Firefox add-on to highlight insecure links

Insecure Links Highlighter does what it says on the tin. On a web page like

it adds a bright red border around any insecure links, turning it into

It supports HTTP, FTP and (by default) links with event handlers which may or may not be doing bad things. Useful for security and privacy-oriented users and web devs alike.

Spyware in Ubuntu!

Although Richard Stallman’s tone is often too confrontational and absolute, this time it’s rather shocking news: According to him, in some versions of Ubuntu, any file searches you do are sent to Canonical, and from there to Amazon, to customize ads (like Google does with email). The details are few, such as which search interface we’re talking about, which versions of Ubuntu are affected, and how to actually turn this off (I looked in what I thought were likely places in the System Settings app of Ubuntu 12.04.1 LTS without any luck), but if this has actually reached mainline releases it’s bye, bye Ubuntu! Sending user information to somewhere which doesn’t provide a service which that user has requested is wrong, and sending it to a third party is just despicable.

I’m a long-time Ubuntu user and software developer, and I’d never heard of this – If I thought about the Ubuntu Software Center ads at all, it was as a nuisance which I could easily get around by using the web to find software I need.

I’m hoping to see more clear information about this soon, but the only other link in the Phoronix article is down at the moment.

Canonical’s Jono Bacon has a response (Google cache) which skips the actual issue completely: We should continue to cooperate with the Free Software Foundation, we’re doing great work with free software, and so on. But as you can see from the response there’s no mention of the possibility of asking the user if they want to opt in to this. At the absolute very least, users should not be helping third parties to serve more efficient ads unless they have knowingly agreed to it. This kind of software should not even be installed by default, in case it is “accidentally” activated. But since everybody knows that nobody reads EULAs, and Canonical obviously wants the money, I sincerely doubt this is going to get fixed.

Minecraft mine analysis – mian

The mian wiki is now up! Updates will be put there for your convenience.

Pepijn de Vos has made a tool to graph materials in Minecraft save games across heights, to see how deep one should mine to find for example diamond. As a propaganda minister Minecraft player with too much time on his hands, this was too cool. I just tweaked it a bit, we both contributed speed improvements, and now it looks like this:

Graph of block count for several materials across the height of the world

On Ubuntu, you can install it with the following command:
sudo apt-get install python-matplotlib && sudo easy_install mian
… and run it like this:
mian ~/.minecraft/saves/World1

Options include:
-b, --blocks – Specify block types to include as a comma-separated list, using either the block types or hex values from the list.
-l, --list – List available block types.
-n, --nether – Show Nether data instead of the normal world.

For example, run mian -b 01,dirt,09,sand ~/.minecraft/saves/World1 to get a map of the more common elements in the map, with the abrupt cutoff of stationary water showing the sea height:

Common materials in Minecraft

More information is available in the form of a Git repository (of course it’s open source) and Ohloh project.

Update: Now works with The Nether, included in today’s Halloween Update. To graph The Nether, make sure you visit it first, update mian with sudo easy_install -U mian, then add the parameter -n to your command. For example mian -b 56,57,58,59,5a,5b -n ~/.minecraft/saves/World1 to show all the new materials:

Graph of the new materials in an existing world

Beta update: mian 0.6 works fine with Minecraft Beta. If you have an older version, simply run sudo easy_install -U mian

Office super-tool: pdftk

If you scan or print a lot of documents, you have probably used PDF files. They are very nice, but it can be tricky to modify and otherwise handle them. Enter pdftk: great (but small), free (but valuable) and powerful (but simple). It’s also open source, which means you can learn it now, and use it the same way in five, ten, or twenty years.

I was recently sending out 28 temp job applications with six attachments each. I printed out the motivation letter for each job and 28 copies of each attachment, so I ended up with seven piles of paper which I then had to mix by hand to make 28 applications. Tedious work, and I could have smacked myself when I realized that it would have been much easier to put all the attachments in a single document, and printing that 28 times: Two piles instead of seven. This is really simple with pdftk – Just start up a shell (In Windows: Start → Run → cmd, in Ubuntu: Applications → Accessories → Terminal), and replace the file names in the following command with your own to produce a new file with all the documents in sequence:

pdftk cv.pdf "reference letter 1.pdf" [and so on] cat output new.pdf

cat is the magic word: Concatenate all the files before it. pdftk can also do other useful stuff, like rotating pages (if they were scanned the wrong way around), splitting, watermarking, digital signatures and much more (see examples).

Howto: Timelapse video from photos

It’s amazing what shell tools can do: Flickr accepts HD video (720p, or max 1280×720) up to 30 FPS, so I tried to create one within those limits from the high resolution photos from today’s sunrise. Turns out to be incredibly easy with free tools on Linux:

  1. Resize to 720 pixels height (if your images are still wider than 1280 you’ll have to replace x720 with 1280 (without the “x“): mogrify -resize x720 *
  2. Find the width of the images, and plug that into the following command instead of 1080.
  3. Create the video: mencoder mf://* -mf w=1080:h=720:fps=30:type=jpg -ovc copy -oac copy -o output.avi

The result

EIF replies

In response to Glyn Moody’s Open Source and Open Standards under Threat in Europe, here are the open replies to the key people (I’ll post as they are sent).

Joaquín Almunia:

Dear sir,

I have just read some disconcerting news and opinions regarding the EIF process (“Open Source and Open Standards under Threat in Europe” by Glyn Moody), and I hope you have the time to include the opinions of a software developer in your deliberations.

I have been working in private companies and the European Organization for Nuclear Research (CERN) since my graduation in 2004. I am also an active web user and contributor. This activity has taught me a few important business lessons:
1. Open source software and data based on open standards* are much more robust in the face of change than the alternative. Software is evolving fast, but if the proprietary software provider is unwilling or unavailable to make new software work with old data, the only options left are a costly and difficult re-implementation, a costly and difficult (often impossible because of data complexity) migration to other software, or outright abandonment.
2. Closed source means re-inventing the wheel over and over. Software business should be about creating additional value on top of what already exists, not about costly reiterations of what already exists.
3. With the availability of cheap Internet connectivity, storage and computing power comes the opportunity for individuals and communities to make millions of incremental improvements to software every day. These updates are available to anyone else, making for an enormous amount of work provided for free for anyone to build upon or profit from.

* I.e., software / standards which are available for free for anyone to view, modify and re-publish, optionally with additional restrictions or permissions such as the opportunity to change permissions on derivative works or the need for source attribution.

This text, and other appeals, will be available shortly at

Just received a reply. The gist:

Recently, “draft versions” of the revised EIF have apparently been published on the Internet and we understand that you refer to these draft versions. You should note that the Commission cannot comment on such draft versions as they do not reflect a formal Commission position. But let me assure you that the guiding principles for the revision of the EIF include technological neutrality and adaptability, openness and reusability, as specified in the legal base of the Programme “Interoperability Solutions for European Public Administrations” (ISA)2, in the context of which the revision is being carried out.

vCard 3.0 validator and parser

Did you know that even the vCards listed in the official RFC are not valid? It clearly says The vCard object MUST contain the FN, N and VERSION types. Still, the example vCards are both clearly missing the N type. As somebody else remarked, releasing a format spec without some reference validator is bound to result in all sorts of invalid implementations.

After searching for a vCard validator without success, I’ve therefore started my own vCard module in Python. It tries to create an object with all the information from a vCard string, and returns what I hope are useful error and warning messages if there’s anything wrong.

Update: Added file validation – Now you can validate files with several vCards from the command line.

Install / upgrade:
sudo pip install --upgrade vcard

Validate vCard files:
vcard *.vcf