New blog is new

Posterous is closing down, so I needed to find a new home for this blog. The idea of a statically-generated blog appealed to me and I wanted to run it on PythonAnywhere, so I started playing around with a couple of the Python static blog creators. Of the available ones Pelican and Nikola had the features that I wanted. I decided on Pelican because it could be configured to work better on PythonAnywhere.

Pelican has an import utility that can handle wordpress xml output and Posterous provided an export. The import didn't quite work, because the date formats were different. If I'd had more than a few posts, I would have scripted the format change, but a bit of hand-editing sorted everything out in a few minutes.

There are a couple of things that I did to get a setup that I liked on PythonAnywhere:

  1. pelicanconf.py needed some work to tell Pelican to generate files named index.html into directories named after their slugs. This is so posts will have nice URLs without the trailing .html

    ARTICLE_URL = '{date:%Y}/{date:%b}/{slug}'
    ARTICLE_SAVE_AS = '{date:%Y}/{date:%b}/{slug}/index.html'
    ARTICLE_LANG_URL = '{date:%Y}/{date:%b}/{slug}-{lang}'
    ARTICLE_LANG_SAVE_AS = '{date:%Y}/{date:%b}/{slug}-{lang}/index.html'
    PAGE_URL = 'pages/{slug}'
    PAGE_SAVE_AS = 'pages/{slug}/index.html'
    PAGE_LANG_URL = 'pages/{slug}-{lang}'
    PAGE_LANG_SAVE_AS = 'pages/{slug}-{lang}/index.html'
    AUTHOR_URL = 'author/{slug}'
    AUTHOR_SAVE_AS = 'author/{slug}/index.html'
    CATEGORY_URL = 'category/{slug}'
    CATEGORY_SAVE_AS = 'category/{slug}/index.html'
    TAG_URL = 'tag/{slug}'
    TAG_SAVE_AS = 'tag/{slug}/index.html'
    INDEX_SAVE_AS = 'index.html'
    TAGS_SAVE_AS = 'tags/index.html'
    CATEGORIES_SAVE_AS = 'categories/index.html'
    ARCHIVES_SAVE_AS = 'archives/index.html'
    
  2. Set the publish action in the Makefile to

    $(PELICAN) $(INPUTDIR) -o $(PUBLISHDIR) -s $(PUBLISHCONF) $(PELICANOPTS)
    

    to separate the publishing directory from the general output directory and a web app and added a static file mapping with a blank URL and a dircectory that matches the PUBLISHDIR in the Pelican Makefile. I changed the default because I have a plan for the default.

  3. The plan mentioned in the previous point is to have a staging site that I can publish to without making it live. Another web app from a Flask quickstart and the following code does the trick. Just a word of warning: Although there's authentication involved, it's in no way secure. It's just a way of preventing robots from spidering it.

    import os
    from mimetypes import guess_type
    
    from flask import Flask, make_response, request, Response, session
    
    allowed_username = '<username>'
    
    app = Flask(__name__)
    app.debug = True
    
    BASE_PATH = '/home/glenn/blog_work/output'
    
    @app.route('/', methods=['GET', 'POST'])
    @app.route('/<path:file_path>', methods=['GET', 'POST'])
    def serve_static(file_path=''):
        if request.method == 'POST' and request.form['username'] == allowed_username:
            session['username'] = request.form['username']
        if not 'username' in session or session['username'] != allowed_username:
                return '''
                    <form action="" method="post">
                        <p><input type=text name=username>
                        <p><input type=submit value=Login>
                    </form>
                '''
        path = os.path.join(BASE_PATH, file_path)
        full_path = None
        if os.path.isfile(path):
            full_path = path
        if os.path.isdir(path):
            full_path = os.path.join(path, 'index.html')
        if full_path is not None:
            mimetype = guess_type(full_path)[0]
            return Response(open(full_path, 'r').read(), mimetype=mimetype)
        return make_response('not found', 404)
    
    # set the secret key.  keep this really secret:
    app.secret_key = '<a secret key>'
    

    This web app also needed a static file entry of /static/ to the output/static directory so that images and such would be served properly.

  4. And finally, installing vim-markdown make it much easier to edit markdown in vim.

How many ways can you be wrong?

TorrentFreak notes the hypocrisy of Lily Allen where she chastises 50 Cent for his stance on copying music using an article copied verbatim from Techdirt without attribution. I think that's hilarious, but I have other issues with her article. The full text of her article was here, but she took down the blog while I was writing this. Here is her comment:

this is particularly selfish in my view, he seems to only be thinking of how piracy effects him. What about the guys that work in the studio and the kids that run around town putting his posters up,the people that designed his artwork, the people that run his website. Is he giving them a cut of his live fee?

Aside from being nit-picky and pointing out the obvious misuse of effect, I find her basic misunderstanding of the world disturbing. Do the people that do those jobs for Lily get a cut of her album sales? I doubt it. They get paid a salary or a wage and they'll be paid the same whether 50 Cent (or Lily, for that matter) makes more money from live performances or from album sales.

I think artists should be paid for their work (I shouldn't need to point this out, but the level of debate on this issue is so low that I feel that it's necessary), but I get annoyed when the "content industries" and "creative industries" try to hijack our legal system and other businesses to protect their failing business model. Their business model is failing for a number of reasons:

  • there are better ways of selling music than moving little shiny discs around
  • they refused to engage with the idea that the Internet was a better way of distributing music so consumers developed the idea that music you download from the Internet is supposed to be free
  • the product (manufactured, sanitised music) is less and less interesting
  • competition from other, more interesting entertainments - games and interesting bands that are not signed to the big labels spring to mind
  • artists have worked out that they no longer need to sell their souls to these guys in order to be successful. They can make music, release it on the Internet and eliminate the shiny disc gatekeepers

All of this means that completely stopping music piracy will probably not have a great effect on their profits. However, the means that are used to try to stop piracy will distort our society in ways that I find unacceptable.

Let's start with the poorly named '3-strikes' proposal. It would be more accurate to call this the '3 unsubstantiated accusations' proposal. It neatly removes presumed innocence and any need for actual evidence from our legal system (at least where it relates to Big Content). If some big companies fail to make money, breaking our legal system to accommodate them is not the solution. The solution is to leave them to sink or swim on their own merits and ability to innovate.

Another proposal is that ISPs should police the traffic across their networks to detect and block the movement of copyrighted materials. This would be a great idea if it was possible and Big Content was paying for it. Detecting copyrighted material as it travels across a network is, essentially impossible. If Big Content gave every ISP a full corpus of all the material they wanted policed, they could reduce the problem to insanely difficult and very expensive. Anyone want to place bets on that happening? This goes beyond damaging a vibrant and useful industry in favour of a failing one. Combine it with the 3UA rule and you have software that can cut off your Internet access without any oversight.

I don't oppose the machinations of the copyright lobby because I think music should be free, I oppose them because I believe that they are a blight on our society.

PyWeek Results are In!

Tartley organised a team for the latest PyWeek competition. Our team consisted of some current Resolver employees (me and tartley) and some ex-employees (mjs0 and xtian). The results are in http://www.pyweek.org/9/ratings/

Overall, out of a field of 54, we placed 15th on Fun, 33rd on Innovation and 23rd on Production. I'm delighted with our Fun place and I think our Production place is largely due to tartley's excellent colouring of my crappy wireframe ducks and xtian's brilliant duck sound-effects. I think a not-so-good placing in Innovation is entirely justified for a game that started from the sentence "Let's make a game like Joust"

We all had a great time doing this and I, for one, would love to take part in the next one.

Edit: Forgot to mention the team name - BrokenSpell

Unintended consequences

After reading We Are All Sex Offenders Now, it occurred to me that this was a classic case of the unintended consequences arising from poorly considered legislation. In short, I believe that this will increase the chance that an adult interacting with a child is a paedophile. I'd love to find some way to test the hypothesis, so drop me a line if you have any ideas.

My reasoning starts with the thought that there are essentially 3 groups of people that are going to be affected by this:

  1. People that work in a profession that requires contact with children
  2. People who may work with children as a side-effect of their profession
  3. Paedophiles that are hiding in the previous 2 categories

Now it seems reasonable that group 1 will have to apply for the certificate and there's no reason why group 3 wouldn't (it doesn't increase their chances of being caught or increase the penalty if they are). Group 2, however, will have a significant number of people that decide that it's too much trouble to apply for a certificate, so they'll stop the part of their work that requires working with children. The result of keeping the number of bad people that interact with children constant and reducing the number of good people is that any interaction between a certified adult and a child is now more likely to result in abuse than before.

What I did on my holidays

Because of some missed communications this Easter, I had a little more time on my hands than I expected. So I decided to resurrect an old project that I have neglected for a while. The result is pictured below. On the left is an Arduino Duemilanove powered by USB and on the right are 4 laser modules of the same power output you might find in a laser pointer. Since the lasers each draw more current than an output from the Arduino can provide, the chip in the middle of the protoboard (a ULN2003A) provides the necessary current on a signal from the Arduino. The device at the bottom of the protoboard is a 5V regulator so the whole thing can be driven from a battery or a wall-wart without the need for a USB connection.

The ultimate goal is to create a light-show by having the lasers attached to the ends of your fingers. I'm going to be playing around with the software to provide cool effects while I think about how to make the whole mess robust enough to survive on a dance floor.

Arduino with lasers

Arduino with lasers

Legislation as a security problem

This article about the US paper industry gaming new green legislation got me thinking about legislation as a security problem. Essentially, gaming legislation like this can be viewed as a breach of security. Those of us in computing recognise that the first (and simplest, but not the only) way of securing an application is to reduce its attack surface. So we put firewalls between our servers and the world and disable unnecessary services and so on. When we add features to our apps, we examine them for new points that can be attacked.

Legislators don't seem to have caught on to this simple defense mechanism. Their response to any situation always seems to be to create more legislation. The result is a steadily increasing cognitive load as real people struggle to keep up with the growing stack of legislation (most of which is papering over cracks in previous legislation). Governments have become so powerful and intrusive that, if we're not there already, we're fast approaching the stage where the only reasonable way of interacting with them will be to game their own legislation.

Tweenbots

I don't really want this to be a 'look at the cool link I found' kind of place, but this was just too delightful to skip over: Tweenbots. It combines a cute, helpless robot on a mission with the kindness of strangers into one smile-inducing package.