Terminal features wishlist: #1: Paste Intercept

Created: 10th July 2008 by Jamm!n
A terminal program should have sufficient intelligence to recognise that, when (a) it is at a shell prompt, and (b) the user has just middle-clicked and sent hundreds of lines from the copy-paste buffer hurtling towards the shell prompt, the user may have made a mistake, the user’s mouse inadvertantly striking some object perhaps… and it should ask him whether he really wants to do that.

This was part of a much larger post which got killed by a bug in WordPress… “Are you sure you want to edit this post?” it asked. Yes, quoth I. And it was gone. 2 hours of scribbles, vanished, and even going back in the browser doesn’t recover it.

Related wishlist item: Anyone know of a little program that can sit on the desktop, probably always on top (so SMALL) and on all desks, which will show the current contents of the (Unix) copy-paste buffer, and provide a button to clear it? Even better if it can save a few of them too, even just 2 or 3. I like the Unix system. Left click and drag to select. Left click and right click to select by marking start and end points. Middle click to paste. It’s simple, it’s fast, it avoids faffing with menus. But there’s always a slight frisson of doubt which sets in as time passes between cut and paste. Currently the only way to find out is to paste somewhere. I’d like to just be able to look at the corner of the screen, see a tiny rendering of the contents, and know.


M-Audio Xponent Woe – an update

Created: 24th September 2007 by Administrator

You may have read my generally glowing review of the M-Audio Xponent. I’ve been meaning to update you all with some important news on that front. After I wrote the review, my Xponent developed a fault. I’d had it less than a month, and it had had only fairly light use, maybe 8-10 hours total.

One of the audio channels started cutting out (on both Main and Booth out). Started as just a bit of distortion, then it was really quiet and badly distorted, then it cut out completely. The headphone channel wasn’t affected.

I surmised that this was a bad electrical connection. To test this theory, I did what any self-respecting techie would do: gave it a whack (well, a gentle tap on the side, and then lifting the right-hand side of the unit by about an inch and letting it drop). That did the trick: the sound cut back in, diagnosis confirmed.

Obviously I was mortified that the unit should have such a trivial manufacturing fault (it wasn’t the only one either… I’d already started to uncover some much more subtle and minor problems, like one of the pots being centred at controller value 66 rather than 64). So it was sent back to DV. A month later, repairs were still not done and there was no ETA, so after some argument and quoting of the Sale of Goods Act, DV graciously agreed to a refund.

All of that prompted a reassessment of what I was aiming for with DJing, and whether computer-based mixing would really work for me even if I got a fully working Xponent. Was I happy to be staring at a monitor to mix? No, I do that all day for my day job. Could I imagine taking a laptop and console out to a club every time I play out? No, I’d just worry about it getting nicked, broken, and the hassle of setting it up. Was I content with the quality? Sort of, but in my heart I knew it wasn’t ever going to be as good as a pro quality mixer. If I’m serious about DJing, I might as well do it on the equipment that is already there in every club the length and breadth of the land.

So I decided to invest in Pioneer CDJ1000s and a new mixer after all. That has definitely turned out to be the right choice for me. I’m having a lot more fun now than I was doing it on the computer, and getting professional-quality results that I don’t think I’d have got from the Xponent. All at much higher cost, of course, so it comes down to considering it as an investment rather than an expense. I’m glad I tried out the computer mixing option first, and did it with a console that (manufacturing defects aside), can seriously claim to be the best or one of the best out there. That left me in no doubt that I needed to pursue a different approach, rather than just a different console.


M-Audio Xponent + Linux + mixxx

Created: 3rd July 2007 by Jamm!n

Updated: 2007/07/27 – New section on LEDs. Update on mixxx SVN.

In case any of you who have read my review of the M-Audio Xponent are thinking of getting one and wondering “but will it work under Linux?”, the short answer is a resounding Yes!… except for the LEDs, so far. More on that later.

I use Debian unstable with a hand-rolled kernel. YMMV, of course, but the chances are that if you’re using any modern distro you’ll be fine. In fact you may not even have to manually insert the kernel modules if you have a working udev setup, you might just be able to plug’n’play.

Full details below the cut, as they say…

More »


M-Audio Xponent review

Created: 29th June 2007 by Jamm!n

M-Audio Xponent

Update: After you’ve read this article, before you rush out and buy one of these, you should read this update (don’t worry, I’ll link to it at the bottom of the page too.

It’s rare for me to suffer from “gear lust” but the M-Audio Xponent set my pulse racing when I discovered it on the web. I’ve now had it for a few days so here’s my review. I won’t be reviewing the Torq software: I haven’t used it, as I only have Linux at the moment.
There’s a separate article about my experience getting the Xponent working with Linux and mixxx.

Review follows:
More »


import_request_variables(): When will PHP stop being insecure by design?

Created: 9th March 2007 by Jamm!n

Re Bugtraq post PHP import_request_variables() arbitrary variable overwrite.

This sort of thing really brings it home how the PHP core team still
don’t seem to really understand security… or would rather sacrifice it
in the name of backwards, very backwards, compatibility.

If you’re going to provide a function like import_request_variables()
to replace the blatantly-unsafe register_globals, how on earth can you
get it so badly wrong that it’s even more unsafe?? I mean, security 101
for a function like this would be:

  1. Don’t overwrite any existing global variables (come on!)
  2. Failing to specify a prefix should be at least an E_WARNING.
  3. Stop pandering to people who wrote or still use bad code originating back in PHP3 days, and aim towards getting rid of the whole concept of registering global variable symbols from user-supplied data. It was always a bad idea, it’s never going to stop being a bad idea, just drop it.

I also get terribly bored of seeing bugtraq reports of a “full path disclosure” bug in some app (like it’s a big deal too), only to find that it is, once again, PHP itself that’s at fault. Sure, the sysadmin on a production machine should set display_errors = Off, but if it’s left on why does PHP show the full path? If the purpose is to help the programmer developing code (who somehow doesn’t have access to the server errorlog), then the programmer doesn’t need the full path, they already know where the docroot is — so when showing errors from scripts in the docroot, why not only show the path relative to the docroot? And if from an included or required file outside the docroot, just the last directory component ought to suffice. The full path can still go in the error log, and then maybe developers would learn to use it instead of relying on errors going to screen…

PHP can be secure, but it really needs to stop offering features that are insecure by definition.


The greatest threat to our way of life

Created: 10th November 2006 by Ben

Police are calling for flag burning to be made illegal. Why? Allegedly because “Britain [has] come to be seen at home and abroad as soft on extremist demonstrators.” (my emphasis).

Oh really? That’s why we’ve just had a successful prosecution of a demonstrator for inciting racial hatred. If demonstrators really are extremist, they can be prosecuted under existing laws.

This government has introduced 3000 new criminal offences in 9 years. Despite early release of prisoners, the prisons are full already (it doesn’t take a genius to work out that’s going to happen, but seems to have taken the govt completely by surprise!), and yet the police continue to ask for more and crazier laws. Why? Really, why? Could it be that in order to create a successful totalitarian/police state, anyone who refuses to be cowed by the climate of fear created by the State, anyone who does not buy into the whole War on Terror story, must be kept in line by other means?

This should come as no great surprise; we already lost the rights of assembly and peaceful protest some years ago on the back of the Mayday anti-capitalist shenanigans. Which kinda proves the point that if you fight fire with fire, a lot of people are going to get burned. All those “anarchists” smashing up McDonalds managed to achieve was to hand over a load more power to the State. Nice work.

The greatest threat to our freedom and way of life in this country is for stupid laws to be passed which take it away. The idiots calling for and creating these laws insist that they are trying to safeguard our freedom, but it is they, not terrorists, who are systematically destroying it. We need to work against such stupidity, but it should be done carefully, with cunning rather than blind rage. They are big, we are small; we cannot fight them head on, but we can (quite clearly) outsmart them.