• Why Russia locks up so many entrepreneurs
  Being a business man in Russia can be dangerous it seems.
• The Perfect Compliment
  This is not some cheesy “how to”, but actually a nice story to read.
• A class divided
  Very interesting documentary about an elementary school teacher and how she taught 3rd graders about discrimination.
• The Invisible Bank: How Kenya Has Beaten the World in Mobile Money
  Innovation doesn’t only happen in the so-called “developed” world.
• The Ultimate Counterfeiter Isn’t a Crook—He’s an Artist
  You’ve probably never heard about Hans-Jürgen Kuhl before, but his story is fascinating.
• How tiny wasps cope with being smaller than amoebas
  Nature never ceases to surprise me.
• Think Again: India’s Rise
  Very interesting article on India’s role in world politics.

About 1.5 month ago I finally packaged some of my Ruby extension methods into the aptly named Shenanigans gem. It’s similar to Facets or ActiveSupport, but probably less useful to most people. Also some of the methods actually are in Facets, although sometimes with different names or slightly different semantics. Anyway, since some people told me they actually do like the gem, here’s a quick summary of what the different methods do and how they can be useful.

• Array#^: Ruby defines Set#^, which returns the elements exclusive between the set and a given enum. Since a lot of people use arrays instead of proper sets in Ruby, I found it makes a nice addition to Array#| and Array#&.

• Array#random_subarray: Generates one or more random subarrays of an array, using the fact that Ruby can index integers to get the bit values to ensure fast uniform distributions. Similar to Array#sample, but can generate several subarrays at once.

• Array#zip_with: The more general form of zip (e.g. in Haskell you could define zip = zipWith (,)). Like Ruby’s Enumerable#inject it can take a symbol argument or a block, and like Haskell’s zip it discards excess array elements if one list is shorter than the other, whereas Ruby’s Array#zip only does that if the receiver is shorter than the argument (it adds nils in the other case).

• Hash#has_shape?: A quick way to check if a hash’s keys are of certain classes. This does feel a bit strange in a duck-typed language like Ruby, but someone asked for it on StackOverflow and it was easy enough to write. This could be useful in validations or unit tests though.

• Hash#to_ostruct: I really like the rails_config gem. I therefore decided to write something that gives me similar functionality (although a lot simpler) for plain Ruby projects. Basically this recursively converts a hash and all nested hashes into OpenStruct instances. Populate the hash with Ruby’s YAML support and you have an instant settings object.

• Kernel#fn: I admit, this was more of a “because I can” method. Originally I wrote this so I could compose blocks in pointfree style, but later added support for Proc instances too.

• Kernel#prompt: While it’s great that Ruby’s IO#gets is so general, I always wanted something like Python’s raw_input for command line apps. Additionally you can also automatically call any of the numeric conversions, and I’m pondering adding support for every unary string method.

• Kernel#with: I think Object#tap is great. However, I sometimes see it used as a replacement for Enumerable#inject or Enumerable#each_with_object, but for some reason I never really liked the semantics of it. And since I’m anal about that sort of thing I added this Pascal/ActionScript like with statement.

• Object#display: Having no proper object-oriented way to print objects in Ruby always kinda bothered me, so I abused Object#tap as a wrapper around Kernel#puts and Kernel#print. Additionally this is aliased to the name d, which I stole from irbtools. The latter form makes it great for debugging method chains and the likes.

• Object#it: I always disliked blocks of the form { |x| x } that sometimes crop up when using Enumerable#group_by or similar methods. Since Ruby lacks an identity method and id has historically been taken, I decided to name it it.

It’s one thing to talk about tailoring content, in news or non-fiction, for ratings or traffic. It’s another to see the structures that governs profit-making online silence a discussion altogether. Ad servers who are literally providing a financial disincentive to discuss rape and sexual assault should be ashamed.

• How Do Plants Know Which Way Is Up And Which Way Is Down?
  To be honest, I never wondered (or rather I just assumed it’s because of the sun).
• TV Tropes Bows to Google’s Ad Servers, Deletes Discussions of Sexual Assault in Culture
  The quote at the top alreadys says everything.
• Einfach mehrsprachig
  Some schools in Vienna try to find better ways to integrate children with migrant backgrounds (article in German).
• Mexico’s Bright Light
  It’s seldom enough one hears good news about Mexico, so even if the situation in Mexico City is still far from perfect, this is still somewhat encouraging.
• Angola helps out Portugal
  One more sign that the days of the North-South divide may soon come to an end.
• Toru Iwatani, 1986 PacMan Designer
  An old interview with the designer of PacMan.
• Yours in distress, Alan
  A letter by Alan Turing.

It was like finding out your husband didn’t just cheat, but had a frequent-flier account with every brothel in North America for the past 10 years.

• I Don’t “Get” Art
  More than once I found myself at an exhibition with exactly the same thoughts.
• I’ve been playing the same game of Civilization II for almost 10 years. This is the result.
  A Redditor describes the in-game worl of a game of Civilization II he’s been playing for 10 years. Also see the new subreddit, the interview with Sid Meier and a player who managed to save the world.
• Colours in movie posters since 1914
  I love how engineers tackle all sorts of problems.
• The Kachin borderlands
  China’s political and economic impact on Burma’s border state Kachin.
• Top US universities put their reputations online
  On the online courses offered by MIT, Harvard and Stanford.
• The Great German Energy Experiment
  After Fukushima Germany decided to change its energy policies. Was this really a wise decision?
• The Scam Wall Street Learned From the Mafia
  Another great article by the Rolling Stone, I always like how direct they are.
• Lebenslang für Norwegen
  The Breivik trial is coming to its end, but the scars in the Norwegian psyche are deep (in German).
• When My Crazy Father Actually Lost His Mind
  A touching personal account of a family dealing with mental illness.
• Like a prion, Alzheimer’s protein seeds itself in the brain
  Always good to see some new research on a disease like Alzheimer’s.

Disclaimer 1: The good folks of No Starch Press were kind enough to provide me with a review copy of this book, but this did not influence the following text.

Disclaimer 2: Links to books are Amazon affiliate links.

I’ve been interested in IT security for a long time, but obviously even more so since I started working professionally in this area. Since web applications have become ubiquitous in recent years, they constitute a big part of our penetration testing work. This is a very broad topic, so The Tangled Web: A Guide to Securing Modern Web Applications by Michal Zalewski is an ambitious project.

The first thing I noticed was that the book is comparatively thin. At around 300 pages it’s only about one third of The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws. Don’t let that fool you though, this book is not a lightweight by any means. It’s logically structured in three parts, the first of which explores the various components that constitute the web as we know it today (URLs, HTTP, HTML, CSS etc.) and their security implications. This is followed by a look at the security features — and their shortcomings — of current browsers. After this part 3 deals with current developments and the future of browser and web application security. This is rounded off by a list of common security problems including references to the chapters of the book that cover them, as well as an epilogue with a surprisingly philosophical outlook on IT security and trust in human societies.

The writing was clear and to the point, with tons of footnotes and references to provide the interested reader with the chance to further research the presented topics. The author clearly knows what he’s talking about and manages to present it in a very approachable way. Due to it’s limited size the book still has to be a bit dense though, so I never really felt like reading more than one chapter at a time, otherwise it’d have been to much information to take in at once.

Whether you work in IT security or are a web application developer, this definitely is a book you don’t want to miss.

[H]e worries that economic and ecological collapse will come much sooner than we think, and that the time to start behaving in an anarchic way—taking care of ourselves instead of deferring to government and big business—is now. He wants, in his words, for people to have a “soft landing” when the global shit hits the global fan.

• Why I think RMS is a fanatic, and why that matters.
  The most current “RMS is a fanatic” post by ESR. While he may be right that pragmatism sells better, I always admired Stallman’s approach.
• Why Privacy Matters Even if You Have ‘Nothing to Hide’
  Most of the readers of my blog are probably aware of everything written in this article, but it’s a very good resource for sending to people who don’t follow the privacy debate much.
• Crypto breakthrough shows Flame was designed by world-class scientists
  Some more background on Flame.
• Anarchy Is Boring
  This is a good article a lot of people calling themselves anarchists should read.
• G8-Gipfel in Genua - Letzter Akt mit hohen Haftstrafen?
  11 years after the protests it seems like several protesters will have to go for a long time (in German).
• The Male Gaze
  I hope that one day I can stop including articles about discrimation against women in tech.
• A game theoretic approach to the toilet seat problem
  Mathematics to the rescue.
• The Use of Computers to Support Oppression
  On the role of computers in the South African apartheid system.

At work we are building a Rails app that’s supposed to run on appliances instead of being hosted by us. To make it easier to deal with bug reports and feature requests, we always display the version number in the footer. A couple of days ago I thought it’d be handy to replace this with the current branch in development mode. Using Grit the solution couldn’t have been any simpler:

1
2
3
4

def version_div
  version = Rails.env.development? ? ::Grit::Repo.new(Rails.root).head.name : ::OurApp::Application::Version
  content_tag(:div, content_tag(:span, version), :class => "version")
end

Call version_div in a view and you are good to go. If dragging in another dev dependency for just one call bothers you, you can also shell out to get the current branch: git rev-parse --abbrev-ref HEAD.

[S]omeone who takes MDPV may find himself feeling extremely paranoid and panicky, but he’s unlikely to believe that a giant lizard wearing a tuxedo is about to eat his cat.

• Salt, We Misjudged You
  Like with many things, I think listening to your body will solve this controversy in a rather natural manner.
• German teen Shouryya Ray solves 300-year-old mathematical riddle posed by Sir Isaac Newton
  In case that’s not impresive enough, he solved another mathematical problem (from the 19th century) too.
• How tiny insects survive the rain
  Nature definitely has a cool bag of tricks.
• The Straight Dope on What Bath Salts Do to Your Brain and Why They’re Dangerous
  An informative and rationale article, without the usual cannibal and zombie panic.
• Five Geek Social Fallacies
  I’ll try to look more closely for these in the geek communities I’m a part of.
• The 22 rules of storytelling, according to Pixar
  Seemingly simple rules that make the Pixar movies as great as they are.
• Black Hatted
  Interesting post on how an ATM manufacturerer cooperated with a security researcher. More companies should behave this way.
• The EU’s far frontier
  How joining the Schengen area was detrimental to the development of Eastern Poland.
• Work on unimportant problems
  While there are things I disagree with in this article, the overall message is something that strikes a chord with me.
• The Cup Runneth Over
  Some critical thoughts on Ukraine in light of the Euro Cup.

Review of Black Hat by Obi-Wan Kenobi: “You will never find a more wretched hive of scum and villainy.”

Due to a trip this week’s Information Overload is a bit earlier and shorter than usual. There won’t be a new issue next week by the way.

You should never want to be average — unless you are below average. This is a cry for normalcy, when so many others wish to be abnormal.

• Being deaf
  If you ever wondered how it’s like to be deaf, you should read this.
• It’s not feminism that hurts men
  I agree. A lot of men suffer because of how society taught them men ought to be.
• Al-Jazeera’s ®Evolution
  Interesting article about Al-Jazeera and the role of the Quatari government in the network.
• First Impressions Count
  Some statistical analysis regarding first impressions.
• Former Colombian Hostage Is Suspected of Helping Plan His Kidnapping
  Another bizarre story from the Columbian conflict.
• What Science Owes The Rodeo
  A very personal story about a scientist.

• Hot spring yields hybrid genome
  This is about a month old, but I finally got around to reading it. Also: a combined RNA+DNA virus, damn.
• Kodak Had A Secret Nuclear Reactor Loaded With Enriched Uranium Hidden In A Basement
  While “they could have started their own nuclear war if they wanted” is a terrible exaggeration, this is still interesting.
• Who wants to buy Honduras
  I’m not sure what to think of this proposed “charter city”.
• The Bizarre History of the Vibrator: From Cleopatra’s Angry Bees to Steam-Powered Dildos
  A Gizmondo article on a different kind of gadget.
• 5 Gender Stereotypes That Used To Be the Exact Opposite
  Since this is from Cracked.com it’s rather light-hearted, but still something you may want to send to people who are too stuck on certain gender roles.
• The Short, 16-Step Guide to Getting Rid of Your Crap
  I’ve also followed this “own less” approach for a few years now, it’s quite liberating.
• Oracle Goes for Broke in Court Battle With Google
  Interesting. Also: coolest judge ever?
• Gödel and the limits of logic
  A very nice article on Kurt Gödel.
• Google goes cancer: Researchers use search engine algorithm to find cancer biomarkers
  Nice work by TU Dresden.
• Why Aren’t Cities Littered With Dead Pigeons?
  This is the sort of question that really needs an answer.