2017-12-01T07:08:39Z

    Using your phone number for that is probably a bad idea, regardless of the domain name =)

    JanKusanagi at 2017-12-01T13:10:02Z

  • Success with WebRTC

    2017-11-15T04:43:37Z via Pumpa To: Public CC: Followers

    After a few false starts, had a great audio call with a friend over Riot/Matrix. Had some issues with video, so we might try that again another day. No luck with unfortunately. Also tried Riot on mobile with me over cell data connection and friend on WiFi - audio quality not quite as good, but still very acceptable.

    To get all this working, it turns out I had to make the following changes to IceCat 52.3's default settings:

    media.peerconnection.enabled = true = false

    Worked on both Trisquel and GNU GuixSD. Here's a related IceCat mailing list thread.

    Claes Wallin (韋嘉誠), McClane likes this.

  • Coffee grounds for seed raising

    2017-11-12T05:25:34Z via Pumpa To: Public CC: Followers

    I'm experimenting with waste coffee grounds for growing vegetables from seed. Not sure how it will go, but the benefits are that they hold water well, are finer that the commercial pine-bark potting mix I've been using, fairly sterile (from fungus and bacteria), hopefully nutritious since they're crushed seeds, plentiful, free of charge and smell quite pleasant. :)

    Downside may be that the pH is too low. My pH test kit say the grounds are about pH 5 and the kit notes recommend 5.5 - 6.5 for potting mixes, so not too far off. Some quick experimenting seemed to suggest that adding dolomite limestone at 1:8 gave me a pH of about 6. Seems like quite a lot of dolomite, so I might have to test again later and see if the pH settles higher as it breaks down.

    Sarah Elkins, Screwtape likes this.

  • Search forward is Bash history

    2017-11-11T00:32:25Z via Pumpa To: Public CC: Followers

    Wee! I've wondered about this for years. Ctrl-r [phrase] finds the last matching command in your Bash history, and pressing Ctrl-r again goes further back. But often you go one too far. Turns out Ctrl-s takes you forward again, but that keybinding doesn't usually work because with XON/XOFF flow control. You can fix this by putting stty -ixon in your .bashrc file.

    Don't forget something like this to keep lots of shell history too:

    # Bash history
    # Write to history file immediately (rather than only when shell is closed). For
    # setting history length see HISTSIZE and HISTFILESIZE in bash(1). Don't put
    # duplicate lines in the history.
    shopt -s histappend
    PROMPT_COMMAND='history -a'

    I have a feeling a copied that from a @Bradley M. Kuhn example at some point.

    Ben Sturmfels at 2017-11-11T00:36:58Z

    I use PgUP/PgDown for this, I seem to recall Gentoo using this setting by default from many years ago...

    George Standish at 2017-11-11T18:23:00Z

    @George Standish Is that something you've set yourself? I just get tildes when I hit page up/down in Gnome Terminal.

    Ben Sturmfels at 2017-11-13T11:20:58Z

  • Python simultaneous swap

    2017-11-09T01:36:49Z via Pumpa To: Public CC: Followers

    Woo! Finally got to use Python's simultaneous swap idiom to fix up a geocoding mistake:

    latitude, longitude = longitude, latitude

    It's only been like... nearly 10 years of programming in Python. ;)

    McClane, Claes Wallin (韋嘉誠) likes this.

  • 2017-11-09T00:51:25Z via Pumpa To: Public CC: Followers

    The regexps are not going my way today.

  • OpenShift Online

    2017-11-07T03:37:44Z via Pumpa To: Public CC: Followers

    Hoping to eventually use OpenShift Online as a way to deploy web applications for my clients. It's a steep learning curve, and unfortunately the free-tier accounts seem to be be overloaded to the point of failure. The paid accounts seem to work well though.

    At minimum $50 USD per month, it's not really feasible to allocate clients their own account, so I'm not sure how to best use it. The whole reason I'm interested in using a platform-as-a-service is to avoid being the middle-man for hosting costs.

  • Don't mix up your pips

    2017-10-25T05:07:24Z via Pumpa To: Public CC: Followers

    Tip from David Beazley I found useful: Use python -m pip instead of just pip and your much less likely to accidentally use mismatched version of Python/Pip.

    Claes Wallin (韋嘉誠), Charles Stanhope, Tyng-Ruey Chuang, Screwtape likes this.

  • Configuring K-9 mail via command line

    2017-10-06T02:14:31Z via Pumpa To: Public CC: Followers

    After reinstalling Replicant on phone, I couldn't bear to configure email settings again by hand, so wasted a couple of hours writing a script to do it instead.

    uıɐɾ ʞ ʇɐɯɐs, Claes Wallin (韋嘉誠) likes this.

  • 2017-10-03T06:31:07Z via Pumpa To: Public CC: Followers

    Nice! Alt + period in Midnight Command hides/shows hidden files.

    Sam Black, Screwtape likes this.

  • Cash all the way

    2017-09-25T02:11:27Z via Pumpa To: Public CC: Followers

    A person at the table near me was being gently teased by their friends because they pay for things by cash. "Don't you have a card?" Made me smile. I love paying by cash - it's fast, anonymous, low risk of fraud and doesn't create a whole lot of noise on my bank account for inevitable fraudulent card transactions to hide in. Not to mention recent news of massive data leaks.

    Sarah Elkins, Claes Wallin (韋嘉誠), George Standish likes this.

    Show all 6 replies
    I still prefer that too as I always have
    The idea of giving out credentials that allow unrestricted access to a bank account to strangers always looked risky to me,  well before anyone started talking about doing any of that online.

    Michael at 2017-09-25T10:44:58Z

    I agree and prefer my common, everyday purchases to be cash.  The gas (gasoline) pump is one place that I miss where you could say fill 'er up and pay the attendant in cash.  Today in my area, most are self serve, so I need to estimate the amount of the purchase or make a second trip in.

    hammerron at 2017-09-27T17:10:47Z

    @stumbles I wish there were more places like that.

    hammerron at 2017-09-28T13:37:59Z

  • 2017-07-20T21:07:24Z via Pumpa To: Public CC: Followers

    Was impressed to see GNU/Linux being used by a print shop here in Turin today

    Jackson S de Jesus, herco, Claes Wallin (韋嘉誠), Sarah Elkins and 2 others likes this.

  • Look who I ran into in Italy

    2017-07-20T17:28:45Z via Pumpa To: Public CC: Followers

    Jackson S de Jesus, martinho, McClane, Stephen Sekula and 2 others likes this.

    McClane, McClane, McClane, McClane shared this.


    I know that guy! =)

    JanKusanagi at 2017-07-20T17:37:58Z

  • 2017-06-30T03:19:21Z via Pumpa To: Public CC: Followers

    Woo, inbox zero!

    Vladimir, Screwtape likes this.

    Now I just have to deal with the 5 billion tabs I have open in IceCat. :)

    Ben Sturmfels at 2017-06-30T03:20:19Z

    Elena ``of Valhalla'', Vladimir, Charles Stanhope, Claes Wallin (韋嘉誠) likes this.

  • Emacs: Copying multiple things in a row

    2017-06-30T00:23:53Z via Pumpa To: Public CC: Followers

    When copying and pasting several things in Emacs, I've always done it like this - alternating:

    • copy A
    • paste A
    • copy B
    • paste B

    It only clicked for me today that it's easier to do the copies together, as long as you paste in the reverse order:

    • copy A
    • copy B
    • paste B
    • paste A

    I've always known that when you copy or cut ("kill" in the Emacs lingo) some text in Emacs, that the selection goes onto a stack, called the kill-ring (since it actually loops around). You can then paste ("yank") and immediately cycle through previous items on the stack with yank-pop (M-y). Very handy if you get side-tracked and want something you copied a while back.

    Jackson S de Jesus, Charles Stanhope likes this.

  • GPG email and the subject

    2017-06-29T13:16:36Z via Pumpa To: Public CC: Followers

    I wouldn't make much of a secret agent. I go to all the effort of encrypting an email and after sending remember that the subject is unencrypted and basically sums up what the email is about. Not all my fault I suppose - it's a bit of a usability problem.

    Not if you apply some disinformation in the subject line. Or make it generic. Or randomly generate it. Or...

    Jason Self at 2017-06-29T13:18:42Z

    Yes, I should probably write some Emacs Lisp to automatically do this for me when I'm encrypting a message. I wonder if newer Enigmail does anything like this? Mine is fairly old now.

    Ben Sturmfels at 2017-06-29T13:20:27Z

  • Security Friday

    2017-06-09T01:07:21Z via Pumpa To: Public CC: Followers

    Upgrading a number of small websites with HTTPS, Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options and Content-Security-Policy.

    Liking this tip from the Piwik team about using analytics in a way that complies with safe CSP settings.

    Claes Wallin (韋嘉誠) likes this.

    Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠) shared this.

    Show all 5 replies

    hyyps looked too risky

    that stuff looks far worse than even that

    its time to BREAK UP the cartels that try to bully us into a censorship regime

    I will always resist that

    there is no way in hell O would want to allow untrusted third parties to9 block any website I make!

    untill they come up with something without the censorship risks plain old http will always be allowed

    I won't budge on that and all the sloganising over https in recent years only makes me dig my heels in more.

    I repeat - the issue is not the price of certificates, its the CENSORSHIP risk!.

    now that browser BLOCK that is even worse!.

    the brower cartel MUST be broken yp - had a gutful of their crapware in recent years.

    sure encryption would be nice, but not if the price is to allow censorship.

    Michael at 2017-06-19T13:13:38Z

    @Michael You're right that there is some risk of censorship in that an HTTPS certificate could be revoked, which assuming you're using HSTS, censors you until you can get a new cert. There is also some risk that certificate authorities could sign certificates fraudulently.

    It's a trade-off. HTTPS provides visitors privacy and authenticity when they access a web site or service and, for me, that's a higher priority.

    While HTTP doesn't rely on a certification system, it is vulnerable to more subtle censorship and manipulation, in that spying and tampering with the information "in flight" is straightforward.

    Ben Sturmfels at 2017-06-28T00:14:40Z

    der.hans, Christopher Allan Webber likes this.

    We need a better system than ssl for sure.

    But at least in the meanwhile, LetsEncrypt has done some for-profit-cabal-busting.

    But there is more to be done, and better systems to build!

    Christopher Allan Webber at 2017-06-28T14:50:13Z

    der.hans likes this.

    these days more worried about browser cartels than certificate cartels

    re letsencrypt I need to find those instructions for doing it manually

    there are multiple domains on the same server here and subdomains too

    multiple "platforms" and an xmpp server too

    I really do think the first time I should do it manually to make sure nothing breaks and I learn properly what needs to be done

    (can probably automate it later once I know whats needed - just need to be sure I get web server configs right. I must avoid downtime as much as possible - there are users to consider!)

    also cannot redirect http to https .. thats a no go for now

    I do want to let users use https but still have that other option of they need it

    I cannot rule out the possibility of browsers being compromised

    they are fixing holes in every release and there are always more

    and I saw an attack with my own eyes a year ago that was probably exploiting a browser vulverability

    it showed a spoof site DESPITE dns returning the correct ip - trying http went to the real site! -

    (saw it happen a few times - all the same day - on different machines in different locations running different operating systems - the only obvious thing those machines had on common was the browser)

    if that could still happen to anyone out there it would be madness to take away the only remaing way that the user could get to the real site.

    in that situation redirecting to https would force a user trying that back to the spoof site!

    I don't think those kinds of risks can be ignored

    the only sane option would be to let the user choose

    only they could really know which risk really is worse for them than another.

    when its a case of a compromised web browser whether or not the connection is encrypted is probably not their biggest worry

    and if they just want to look at the public events listings here without logging in (the most popular thing here) then they might consider that low risk and be more worried about NOT being able to see it!

    but I do want people to be able to use tls here

    especially when they login and look at non-public messages, post or edit content, etc

    making logins safer where possible is always on the agenda

    as long as the user can choose .. just in case

    Michael at 2017-07-04T08:43:09Z

  • An office with a sign

    2017-06-08T05:49:14Z via Pumpa To: Public CC: Followers

    I've been running a software engineering consulting business for over 10 years now, but have recently moved out of the home-office. I've really enjoyed the home office arrangement, but I didn't get a sign!

    George Standish likes this.

    And if your back hurts, you're close to "Why Knot Massage" xDD

    JanKusanagi at 2017-06-08T10:10:47Z

  • Upgraded to Replicant 6.0

    2017-06-08T02:25:08Z via Pumpa To: Public CC: Followers

    I've just migrated from Replicant 4.2 to the new 6.0. Loving the device encryption, upgraded browser and app permissions at time of use. Looking forward to trying the included RepWifi app with an AR9271 WiFi adaptor.