Other articles

  1. Blogofile -> Pelican

    After running blogofile for four years (who knew it was that long with the little posting i've done :) and getting less done with it than I hoped, I finally decided to move on again. The main reason is, that Blogofile is basically unmaintained and writing custom controllers was harder than it should be (and documentation clearly lacking).

    So I looked around for alternatives and found surprisingly few that were interesting to me. The requirements were:

    • simple static blog compiler
    • solid templating engine
    • python
    • markdown support

    The only one that fit well was Pelican so I decided to give it a go. Migrating was surprisingly straight forward and done in basically half a day (that includes understanding Pelican, porting the CSS, moving all posts over, and implementing every missing feature I used to have in Blogofile in the Pelican templates.

    I'm not 100% happy, but so far Pelican seems nice enough, everything works (even better than before). A few of the problems I have:

    • the design seems unnecessarily complicated, compared to blogofile
    • the error handling is quite poor, it is basically impossible to get useful error messages
    • the documentation could be better (still much better than Blogofile though)
    • the ...
    read more

  2. Terminology, Enlightenments fancy new terminal emulator

    Some of you might still know or even use Eterm, a neat terminal emulator that came back when e16 was still new. A long time there has been nothing new in this area, but Raster apparently found the muse to write another one, based on the Enlightenment Foundation Libraries.

    Anyway, I don't need to tell you why you should use it, let me just show you :)

    The first one shows a some weeks old version with the basic cool features:

    The second video shows the new tcat (which within some hours has been renamed to tycat due to a naming conflict) tool to make more practical use of the features:

    More cool things will certainly come (some I didn't showcase are already there).

    Now for the bad news, and the actual reason I wrote this post (the videos I had lying around anyway): Only terminology 0.2 has been release so far and a lot of features are broken in this one and have been fixed since. The new versions from SVN only run on EFL 1.8 though, which will not ...

    read more

  3. Trust issues (and the web), 03 - Convergence

    In a previous post I promised that I would check out some of the solutions that promise a safer and thus better web.

    This is part two, Convergence.

    How does it work?

    Convergence replaces the certificate authorities (CA) used traditionally in SSL by an independent distributed authorities, called notaries.

    It totally ignores the CA that issued a sites certificate and instead checks the certificate over all activated notaries. These can be added, removed or disabled on personal preference; so you don't have to trust a bunch of faceless corporations which are each a SPOF in the whole concept(!), but can instead trust a number of notaries working together.

    This can be one of your own servers in your LAN (providing no MITM security towards the internet), another one of your servers reachable over the internet, and the server of people or organizations you may or may not trust all over the world.

    Than you can decide if it is enough for you if only one notary validates the requested certificate - bad idea, perhaps even a little worse than the CA system. However, the default is to gain a majority validation. This means every active notary will be checked and ...

    read more

  4. Trust issues (and the web), 02 - Web Of Trust

    In my last post I promised that I would check out some of the solutions that promise a safer and thus better web.

    Let's start with Web Of Trust (WOT).

    In contrast to some of the other things I plan to take a closer look at, WOT is not related to transport security or any cryptographic methods to ensure site integrity.

    It actually works like Mandatory Access Controls (MAC) with a user centric (as apposed to a system centric) approach.

    How does it work?

    WOT is a combination of client side software, usually a brower plugin (who would have guessed :P), and a central database that contains per-domain based ratings, provided by users as well as "trusted sources". The latter are (well-known) security sources, such as blacklists from security vendors, and similar material.

    The browser plugin, which exists at least for Firefox and Chrome, is available under GPLv3. It checks every domain, that is either querried or linked to, against the WOT central database and aquires a rating based on the previously mentioned sources.

    Feedback is given to the user via an easily visible graphical indicator (green = good, yellow = so-so, red = bad, grey = no rating yet), as well as ...

    read more

Page 1 / 2 »