Skip to main content

External Blogs

Finding Debian release history with etckeeper

Anarcat - Fri, 10/09/2015 - 13:13

I praise etckeeper enough. That you use or not formal configuration management tools, you should have etckeeper installed, even if to do ad-hoc changes in an emergency.

For example, I just thought I could use it to figure out which Debian release I originally installed on this machine, and when I did the upgrades. Turns out it's amazingly easy:

cd /etc sudo git log --oneline -p --no-prefix /etc/issue

Here is the result here:

root@marcos:/etc# git log --oneline -p --no-prefix --pretty=format:'%s (%ai)' /etc/issue | cat Initial commit (2011-02-23 00:14:08 -0500) diff --git issue issue new file mode 100644 index 0000000..9d52ed2 --- /dev/null +++ issue @@ -0,0 +1,2 @@ +Debian GNU/Linux 6.0 \n \l + saving uncommitted changes in /etc prior to apt run (2011-05-22 19:08:20 -0400) diff --git issue issue index 9d52ed2..647d490 100644 --- issue +++ issue @@ -1,2 +1,2 @@ -Debian GNU/Linux 6.0 \n \l +Debian GNU/Linux wheezy/sid \n \l committing changes in /etc after apt run (2013-01-23 09:40:27 -0500) diff --git issue issue index 647d490..d363ace 100644 --- issue +++ issue @@ -1,2 +1,2 @@ -Debian GNU/Linux wheezy/sid \n \l +Debian GNU/Linux 7.0 \n \l committing changes in /etc after apt run (2013-06-15 13:02:04 -0400) diff --git issue issue index d363ace..efc8255 100644 --- issue +++ issue @@ -1,2 +1,2 @@ -Debian GNU/Linux 7.0 \n \l +Debian GNU/Linux 7 \n \l committing changes in /etc after apt run (2014-02-02 23:28:12 -0500) diff --git issue issue index efc8255..e65d112 100644 --- issue +++ issue @@ -1,2 +1,2 @@ -Debian GNU/Linux 7 \n \l +Debian GNU/Linux jessie/sid \n \l committing changes in /etc after apt run (2014-12-18 11:32:43 -0500) diff --git issue issue index e65d112..6478eed 100644 --- issue +++ issue @@ -1,2 +1,2 @@ -Debian GNU/Linux jessie/sid \n \l +Debian GNU/Linux 8 \n \l

In other words:

  • 2011-02-23: installed etckeeper, running Debian 6.0 ("squeeze", fresh from the stable release from 2011-02-06)
  • 2011-05-22: upgraded to wheezy/sid ("testing", at that point)
  • 2013-01-23: some upgrade to testing, unclear (although wheezy is in freeze since 2012-06-30 at that point, it seems the version string changed then in base-files 7)
  • 2013-06-15: wheezy 7.1 point release drops the digit
  • 2014-02-02: switch to jessie/sid (back to "testing", a few months after the freeze is announced)
  • 2014-12-18: upgrade to Debian 8 (one month after the freeze, still not released)

Unfortunately, there isn't much more details about the exact upgrade points, especially since /etc/os-release is a symlink starting with Jessie. Besides things are much more in flux than we would like to believe, especially when you run a rolling distribution like "testing", but it still gives a good idea of my upgrade history:

  • i ran 3 different major releases of Debian on this machine, always upgrading from the previous one without reinstalling
  • i probably installed etckeeper from the start, as configuration mentions the machine was online on 2011-03-08
  • i generally run stable until i get tired and upgrade to testing, generally at some point close to the freeze time

There is of course more information available directly in git log, namely the exact package version changes. With some more commandline filtering, we can see exactly when each upgrade was done, including minor releases:

# git log --date iso --grep base-files --reverse | egrep "^commit|^Date|base-files" commit 34ad962ff10c6e4e201378698e0fe0d4b03c8c39 Date: 2011-04-02 22:21:11 -0400 -base-files 6.0 +base-files 6.0squeeze1 commit 1cba7d2e097091e86eba1a2d8e4f5a9771e746a1 Date: 2011-07-09 19:40:05 -0400 -base-files 6.3 +base-files 6.4 commit cb409a0fbe2f95c3cd6a7c1ff0af263b55c7d597 Date: 2011-09-28 17:54:57 -0400 -base-files 6.4 +base-files 6.5 commit cf6d9dab6f79f4b50e5bd80dcba1769b0aa6c84b Date: 2012-03-25 19:18:44 -0400 -base-files 6.5 +base-files 6.7 commit bb1b6aab4406276388542cefd7b4eff92d960533 Date: 2012-06-29 00:42:32 -0400 -base-files 6.7 +base-files 6.9 commit c6d9218ba75b3276ea44d949ef3410c35713d487 Date: 2012-09-29 14:25:01 -0400 -base-files 6.9 +base-files 6.11 commit bd730398e572c8403b2b9c0421df64a407669877 Date: 2013-01-23 09:40:27 -0500 -base-files 6.11 +base-files 7.1 commit af42616d72c4fe5c4a0e43ee8948031732735ec5 Date: 2013-06-15 13:02:04 -0400 -base-files 7.1 +base-files 7.1wheezy1 commit d2ef5df9c689073b62b4898a12e42bb8488c8cdc Date: 2013-10-14 18:15:11 -0400 -base-files 7.1wheezy1 +base-files 7.1wheezy2 commit 104ea49559eb2b6b2aff21817b3980b274882a28 Date: 2013-12-14 11:07:09 -0500 -base-files 7.1wheezy2 +base-files 7.1wheezy3 commit bfa19b7ad737cb22c495af9429e922e6ec46202d Date: 2014-02-02 23:28:12 -0500 -base-files 7.1wheezy3 +base-files 7.2 commit 830570ca4083af0c4b87c6c7c746c9513e260cf7 Date: 2014-05-15 11:20:13 -0400 -base-files 7.2 +base-files 7.3 commit 4c9e6ca21bb8189810199e6d518250432a62391d Date: 2014-07-27 19:50:14 -0400 -base-files 7.3 +base-files 7.5 commit 4bc6abe2ba193cb6fac4eae00fa855eb32b86400 Date: 2014-10-20 16:14:09 -0400 -base-files 7.5 +base-files 7.6 commit a5e2ce476982201338220a314b1f9ccb03c99517 Date: 2014-11-28 19:45:56 -0500 -base-files 7.6 +base-files 7.10 commit eaa69b112fee60ef71938d9a725c07f9f29b2011 Date: 2014-12-18 11:32:43 -0500 -base-files 7.10 +base-files 8 commit f95a199df77030dc9ee6ab55bf4fa246fa88c959 Date: 2015-07-24 12:34:04 -0400 -base-files 8 +base-files 8+deb8u1 commit db4ab55b7327cecea54c5fe6a65560ba0e385978 Date: 2015-09-07 19:09:47 -0400 -base-files 8+deb8u1 +base-files 8+deb8u2
Categories: External Blogs

Python Project Night 11

Montreal Python - Wed, 09/30/2015 - 23:00

Fall is beginning and Montréal-Python is inviting the Python community to its 11th "Project Night" event in the hearth of the Plateau Mont-Royal at the office of ours friends of Outbox (

For the newcomer, the Project Nights of Montréal-Python are evening of work and of exchange around real world projects and things you want to share. The idea is to come to work on your own project or to join another team working on something you would learn or could help on.

We already have a couple of projects for you:

If you have any project idea, send us an email at or just tell us during the project night.


Thursday, October 8th at 6 PM

Warning, please make sure to arrive before 7PM cause the door will be locked after


At the office of our friends of Outbox (

3575 Saint-Laurent Boulevard, suite 800, Montreal

How to subscribe

Please grab a free ticket on our Eventbrite page at:

Categories: External Blogs

Fun experiments with laptop battery

Anarcat - Mon, 09/28/2015 - 12:45

After reading up on a eye-opening blog from Petter Reinholdtsen about laptop batteries, or more specifically Lithium-Ion laptop batteries, I figured I needed to try out the "TLP Linux Advanced Power Management" that I had been keeping an eye on for a while. tlp is yet another tool to control power usage on laptops (mostly Thinkpad, mine is a X120e). The novelty of tlp is the "hands off" approach: everything should be automatically configured for you...

Obviously, that means I then went on working for a few hours on breaking and fixing my laptop in random operations. I opened a bunch of pull requests on the interesting battery status package that Petter produced to make it work with my setup and make it display graphs directly (instead of into a file). I also rewrote the graphing tool in Python with SciPy in order to have cleaner labels and be able to deduce the date at which a battery would be completely unusuable because it can't recharge high enough. (At the time of writing, the battery estimated death time is december 7th, but that data is skewed because of a quick change in the battery charge after the BIOS upgrade, below.)

I then went on to try to limit my laptop charging to 80%, since this seems to make the battery last longer (sources from Petter: 1, 2, 3). Unfortunately, even after building a local (and trivial) backport of the tlp package to Debian stable (8.2/Jessie), I still couldn't access those controls, as TLP is really just a set of shell scripts that glue a bunch of stuff together.

The backport was simply:

apt-get source tlp cd tlp*/ debuild sudo dpkg -i ../tlp*.deb

I read here and there (and in Petter's post) that I needed the tp-smapi-dkms package, so I went ahead an installed it:

sudo apt install tp-smapi-dkms

(Yes, Jessie has a neat apt command now, it's great, upgrade now.)

Unfortunately, this still didn't work. I think the error back then was something like:

thinkpad_ec: thinkpad_ec_request_row: arg0 rejected: (0x01:0x00)->0x00 thinkpad_ec: thinkpad_ec_read_row: failed requesting row: (0x01:0x00)->0xfffffffb thinkpad_ec: initial ec test failed

I have seen suggestions here and there to try the acpi-call-dkms package, but that was useless as it doesn't support my model (but may work with others!). The error there was:

acpi_call: Cannot get handle: Error: AE_NOT_FOUND

Note: I still have it installed - it's unclear what impact it has, and I do not want to break my current setup.

So I then started to look at upgrading my BIOS, for some reason. I was running version 1.13 (8FET29WW) from 05/06/2011. I was able to update to 1.17 (8FET33WW) from 11/07/2012, using the memdisk binary from the syslinux-common package, with some help from the quite useful grub-imageboot package:

sudo apt install syslinux-common grub-imageboot wget sudo mkdir /boot/images sudo mv 8fuj10uc.iso /boot/images sudo reboot

I found the image on the Thinkpad x120e support page from Lenovo (which happily bounces around, so don't rely on the above URLs too much). When I rebooted, I was offered to boot from the image by grub, which went on fine, considering it was running some version of DOS, which is always a bit scary considering it is software that is somewhat almost as old as me.

I wish I could have installed some free software in the BIOS instead of the outdated crap that Lenovo provides, but unfortunately, it seems this will never be possible with Libreboot or Coreboot, mostly because Intel is evil and installs backdoors in all their computers. Fun times.

Fortunately and surprisingly, the update worked and went on pretty smoothly. After that, I was able to set the charge limit with:

echo 80 | sudo tee /sys/devices/platform/smapi/BAT0/stop_charge_thresh

Amazing! I had almost forgotten why I almost bricked my system on a thursday, good thing that worked! Now the fun part was that, after some reboots or something I did, I am not sure what, the above stopped working: I couldn't load the drivers at all anymore, dmesg treating me with a nasty:

thinkpad_ec: thinkpad_ec_read_row: failed requesting row: (0x01:0x00)->0xfffffff0 thinkpad_ec: initial ec test failed

Now that is some obscure error message material! Fun stuff. I tried uninstalling tlp, the smapi modules, the acpi-call modules, rebooting, turning the machine off, removing the battery, nothing worked. Even more hilarious, the charge controler was now stuck at 80%: I had artificially destroyed 20% of the battery capacity in software. Ouch.

I think this may have been related to uninstalling the tp-smapi-dkms package without unloading it at first. I found some weird entries in my kern.log like this:

tp_smapi unloaded. thinkpad_ec: thinkpad_ec_read_row: failed requesting row: (0x14:0x00)->0xfffffff0 hdaps: cannot power off hdaps: driver unloaded. thinkpad_ec: unloaded.

I think that after that point, I couldn't load either module, not even thinkpad_ec...

After tearing out a few more hairs and hammering my head on the keyboard randomly, I thought I could just try another BIOS upgrade, just for the fun of it. Turns out you actually can't rerun the upgrade, but you can change the model number through the same software, and this seems to reset some stuff. So I went back in the ISO image I had loaded earlier, and went on to change the model number (actually setting it to the same value, but whatever, it still ran the update). It turns out this seems to have reset a bunch of stuff and now everything works. I can use tlp setcharge and all the neat tools go well.

The two key commands are:

# limit charging to 80% of the battery, but not lower than 40% sudo tlp setcharge 40 80 # clear the above setting and just charge the battery to 100% sudo tlp fullcharge

It seems that the 40% bit isn't supported by my laptop, but whatever: the battery stays charged when on AC power anyways, so I don't really understand what the setting is for in the first place. The error there is:

smapi smapi: smapi_request: SMAPI error: Function is not supported by SMAPI BIOS (func=2116) smapi smapi: __get_real_thresh: cannot get start_thresh of bat=0: Function is not supported by SMAPI BIOS

The second command is what I will need to remember to run before I unplug the laptop for a trip. I suspect this will be really annoying and I may end up disabling all this stuff and just yank the power cable out when the battery reaches 80%, by hand, when I need to.

But it was a fun geeking out, and hopefully this will be useful for others. And of course, the graphs from Petter will be interesting in a few months... Before the BIOS upgrade, the battery capacity was reported as 100% (actually, at 100.03%, which was strange). Now, the capacity is at 98.09%, which is probably just a more accurate reading that was fixed in the BIOS upgrade.

Finally, also see the useful thinkwiki troubleshooting page and especially their interesting BIOS upgrade documentation which inspired me to write my own version. I would have gladly contributed to theirs, but I seem to have lost my password on this site, with no recovery possible... The arch linux wiki has obviously excellent documentation as well, as usual.

Categories: External Blogs

Switched to bootstrap theme

Anarcat - Wed, 09/09/2015 - 21:48

I finally gave up and drank the cool-aid of the Bootstrap theme. The main reason was that I noticed the site was basically unusable on any mobile device, including tablet computers like the iPad, which are unfortunately very, very common. Phones wouldn't render the site in a legible way either, unfortunately. The change is rather drastic, so I figured it was important to mention it here.

I am not so satisfied pretty exctied with the result: the theme is very basic, if not absent. I actually like that purified form now, and it works across devices now much better.

But I do feel I just made my blog look like everyone else that uses Bootstrap. We seem to enter an era where non-graphic designers (like me) are back to building web pages that all look the same, not very different, in a way, from the old days of plain HTML, like the default ikiwiki theme. I did some work to change the look at least minimally, but the top black navbar is really a killer giveaway this is a bootstrap theme. Bootstrap does a lot for the typography, at least when checking the presslabs checklist or the practical typography checklist, but I still had to change the main body width, which helped a lot I think.

Anyways, the old Night City theme is still available for download and I could still flip it back on here if I need to.

What changed

The new theme keeps the distractions away, but ironically, it's slower than the previous theme even though there are no images and basically no colors at all. On my tests, it now loads in about 3.42 seconds on the "Regular 2G (250Kbps)" simulation of Chromium with 72KB in 12 requests. Whereas my tests with the previous theme were taking 3.25 seconds with 43.5KB in 17 requests. This is due to the Bootstrap CSS, which takes a whopping 19KB itself, but especially because I now load JQuery, which takes a whopping 32.8KB! And that is probably gzip-compressed, as the original is more around 90KB.

But at least the thing is readable on phones and tablets now. Compare:

Samsung S3, before

Samsung S3, after

I like this: much simpler, purer version on smaller devices. And we see what counts: the freaking text.

Of course, on tablets, it doesn't fare as well: the top menu gets wrapped around...

Apple iPad, before

Apple iPad, after

Apparently, the fix would be for me to "customize the @grid-float-breakpoint variable" in LESS (which I thought was a pager, but seems to be a CSS preprocessor, graaah).

Still, I think it's better that way, more readable, and less crufty.

How it was done

After doing a thorough evaluation of all the Bootstrap ikiwiki themes I could find (there are more than 4 at least!), I figured I prefered the Jak Linux one. It seemed to be better implemented than the others, cleaner, and I liked the mean black border on top. Black is cool. Oh, and I liked the subtle footer as well. Subtle is cool.

Unfortunately, that theme originally required a custom plugin to have a menu on top, which i thought was silly. So I patched it to make it work with the sidebar plugin, which turned out to be trivially simple: just dump the sidebar content, and make the sidebar page have explicit HTML tags in it that match Bootstrap's required classes. I also added the regular action links in the top navbar, but that does overload it quite a bit. I also did some code cleanups and various other small changes, all of which are available in my personnal git repo.

What doesn't work

So of course, there are always problems. The first problem is the extra bandwidth usage. Not sure that can be fixed, other than switching to the upcoming Bootstrap 4, which is smaller than Bootstrap 3, bizarrely.

The more annoying problems are weird alignment issues. If the screen gets two narrow without kicking some collapse rules in place (the iPad bug above), the navbar rows overflow and look ugly. Even more bizarre, in some cases the right navbar can just completely disappear, in fact, that's the only fix I could find: to assign the hidden-xs and hidden-sm classes to the navbar-right <UL> element. But then it just goes away, which is pretty darn stupid. Still - I assigned the classes to a few actions that seemed low priority, both in the theme and in the sidebar page.

Similarly, the search form at the bottom of the page doesn't seem to want to fit in the footer properly. No idea why and I can't bother to figure that one out.

I ended up merging this with the backlinks, tags and trails navigation items.

Oh, and amazingly enough: comments are simply not rendered at all right now. Oops. I seemed to have picked the single bootstrap Ikiwiki theme that does *not* have comments rendering... Aaaargh. For now I just copy-pasted stuff from the [ramseydsilva][] theme and it looks pretty ugly, but at least it works.

I ended up theming comments the same way i did for Night City, which looks pretty good, but is not in sync with the LESS stuff in Bootstrap.

I also add to add back trails, backlinks and favicon... looks like the Jak theme wasn't made for a blog after all... but that's now fixed!

Another improvement would be to change the font from the canonical Helvetica to something prettier, like suggested in Practical Typography, in the font recommendations section, or the presslabs checklist. So far I have settled on Mozilla's Fira font (which means, yes, one set of objects is actually loading from the CDN, sorry). Feedback welcome.

Categories: External Blogs

Montréal-Python 54: Virtualized Utopia

Montreal Python - Mon, 09/07/2015 - 23:00

We've got so many great propositions of talks for our first event of the season. We are very excited to welcome you next Monday at UQAM. It is your opportunity to meet the Python Community of Montreal !

Also we would like to thank again our generous sponsors for renewing their support to our community. Particularly, we would like to thank, Outbox and Savoir-faire Linux for their continuous support.

Flash presentations:

David Taylor: Chorogrid a Python module to produce vector choropleth maps

David Taylor will introduce his module chorogrid, which makes regular and tiled choropleth maps for geographical data visualization.

Jordi Gutiérrez Hermoso: pudb, the IDE debugger without an IDE!

Mathieu Gauthier-Pilote: Présentation de la Semaine québécoise de l'informatique libre

Main program:

Melanie Dubois (Office National du Film): Le mystère des tests unitaires

Vous sera conté, une tranche de vie sur les tests à l'Office National du Film du Canada. Pendant la présentation, nous verrons quelques trucs qui ont permis d'accélérer la performance de ces tests mystérieux, ceci, accompagné d'exemples concrets.

Stéphane Wirtel: Python & PostgreSQL, a Wonderful Wedding

Python and PostgreSQL, two tools we like to use for our projects but do you know everything about them?

The talk will give an overview of psycopg2, Peewee, SQLAlchemy, Alembic and PL/Python, these libraries can be used with PostgreSQL.

Justin Churchill: Ceph a simple understanding

How CEPH differs from legacy storage solutions and what are the top three features of CEPH.


Monday, September 14th 2015


UQÀM, Pavillion PK

201, avenue du Président-Kennedy

Room PK-1140

  • 6:00pm — Doors open
  • 6:30pm — Presentations start
  • 7:30pm — Break
  • 7:45pm — Second round of presentations
  • 9:00pm — One free beer (or equivalent) offered at Bénélux just across the street
We’d like to thank our sponsors for their continued support:
  • UQÀM
  • Bénélux
  • Outbox
  • Savoir-faire Linux
  • Caravan
  • iWeb
Categories: External Blogs

Call for Speakers - Montréal-Python 54: Virtualized Utopia

Montreal Python - Thu, 08/27/2015 - 23:00

It's back to school so, at Montréal-Python, we are preparing for the first event of the season!

We are back every second Monday of the month, so our next meeting will take place on Monday, September the 14th at 6:30pm at UQÀM.

For the occasion, we are looking for speakers to give talks of 5, 10, 20, or even 45 minutes.

Come tell us about your latest discoveries, your latest module, or your latest professional or personal realizations. It is your chance to meet with the local Python community.

Send us your propositions at


Monday, September 14th 2015

  • 6:00pm — Doors open
  • 6:30pm — Presentations start
  • 7:30pm — Break
  • 7:45pm — Second round of presentations
  • 9:00pm — One free beer offered at Bénélux just across the street
We’d like to thank our sponsors for their continued support:
  • UQÀM
  • Bénélux
  • Outbox
  • Savoir-faire Linux
  • Caravan
  • iWeb
Categories: External Blogs

PyCon Canada: Call for Speaker is ending soon

Montreal Python - Tue, 08/11/2015 - 23:00


The Call for Proposals for PyCon Canada 2015 is ending soon. We've heard that they have been receiving many amazing proposals. It is quite exciting to see the Canadian Python community all together again in November in Toronto.

If you have not yet submitted a talk or had not considered giving one, please be aware that talk slots can be either 5-10 minutes or 25-30 minutes, so whether you have a long form presentation or a quick lightning talk, it is quite exciting and looking forward to see your talk. A few suggestions: something Python related that you find interesting, something you’ve been working on, a tool that you have found helpful, tips and tricks you’d like to share, or ways in which you’ve used Python poorly, but would like to save others the same pain would all be great talks! Submissions are due by this Friday, August 14 so please get yours in today!

As well, if you are interested in running a tutorial session on your favourite topic. Please get in touch with the PyCon Canada team at

The PyCon Canada team is also actively seeking sponsors to help make this event possible. Sponsoring PyCon Canada 2015 is a great way to foster and strengthen your ties with the community, so please reach out to

Please share the word!

And you have need any help at creating your proposal please reach us at

For more informations about PyCon Canada 2015, please have a look at the website at

Categories: External Blogs

Is it safe to use open wireless access points?

Anarcat - Thu, 07/23/2015 - 16:35

I sometimes get questions when people use my wireless access point, which, for as long as I can remember, has been open to everyone; that is without any form of password protection or encryption. I arguably don't use the access point much myself, as I prefer the wired connection for the higher bandwidth, security and reliability it provides.

Apart from convenience for myself and visitors, the main reason why I leave my wireless access open is that I believe in a free (both as in beer and freedom) internet, built with principles of solidarity rather than exploitation and profitability. In these days of ubiquitous surveillance, freedom often goes hand in hand with anonymity, which implies providing free internet access to everyone.

I also believe that, as more and more services get perniciously transferred to the global internet, access to the network is becoming a basic human right. This is therefore my small contribution to the struggle, now also part of the Réseau Libre project.

So here were my friends question, in essence:

My credit card info was stolen when I used a wifi hotspot in an airport... Should I use open wifi networks?

Is it safe to use my credit card for shopping online?

Here is a modified version of an answer I sent to a friend recently which I thought could be useful to the larger internet community. The short answer is "sorry about that", "it depends, you generally can, but be careful" and "your credit card company is supposed to protect you".


First off, sorry to hear that our credit card was stolen in an airport! That has to be annoying... Did the credit card company reimburse you? Normally, the whole point of credit cards is that they protect you in case of theft like this and they are supposed to reimburse you if you credit card gets stolen or abused...

The complexity and unreliability of passwords

Now of course, securing every bit of your internet infrastructure helps in protecting against such attacks. However: there is a trade-off! First off, it does makes it more complicated for people to join the network. You need to make up some silly password (which has its own security problems: passwords can be surprisingly easy to guess!) that you will post on the fridge or worst, forget all the time!

And if it's on the fridge, anyone with a view to that darn fridge, be it one-time visitor or sneaky neighbor, can find the password and steal your internet access (although, granted, that won't allow them to directly spy on your internet connection).

In any case, if you choose to use a password, you should use the tricks I wrote in the koumbit wiki to generate the password and avoid writing it on the fridge.

The false sense of security of wireless encryption

Second, it can also give a false sense of security: just because a wifi access point appears "secure" (ie. that the communication between your computer and the wifi access point is encrypted) doesn't mean the whole connection is secure.

In fact, one attack that can be done against access points is exactly to masquerade as an existing access point, with no security security at all. That way, instead of connecting to the real secure and trusted access point, you connect to an evil one which spies on our connection. Most computers will happily connect to such a hotspot even with degraded security without warning.

It may be what happened at the airport, in fact. Of course this particular attack would be less likely to happen if you live in the middle of the woods than an airport, but it's some important distinction to keep in mind, because the same attack can be performed after the wireless access point, for example by your countryside internet access provider or someone attacking it.

Your best protection for your banking details is to rely on good passwords (for your back account) but also, and more importantly, what we call end-to-end encryption. That is usually implemented using the "HTTPS" with a pad lock icon in your address bar. This ensures that the communication between your computer and the bank or credit card company is secure, that is: that no wifi access point or attacker between your computer and them can intercept your credit card number.

The flaws of internet security

Now unfortunately, even the HTTPS protocol doesn't bring complete security. For example, one attack that can be done is similar to the previous one and that is to masquerade as a legitimate bank site, but either strip out the encryption or even fake the encryption.

So you also need to look at the address of the website you are visiting. Attackers are often pretty clever and will use many tricks to hide the real address of the website in the address bar. To work around this, I always explicitly type my bank website address ( in my case) directly myself instead of clicking on links, bookmarks or using a search engine to find my bank site.

In the case of credit cards, it is much trickier because when you buy stuff online, you end up putting that credit card number on different sites which you do not necessarily trust. There's no good solution but complaining to your credit card company if you believe a website you used has stolen your credit card details. You can also use services like Paypal, Dwolla or Bitcoin that hide your credit card details from the seller, if they support the service.

I usually try to avoid putting my credit card details on sites I do not trust, and limit myself to known parties (e.g. Via Rail, Air Canada, etc). Also, in general, I try to assume the network connection between me and the website I visit is compromised. This forced me to get familiar with online security and use of encryption. It is more accessible to me than trying to secure the infrastructure i am using, because i often do not control it at all (e.g. internet cafes...).

Internet security is unfortunately a hard problem, and things are not getting easier as more things move online. The burden is on us programmers and system administrators to create systems that are more secure and intuitive for our users so, as I said earlier, sorry the internet sucks so much, we didn't think so many people would join the acid trip of the 70s.

Categories: External Blogs

Anarcat - Thu, 07/23/2015 - 16:35
Categories: External Blogs

Inter-community BBQ

Montreal Python - Sun, 07/12/2015 - 23:00

You must also register on Eventbrite in order to participate to this event. There will be an attendance list at the event.

This year, We are inviting you with YulDev to invites you to its inter-community BBQ, in collaboration with HTML5mtl, Laravel Montréal, PHP Québec and PyLadies Montréal (and perhaps a few others!), as well as our current sponsors (let us know if you want to participate).

The event will take place at the Jarry Park, in the picnic area closest to the corner of St-Laurent and Gary-Carter.

The 5$ fee will be used to cover the expenses. Hot-dogs (100% beef ans vegetarian) will be served, as well as a few beverages. If you want, you can also bring your own drinks and chairs.

In case of rain, the event will be held the next day, on Sunday the 26th (check your email on the morning of the 25th). See you soon, on an afternoon of networking under the sun!


Saturday July 25th 2015 at 12:00pm


285 Rue Gary-Carter, Montreal, QC (map)


Please register on eventbrite at:

Categories: External Blogs

Code Sprint Odoo on July 27th

Montreal Python - Mon, 07/06/2015 - 23:00

The organizers of Odoo Montreal Meetup are organizing a code sprint on Odoo on Monday July 27 at 5:30.

Many tasks and subjects are going to be proposed but don't hesitate to add yours to the list::

  • Canadian localisation
  • Quebec Pay
  • Translation

Thanks to confirm your interest and your place in advance on:

Please note that they are also organizing next Wednesday a meeting where they will discuss about the Quebec Pay system module:

See you there

Categories: External Blogs

Epic Lameness

Eric Dorland - Mon, 09/01/2008 - 17:26 now supports OpenID. Hooray! I'd like to make a comment on a thread about the RTL8187se chip I've got in my new MSI Wind. So I go to sign in with OpenID and instead of signing me in it prompts me to create an account with a name, username and password for the account. Huh? I just want to post to their forum, I don't want to create an account (at least not explicitly, if they want to do it behind the scenes fine). Isn't the point of OpenID to not have to create accounts and particularly not have to create new usernames and passwords to access websites? I'm not impressed.
Categories: External Blogs

Sentiment Sharing

Eric Dorland - Mon, 08/11/2008 - 23:28
Biella, I am from there and I do agree. If I was still living there I would try to form a team and make a bid. Simon even made noises about organizing a bid at DebConfs past. I wish he would :)

But a DebConf in New York would be almost as good.
Categories: External Blogs
Syndicate content