*hypf*

Well, I like UI assistance in the usual ways. Many of you probably know the run dialog of Windows:

or perhaps the address bar:

Both exhibit kind of a text box, merged with a drop down list. In initiated Visual Basic circles called a combo box. The point is to simultaneously allow more text input and selection of a predefined or previously entered value. Usually the list drops down while typing but won't get in the way or steal focus, thus being quite unobtrusive. You can, however, use the arrow down key to select an item from the list. And you can hit Esc any time to close the list again.

Yesterday I stumbled over an example of such assistance gone wrong, from a usability perspective. Eclipse offers something called Content Assist in many places, it is context-sensitive, offers usually only the options that make sense in the current context, etc. In general a good feature and nice to have. Until I tried a simple search and replace through my source code:

Short explanation: I typed the “r()” in the “Find” text box and hit tab to get to the “Replace with” text box. Never mind that the find/replace I attempted there didn't work (as I was doing a regular expression search and parentheses are special characters there) the dialog thought the pressing of Tab to be a good time to display content assistance that not only completely covered the text box I was about to type into, but also managed to provide no obvious way to get rid of it.

My natural reaction was to hit Esc. No good, it closed the dialog completely. I fell into this trap about three times until I actually thought about what I was doing there. Anyway, turns out that the content assistance didn't even have focus, for whichever reason. Thus any input I made went straight to the dialog (hence Esc closing it, ok). Clicking elsewhere in the dialog didn't work either, perhaps for the same reason. I gave up trying yesterday and instead just unchecked the “Regular expressions” check box.

It seems (note: I can only guess) as if Eclipse is trying to display the content assistance for the previous text box, the one where it noticed “Hey, parentheses are special characters, let's display the user some help with them or other common Reg Ex templates”. Hitting Shift-Tab to get to the “Find” text box and then hitting Tab will get you to the list of suggestions. Turns out that even waiting until it appears will get rid of that annoyance, it actually does, but needs a second or two.

The problem is probably that regular expression search and replace is a feature not used by beginners (who perhaps need the assistance most) but rather by people already familiar with it. And those are much more likely to just type away as they already know what they want to search and replace. So waiting until you display that will cause the list to pop up too late in most cases anyway.

Note: I mentioned above that I did the same mistake (hitting Esc) three times before actually realizing what I was doing. Many people that deal with Usability and Interaction Design note the same: The first thing a user attempts when facing something unexpected is to get rid of it as fast as possible. I seems even people who spend the majority of their time with computers aren't any better than those we usually just look upon scornfully.

Seriously, I get some strange referrers from Google. Who the hell gets the idea to clear that from a batch file? I mean, most programs store that kind of stuff either in the registry or in some ugly binary files. The first option is the easier one, at least on Windows 5.1 onwards, since you could use reg.exe. The other part is trickier except the application doesn't mind a missing file.

It works, but reminds me a bit of How do I inflate a bicycle tire with a potato?.

Ah well, since rootnode posted his results on a Nerd Test (no longer available), I just had to, too. Although my results are not nearly as nerdy; I seriously wonder what that guy does all day …

I am a great fan of RSS, since it allows me to keep track of numerous sites I would otherwise check manually. Especially with some webcomics that are rather irregularly updated this is a pain and much better with RSS. On that note I'd really like webcomic authors to not just provide a link to the strips but rather embed the image itself into the RSS which makes reading much more comfortable (and should reduce traffic on their site).

A few hours ago I hacked together two pretty ugly scripts that fetch a web comic for a fellow student and one for me and output the last 5 strips as RSS. Works fine for now, I'll see whether there are any problems with updates.

You can adapt to your own needs if you see fit.

UPDATE (2008–01–31 10:20): Code for bash.org was missing. This is fixed now.

UPDATE (2008–11–06 07:46): Code for ruthe.de adapted since the site changed in the meantime.

UPDATE (2009–02–29 14:16): RSS for bash.org was invalid when encountering non-ASCII characters in the text. Should be fixed now.

UPDATE (2010–04–14 12:40): Code for ruthe.de adapted again due to a small change in the site's layout.

I bet some know the ancient Norton Commander, or at least one of its numerous clones. I myself use Far frequently. Something that makes OFMs so useful is the integrated command line but arguably this works best in a text interface (Total Commander does a sloppy job here, in my eyes).

Wouldn't it be nice to have that same level of command-line integration also in Windows Explorer? A fellow student mentioned that idea to me and I immediately thought that it can and would be useful and quickly hacked together a small impression of how it could look (see attachment).

I found something that implements a command window as a shell extension in Explorer: Command Prompt Explorer Bar but it's written in C#. Remembering Raymond Chen who in turn quotes Jesse Kaplan, one of the CLR program managers: Do not write in-process shell extensions in managed code.

So using the project mentioned above won't be an option, not even as the base of a new one. So probably I will start to write that thing myself one day, using C++.

As you may have noticed, I started translating the site and some content into German. I wanted to do this for some time now but only recently installed the Drupal i18n module. I will try to offer all future content simultaneously in English and German, though English will remain the first language in which content is published. Meanwhile I will translate missing content as I see fit and time.

You can call other batch files via the call command and pass parameters as well. Well, suppose you have a plethora of useful functions but you don't want a batch file for each of them or copy them into all batches that use them.

With a simple pattern you can concentrate them into one batch file. I've prepared this here, along with a bit of stuff you might need to do to ensure it's working:

The code above consists of a bit initialization code, namely the set target=%1 and shift to get the label we want to jump to and return everything to normal for the following code. The get_param_list is mainly there so we have some weird code to look at and have a bit of debugging stuff in place for testing. The rest are labels that mark the subroutines, ending with a goto :EOF each. The batch itself is nothing more than some kind of switch statement, selecting the function to execute with the first parameter.

Voilà, we got some kind of libraries or namespaces. If you want, you can nest them, I leave that as an exercise for the reader.

For quite some time now I want tagging of mails instead of hierarchical storage. Thunderbird 2 claims to support that, even with IMAP (which is rare, even more so than tagging mails itself). The feature used there is IMAP keywords which seems to be still a draft, though. However, Thunderbird comes with five tags predefined: Important, Work, Personal, To Do and Later. I did not intend to use them. I'd rather like to categorize similar to my folders, that means tags like Sent, Received in the first place. Furthermore a tag for each person I wrote the mail to or receivde it from (conversations) as well as content tagging. That should allow me to easily categorize my mails like I did before but also allow for conversation reading and quickly finding a certain mail.

So far the theory. First of all, Thunderbird never gave me easy access to the tag management (buried somewhere in the options, but inaccessible from the context menu or Tags dropdown. Defining own tags worked and they are basically stored on the server, however I would have to set up the exact set of tags on the other machine I am using this account from as well. Definitely cumbersome as I expected tags to be solely stored on the server (except for local caching) and not the client. Apparently I was wrong. The Remove all tags menu entry also only removed the tags the client was aware of, instead of all tags associated with the message.

Also I wasn't able to replace the folder view with a tag view. Tagging with keyboard is nice but I'd have to remember all tags and their associated numbers (which won't happen with the number of tags I had in mind). What I'd really like would be a view that organizes messages not by folders but by tags and threads. Thunderbird fails with the first view already.

I currently have some 12,000 mails archived and with some people I have exchanged more than 1,000 mails and finding a single one is pretty hard. I certainly hope for more support for tags in mail clients for the future. As of now, Thunderbird isn't adequate for people with more than one machine (and honestly, where'd be the advantage of IMAP when you read mail only on one computer?).

UPDATE (2008-01-02 05:43): Tried out Mulberry but it only supports up to eight tags (and it's downright ugly). So another client down. Claws mail stores tags only locally and only in the latest version (The gpg4win port is ancient and doesn't work on Vista, at least not here).

UPDATE (2008-01-02 08:35): Read up on RFC 3501. Tags can actually contain arbitrary bytes, except a few forbidden ones (which include things like parentheses, space and a few others). This means we could get one-word Unicode tags via Punycode, actually. Another thing to note: Thunderbird's behaviour on encountering unknown tags is probably intentional (though stupid in my eyes) and there should be no need for it, except for the fact that you will only get the tag name on the server instead of the one you defined in your client (they can and probably will differ, especially if you included forbidden characters or renamed the tag).

No, this is not one of the numerous Hacks performed during this year's Chaos Communication Congress but rather a collection of interesting talks.

I wasn't there in person (I plan to be there next year) but followed the streams and present here a selection of talks I really enjoyed.

Day 4 is currently missing, as well as a few links. This will change shortly.

Day 1

Der Bundestrojaner (de)

[description] [MKV] [MP4]

A quite funny talk about the 'Federal Trojan' as it is usually called around here. Mixed with interview answers of Dr. Schäuble himself which leave a quite uneasy feeling of him not quite understanding what he is really talking about.

What is terrorism? (en)

[description] [MKV] [MP4]

A deeply depressing view on how Germany's law enforcement deals with suspected terrorists. The partner of the presenter was arrested and she was put under surveillance. Reasons for suspecting her partner a terrorist were some writings, being a political activist and not always taking his mobile phone with him.

Design Noir (en)

[description] [MKV] [MP4]

A nice look at some unusual projects of electronic engineering, including an electrocuting jacket, the TV-B-Gone and a device that jams GSM, WiFi or Bluetooth signals. Projects like these reflect an interesting culture, called Design Noir of electronic device design that is meant to fulfill the 'real human needs' opposed to the industry's needs by "using misusing a simple electronic product that challenges the conformity of everyday life." And that Wave Bubble surely looks interesting enough that I want to build one (though I should inform me beforehand on how legal that might be around here, considering that during C3 one person was charged for using a TV-B-Gone at Media Markt [although I don't think the charges will hold]).

Programming DNA (en)

[description]

DNA is, essentially, a programming language for biological beings. By changing or adding certain genes you can alter behaviour of cells. Currently this is at least being done with viruses which have a rather simple structure and can be modified in such a way that we understand what the genes do (reverse engineering DNA is pretty ugly so best try to avoid it). The presenter told about a pretty elaborate component architecture with genes they devised in which you can simple plug together something you like and get the DNA printed (well, sort of). It's still a process of several months but it certainly sounded cool, especially the part with a open database of these building blocks and the ability to simply combine them. Although the thought of some day hacking humans is a bit scary.

DNS Rebinding And More Packet Tricks (en)

[description] [MKV] [MP4]

Dan Kaminsky has a track record of rather cool, but ugly hacks as well as a presentation style that is downright entertaining to watch. After last year's visual bindiff he now presents a reimplementation of TCP in JavaScript, Flash/Java and IFrames. And yes, it is as weird as it sounds. Maybe this is yet another reason to avoid having any browser plugins that display active content and if Silverlight provides sockets and is scriptable from the outside via JavaScript it has the same problems as well. He even performed a live demo of that stuff and it worked (with Firefox and Flash).

Day 2

Elektronische Dokumente und die Zukunft des Lesens (de)

[description] [MKV] [MP4]

An interesting tour through the history of devices for electronic reading and why they failed or are still unusable. It was the first talk of the second day and thus quite early (a.k.a. in the middle of the night or 11 am) but it was funny and interesting.

Absurde Mathematik (de)

[description] [MKV] [MP4]

A short talk about some mathematical paradoxes. Nothing too fancy but might be interesting to some. Main drawback was that it was too short (in my opinion). Another problem was that the presenter was not that firmly rooted in mathematics and didn't even know that much more besides what he presented (a person from the audience asked about the Banach-Tarski paradox and he didn't even grasp the problem).

Toying with barcodes (en)

[description] [MKV] [MP4]

A nice overview about what barcodes, scanners and the inherent security risks. I certainly didn't hear before about barcode SQL Injection. But scanners themselves are usually also vulnerable, regardless of the software behind it. Since barcode scanners can usually be reconfigured using barcodes this is also an easy attack vector as those configuration barcodes can easily be obtained from the vendor. But for most scenarios this isn't necessary as you can more often than not exploit vulnerabilities within the software which most of the time doesn't check the data it gets.

Spiel, Freude, Eierkuchen? (de)

[description] [MKV]

A quite interesting talk about the neverending debate about killer games (mostly first-person shooters) that came under attack after an incident at a school in Erfurt. Most media usually cited the killer playing games like Counterstrike as the reason for running amok. There were some TV segments about the subject, mostly riddled with incorrectness and inconsistencies and one of the speakers was actually the one who made a few of those segments and answered most of the questions of the audience.
One person from the audience was actually a representative of the German Bundestag and had a few interesting words to say about the whole issue. I laud that such people attend events like 24C3.

DIY Survival (en)

[description] [MKV]

A quite funny talk about ways of the world to end and what to do in such an event. But behind its tongue-in-cheek presentation were some nice things to build for oneself, maybe not only in the event of a robot uprising or nuclear attack, such as for example an EMP emitter.

Day 3

What can we do to counter the spies?

[description] [MKV]

The speaker has been with Britains MI5 for several years and felt increasingly dissatisfied with their actions which sometimes even led to attacks being carried out instead of prevented. MI5 and MI6 seemed to operate outside the laws numerous times and this led to Annie's and her partner's departure from MI5. They went into hiding in France for two years and she wrote a book which the British intelligence didn't want to be published. Now she is a political activist. Her talk includes many interesting anecdotes on how the intelligence agencies worked in the 90s.

Wahlchaos (de)

[description] [MKV]

A short look at some not entirely clear paradoxes and weirnesses of the German voting system. Also trying to discover what could have been changed by carefully manipulating votes in certain districts.

Die Wahrheit und was wirklich passierte (de)

[description] [MKV]

I didn't watch this talk to the end, but I will certainly do so. Basically each story has four versions: Your version, their version, the truth and what really happened. The talk mentioned a concept named major concensus narrative which is the version of an event that is remembered by people. This is most often granted for the truth, although it does not need to have anything in common with it. An interesting look into how we think and handle perception.

Meine Finger gehören mir (de)

[description] [MKV]

A talk about biometric security measures in the new electronic passport and their weaknesses. Most security gains (which aren't that great) are reduced to nothing because of obvious holes in the law texts. If you are fine with getting a new preliminary passport every year you can get away without ever having your fingerprints taken. And of course, terrorists can't do anything damaging within the timespan of a year ...
The whole protocol also leaves enough room for faking your fingerprints which is fairly easy with transparencies, a laser printer and glue.

Hacker Jeopardy (de)

[description] [MKV]

Well, not much to say about it, weird as ever and very entertaining. Although the questions, erm answers this year were pretty hard, at least for me.