On relicensing etiquette

Almost 10 years ago, I wrote a simple throwaway script to migrate book collections from Anobii to Goodreads. Because I thought others could use it, I slapped a MIT license on it and released it. Back then Github was just a fledging startup (I didn't even open an account there before 2010). Later on, Alper Çugun helpfully updated the script and uploaded it to GH, so that more people could use it. Great! People started forking it and tweaking it, as they should. Except...

Uhm. There is one requirement to abide to MIT terms: keep the original copyright assignment. Apart from that, you can rip the code inside out and nobody will care; you can even relicense it to your heart's content (and someone did exactly that, re-releasing it as GPL - unfortunately, he also dropped the original copyright statement). Just leave the original copyright notice somewhere, and you're golden.

I've kindly let "infringers" know that I'd like them to reinstate the original credits -- it's just polite, and anyway everyone can see from GH commit history that they're being silly. Why do people do this? How hard is it to just add your own © line, or keep the original statement buried somewhere? Sometimes I just don't understand People.

OWC 12-port Thunderbolt2 dock review

As you probably know, recently the Apple world has been rocked by the release of new MacBookPro models. One of the arguments of contention is the drastic switch to USB-C / Thunderbolt 3. Not by coincidence, I've recently decided to finally splurge for a Thunderbolt dock, although a TB2 one; my 2012 MBPr only supports TB1 (the port that looks like a MiniDisplayPort), so anything more would have been a waste of money. Here is a short review for people who might wonder whether this dock is worth the price.

I've dealt with my fair share of no-name Taiwanese stuff in my life, and I didn't want to risk it this time, so I turned to OWC - a very reliable supplier of Apple accessories. Their 12-port Thunderbolt2 hub got some good press, so I went for that. First impression was slightly disappointing - the unit is well built and feels pretty sturdy, but the one I received was scratched on top, and overall looked a bit like an ex-display or returned model. Let's not be "a typical Apple user", I thought, and see how it works before we knock it.

Sure enough, it works pretty well. I went from having all MBP ports occupied, to using one with even more attached devices than before. This is what I connected:

• External Thunderbolt drive
• External USB2 drive
• 4k display (via HDMI)
• Ethernet
• headphones
• two Amazon Kindle
• gamepad controller

The hub is independently powered, so it can charge devices even when the laptop is shut down. However, it's not magic; there a few trade-offs you should probably be aware of.

The first is that attached Thunderbolt devices inevitably lose a little bit of performance, since bandwidth is shared. This is probably less noticeable if your laptop supports Thunderbolt2, which supports higher speeds, but it's definitely visible with TB1. My external drive saw a 20% loss of speed, from 360 to 300 MB/sec, which is inevitable: now that we're sharing one TB bus among 8 peripherals, the drive can't max it out on its own. It's still very respectable though, and likely a blip if you use TB2 throughout (i.e. MBPr models from 2013 onwards).

The second issue is more disappointing. Having both an HDMI port and one TB/DisplayPort available (the other is used for the actual connection to the laptop), the hub supposedly supports attaching two screens. I first connected my primary monitor to the hub HDMI port; HDMI is the only way to get 4k on the 2012 MBPr. This worked fine, exactly as it did on the actual laptop port. However, as soon as I attached a second screen to the TB port on the hub, the HDMI connection was downgraded to half the native resolution. This did not happen when I had both screens attached to the laptop, so it doesn't seem to be an issue with OSX; rather, the hub must be doing some internal processing over video streams, and must have some sort of ceiling in the amount of pixels it can push down the wire (or something to that effect). In short, I would recommend to only attach one monitor to the hub, if it is a high-res screen.

A similar behaviour appears if your HDMI screen happens to have speakers. Sound quality degrades so massively, it is simply unusable: lagging, skipping, terrible sound all around. It's weird, because the analog headphone jack works perfectly, so it must have something to do (again) with HDMI stream management.

The fourth issue, and the reason I wouldn't be surprised if it turned out this is indeed a returned model, is that the whole hub suffers something like a crash if you use the "high power USB" ports for more than a couple of hours. All attached devices suddenly stop working, and reconnecting the TB cable makes no difference. The couple of times it happened, I had to power-cycle the unit (which does not have a switch, so I had to unplug the mains cord) after disconnecting all non-essential devices, in order to get it back online. I've isolated the issue to the high-powered USB ports, which I used for two Kindle units: if I detach the cables after 20 or 30 minutes, all is fine, but if I leave them there for a few hours, inevitably I'll get a crash. To be on the safe side, I moved my precious TB drive back to the second TB port on the laptop (I simply cannot afford to corrupt that drive), and mostly stopped used those ports.

The last point is not a real problem, just a little gotcha. The headphone jack is analog, but it's not an automatic passthrough. In order to actually use it, you have to go to System Preferences / Sound / Output, and select "USB audio output" as your output device. Quality seems fine, but I'm not an audiophile so I will refrain from commenting further.

Overall, the hub seems to work more or less fine (bar the power-loss scare), and it's very convenient for my setup. Thunderbolt, even in its first incarnation, is an extremely powerful standard, just on the expensive side. I won't be buying a new MBP anytime soon (new models are just not as powerful as I'd like, the British Pound is moribund, and this 2012 model is still rocking), but if you do, you should find the power of TB3/USB-C outweighs the annoyance of migrating to yet another I/O standard.

Best way to get locale info and localized strings on Python

One area where Windows often beats the Unix tradition is internationalisation. Traditional POSIX interfaces assume there will be One And Only One set of internationalised conventions (display language, date format etc) at runtime, and are mostly concerned with displaying data formatted for that One True Set. When you want something "international" on POSIX, you switch your locale with setlocale() and do your business. This approach unfortunately percolates in Unix-borne tools and languages, in this case Python. There is no "pure-Python" alternative to good ol' GetLocaleInfo, so there is no way to retrieve, say, the French name for January without switching the whole process locale with setlocale(). This is pretty insane and likely dangerous.
Most libraries hack their way around this by packing an arbitrary subset of i18n strings, or just go full-YOLO by switching process locale back and forth. It's a sad state of affairs.
However, there is a better way. The Unicode Consortium, in its infinite wisdom, maintains a big database of localisation metadata, the CLDR. You can either download the full set yourself and parse a bunch of XML files, or you can use the Babel library which basically does it for you.

$> pip install babel
...
$> python
>>> import babel
>>> locale = babel.Locale('fr')
>>> locale.months['format']['wide'][1]
'janvier'

Et voilà.

On fixing hardware

There is a certain satisfaction in fixing hardware. It can be pretty trivial at times: unscrew a bunch of pieces, replace the broken bit, screw everything back together. The worst that can happen is to end up with one or two screws that don't seem to go anywhere once you put things back.

I recently fixed a Kindle from a few years ago (model D00901, aka "the one with a little keyboard"), and I had exactly this experience, minus the extra screws. I just opened it all up, disconnected the broken screen, replaced it with a new one from eBay (£16), and put it all back together - done. By then I'd already bought a replacement Voyage, but I can now give this to my kids. I was also pretty happy to get this particular model back, because it's much easier to hack than the Voyage (Amazon, wtf? I still can't change screensaver images, in 2016??)

Moral of the story - always try to fix broken hardware. It might save you a few pennies and, in the age of youtube, you don't even have to be an expert to do it.

CSL Vertical Mouse Review

A couple of weeks ago, I started experiencing a bit of recurring pain in the right forearm. I put it down to a few heavy sessions of MiniMetro, a game where you have to constantly drag & drop between points on the screen; the Magic Trackpad, even rotated in a negative-slope position, was forcing my arm and wrist to do too much work. After a bit of googling, I decided to try a vertical mouse, which should (in theory) keep your arm in a more natural position, and actually move a lot of work from wrist and forearm muscles towards the shoulder and upper arm muscles.

The market for ergonomic devices has always been small, but there's a surprisingly wide choice of vertical mice out there. Unfortunately, a lot of them don't inspire much confidence; some are sold as vertical but actually end up being just fancy-shaped regular mice. The best in class seem to be Evoluent products, which are really vertical and really ergonomic but also really expensive. I wasn't ready to drop almost £100 on something I might not like, so I steered towards cheaper alternatives.

Some of the best reviews on the net pointed towards this fin-shaped CSL wireless mouse, and it was so inexpensive that it wouldn't feel like a waste if I ended up not liking it. The shape makes a bit more sense when you see the SHARKK-branded version - fins, sharks... I honestly don't know which brand came first or which one is more reliable; SHARKK is a US company whereas CSL seems to be based in Germany, but both have a history of distributing and rebranding products by Asian manufacturers, so the original factory is probably the same Shenzhen hangout.

The most annoying element of this mouse is the fact that it does not use Bluetooth, but rather a bog-standard USB wifi dongle. In recent Macs, USB ports are very few and losing one forever is a Big Deal.

The mouse does not require drivers, which is great news for Mac users. It simply appears as a regular HID with 5 buttons: left, right, middle (under the wheel),  and two near the thumb. A sixth button, on top of the fin, is actually the DPI selector, which allows you to change resolution (and hence sensitivity) between three modes: 800, 1200 and 1600 DPI. The selector works fine (just cycles through modes as you click it, with no feedback on screen) but OSX just doesn't "see it" as a regular button, which means you cannot easily re-purpose it once you've set the DPI mode. How often will you need to change mouse sensitivity? An operation so rarely performed doesn't really deserve a large button in such a prime location, but there you go.

The two thumb buttons are supposed to be for browser Back/Forward, but with Firefox they actually trigger the infamous "hold and scroll" widget, so I used BetterTouchTool to remap them with  trackpad gestures I used the most (Mission Control to switch between windows across all apps, and Application Exposé to switch between application-specific windows). I also set middle-click to Launchpad. A little quirk: the mouse built-in powersave settings will switch off the mouse if you don't use it for a few minutes; often you will have to click it or shake it to wake it up. There is no way to disable this behaviour under Mac.

It obviously takes a bit of time to adapt to the vertical position. Movements that would rely on the wrist with a trackpad or horizontal mouse, now require better coordination further up the arm. Wrist movements are set on a different axis (up-down, rather than sideways), but to be honest it's probably best to keep them at a minimum, relying on your arm instead.

After a few days of use, the pain seems to have gone, which is great news. However, I'm not totally convinced about this mouse. It does take some conscious effort to keep my hand in the vertical position, being way too easy to absent-mindedly slip back into a traditional posture; the fin shape will not stop you from doing it. That's probably the reason Evoluent models have steeper shapes.

WRONG! Might as well get a normal mouse then...

Correct position, with vertical wrist.

My hand as a whole also does not feel more relaxed, and the mouse/keyboard switch now seems a bit more tiring, since I have to actually rotate the forearm; I guess I could address that by sloping my keyboard, something I've resisted until now. Still, it's a bit annoying.

In conclusion, the CSL vertical mouse is great value for money: solid build, works flawlessly, cheap as chips. Is it a great vertical mouse though? I'm not so sure. Will I switch to vertical mice for good? Probably not, at this time and with this mouse, but I will revisit this position in a month or two.

How to (not) handle OneDrive/Sharepoint "Sync Now" on Mac OSX

UPDATE October 2017: This post is obsolete, the OneDrive client for Mac now handles sync correctly. If you still have issues, file a bug report.

This bugged me for a bit and finally got around (almost) fixing it yesterday, so I thought I'd record it for posterity.

Microsoft Office365 will usually include a Sharepoint implementation of some sort. Sharepoint now integrates with OneDrive (aka "Microsoft Dropbox")... on Windows. On Mac, the current state of play is as follows:

• You should get the free OneDrive app from Mac App Store. If you have previous beta versions or anything like that (which never worked particularly well), uninstall them before installing this.
• Once you start and connect OneDrive to your Office365 subscription, your personal files will automatically sync to the OneDrive folder. It seems to work reasonably well.
• However, files shared by others to you will not sync. The feature is just not implemented yet.
• If you access Sharepoint or OneDrive from the website and click on the Sync Now button, the website will generate a link that looks like this: grvopen://http-etc-etc and pass it to the browser. By default this grvopen protocol will be associated with OneDrive and do nothing, because (guess what?) the feature is not implemented yet.
• However, if you have a virtual machine with Windows and Office installed, there is a chance that the link will be passed to the Sharepoint client running on that machine. You probably don't want that: it will likely break things once the feature lands in OneDrive for Mac. So you can follow these instructions for VmWare Fusion to stop it from happening. Make sure to click on Clean Up Applications after deselecting Open your Mac files and web links using Windows applications. (Other virtualization products will have different ways of doing this, check your docs.)

I can see a forced approach where you configure OneDrive in your virtualized Office to use the same folder that OneDrive for Mac is using, but I expect this would bring up all sorts of issues. These sync programs do a lot of dirty tricks with file metadata and I'd rather not risk precious company files. I guess I'll just wait for MS to bring feature parity to OSX, and use the website in the meantime (which is actually slowly improving as well).

Python SDK for Azure Basic Tutorial

As Spider-Man would say, from great enterprise comes great complexity. Microsoft cloud services are very, very enterprisey; which means they're also absurdly overcomplicated. One can probably spend most of his 30-day trial simply wandering around their dozens of different "portals" and "account management" screens. So here's a simple tutorial on going from zero to spinning up a VM with the Python SDK. (This is a work in progress, but hopefully it saves you the headaches I got).

1. Sign up for an Azure free trial. You'll need a phone and a credit card, because MS requires verification like pr0n sites of yore.
2. WAIT! DON'T DO ANYTHING! After the signup is successful and you're sent to the dashboard, chances are that your account is not actually fully formed, and you might be getting a lot of prompts about signing up for a Pay As You Go subscription. Wait 10 to 15 minutes. Grab a coffee; check Hacker News; live the enterprise life.
3. close your browser and go back to the portal.
4. Go to your active directory
   
5. Create a Global Admin user by clicking on ADD USER (not the giant NEW, that would be too easy!). Write down the temporary password. (Note: I've no idea whether it has to be a global admin, but we're just trying to keep things simple here.)
   
6. Now you have to associate the user to your Azure subscription, because you created it, it's in your AD, but obviously it's completely unrelated to your resources. Enterprise life! Go back to Azure portal, click on Subscriptions. NOTE DOWN YOUR SUBSCRIPTION ID, you'll need it later.
   
7. Click on the subscription then Settings
   
8. Click on Users (bottom right)
   
9. Click on Add, select the Owner role, then add the new user to it. (Note: again, Owner is probably a bit too powerful, but we're trying to keep things simple.) Reference here.
   
10. Now open a Private Window in your browser, or sign out of your account, because you have to log on the same portal as the new user.
11. After logging on, you'll be forced to change the password. Done? Good; log out, close the window, the web-based ordeal is officially over.
12. Create and activate a virtualenv (this procedure will differ depending on your platform/setup, reference here):

    mkdir azure_test && cd azure_test
    pyvenv-3.5 env
    source env/bin/activate
    pip install --upgrade pip   # this is optional but good practice
    

13. install the Azure sdk

    pip install --pre azure

14. Launch python and get cracking:

    sub_id = 'your-sub-id'  # you should have got this earlier, it's visible in "Subscriptions"
    # authentication reference at
    # http://azure-sdk-for-python.readthedocs.io/en/latest/resourcemanagementauthentication.html#using-ad-user-password
    from azure.common.credentials import UserPassCredentials
    credentials = UserPassCredentials('yourADuser@youraccount.onmicrosoft.com','youropassword')
    from azure.mgmt.resource.resources import ResourceManagementClient
    resource_client = ResourceManagementClient(credentials, sub_id)
    
    # one-off registrations, supposedly you won't need them next time
    resource_client.providers.register('Microsoft.Compute')
    resource_client.providers.register('Microsoft.Network')
    resource_client.providers.register('Microsoft.Storage')
    
    # create the clients
    from azure.mgmt.compute import ComputeManagementClient
    compute_client = ComputeManagementClient(credentials, sub_id)
    from azure.mgmt.network import NetworkManagementClient
    network_client = NetworkManagementClient(credentials, sub_id)
    from azure.mgmt.storage import StorageManagementClient
    storage_client = StorageManagementClient(credentials, sub_id)
    

15. Now follow the code to create a VM here, skipping the 4 lines that define resource_client, storage_client etc, because you already have them.

The Nifty Minidrive is a Nifty Hack

I know it's fashionable to hate on the Nifty Minidrive: "overpriced SD adapter!" "I can get an equivalent one for $2!". Truth is, it's an ingenious hack; a well executed, high-quality concept conceived by two local Manchester lads with a Kickstarter campaign. I've tried the cheap alternatives and they just don't compare.

Yesterday I was in Staples (aka Home Depot) for various reasons, and on a whim I picked up a Sandisk 128GB SDXC card to replace the 64GB one I was already using with Nifty. A quick swap, and now I have a grand total of 640 GB of space on my MBPr. That was just too easy!

(This said, I hope Apple hurries up with the MBPr refresh so I can buy a new laptop with 1TB disk. I was really disappointed by the lack of hardware announcements at WWDC; my current MBPr is now 4 years old but I'm not going to drop two grand on a new machine with chips from 2014...)

Change your login background in OSX

A little something for my long-suffering OSX readers: a simple script to change your login background. Note that images must be in PNG format.

Copypaste the code above, save it as /usr/local/bin/set_login_background.sh, and execute like this (the first line is necessary only on first usage):

sudo chmod a+x /usr/local/bin/set_login_background.sh
sudo set_login_background.sh /path/to/my-new-image.PNG

WebCrypto and GPG - yet another missed opportunity

(Preface: I’m not good at crypto. My brain is just not big enough to juggle the necessary math. What I can do, in most cases, is juggling the basic concepts (private/public keys, certificates, chain of trust, hashing, signing, salting, encrypting, ciphers, etc) and parsing crypto-jargon enough to get by. I like to believe I belong to the silent majority of web plumbers out there — as far as I know, the world of real cryptographers and crypto-developers is still very small. If anything I say here is wrong, by all means let me know in comments.)

I’m yet again dismayed at the stubborness of crypto-nerd in making things as awkward as possible for the rest of us.

I’m currently trying to setup a simple browser extension to verify signed data, given public keys. A fairly mundane problem, one would think; and sure enough, browser vendors recently started to implement secure interfaces for this sort of operation. Great!

So let’s import a public key to verify some data. What is the most popular key manager/generator out there, something that has been around for 25 years in various incarnations? PGP/GnuPG, of course. So I export a standard RSA key in the classic armoured format and… nothing. SubtleCrypto.importKey() does not support it. Most examples I got from googling (like these excellent ones) use JWK, yet-another-JSON-format-invented-yesterday. There are a bunch of tools out there to convert OpenSSL PEM keys to JWK (for Node.js, unsurprisingly), but nothing straightforward for PGP/GPG. No biggie: considering GnuPG is only at the core of software distribution for (almost) the entire world of Linux, it’s understandable that it could be overlooked... /sarcasm

In the end, one could probably get by using hacks like the one described here. To be honest, I’ve not tried — by the time I found it, the evening had gone and the level of frustration was too high.

Projects like Let’s Encrypt demonstrated very clearly that everyday cryptography is held back by inconsiderate and hostile interfaces; once you remove them, people adopt it extremely quickly. It is understandable that legacy implementations (X509 and so on) will be awkward; but brand new interfaces which are supposed to gain widespread popularity outside the small circle of crypto specialists, designed in the last decade, should be better than this.

OSX Nostalgia

I have to say, I really don’t like the direction the OSX interface is going. All this flatness is tremendously boring. I’ve found myself very nostalgic of the old ”Aqua” interface several times in the last few months.

Unfortunately, Jony Ive’s iron grip is so tight, all theming/customization hooks have been removed from recent OSX releases. There is now no application (that I know of) which could reskin windows, toolbars and scrollbars.

The only avenue left to UI tinkerers is icons. You can still use LiteIcon to override system icons, and of course copy-paste on individual folders. I’m currently using icons from the classic Iconfactory World of Aqua series, and I just love them.

Some programs will thankfully allow you to customize them. There are plenty of Aqua themes for Firefox, I use a slightly cheesy one. iTerm2 has an ”Aqua” option for its tabs.

If you are an app developer — please consider some skinning support. For all the talk about ”consistency” from UI nazis, the first thing people do on a new computer is still to customize the desktop background...