…krivokuca…

Yeah, obviously, as soon as I’ve realized Paperwhite actually ships to Croatia, I’ve ordered one in order to upgrade my Kindle-istic experience of bookreading. I’m writing this short “review” as a user who previously used (and at the time of writing this still owns) Kindle 4 (black one, 2012 edition).

Paperwhite comes packages in literally the same kind of the box as all the older Kindles. Existing owners will have a general idea what I’m talking about and for new buyers – packaging is excellent. You can be fairly sure your Kindle will survive all the odds of the travel, even across the world.

Continue reading →

During the 2011, Croatian government organized regular census of population which is made once every 10 years. And this last census brought some interesting and some even amusing figures:

• Disturbing fact is that this census evidenced the decrease of population in Croatia during last 10 years by approximately 152.000 (152 thousand!) people (reference). For some of the big nations this wouldn’t be a big matter. But that number is close to 3% of the previous census (2001.) population. There are multiple reasons for that, but having in mind we had kind of financially prospoerous years between 2001. and 2008., main reason for this decrease is more likely everlasting low natality issue and not emigration. Although, since 2011. and in the following years, emigration is also to become major reason for national depopulation. But that’s the subject for some other blog post.
• There are actually 6 Jews in Croatia which have declared themselves also Serbian minority (reference). I would like to meet them and buy them beer, since I’m quite convinced they have basically trolled the census workers. ;) Continue reading →

Recent news (well, still speculations) of Microsoft dropping the Live messenger in favor of Skype made me think… Instant messaging market was a fairly crowded space invaded by many proprietary solutions and one widely adopted open standard. For a long time, it seemed like proprietary solutions are winning the war, but in the end (probably due to failure of big players to monetize their services through advertising models) the last man standing will be the open XMPP standard. What the heck happened? Continue reading →

Just a quick note: patched GobiSerial driver for Gobi3000 broadband modems also works with 3.6 linux kernels.

I have made a vicious mistake this weekend. I have allowed my thinner half to make me try reading first book from the 50 shades trilogy. As open as I am towards new experiences (I have tried reading novels written by and for women before to please my ex girlfriends), I’ve thought this might even be a worthy ride. Yeah, so the book is probably written for women so much, that someone with less tolerance could wish to murder somebody after reading it, but I can deal with it. I’m mentally strong and all that. At least I can get through that experience totally indifferent at worse.

So, yeah, I’ve picked it up. Started reading it. Continue reading →

TIL: Today marks the first day of Cyber Security Awareness Month! https://www.google.com/goodtoknow/online-safety/

https://github.com/casastorta/software_versions project has been updated with more detailed unit testing.

10 months ago, in the company I work for, we have started (as a part of some process automation)  working on the software_versions python module. To make a slightly long story very short: it’s a module which is meant to be used for checking the current stable versions of various open source vendors software. Right from the start it we’ve released it as open source project.

To make short story bit longer: Continue reading →

Edit: As it usually goes, I’ve realized I might want to work on this some more. So, the rudimentary sessions is now a Vim bundle, available on GitHub: https://github.com/casastorta/vim-rudimentary-sessions

My development tools are basically split into 3 categories:

• Eclipse for big projects,
• Sublime Text 2, for most of the open source projects and smaller job projects,
• Vim for “shotgun-development“, when I need to do something quickly and immediately.

That being said, through the years, I’ve got to get used to Eclipse way of handling projects (in terms of keeping record of project files and project specific configurations on the filesystem). Eclipse creates
.project
file inside base directory of your project where everything related to the project is kept. I find it useful, because I don’t have to think extra of what to include in backup process. :-)

So today I pretty much expect every editor I use on part-time basis to be able to store project/session data in similar way. Sublime does it – although it doesn’t come with built-in centralized project repository, when you save main project file and project workspace file, they can be saved pretty much anywhere. I tend to keep them in project’s directory (with obligatory entries for
*.sublime-*
in .gitignore/.hgignore of course!). Continue reading →

Second “word of advice” for PHP programmers is kind of related (and also referenced in) to the previous post in the series.

We are going to cover escaping of LDAP values in LDAP queries initiated from PHP.

Introduction to the problem

Honestly, often it seems that LDAP support in PHP alone is a second class citizen. Sure, things seem to be much better in its semi-official Zend Framework. But as it goes in PHP world, a lot of developers don’t use Zend Framework, and way too many don’t use any framework since the platform lacked proper official or semi-official one for more than a decade.

Even now in the days when the biggest PHP developer’s dilemma is which application framework to use for their projects, most of the 3rd party frameworks lack any level of advanced LDAP support. Developers are then still forced to cope with (for the PHP developers’ standards) low-level LDAP support if they need LDAP functionality in their apps.

That being said, I have to mention that you shouldn’t have to worry about anything on this issue if you’re using Zend Framework properly. Zend_Ldap_Filter_Abstract class engages escapeValue() method, which is used exactly for this – escaping of values used in LDAP queries.

Although basically a database, LDAP really is, and you realize it first time you have to connect to it, whole different story from your usual relational or noSQL databases you’re used to work with. That being said, even the most basic PHP LDAP API separates modification from read-only function to access it. It means that if you use LDAP only to authenticate your users and read their data (meaning: you don’t update anything intentionally through ldap_modify or some other such function) you shouldn’t face the worse result of “LDAP injection”. Worse case scenario in such environment would be attacker’s succesful logins which usually wouldn’t succeed. Bad enough, but no damage to your data.

That doesn’t mean you should approach issue of LDAP queries with unconsciousness. Hence this article. :-) Continue reading →