Nice steampunk, even if half the physics make no sense whatsoever (like, the blight being heavier than air yet it flowing up from the ground, and everyone living underground).
A very tender book. I like that it doesn't try to explain the peculiar nature of the main character. I'll have my kid read it when he's 12 or so.
Esto pasó más o menos cuando todavía alguno creía que "The Blair Witch Project" era algo importante, así que seguramente era 1999, 2000, ponéle, que estaba leyendo la columna "Movie Answer Man" de Roger Ebert, y pensé epa, tengo algo que decir sobre eso.
Le mandé un mail acerca de como el género de "found footage" ya era viejo, citando "Holocausto Canibal" y el "Arthur Gordon Pym" de Poe (que claro, es un manuscrito encontrado). Intercambiamos algunos mails, y siempre se veía que prestaba atención a lo que leía antes de responder, asi que fué una linda conversación. Me terminó preguntando cuando era la mejor época para visitar Buenos Aires, le dije que primavera u otoño, le dije que capaz que estaría bueno venir para el BAFICI, y a la larga paramos.
No es gran cosa como anécdota, pero me hizo darme cuenta que llevo más de quince años leyendo sus criticas y artículos (y después su blog, y su feed de twitter).
Me acuerdo de verlo haciendo un cameo en una serie pedorra de TV (la del tipo con el perro mágico que le trae el diario de mañana) y pensar, hey, yo a ese lo conozco (o algo así).
Ahora que se murió, parece que fue con todos lo mismo que fue conmigo, amigable, interesante y amable.
Era la clase de tipo que escribió críticas de Garganta Profunda, y escribió el guión de una peli de Russ Meyer, y siempre estuvo dispuesto a admitir que una película podía ser basura, pero por lo menos buena basura, si uno la tomaba en sus términos.
Se lo va a extrañar.
Earlier I mentioned a hack I use when I need to get a clean browser quick. Here it is again:
rm -f ~/.config/ralsina/devicenzo.conf curl https://devicenzo.googlecode.com/svn/trunk/devicenzo.py | python
Since that got posted on reddit (no, not linking it), it triggered "interesting" arguments. Basically many were shocked (shocked) about running arbitrary internet code locally in this manner. It's insecure. While I am by no means a security expert, at least I know I am ignorant.
Let's examine that insecurity claim a little, in the context of what I was proposing. I am trying to tell people "here's a small web browser that requires no setup and since it's not your main browser, you can nuke it and reset its state easily before running it, like this".
So, what's wrong with doing it that way, according to the commenters:
- It's insecure because you can't see the code before running it because it's piped.
Well, that makes it exactly as insecure as every unsigned binary you ever downloaded. Or, let's be honest, every shell script, python script, perl script etc you have ever downloaded. Or you audit them?
Who exactly is being prevented from auditing it by having it presented this way? Is the intersection of "people who can audit this script" and "pople who don't understand pipes" not empty?
For those who can audit, this makes no difference. For those who can't audit, this makes no difference.
- It would be better if I provided a hash of the file to know it's not tampered
And how would you know the hash is not tampered? Wat you want, really is a digital signature of the script.
If you trust google (and usually, people do), then you know that:
The script was uploaded by me (check the history of the file)
The script has not been tampered from the repo (since it's a secure connection and yes, there is a hash of the revision)
If you don't trust google, then you don't know who uploaded it, and if you don't trust me, you don't care who uploaded it, even if it's signed (because it's signed by someone you don't trust).
- How does the user know it's not malware?
He doesn't. Life is like that.
- Why should the user trust you?
He shouldn't. OTOH, were he so inclined, he can check who wrote it, and that I am a real person, with a long history of sharing code online and no claims of ever pushing malware.
- This is more insecure because it downloads on every run
You don't need to run malware more than once, anyway. So, not much of a difference.
- This propagates bad habits
So does Dunkin' Donuts, and noone posts about it at reddit. But in any case, sure, it's a bad habit. Big deal.
So, is it secure? Hell no! Is it significantly less secure than installing a random PPA you see mentioned in a forum? Maybe slightly. Is it less secure than running random unsigned binaries? Hell no. Is it less secure than downloading and running it? No. Is it less secure than building a random thing from source? Hell no.
But is it less secure than the other realistic ways in which I can give you a 100+ line chunk of python code that works as a web browser? I don't think so.
In the context of "here's the code for it, it can do this", this is not significantly insecure. It's more or less as insecure as the alternatives. With the advantage that, if you want, you can audit it. It's 128 lines of code (assuming you trust Qt and PyQt and Python, etc)