Skip to content

Author: kris

Lianne Ploumen launches fund on family planning in response to Trumps funding cut

The NL Times reports:

Dutch Minister Lianne Ploumen: “We want women to keep as much access to their rights as possible”, Ploumen said on Tuesday. “Banning abortion does not lead to fewer abortions. It leads to more irresponsible practices in back rooms and to more mothers dying.”

She’s launching an international fund to make up for the about $600 million gap created by Trump’s decision to scrap funding to organizations that help with family planning and offer safe abortions in developing countries (Nope, that’s not the USA. Yet.)


1 Comment

The Blog

Tech Meta: As you can see, this blog is still being built.

  • I seem to have fixed the most glaring problems with the stylesheet – blockquotes and links in the text are no longer in an outsized font.
  • Basic wordpress hardening is in place. A longer article about that needs to be written.
    • Command line tools for WP are in place, and the installation of the blog has been ansibilized. In a completely horrible way, because uploading a shell script that runs WP-CLI is not the Ansible Way™ at all. This needs to be prettyfied as much as possible, but still won’t be the Ansible Way™ when finished.
  • I have been testing the blog with mobile, and the theme seems to be adaptive just fine.

What’s missing: A number of things are not here, yet.

  • Let’s Encrypt Integration is still not in place. It will come.
  • I am still looking for a nice tool that can accept an Android Share intent and will fetch a header and a nice image from the URL and make an article of the “link” format with a number of Categories from it.
    • There is a WP Android App. I need to test it, and also need to understand if it fundamentally can work with Google Authenticator enabled on the blog.
    • If it does not solve the “here’s a link, make a basic article share out of it” problem, it’s not really helpful. It’s not that I’ll be writing a lot of text on a cellphone, that would be dump. I need to be able to do G+ like sharing from a cellphone as a reminder to edit and fatten the share later from a proper machine.

What will happen (several times): When everything is finished, I need to destroy this VM and redo it from scratch and backup in order to make sure it’s completely hands off. We will have a short service interruption for that, but you should not be worried, we’ll be back. I still have no timeline for that.

So what will happen? Some Guidelines: As the new G+ is as horrible as the preview promised, I’ll pull my presence out of social media as much as possible.

  • We have a RSS content full feed and a RSS comments full feed, on autodiscovery. Subscribe to them.
  • All links will go to G+, manually. Or not, if I forget to do that. Use RSS, really.
    • Comments on G+ are off. Use the comments in the blog.
    • The awesome Friends+me will pick that up and spam the rest of the social media. Comments can’t be off there, but I won’t be reading them. Sorry about that. Use the comments in the blog.
    • Comments are moderated for first time posters. Once you have commented here and have been enabled, you should be able to do so without moderation.

Yes, it’s retro. That’s probably a feature.


The Trump Yacht in the Netherlands

The Telegraaf has an article (Link goes to the mobile site, b/c the real site has Adblockerblockers active) on the “Trump Princess”, a ship that had been renovated a long time ago in a wharf in the Netherlands.

Please note that this is about an event from the late eighties. Trump bought the “Yacht”, had it refitted in the Netherlands and sold it three years later. The history of the ship is available on Wikipedia, and it’s not particularly long by todays standards of the one percent-percenters. It’s interesting, because before Trump the Yacht starred in the James Bond Movie “Never Say Never Again” in a promiment role as a supervillain headquarter. A Youtube Slideshow about the ship is available.

Trump tried upgrading to something even larger, but that failed, says the final paragraph of an article on Yachtharbour. In fact, he bought the Amels shipyard in order to not complete the construction of the “Trump Princess II”. Amels is a large “Superyacht” wharf near Vlissingen.

The first “Trump Princess” has been notorious, because of a Tweet from Bart Mos two weeks ago, who made a big deal of the rather tasteless interiour of this thing, which happened almost 30 years ago. He later apologized.

1 Comment

Sending letters the CIA way

Palaeofuture has an interesting article on sending letters, the CIA way.

When you file a Freedom of Information Act (FOIA) request with a federal agency, they’ll often send you physical letters in the mail. When I got my first response letter from the CIA, I was a little surprised to see some old-fashioned, anti-spy tech on the back of the envelope. As you can see from the photos above and below, there’s no way to open the envelope without making it clear you’ve been messing with it.

The author has been inquiring about the how and why, and despite the inquiry not being a formal FOIA request got an answer.

The “gummed kraft sealing tape” the agency uses is three inches wide, and the indications from the response to my FOIA request suggest that the agency buys it in 450-foot rolls.

The article does have a part and an order number for the tape, in case you have need for it.


Tumblr of the Day is… Nederdropje

Tumblr of the Day is… Nederdropje. A Dutch blog on Drop (Liquorice). Around here (in the Netherlands) people are making quite oftenbread with Hagelslag. That’s a bread with crumps – originally chocolate crumps, but there is Fruchtenhagel, Anishagel and many other kinds.

Apparently there is Drophagel as well, but from a scandinavian source.




Trucks on a line

Heise says: For long distance good transport Germany will test electrified lorries withpantographs and catenaries running on pieces of Autobahn in Hessen and Schleswig-Holstein as a proof of concept. The trucks are supposed to draw power from the catenary and must be able to drive the last mile on their own power.

The illustration mentions hybrid cars, the text speaks about Diesel engines and a small battery. If the last mile is short enough (acutally up to 100km), it’s in principle possible to buy purely electric trucks. The truck could recharge while driving on the Autobahn, and then use that power after going off the line into the city.

Siemens eHighway Praxis-Studie

Such a system would also be highly interesting for autonomous and highly automated driving.


PHP 7: mysql extension deprecated

In mysql() nach PHP 7 retten, Charly Kühnast explains how you can get the deprecated and disabled mysql extension back in PHP 7. You shouldn’t.

There are many reasons for this. One of them being that none of the newer features in MySQL can be used with the old mysql extensions. There is an overview in the PHP documentation that explains exactly what you are missing.

One of the things that you are missing is support for prepared statements. Prepared statements are a mechanism in which you write SQL statements with placeholders for variables, and then later bind values to the placeholders using a “bind” call or as part of the “execute” call which is actually running the statement. In any case, the variables are being escaped properly automatically, making SQL injection a lot harder.

This is not just a problem limited to PHP – a search for bind and execute other sources can be very instructive. For example, the sources of Opennebula or in older versions of Owncloud (up to and including version 7) are rich treasure troves of potential exploits.

So currently the situation is as follows:

There are three extensions at the PHP level, one of which is deprecated and disabled in PHP 7:

  • The old mysql extension is no longer available by default, and for good reasons. Do not use it, do not attempt to use code that uses it.
  • The mysqli extension has been around for very many years, and offers a procedural and an object oriented interface, and makes “newer” MySQL features available, including prepared statements.
  • The PDO_mysql extension has been around for many years, too, and offers an object oriented, and portable across databases interface. It also allows access to all “newer” MySQL features.

The wire protocol of all of these extensions is implemented by a C-level library, against which the extension can be linked. A manual page explains the choices.

  • Traditionally that has been the Oracle/MySQL C-API (“libmysqlclient”, “Connector/C”), which comes with the database server. It is available on the GPL, which is a license different from the PHP license of the rest of the PHP proper, and it has it’s own memory management, which is different from the PHP native memory management.
  • Since PHP 5.3, there is mysqlnd (the “native driver”, ND). It re-implements the MySQL wire protocol, and is available under the same license as PHP itself. It also uses the same memory management that PHP uses, which makes it faster (no copying) and more efficient (no duplication of values). It is the default on a normal PHP build these days.

What you should be using: These days, your code should not be using the mysql extension. So you will be using mysqli or PDO_mysql, depending on your needs, with the underlying implementation of the native driver doing the heavy lifting.

Do not attempt to port mysql-Extension based code to PHP 7 without refactoring it for prepared statements, please.


Leave a Comment