I have been writing various random documents lately and have turned, again, to reStructured Text. ReST has a number of advantages. First and foremost, it is a plain text format that yields really nicely formatted documents and is easy to learn/use. The various writers provided with docutils can emit anything from plain text to HTML (with or without CSS) to PDF/PostScript/LaTeX.

When I interviewed with Apple last year, I revised my resumŽ (for the first time in nearly 10 years) and used reStructuredText. Through the magic of Makefiles, my resumŽ could then be compiled into any of a number of formats, including PDF with a bunch of live hyperlinks.

Though Emacs does well for editing ReST, it lacks a lot of the niceities of a Cocoa app. In particular, I really wanted decent spell-check-as-I-type and not having to deal with wrapped lines (emacs does not deal nearly as well as Cocoa with paragraphs of text). As well, I really wanted to easily see a preview of the rendered ReST source.

Dinu Gherman had solved the hard part of this problem a long time ago with ReSTedit. It was designed to be a ReST explorer and not to be a full blown editor.

Given that Dinu had solved the hard part of integrating ReST rendering into a Cocoa app via PyObjC, I just refactored the NIB file a bit into a vertical “preview on left, Safari WebView on right” form and moved the code around a bit.

It is a bit rough around the edges, but quite useful. I’m using it daily, at this point. The combination of ReST, Python, PyObjC, Cocoa and Xcode is such that tossing in a new feature or refining the UI a bit to support my immediate needs is perfectly reasonable.

Dinu — master PyObjC example maker extraordinaire — was kind enough to give me permission to toss the modified version of ReSTedit into a Subversion repository at red-bean.

Given that it is a Subversion repository, HTTP access is available. If you have the Subversion client installed the same URL (http://svn.red-bean.com/restedit/) can be used to check out the repository.

Of course, Subversion is built on WebDAV (when using HTTP as the transport protocol) and, as such, you can mount the same URL in the Finder. Checking out the latest version of the source is just a drag-n-drop copy away!

If you are feeling adventuresome and actually want to compile/run the app, you’ll need to install PyObjC from the latest CVS version (replace modulename with pyobjc) as there have been a number of fixes in CVS that have not been cut into a release yet.

You will also need to install DocUtils. Rendering to PDF will require a bunch of other random bits, all of which can be had from Fink. Or you can just click the Open in Browser toolbar button and print to PDF from Safari…

Thanks to Dinu for building ReSTedit in the first place. He has commit rights on the repository and I’m hoping he will contribute again. And, of course, none of this would be possible without such an incredibly kick ass development environment. Between Cocoa, PyObjC, etc… recreational hacking can be incredibly productive!

If you feel like contributing, there are tons of obvious tasks and a ToDo List, too.

Update: The buildapp.py standalone build script was out of date. Fixed. Now the app can be built and packaged via the command line. I do all my work from within Xcode for a number of reasons, debugging with GDB and faster launch time of the app (difference being an embedded interpreter vs. execve() style startup) being the two major ones. We need to modify buildapp.py to provide a different bootstrap binary. Of course, I haven’t been paying attention. This may already have been done.

For Valentine’s day, my wife gave me a Weed Wacker and I cooked a dinner around the pictured crabs (6 crabs, about 1.5 lbs each — leftovers destined for crab cakes).

Outside of my son projectile barfing in the car (anyone see Oliver Beene this evening? yeah, like that), it was perfect!

Update: How to cook dungeness crab (or just about any other shelled bug like thing from riverr, pond, or ocean — cooking times will vary).

1. Obtain some live crabs; 1.5 to 2.0 lbs each, fresher the better. Once caught, crabs stop eating. After 5 to 7 days in a live tank, they start to digest themselves due to starvation and this negatively impacts the quality and flavor of the meat.

2. Fill a pot with water and add a bunch of salt. 1/2 cup per large pot of water. Bring it to a hard boil.

3. Drop the crab in head first. The crab might fight back. Use tongs and make sure and get the crab under water as quickly as possible. That will kill the crab as quickly as possible.

4. Let the water return to a hard boil after dropping in the crab(s). Turn down the heat such that the water is boiling vigourously, but not overflowing the pot.

5. Boil for 15 to 18 minutes.

6. Remove crab from pot, run under cold water.

7. Remove top shell of crab, scoop out guts and gills. Spray with water and clean out that crab!

8. Split the crab in half.

9. Serve. Preferably with little pots of melted butter and some good wine. Sour dough bread goes well with crab.

If you want a bit more flavor than just boild crab, try adding a healthy does of black pepper, coriander, ginger powder, dried hot peppers, thyme, and bay leaves to the salted water prior to bringing it to a boil. Let the spiced water boil for a bit before dropping in the crabs to maximize the flavor extraction.

Steaming does wonders, too.

PyObjC is rapidly approaching a 1.1 release. I would highly recommend using the version from CVS at this point. It has many, many, many improvements over 1.0 and, as is typical, the module is extremely stable even in an “alpha” state.

Changes include Xcode file templates, struct support for types like NSPoint/NSRect/NSSize, bridging of SecurityInterface, improved threading support, better Key/Value Coding & Observing support, OpenGL example, ScreenSaver example, and a fully threaded WebServices example that leverages Cocoa Bindings.

See the NEWS file for full details. The list is damned impressive.

Ronald Oussoren has done an absolutely stellar job on PyObjC. Many, many thanks… someday, I hope to meet Ronald and buy him a beer or two (if that is his thing). PyObjC would not kick nearly so much ass without his contributions.

ThinkGeek has some geek undies for valentines day that have HTTP server response codes printed on them. (Thanks, Fred!)

They include 200 OK and 403 Forbidden in a nice little heart shaped box.

I dunno about 200 OK. When I was still in that mode of thinking (single and desperate), I would much rather have found 100 Continue. Alas, 401 Unauthorized was much more likely.

307 Temporary Redirect could be useful for times when the system is down. Or, maybe, 305 Use Proxy.

Open relationships could probably use 303 See Other. I tried an open relationship once, it degraded into 301 Moved Permanently.

201 Created. Could be good, could be bad. Good for us, now I have a 3 year old son who totally digs legos.

402 Payment Required is illegal in most places.

If there is a 409 Conflict, it can often lead to 410 Gone.

Every man’s fear is 411 Length Required or 417 Expectation Failed. Many of the emails I receive promise that in a few short months, I can receive 413 Request Entity Too Large instead.

Sometimes, all the signs say go but 503 Service Unavailable. Of course, many people fail to recognize and act upon the signs and then 408 Request Timeout.

Most importantly, 405 Method Not Allowed really does mean 406 Not Acceptable!

Seems that a lot of folks are all excited about port knocking. To summarize: a client that wants to talk to a server behind a firewall would first “knock” on the firewall by directing packets to closed ports on the firewall in a particular sequence. Only after hitting the appropriate ports in the correct sequence within a certain amount of time will the firewall allow the client to pass traffic through to a particular service behind the firewall.

This from the crowd of folks who are the first to cry foul when a company claims security through obscurity as a feature? I keep looking for the punch line.

This is just an obscurity hack. A clever obscurity hack, certainly.

To be fair, the site addresses the security through obscurity criticism. The claim is that because “knocking” on closed ports doesn’t cause a stateful exchange, there is no way for the “hacking client” know that port knocking is being used.

But what about a good network sniffer? It would be trivial to modify any random sniffer [for which source is available] to look for the pattern of ports used to “knock” on the firewall.

There are, of course, all kinds of fun things that could be layered on top of “port knocking” to make it harder to crack, but it is still largely an exercise in obscuring the means of access.

The authors of that site also mention that Port knocking can generalize beyond protection of ports to transfer of data across closed ports.

Everytime I have been directly or indirectly involved in cleaning up after a succesful hack, the means of access always boiled down to one of two causes:

1. failure to patch the system such that known vulnerabilities were exploited

2. security breach as the result of social engineering or packet sniffing that revealed a password, often to a non-critical service (see #1).

The site suggest that the knock should be encrypted to make it more difficult to deconstruct. Sure, that’ll prevent someone who stole the file containing the knock from reading it, but it does zero for protecting the knock when it is “on the wire” between client/server. At that point, it is just TCP/IP traffic and is quite easily “sniffable”.

Then there is the issue of compatibility. Given that the silly thing sends a series of relatively random packets on a relatively random sequence of ports with zero client side acknowledgement that anything happened, good or bad, one decently configured firewall or proxy server in between client and server will render it useless.

And what happens in the face of various random port scanning or other sources of relatively random traffic? Since there is no acknowledgement provided to the client that any given part of the “knock” has been received, it makes the entire system extremely fragile. It would be trivial to shut down a servers “knockable firewall” through a white noise style packet generator that pings random ports.

What if the weapons of mass destruction Bush is so desperately searching for really were in Iraq at one point because the US sold or gave the weapons to Iraq a couple of decades ago? I’m sure it has been discussed ad nauseum while I wasn’t paying attention.

The US certainly has a long history of covertly supporting various random nefarious factions with a an enemy of my enemy is my friend attitude.

Wouldn’t surprise me a bit.

Nor will it surprise me when the WMD or Osama magically resurface in the weeks prior to the election.

Wardrobe malfunction, my ass.

So, if you look beyond the events surrounding CBS, MTV, and Janet Jackson’s Right Nipple (nice metal work!)….

Did anyone else notice the cool “bullet time” effect that was employed throughout the game and the very close to real-time production pipeline that had to have been behind it?

Neat stuff. When the really long pass in the second half was completed for a touchdown, we pretty much assumed that said effect would be used twice in the playback. And, guess what, it was…

I would bet that next year’s superbowl will have “realtime-bullettime” effects. In the interim, I am confident that we can all “enjoy” said effect across an ever increasing range of shows and employed with an ever decreasing amount of budget or effectiveness.

Update: Shows how much I watch football. Apparently the “bullet time” stuff has been around for a while. In other news, good to see that NBC is upholding this country’s fine morality standards by putting up a censored slide show the uninvited guest at the half time show. Kind of like throwing a rock in the river to try and stem the flood after the dam already broke.

Speaking of standards….

So the FCC has launched an investigation into the whole halftime show. Apparently, the whole thing was just a collection of nasty sexual depravity that no one would have noticed without that catalyst that is an exposed boob. Throughout this, the FCC, CBS, etc.. have been acting all surprised that something so distasteful could happen in an otherwise totally family friendly show.

Huh?

Clearly, everyone at the FCC must have PVRs with which they skipped the commercials. Farting horses? Advertisements for shows about sexual predators preying upon children? Mike Ditka throwing footballs through tires while talking about drugs to allow the impotent to screw like crazed weasels? Oh, no, wait, that was a different drug that promised 36 hours of effectiveness but where it was mentioned that one of the side effects could possibly be a four hour erection requiring immediate medical treatment? I would love to have heard the explanation that some parents gave their kids after being questioned about that one.

But where are all folks protesting said “party drugs”? Or does the “moral majority” honestly believe that drugs that combat impotence are solely aimed at folks that either can’t reproduce because of natural causes (is sex after menopause a sin because there is no chance of reproduction?) or aimed at people trying to spawn?

God forbid they actually discover the channel change button. During any given bit of primetime “family safe” television programming on basic cable there is a plethora of wonderful material like glorified brutal killings, marketing of overconsumption and greed directed at kids, implied sex acts that leave little to the imagination, overmarketed/overhyped lies being portrayed as “news”, sporting events that might as well be a study in the benefits of performance enhancing drugs while also rewarding the poorest sportsman like behavior around.

All of that and one little boob w/a bit of metal on it causes all this commotion yet there is zero reaction all the filth, crap, violence, degradation, lies, and nastiness?

Pathetic.

Bush and the FCC are pushing to allow for much larger fines when accidental boobage and other such nefarious events happen. The fine is currently set at $27,500 per incident. In the case of CBS, they could face a fine of $27,500 per affiliate — I believe there are around 200 affilliates. $5,500,000 may sound like a hefty chunk of change. It isn’t. It is peanuts. Consider that Viacom’s stock opened up over a point on Monday. In other news, Janet Jackson’s new single hit the wire on Monday morning at 7am. The claim was that it was released ahead of schedule due to “unauthorized copies circulating on the Internet”. What a crock of crap.

As much as I might believe that the “moral barometer” applied to determine what is and is not acceptable on public media is completely broken, I am all for the FCC having the power to fine an entity such as CBS/Viacom/MTV to a degree that it prevents such gross and disturbingly effective ploys to market product by violating the rules with the express purpose of causing a big stink.