Blog

Day One of Media Fast

Posted on: 2012-07-11 22:20:20

Well, it has been 24 hours since I last looked Facebook. I turned off notifications on my phone and went a step further on my laptop. I have this bad habit of creating a new tab and then tapping F-A- and letting autocomplete finish the job. To help me get away from this, I used MAMP and set up a new virtual host for the domains that I use frequently to distract myself:

!http://files.classyllama.com/dec8e77a/You_have_better_things_to_do.-20120711-131615.jpg!

All-in-all while I was still somewhat distracted today, I had other things and people distracting me and the time that I wasn't being distracted (which is really the wrong word for it as I was actually helping and doing productive activities)... at any rate I felt less distracted than normal.

So that seems to be a success.

Twitter and YouTube were far easier since most of the time I click on links in group Skype chats or IRC channels. However those are blocked too.

On a side note, I did find a rather neat little application called "Vagrant":http://vagrantup.com/ today that allows you to package application environments (OS / Stack) and code in single package format that can be distributed to others. Pretty nifty.

Continue reading...

What's Important

Posted on: 2012-07-10 23:45:42

As a general rule, I estimate there there are three basic "modes" under which a person (such as myself) operates: nominal, stressed, burnout. While there could arguably be described a fourth mode, power, it is not a mode that most people find themselves in very often. Nominal would be how you are day-to-day -- low to minimal stress load which ultimately doesn't affect your overall performance because your daily "down-time" resets you. Stressed would be a place where your stress load leaves you with a net loss of energy or performance. You can still function and perform but at a reduced efficiency or pace. Burnout is a place where your efficiency and performance are reduced to bare minimum levels and without actively attempting to get into a place of energy gain it is very hard to get out of.

Every couple of years, I find myself somehow getting into a phase of burnout. Sometimes it lasts a couple of weeks, sometimes months. I've probably been in this now for about 3 weeks. I truly felt like progress was being made up until this week. Then something else hit me. I've been trying really hard to work out of it by allowing myself to entertain paths and trails of thought that were interesting but unimportant. I gained some energy from those things.

But now I realize that those mental excursions were just another way for me to get "tied up." I feel those same old habits coming back around like a no-good addiction. Most of these things are not important. So that's what I'm asking myself lately: "What's important?"

Aside from a few specific tasks that I do every day plus work and family time... not much. So I think what is going to happen next is that a list of specific things is going to be "turned off" for a while:

  • Facebook
  • Twitter (which I never really use anyway)
  • YouTube
  • RSS

I suppose we'll see in a week how things turn out.

Continue reading...

A Call to Discernment

Posted on: 2012-07-08 22:41:50

This past weekend, I went to the "Call to Discernment":http://www.justinpeters.org/overview.htm over in Tulsa, OK. It was by God's grace and providence that I went. I knew that the point was going to be learning about the "Word of Faith movement":http://www.gotquestions.org/Word-Faith.html... however I got far more than I bargained for. Lots more.

The one thing that I can say to summarize everything that was taught was this: Hold God and his word above all else. If you can do that, your life and witness will exhibit it and everything else will seem dull in comparison.

If you want to be able to discern what is right and what is good, then you know mud know what is right and good. What is right and good? God alone (Luke 18:19). So if you want to know what is right and good, know the Lord. How do you know the Lord? Through his word. Mark 12:14.

At any rate, one of the other things that was presented there was about an answer to the question of "How do I know what to do with me life?" Often times, I've asked myself how do I know what God wants me to do about x? I had no idea. I know there are times when the Lord puts burdens on peoples hearts. But what about those big decisions? This was the advice I heard (paraphrased):

Devote yourself to him (Matthew 6:33). Know him by his word. Pray to him (Philipians 4:6,7). Compare yourself to the scriptures to see if you are abiding. And then... act.

It almost seems too simple. But I am definitely going to test this.

Continue reading...

rm -rf *;

Posted on: 2012-05-28 23:58:55

Every 12-18 months, I go on this amazing purge-fest where nothing on my hard drive is sacred anymore. it is a time where cruft gets removed, old ideas get scrapped, disappear, or resurface. Old mail, files, tasks, music, photos, videos, applications, games, and even backups get deleted. It's not because this computer gets low on hard-drive space. Nor is it because my computer is slow or just because I like being organized and I'd rather delete stuff than get organized. On the contrary, over the past 15 years of keeping stuff I've gotten pretty decent at organizing stuff. Spotlight makes this even less important that it was.

No, the reason for this endeavor is because like a frog, I don't realize how much stuff I've forgotten, put away, or added to my todo list. Over the past 18 months I've accumulated great ideas, side-projects, and all kinds of things that I've wanted to do. All of my systems have made it really easy for me to capture ideas, organize them, file them, remind me about them, and subsequently reschedule, redirect, and shelve those projects. So in many ways, this cleanse is about removing the reminders of those things. All of that stuff serves simply as a reminder about how much time I don't have.

And it drives me absolutely bonkers.

I'm not sure if it's a gift or a curse: I'm constantly looking at ways to become better at what I do and to make everything better for myself and those around me. But I've a problem with what other people might consider "consideration blindness" -- it's so hard to figure out what is effective for the long term. In fact, it's probably more complicated than that. Often times I spend my time learning gaining new skills and making tasks easier. My ~/.profile is evidence of how many useful little snippets I've written or accumulated over the past few years.

But when I get to a point... that point... at which the ideas stop flowing. It gets filed, todo'd, and then like so many things it goes off into a holding pattern for what seems like eternity. Sometimes, these things get dusted off and work continues. Sometimes they don't. Most of them don't.

So this time around it is much different. No more filing. No more evaluation. I'm sure there are backups of some of this stuff... somewhere. Maybe not. In a few weeks my Time Machine Backups will be useless for most of this stuff. I'm sure there was probably some collateral damage. A module or something that I "needed" that is now in an unallocated block on that spinning piece of magnetically sensitive material.

There use to be a time when I panicked about data loss. Now, I feel free when it disappears. Sure, stuff like photos and keychains are backed up (several times over). But I now have a clean slate.

In the same way that a frog doesn't realize it's in boiling water I become surrounded so much stuff. It slows me down. In many way it makes me feel like I never get anything done. In reality though, there is a much different reality going on. It's the 15% of what I don't get done that has such a heavy negative impact on the 85% of stuff I do get done. So the new rules are this:

  • If it's not important enough to create a git repo on, then I should be able to delete it when I'm done.
  • No more unscheduled tasks in my Todo list. I either need to get them done or I don't.
Continue reading...

They Can Put a Man on the Moon But We Can't Get Pictures to Display in the Proper Orientation?

Posted on: 2012-04-16 21:54:37

... no seriously, though. Why can't we have pictures be the proper orientation on Facebook?

!/sites/nickvahalik.com/files/Facebook_2.jpg!

See also:

<iframe width=\"420\" height=\"315\" src=\"http://www.youtube.com/embed/vquDkTw-G-4\" frameborder=\"0\" allowfullscreen></iframe> Continue reading...

Thoughts on eBooks

Posted on: 2012-04-14 10:36:14

In my previous post, I mentioned that my wife had gotten me a Kindle Fire for Christmas and that I read nearly every day on it. It is no surprise to me that this morning, while going through my News Reader, I happened upon this article over at Coding Horror. He discusses the pros and cons of both printed and eBooks and summarizes his thoughts thusly:

“Because I love words, I want to love eBooks. I want to buy lots and lots of eBooks. But unless the publishers are willing to treat eBooks with the same respect and care that they give to their printed books – and most importantly of all, adjust their pricing to reflect the brave new economy of bits, and not an antiquated economy of atoms – they’re destined to eventually suffer the same fate as the Encyclopedia Britannica.”

I, too, have noticed that the quality of the eBooks i’ve purchased are less median. To a large degree, my expectation while reading was that I’d be getting a high-quality item. Admittedly, most of the books i’ve read so far are not oriented towards large graphical items. Some might have a few tables or small images, but for the most part they are complementary and not required of the items being read for understanding.

That said, you can absolutely tell when a publisher has cared about their eBook. For instance, take this book: Understanding the Book of Mormon: A Quick Christian Guide to the Mormon Holy Book. The tables, images, and chapter headings rendered perfectly. The images showed up, the footnotes worked, and the book itself was formatted properly overall. Compared to, say, The Book of Revelation Made Easy. Even the comments on this book reflect the poor quality of the book on the Kindle. While the book was ultimately readable, quotes did not render properly and the tables sometimes did not render properly across pages.

The free books are far worse. The chapter headings do not work. Footnotes (if any) usually never function. Images are missing. The table of contents does not link accurately. It is as if someone took the text of the book, used notepad to edit it, and then exported it to an eBook without any testing. Granted, they are free, but when free mean low quality? And that low quality without the paid books having impeccable quality.

I do enjoy and will continue to purchase eBooks. However, feedback to publishers about the lack of quality in those electronically published copies needs to be strong and flowing if we are ever going to see the quality of those eBooks go up.

Continue reading...

Where Does the Time Go?

Posted on: 2012-04-13 20:51:06

I can't tell you how many times I've come over to the site and thought about posting something. There have been many days where I've wanted to sit down and just mull over thoughts -- just to process things. For whatever reason, I've never actually just sit down and wrote a post.

Time seems to be absolutely flying by. Between work, family time, burning the midnight oil for the odd side-job, the occasional game of Starcraft 2 or time spent reading, and my semi-weekly running sessions, I seem to be in a constant state of movement.

Over at "Classy Llama Studios":http://classyllama.com, things are moving right along. My official job title is "Solutions Architect" but I've focusing primarily on technical sales. It has been a challenge on several levels. The first is that it doesn't really give one an opportunity to code much. I find various ways of sneaking it in, though. Another is that there are many, many facets to selling eCommerce sites. It's hard to cover everything in a short period of time. Probably the best part is I get to work with a guy named Kyle. We work pretty well together and we communicate pretty darn well, too.

There is some actual Solutions Architecting going on now though. It has unleashed a new slurry of challenges but it feels much more towards my "center of gravity" if you will. My hope is that I'll get to do more actual work in that realm in addition to the sales stuff that I've already been doing. Oh, and I got "Magento Certified":http://www.magentocommerce.com/certification/directory/dev/69176/!

Asher is now some 20-months old. He is a real busy-body. He gets into everything. Rarely will you find him sitting in one place for more than 20 seconds. A few words have entered his vocabulary. The first one we noticed was "thank you." We've heard a few other words "two", "yes", "no", "momma", "daddy", "Asher", "sissy", and "up." I'm curious to know why he seems to say "two" so often but not "one" or "three" which often precede and follow it. Who knows.

I still do the occasional work for some old clients. Mainly Drupal stuff. I can't say how nice it is to do Drupal stuff after plodding along with Magento for several months. I like Magento, don't get me wrong! It just so happens that Drupal is much more frictionless and easier to develop with. I cherish my Drupal time. It appears in the near future there are going to be some times over at Classy Llama where Drupal will get to shine. Our new site is going to be Drupal. We're even doing some Magento/Drupal integration stuff. It's pretty snazzy.

A cadre of folks at the office have taken to StarCraft 2. Since I've owned a copy, I've been playing with them. Man, I'm bad. I was pretty good at the original StarCraft. My old build orders and tactics just don't work for SC2. Oh well.

My wife bought me a "Kindle Fire":http://www.amazon.com/gp/product/B0051VVOB2/ref=as_li_ss_tl?ie=UTF8&tag=nickvaha-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=B0051VVOB2 for Christmas. Since then, I've downloaded many of the freely available books as well as purchased several with a gift card that one of my family members gave me. It has been very nice. It actually gets used. I'm not sure how many books I've read. Probably somewhere around 9 or 10 so far this year. I love how you can send the Kindle PDFs and this "Send to Kindle bookmarklet":http://www.klip.me/sendtokindle/ gets used probably once a week. It makes it easy to send longer blog articles to my Kindle for later reading. Stuff actually gets read this way!

Running has been something I've always enjoyed. I used to listen to quite a bit of music while I ran. Although I enjoy music, it gets hard to continuously find a steady stream of new music to listen to. This is especially true as the workouts get longer and longer. I've run 3 miles the last 3 workouts. Instead of listening to music, though, I've been listening to podcasts. Man, these are great. Not only are they edifying, but they have really helped me to expand my knowledge of the scriptures, of different religions, and different sets of beliefs within Christianity.

If you want to be challenged, I would suggest you check out any of these podcasts:

  • "The Dividing Line":http://aomin.org/podcast.xml ("Blog":http://www.aomin.org/) - The one that started it all. I've been listening to this podcast now for a few months. Extremely edifying and I'm always learning something. Dr. White has been in many, many debates and I think what got me going on this was his King James Only Controversy book. It has much to say about the veracity of the Bible and cults and sects that are KJV-only.
  • "Theopologetics":http://phobos.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=385885143 ("iTunes":http://phobos.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=385885143) ("Blog":http://www.theopologetics.com/) - I'm not entirely sure how I found Chris's podcast, but I am sure glad I did. It may have been the early Annihilationism debate that got me started on his podcast. Again, a great podcast that covers a wide range of topics. Very edifying.
  • "The Preterist Podcast":http://phobos.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=274537691 ("Blog":http://www.preteristpodcast.com/) - Dee Dee Warren hosts this interesting podcast about preterism. I was new to preterism when I first started listening to the podcast. I can't exactly say how much I've enjoyed not just her wit and sarcasm, but also the overall content and the amount of work she has put into documenting and citing her work. Highly recommended.

I do plan on updating more. We'll see how that goes.

Continue reading...

About Gatekeeper

Posted on: 2012-02-21 22:44:36

Great article about application security on the upcoming Mountain Lion:

About Gatekeeper: \"

Today’s Mountain Lion announcement introduces an important new security feature, called Gatekeeper, in addition to the “sandboxing” feature that premiered in Lion. I’d like to talk a little bit about it, and why it’s important to all Mac users.

Malware is out of control. Almost every day I read a new article about a major security breach in a well-known organization. There is big money to be made from stolen credit card numbers and identities. End-user applications on individual computers are a prime attack vector because, even with the best tools and the best programmers, vulnerabilities sneak their way in. Trying to make applications free of vulnerabilities (while still an important goal) is to lose the overall cat-and-mouse race.

As Mac users, we’ve mostly enjoyed a life free of the worry that has followed Windows users for years. Mac OS X is pretty damn secure. But it could be more secure. As Macs enjoy increased popularity, they become a more attractive target to identity thieves and other criminals. Sooner or later, bad people ruin every nice thing. It’s an immutable law of humanity.

So, what to do about this? Code-signing, although it can’t single-handedly fix the problem forever, is a vital weapon in the fight against malware. But many folks are unclear on how it works, or how it helps. Let me try to explain in as close to plain English as I can.

An explanation of code-signing for humans

What is code-signing? Let’s start with a slightly higher-level question: what is signing? Signing is based on technology similar to encryption, so let’s discuss them both broadly.

One of the most prevalent and secure methods of encrypting or signing data is to use what’s called a “key-pair”. As the word “pair” suggests, this means there are two keys which can “unlock” the encrypted data in certain ways.

A “key” is literally just a number. But it’s a very big number, and this is important. If I asked you to guess a number between 1 and 100, you’d have a 1% chance of guessing it on your first try, and you’d be guaranteed to guess it correctly if I gave you 100 tries. But what if I asked you to guess a number between 1 and 3 trillion? That’s a bit more of a challenge.

You’ve probably heard at least in passing about encryption keys and that they have different sizes or lengths (such as 40-bit, 128-bit, or 256-bit). Just like in my number guessing example above, longer keys are harder to guess. Each additional bit that is added to a key makes it exponentially harder to guess or figure out by brute-force attempting to decrypt the data with every possible numerical key. (Is 1 the key? No. Is 2 the key? No. Is 3 the key? Is 3,426,989,662 the key? No.)

We want encryption keys to be very long so that brute-force guessing attempts would take literally thousands of years. They become an unreasonable attack vector given the current average human lifespan.

So, why two keys? In key-pair encryption, one key is called the “private key” and the other is called the “public key”.

The keeper of the private key is able to “sign” data; a process which both identifies its origin and provides reasonable proof that it has not been altered. Private keys must be guarded very carefully, so that signatures cannot be forged.

The public key, as its name suggests, may be distributed freely. In encryption, the public key can be used to encrypt data which can only be read by the owner of the corresponding private key. In other words, with my public key, you could send me a secret message that only I could read.

In signing, the public key can be used for another purpose: to verify (with an extremely high degree of mathematical probability) that a “signed” piece of data came from me. Or, to be more specific, could only have come from someone with access to my private key. Which, hopefully, is just me.

In a nutshell, that’s what signing is. Even without actually encrypting it, I can take a chunk of data, run it through a very complex mathematical process to “sign” it with my unique private key, thus generating a second chunk of data called a “signature” that could (statistically speaking) only have come from that specific combination of data chunk and my private key.

Anyone with that signature and my public key can then be almost 100% sure that data came from me, and that it was not modified by any third-party along the way. The data could’t have any virus or vulnerability injected into it, because then the signature would no longer match the data.

So, signing allows us to, with very high confidence, ensure that we are who we say we are, and that the data we produce really came from us. Code-signing, then, is simply applying that signing process to executable code like a Mac app. If I try to start up an app, the operating system can validate that the app’s signature is valid, and perhaps also that it is the signature of a known, trusted developer. If it doesn’t pass muster, the OS can refuse to run the application.

Which brings me to Gatekeeper.

The role of Gatekeeper

The iOS devices (iPhone and iPad) effectively have had a Gatekeeper built into them since their very first release. When we write an iOS app, we sign it, then send it to Apple to review. Apple can validate the signature to ensure that it hasn’t been tampered with — that it really came from us — and then it goes into the app review process.

If the app passes review, it is then signed again by Apple, and posted to the App Store. Since Apple is the only entity able to sign App Store applications, iOS will simply refuse to run any app that doesn’t have Apple’s signature — it obviously didn’t come from the App Store. (If you “jailbreak” an iOS device, this is the security check you are bypassing. You are lobotomizing iOS so that it will merrily run “unsigned” code from any source. As you can hopefully tell by now, this has both benefits in terms of flexibility and very significant risks in terms of security.)

But how to bring this level of security to Mac OS, which has always allowed unsigned code from any source to run more-or-less without restriction?

The simplest thing Apple could have done would have been to make the Mac App Store the sole source for Mac apps, in the same way the App Store is the sole source for iOS apps, shutting off every other app distribution venue in the process. While this would have immediately solved the problem, you would have seen developers’ heads bursting into flame and flying across the room in rage. Why?

Although security is a vital feature for Apple, developers, and users alike, being unable to run unsigned code cuts a lot of really great things off at the knees. You wouldn’t, for example, be able to just download and run an open source project unless it had been submitted to and reviewed by the App Store. Highly disruptive software (think Napster or BitTorrent) may have not been able to exist on the Mac platform since it would have been likely to run afoul of Apple’s App Store guidelines. Major vendors such as Adobe and Microsoft might have withdrawn their support for the platform, being unwilling to cede 30% of their revenue to App Store distribution.

So, for a while, there was a great deal of consternation among Mac developers, including this author, that this might be the route Apple would take. In recent years, Apple has shown a trend of following the most hardline possible stance that will benefit users and Apple, often at the expense of developer freedom, and gradually backing in certain affordances (push notifications, for example) as user-impacting problems became evident. So it seemed feasible that we’d wake up one day and Apple would decree that all Mac apps must be sold through the App Store.

But instead, Apple went to considerable effort and expense to find a middle ground.

Controlling Gatekeeper in Mountain Lion

In Mountain Lion, you, the user, have three options:

1. You can let anything run on your system, whether or not it is signed. This is the Mac OS of today. It’s like having a jailbroken iPhone.

2. You can allow only Mac App Store apps to run on your system. This is the most secure option, but you lose the ability to run non-App Store software, which currently includes such products as Microsoft Office and Adobe CS.

3. You can allow only Mac App Store apps or apps signed by a developer. This is the new default.

It’s this third option that is critical. As a developer, I can register for a unique ID which allows me to sign my app but does not require it be sold through the App Store. Users get the benefit of knowing the app came from a trusted source. But I retain the ability to sell my app directly to end users.

If my app were to do something nefarious, my developer ID would get revoked and that would be the end of that. My app would no longer be allowed to run (unless you specifically allowed unsigned apps). As a matter of fact, if you try to launch an unsigned or unvalidatable app on a Mac with Gatekeeper enabled, the default button is “Move To Trash”. Pretty hardcore. Kind of awesome.

It is really quite a nice compromise.

I have a personal flaw in the form of a small conspiracy theorist who lives in my head. He worried that this may have been created as just a temporary stepping stone — like Rosetta for the Intel transition, or Carbon for the OS 9 to OS X transition — and that one day, the Mac App Store-only option might still be enforced.

But I can’t find it in me to disparage this goodwill effort that Apple has undertaken to not turn every third-party developer upside-down with regard to app distribution. To me it’s a great sign that they’re aware and at some level sympathetic to our concerns, while remaining committed to a high-security experience for users.

Further cementing this feeling is the fact that we were invited to a private briefing at Apple about Gatekeeper a week before today’s announcement. Cabel was told point-blank that Apple has great respect for the third-party app community, and wants to see it continue to grow — they do not want to poison the well. I think their actions here speak even louder than their words, though.

One worrisome rift

There remains one thing that is of concern to me. Despite these great strides forward, Apple is walking a dangerous line with regard to features that are only available to App Store distributed apps. The two most prominent examples are iCloud and Notification Center. Cabel asked Apple if, thanks to Gatekeeper and Developer ID, App Store-only features would be eventually be available to signed apps that were not distributed through the App Store. There was some shuffling of feet and a “we have nothing to announce at this time”. It didn’t sound particularly optimistic.

It would be a shame if this trend continues, as it creates an artificial gulf between App Store and non-App Store apps. For example, as things stand today, we won’t be able to offer iCloud syncing in, say, Coda 2, when you purchase it directly from us. Only App Store purchasers would get that feature. Making matters worse is Apple offers us no real facility to “cross-grade” you from a direct purchase to an App Store purchase, should you change your mind.

There’s no real engineering reason that I can think of for this. It seems marketing or money-driven, and I think it’s un-Apple-like to chase the money at the expense of user experience in that manner. We hope they change their minds about that particular facet.

Moving forward

Other than that though, we think Gatekeeper is a bold new feature that should do wonders for the security of your Mac for years to come. Even though their rapid pace of development is at times difficult for us to keep up with, we are excited that Apple continues to aggressively push the envelope when it comes to keeping Mac OS X safe and secure.

\"

(Via Panic Blog.)

Continue reading...

Automator Workflow To Copy Downloaded Music To iTunes and Then Trash It

Posted on: 2012-02-09 07:27:45

I enjoy being lazy and enjoy listening to podcasts. This allows me to be really lazy!

Download the workflow

Instructions:

  1. Unzip the file.
  2. Copy the contents to \~/Library/Workflows/Applications/Folder Actions
  3. Option-click on the Downloads folder and choose Services -\> Folder Actions Setup…
  4. Select the workflow and make sure it is checked:
Continue reading...

Alfred Scripture Lookup for Bible Translations

Posted on: 2011-11-27 21:40:41

Lately I've had a big appreciation in the number of different translations and often find myself wanting to look up a verse very quickly. Here are a handful of easy to use scripture reference custom searches for use with "Alfred":http://alfredapp.com/.

<a href="alfredapp://customsearch/NIV%20Scripture%20Reference/niv/ascii/url=http://www.biblegateway.com/quicksearch/?quicksearch={query}&qs_version=NIV">NIV <a href="alfredapp://customsearch/The%20Message%20Scripture%20Reference/msg/ascii/url=http://www.biblegateway.com/quicksearch/?quicksearch={query}&qs_version=MSG">The Message <a href="alfredapp://customsearch/NKJV%20Scripture%20Reference/nkjv/utf8/url=http://www.biblegateway.com/quicksearch/?quicksearch={query}&qs_version=NKJV">New King James <a href="alfredapp://customsearch/KJV%20Scripture%20Reference/kjv/ascii/url=http://www.biblegateway.com/quicksearch/?quicksearch={query}&qs_version=KJV">King James <a href="alfredapp://customsearch/ESV%20Bible%20Reference/esv/utf8/url=http://www.esvbible.org/{query}">ESV <a href="alfredapp://customsearch/NASB%20Scripture%20Reference/nasb/utf8/url=http://www.biblegateway.com/quicksearch/?quicksearch={query}&qs_version=NASB">NASB

All but the ESV use "BibleGateway.com":http://biblegateway.com as the search site. Also, if you are as detail-oriented as I am, you may want these handy logos to use as well:

Continue reading...