Amazon Reviews and how they can be exploited by companies

July 12, 2016

Matthew Garrett blogged about how the review system on amazon can be exploited by companies via free or discounted products.

It’s hard to avoid the conclusion that Amazon’s review model is broken, but it’s not obvious how to fix it. When search ranking is tied to reviews, companies have a strong incentive to do whatever it takes to obtain positive reviews. What we’re left with for now is having to laboriously click through a number of products to see whether their rankings come from thoughtful and detailed reviews or are just a mass of 5 star one liners.

The whole blog article contains a lot of interesting details.

Confused with all the buzzwords and the JavaScript landscape?

April 12, 2016

InfoQ.com has a nice summary about how the JavaScript ecosystem looks right now (2016).

If you have previous programming experience but are a newcomer to frontend JavaScript development, the array of jargon and tools can be confusing. Without getting bogged down in detailed discussion, let’s take a general survey of the current “JavaScript landscape”. This should orient you sufficiently to start your journey into frontend development.

The articles touches everything from:

  • How does client-side JavaScript work, and why use it?
  • What’s a framework? Do I need to use trendy.js?
  • Should I be writing JavaScript, or something else? What kinds of JavaScript exist?
  • How do I use other people’s code?
  • Do I need Node.js?
  • What are my build tools?
  • How do I test my code?
  • So how do I get started?

How to use letsencrypt to enable https on debian jessie

April 2, 2016

Today I want to document how I enabled https on a website on a server run by debian jessie using the letsencrypt project.

The first step is, obviously, to install the letsencrypt package. Obviously enough a search for the package (i.e. apt-cache search letsencrypt) shows that this package is not available in the debian jessie distribution. But thanks to the official Debian Backports project, we can get package anyway.  Just follow the instructions on the website and then a simple command (apt-get -t jessie-backports install letsencrypt) installs our beloved letsencrypt package.

If you are using apache like me, you should also install the apache plugin for letsencrypt (apt-get -t jessie-backports install python-letsencrypt-apache) and the libaugeas0 (apt-get install libaugeas0) library.

After this, changing your http website to https is easily done via: letsencrypt –apache -d subdomain.example.net . This command asks you some questions and after that, voila, everything is done. No need for any additional configuration.

More information how to use the letsencrypt client or how to install it on other systems can be found in this PDF documentation.

Beware: I don’t know if the renewal of the certificates is now done automatically. If they expire and I have to renew them, I will update this article how to do this.

P.S.: If you are using owncloud and you are battling with trying to tell your linux owncloud-client to use now https instead of http: Don’t wrestle with the graphical interface, it won’t allow you this. Just edit the owncloud config file /home/<YOURUSER>/.local/share/data/ownCloud/owncloud.cfg  by changing the url from http to https.

P.P.S.: You can use the online SSL Server Test Service to validate your https Website and get information about how it is configured and if it is vulnerable.

CSS Attribute Selector madness?

March 30, 2016

Today I stumbled upon a CSS attribute selector which made me think.

div.fooClass[class]
{
height: 29px;
}

The interesting thing here is the [class] part of the CSS. If I understand correctly, this means, that elements should be selected which have the class attribute. I understand why someone might be interested to style all images with alt-tags differently: img[alt]. But is there any legitimate use of [class]? Cause this only says: select elements which have a class assigned… It does not even check WHICH class, it selects just all classes. And it gets weirder when it is combined with a specific class like fooClass in this example. Has anybody an idea what this means?

Lenovo T460(s) suspend problem while on battery

March 26, 2016

In this blog post I want to summarize my investigations about problems concerning suspend with my lenovo t460 notebook. (Note: This problem seems to also exists with the lenovo T460s notebooks. More information about debian on the t460 can be found here.)

(The informations here are verified with a debian testing installation with kernel version 4.4. The problems is reported by people using other distributions too.)

What is the problem and how can you reproduce it?

  • If the device is on the AC, closing the lid causes the notebook to suspend. This works perfectly – in other words: The notebook wakes up after opening the lid and is usable.
  • If the notebook is on battery, closing the lid causes the notebook to freeze. In other words: If I open the lid again, everything is frozen. Not only the UI but I’m also not able to change to TTY1, 2, ..
  • Interestingly enough, manually suspending with systemctl suspend works without a glitch.

I reported this problem on the debian forums and the thinkpad subreddit.

There is an entry in the kernel bug tracker Bug 113551 – intel_pstate=no_hwp else Thinkpad T460s freezes on lid close on battery power. The bug entry indicates that the problem is also to be found kernel versions up to 4.5.0-rc6. It also looks like the source of the problem is found, patches are being tested. I also filed a debian bug entry for this problem as was suggested to my when asking in the debian IRC channel.

So it seems that newer kernel versions won’t have this problem. There is a workaround till this happens. You can add the intel_pstate=no_hwp parameter to the GRUB_CMDLINE_LINUX_DEFAULT section of the /etc/default/grub file. Attention: Don’t forget to run update-grub after every change to this file. Also: This may cause your notebook to use more power – the battery may empty itself faster.

I will try to update this blog post after more information, changes in the status of this problem occur. I maybe even try to patch the debian kernel with a patch and test if this helps to fix the suspend problem.

Update 2016-04-28: After upgrading to the Debian 4.5.1-1 (2016-04-14) x86_64 GNU/Linux kernel version, the suspend problem is gone. I can close the lid while being on batteries and the notebook is going into suspend and leaves it correctly.

Some interesting thoughts about Functional Programming

March 25, 2016

In this InfoQ.com video presentation called “Functional Programming You Already Know” Kevlin Henney is trying to reveal functional programming pattern where you would not expect it (i.e. in excel as the world most popular used function programming language). The presentation starts a little bit slow but it’s worth your time.

The end of the Iceweasel Age?

March 8, 2016

One of my most visited blogposts is the one explaining why there exists something called iceweasel the browser and summarizing the reasons why debian renamed firefox. Now there has been some new activities which I don’t want to hide from you.

For roughly the past decade, Debian has shipped the Mozilla desktop applications (Firefox, Thunderbird, and Seamonkey) in a rebranded form that replaces the original, trademarked names and logos with alternatives (Iceweasel, Icedove, and Iceape). Originally, this effort was undertaken to work around incompatibilities between the Debian Free Software Guidelines (DFSG), the Mozilla trademark-usage policy, and the licenses of the Mozilla logos. But times—and policy wordings—change, and Debian now seems poised to resume calling its packages by the original, upstream Mozilla names.
(Source: lwn.net)

So it seems that the iceweasel package some of you know and love may be gone in the future.

Lenovo T460 and Debian Gnu/Linux

March 2, 2016

Today I got my new notebook. A Lenovo T460 Thinkpad. In this blogpost I want do document my problems or absence of problems with installing and using Debian Gnu/Linux. I paid around 930 Euro via the u:book program (where you can get notebooks cheaper if you are a student/pupil or working at a university). The version I bought included 8GB Ram and 256 GB SSD.

tldr: I’m writing this under Debian Testing (stretch) with wireless activated and working audio. Also the screen is working with the expected 1920×1080

More detailed information about the hardware (lspci). You can also look at the the output of lspci -v

00:00.0 Host bridge: Intel Corporation Sky Lake Host Bridge/DRAM Registers (rev 08)
00:02.0 VGA compatible controller: Intel Corporation Sky Lake Integrated Graphics (rev 07)
00:14.0 USB controller: Intel Corporation Device 9d2f (rev 21)
00:14.2 Signal processing controller: Intel Corporation Device 9d31 (rev 21)
00:16.0 Communication controller: Intel Corporation Device 9d3a (rev 21)
00:17.0 SATA controller: Intel Corporation Device 9d03 (rev 21)
00:1c.0 PCI bridge: Intel Corporation Device 9d10 (rev f1)
00:1c.2 PCI bridge: Intel Corporation Device 9d12 (rev f1)
00:1f.0 ISA bridge: Intel Corporation Device 9d48 (rev 21)
00:1f.2 Memory controller: Intel Corporation Device 9d21 (rev 21)
00:1f.3 Audio device: Intel Corporation Device 9d70 (rev 21)
00:1f.4 SMBus: Intel Corporation Device 9d23 (rev 21)
00:1f.6 Ethernet controller: Intel Corporation Ethernet Connection I219-V (rev 21)
02:00.0 Unassigned class [ff00]: Realtek Semiconductor Co., Ltd. Device 522a (rev 01)
04:00.0 Network controller: Intel Corporation Wireless 8260 (rev 3a)

Installation

First I tried to use the Debian testing netinstall image. But at that time (2.3.2016) the installer was broken because of some dependency problem between systemd and the ifupdown package. (I suppose this bug ticket is concerned with the problem.) My motivation to use the testing version was to have the better hardware support which was important for me because of the novelty of the T460. My fears now where that the Debian Stable Version (at this time: Jessie) would not be able to install itself on the notebook. But interestingly enough: It did work. The sound, wireless, touchpad and screen had some problems. But this was no problem, because after the first reboot I edited the /etc/apt/sources.list and replaced the jessie keyword with testing. After that used apt-get upgrade and apt-get dist-upgrade upgraded me to the testing version.

Read the rest of this entry »

MySQL – ERROR 1045 (28000): Access denied for user

February 16, 2016

Everybody knows Mysql. Normally it “just works”. But a few days ago I tried to connect to a mysql server with the mysql command line client and got this error.

ERROR 1045 (28000): Access denied for user ‘root’@’localhost’ (using password: YES)

Funny thing: If you want to use the mysql command client to connect with the mysql server, you can do something like this

mysql -u root -pPassword

Where does it try to connect itself? To localhost and the well known port 3306? Wrong. It tries to access the mysql socket file. Which in my case, was not existing (because I had mysql in a docker container). I just wanted to connect via IP address and port.

Next try: Access the server via host parameter

mysql -u root-pPassword -h127.0.0.1

But: Same error! If the mysql client sees the ip address 127.0.0.1, it tries the socket file again! You have to explicitly tell the mysql client to use TCP to connect.

mysql -u root-pPassword -h127.0.0.1 –protocol=tcp

(Thanks to stackexchange for this information!)

The Last Programming Language

February 13, 2016

A talk about the history of Software programmers by Robert Martin. Nice except the end. There he does not see the inherent conflict of interest between someone wanting to see programming as a craft and the interest of businesses to make money.


Follow

Get every new post delivered to your Inbox.