MacBook, defective by design banner

Put the knife down and take a green herb, dude.


One feller's views on the state of everyday computer science & its application (and now, OTHER STUFF) who isn't rich enough to shell out for

Using 89% of the same design the blog had in 2001.

Back-up your data and, when you bike, always wear white.

MarkUpDown is the best Markdown editor for professionals on Windows 10.

It includes two-pane live preview, in-app uploads to imgur for image hosting, and MultiMarkdown table support.

Features you won't find anywhere else include...

You've wasted more than $15 of your time looking for a great Markdown editor.

Stop looking. MarkUpDown is the app you're looking for.

Learn more or head over to the 'Store now!

Friday, January 12, 2018


The director took multiple precautions to keep the screenplay out of eager fans of the movie series, advising of the use of a MacBook Air in the Wall Street Journal's My Tech Essentials column. According to [Rian] Johnson [writer and director of Star Wars: the Last Jedi], the MacBook Air was the only device used for the initial production of the script, with considerable efforts made to keep it a secret.

For security it was 'air-gapped,' never connected to the Internet, said Johnson. In security circles, air-gapping a device prevents any software updates or other unwanted items from being installed onto the computer, effectively blocking any data from leaving the device, as well as stopping the installation of any software or malware that could force open a connection and allowing any data to leak out to third parties.

It's really that easy, folks. Hey, Equifax, Office of Personnel Management, and, um, any freaking hospital --

You know how you keep private information private? You take it off of the internet.

Firewalls don't count. OFF of the internet. If you have sensitive, proprietary data, "air gap" that portion of your company's network.

If you have to shoeleather data you don't mind getting out from one network to another, you essentially completely eliminate the possibility of a non-geographically confined attack against the data you want to keep safe. That is to say, people in Russia can't steal your data unless your network extends to Russia. Pro tip: The internet extends to Russia.

There's this bad joke in the preamble to the Dead Milkmen's song, Bitchin' Camaro (lyrics here, but they're not safe for polite consumption) that goes something like this...

  • Oh, how you gettin' down to the shore?
  • Funny you should ask; I've got a car now.
  • Ah wow, how'd ya get a car?
  • Oh, my folks drove it up here from the Bahamas.
  • You're kidding!
  • I must be, the Bahamas are islands.

YOU CAN'T STEAL A CAR FROM THE BAHAMAS AND DRIVE IT TO THE US. Get my drift? You want a car to be reasonably safe from US car thieves, put it in the Bahamas. Geography still matters. You want to keep your data safe from data thieves? Don't put it on a network that extends to their apartment.

More to the point, why is my personal credit data on the same network as Playboy? Doesn't that strike anyone else as a little odd?

It drives me absolutely mad how much we pay every year in breaches for the convenience of not having to separate networks. I can wait 48 hours to know if I qualify for a car loan, okay? Or, crazy thought, how about have the dealership call in the request?

Now all that said, please heavens tell me this dude knew to make periodic backups onto at least two jump drives. Or to at least print it out every so often.


Labels: , , ,

posted by ruffin at 1/12/2018 02:22:00 PM
Saturday, January 06, 2018

This is a test. Does the preview do live updating? Yes, yes it does.

Labels: ,

posted by ruffin at 1/06/2018 05:48:00 PM

Yes, the title is an experiment in clickbaiting. Not that I expect clicks.

From Panic by way of SixColors:

  • We are suspending the sale of Transmit iOS very soon
  • Revenue was not enough to cover development — we won’t sell something we can’t actively develop
  • This does not affect Transmit 5 for Mac. It’s doing extremely well
  • This also does not affect Coda iOS and Prompt iOS, both of which are still going strong
  • We really hope to bring it back someday in some form


Transmit iOS made about $35k in revenue in the last year, representing a minuscule fraction of our overall 2017 app revenue. That’s not enough to cover even a half-time developer working on the app.


Interesting for many reasons.

  1. This is one of the biggest macOS specialist shops. They get "free press". And they can't sustainably sell an FTP app on iOS.
  2. You won't sell what you don't develop? Code doesn't rust, man. It gets better. (Though see the Simogo counterpoint.)
  3. Wait, doesn't Coda boast "Remote protocols include SFTP, WebDAV, Amazon S3, DreamObjects, and FTP (Plain, TLS, SSL) support"? Isn't Coda a text editor wrapping Transmit?
  4. Are we really that far away from iPad Pros being used as pro [web dev] hardware? (Though Coda on iOS is apparently doing well.)
  5. Are "protocol apps" dying in general? Remember Unison?
  6. What's the iOS hardware breakdown (iPhone sizes, iPad sizes, etc) for Transmit and Coda use? Is Transmit used as "FTP of last resort"? And is that too expensive at $9.99?


I'm fairly convinced that the answer to much of this, "But I can't resell this!" hand-wringing is for apps to charge microsubscriptions. Ads don't pay squat, and only seem useful as an excuse to charge $2 to remove them.

How about you instead charge $0.49 a year to use your app?

Or, here, for Transmit, say $3 a year? Whatever's cheap enough that if you need it, you'll pay it without thinking. If I'm stuck in my car and a link's broken, who isn't going to pay $3 to fix it? I'm sure not buying Coda for $25.

Self-Unfulfilling Prophecies

Later on, Sasser does say...

My optimistic take: we hope that as iOS matures, and more and more pro users begin to seriously consider the iPad as a legitimate part of their daily work routines, Transmit iOS can one day return and triumph like it does on the Mac.

I'm still thrown off by, "If we don't develop it, we don't sell it," here, I think. Why not leave the canary in the coal mine to see when things do start lighting up? Isn't there a chance having Transmit available would speed professional use?

Remember Joel's rule of thumb?

To take over a market, you have to address every barrier to entry. If you forget just one barrier which trips up 50% of your potential customers, then by definition, you can’t have more than 50% market share, and you will never displace the dominant player, and you’ll be stuck on the sad (omelet) side of chicken and egg problems.

We could argue that not having a good FTP client on iOS makes this "iOS maturation" take that much longer...

Why not experiment?

I'm also surprised by this...

Also, paid upgrades are still a matter of great debate and discomfort in the iOS universe, so the normally logical idea of a paid “Transmit 2 for iOS” would be unlikely to help.

Is that really not worth trying? Do you really think Transmit buyers map to your normal app market?

Though, at the same time, I'm not sure Transmit on macOS needs half the new features it's got. I'm still on 4, and would probably still be on 3 if it weren't for some bundle deal, if I'm remembering correctly.

That's why I'm back to microsubscriptions. Not a month. Do a year. At impulse rates. Need it once? Charge a sensible price for that plus the promise of a whole year later. You'll get close to $10 pretty quickly.

Bad Marketing?

Thanks to the power of iOS, Transmit will also extend the standard iOS Share sheet — the one you see in, say, Photos or Voice Memos, when you tap the Share button — to include a brand-new Transmit button. That means you can now share your Photos directly to your SFTP server, or share a podcast voice memo straight to Amazon S3. It's incredibly powerful.

And there's one more cool iOS thing: in compatible applications, like iWork, you can Open a document directly off your server. And when you hit Save, it will silently and perfectly upload back to your server. In other words, you can use your server as your own seamless cloud storage. Amazing.

Isn't that a more interesting application than an FTP client? Maybe they need to repackage. I mean, Coda is simply a text editor wedded to a [file-transfer app]. But that integration on iOS is exactly what makes it worth the cash.

And then there's the sad irony...

Just getting started

Labels: , , , ,

posted by ruffin at 1/06/2018 11:24:00 AM
Wednesday, December 20, 2017

From SQL Authority with Pinal Dave:

SQL Server Management Studio (SSMS) lets you configure the settings you want using a shortcut. Here is how you can do it.

Go to Options, then to Environment. Proceed to Keyboard, and from there, configure your T-SQL with the desired keyword.

A neat trick. After setting this up, you type a table name, highlight it, hit Ctrl-3 (or whatever you set up), and poof, the top 100 rows are up in Query Analyzer (or I guess it's all just SSMS these days).

Labels: ,

posted by ruffin at 12/20/2017 10:03:00 AM
Friday, December 15, 2017

It's silly, but after swapping out my Dell Precision 5520 for my Lenovo Y700 for a few days (I've been stuck on projects in bad states that'd take too long to set back up on another box), I'm finding I really appreciate the speakers in this "gaming" laptop. I'd been using an external speaker with the Dell's dock, but it's not great, and I can't force myself to spend more on something I don't "need". The Lenovo comes through "for free".

You know, this Y series IdeaPad line is a great deal. You sacrifice some admittedly very important stuff...

  • Screen isn't great, or super bright
  • Battery life is craptastic (2-3 hours)
  • Trackpad isn't great (though it's improved on the Y520, apparently).

But look at what you get for $790 on the 520 (this was as cheap, iirc, as $700 on Black Friday)

  • 7th Generation Intel® Core™ i7-7700HQ Processor (2.80GHz 6MB)
  • 15.6" FHD IPS AntiGlare (1920x1080) with integrated camera
  • 8.0GB DDR4 2400 MHz
  • 1TB 5400RPM + 128GB PCIe SSD
  • AMD Radeon RX 560 4GB

Find another package that has that processor and an SSD for under $800. It's tough.

It's not a great gaming rig -- though it's not bad for gaming -- and it's the perfect desktop replacement that's still portable, if you get my meaning. It's super fast, and if you've got it plugged in most of the time you use it, the battery doesn't matter. But you can still pack it into your 15" laptop bag without any issues.

And the speakers aren't bad either.

Labels: , ,

posted by ruffin at 12/15/2017 09:59:00 AM
Thursday, December 07, 2017

Note to self: How to "touch" a git repo so you can commit the same thing a second time.

git commit --allow-empty -m "Touching to kick off new build"

Is that a code tool smell? Yes, of course it is. In this case, I'm doing it to kick off our build process, which seems to have screwed up earlier. And sure enough, it worked.

Labels: ,

posted by ruffin at 12/07/2017 04:01:00 PM
Monday, November 20, 2017

I can't believe how bad SourceTree has become over the last year or two. It's gone from buggy as crud to downright unusable at times. While setting up a new box for development today, I tried the most recent version, and it wouldn't stop asking me for my bitbucket password, even though I had zero tabs for repos that pointed to bitbucket. I'm also not a big fan of all the UI changes. I mean, it's just ugly now. The worst of iOS 7 style flattening plus a color palette from the Limited Edition Fluorescent Crayola Box.

I give up again.

What I did the last time I got absolutely fed up with SourceTree is to go back to version 1.7, the last version that looked great and seemed stable. I've been using that on my main dev box for months without incident.

But I do need to remember how to fix the security hole SourceTree 1.7 has, namely that they thought it'd be a good idea to open special SourceTree app URLs. Brilliant.

Luckily, the fix is a pretty straightforward registry hack. Here's a quick sum:

so fwiw, the vulnerability was...

SourceTree for Mac and Windows are affected by a command injection vulnerability in URI handling. The vulnerability can be triggered through a browser or the SourceTree interface.

Versions of SourceTree for Mac starting with 1.4.0 but before 2.5.1 are affected by this vulnerability.

Versions of SourceTree for Windows starting with 0.8.4b but before are affected by this vulnerability. (edited)

but you can edit the registry entry to ignore any urls.

Windows Registry Editor Version 5.00

@="\"C:\\Program Files (x86)\\Atlassian\\SourceTree\\SourceTree.exe\""

Save those contents in a .reg file, open it, and profit.

The old value, in case you were interested, was...

"C:\Program Files (x86)\Atlassian\SourceTree\SourceTree.exe" -url "%1"

The deal here is that SourceTree will open, but it won't get fed the URL, so nothing adverse should happen. Guess you could just remove it all, or write the %1 to notepad or something similar, but since I don't really want to open SourceTree from a URL, this is fine by me.

And we're nicely back to SourceTree 1.7, its pretty obvious peak from where I'm sitting.

Labels: ,

posted by ruffin at 11/20/2017 07:22:00 PM
Thursday, November 09, 2017

From ShipIt Days | Atlassian:


24 hours to innovate. It's like 20% time. On steroids.

That's, um, nothing like 20% time.

Though, of course, 20% time was never 20% time either:

Yahoo CEO and formal Googler Marissa Mayer once bluntly denied its true existence

"It’s funny, people have been asking me since I got here, 'When is Yahoo going to have 20% time?'" she said on stage during an all-employee meeting at Yahoo. "I’ve got to tell you the dirty little secret of Google’s 20% time. It’s really 120% time."

That said, I think I'd take 10% time:

"It's not technically something that gets formal management oversight — Googlers aren't forced to work on additional projects and there are no written guidelines about it. Typically, employees who have an idea separate from their regular jobs will focus 5 or 10% of their time on it, until starts to "demonstrate impact." At that point, it will take up more of their time and more volunteers will join, until it becomes a real project." [attributed to "Google HR boss Laszlo Bock"]

Interesting final quote from Bock: "[The informal 20% time policy] operates somewhat outside the lines of formal management oversight, and always will, because the most talented and creative people can't be forced to work."

The interesting lesson is that you win when you convince your employee to produce more work. Maybe 20% time isn't such a bad idea for either side of the management fence. X hours of required work versus 1.2X of work the employee actively wants to give. Sounds like a win-win.

Labels: , , , ,

posted by ruffin at 11/09/2017 10:46:00 AM

Support freedom
All posts can be accessed here:

Just the last year o' posts:

URLs I want to remember:
* Atari 2600 programming on your Mac
* joel on software (tip pt)
* Professional links: resume, github, paltry StackOverflow * Regular Expression Introduction (copy)
* The hex editor whose name I forget
* JSONLint to pretty-ify JSON
* Using CommonDialog in VB 6 * Free zip utils
* git repo mapped drive setup * Regex Tester
* Read the bits about the zone * Find column in sql server db by name
* Giant ASCII Textifier in Stick Figures (in Ivrit) * Quick intro to Javascript
* Don't [over-]sweat "micro-optimization" * Parsing str's in VB6
* .ToString("yyyy-MM-dd HH:mm:ss.fff", CultureInfo.InvariantCulture); (src) * Break on a Lenovo T430: Fn+Alt+B
email if ya gotta, RSS if ya wanna RSS, (◔_◔), ¢, & Δ if you're keypadless

Powered by Blogger Curmudgeon Gamer badge
The postings on this site are [usually] my own and do not necessarily reflect the views of any employer, past or present, or other entity.