Older Posts

Getting Rid of the Consent Popup.



How do you get rid of the consent popup?

Simple, don't use cookies or store the users data. As simple as this sounds, unfortunatly this is not as simple to implement.

Before we get into the details, let's look at why we needed a consent popup in the first place. There are basically 3 pieces of legislation of interest:

Although there exist more laws and directives, these are the most stringent laws around online privacy. So as a rule of thumb if you comply with these laws, you comply with all other weaker laws. Without going into to much detail, the gist of the laws is, before you collect data about your users and hand it of to third parties, you need to get explicit and informed consent for doing so.

But I have a static blog, I am not collecting any data, right? I don't need a cookie and privacy banner.

read more




DISCLAIMER: The information given in this post is a best effort attempt at making my family safe and spreading useful information, i am just an engineer.

Let's talk about masks.
Lets talk about you and me,
Let's talk about all the good and bad things that may be,
Let's talks about masks.

Ok, that was a bit tortured, but masks are important, even for the general population. You may have heard that makes have no significant effect in preventing, virus spread and that is not entirely wrong.

Many well founded scientific opinions can be found, one that I kept coming across was COMMENTARY: Masks-for-all for COVID-19 not based on sound data, which asserts, that

In sum, given the paucity of information about their performance as source control in real-world settings, along with the extremely low efficiency of cloth masks as filters and their poor fit, there is no evidence to support their use by the public or healthcare workers to control the emission of particles from the wearer.

Which is a reasonable assumptions about cloth masks in a health care setting. But this assertion is extended to the use of masks in the general populace with the added caveat

Leaving aside the fact that they are ineffective, telling the public to wear cloth or surgical masks could be interpreted by some to mean that people are safe to stop isolating at home.

At least in Germany, the mask carrying laws still emphasize social distancing and go only in effect in situations where the 1.5m distance rule can not easily be applied, such as in public transportation and during shopping.

read more

Immutable Containers and Thread Safety



I have been using immutable.js recently and in the context of JavaScript it makes a lot of sense. The problem I am trying to solve with immutable.js is the aliasing problem. That is, I get a list of widgets from somewhere and I need to alter the list before I can display it. Doing this in-place is not a good idea, because this may break some other code that holds onto the list.

I like this programming idiom so much that I am seriously considering mplementing it in C++. While I am tinkering with my C++ experimental code and my research I keep coming across the assertion that immutable objects are thread safe. The original presentation or this rather nice article mention it as if it was an immutable truth.

But they are just wrong. It is true that with the right use of atomics you can create immutable containers that will not have memory races or crash, but that does not make them functionally correct.

Take a well known example from multi-threading programming, the humble bank account. In our case we will represent the bank account as an immutable ledger of all transactions that occurred. All you can do to the ledger is add transactions, so the naive implementation would be as follows:

class Account
    void append(const Transaction& transaction)
        ledger = ledger.push_back(transaction);

    i7e::imutable_list<Transaction> ledger;

read more

C++ Signals



While working on one of my current hobby projects I needed to broadcast a state change to more than just one observer. I was quick to add my rather trusted EventEmitter. But I did hesitate, because something about the EventEmitter always bothered me.

The problem with EventEmitter is that, although EventEmitter is type safe, the type safety can only be asserted during runtime. A bit like JavaScript, where it comes from, assigning wrong typed handlers will throw an exception when the caller is actually called.


EventEmitter emitter;
emitter.on(FOO_EVENT, [] (int c) {
    // do something

long change_value = 42;
emitter.emit(FOO_EVENT, change_value); // exception

This was always annoying, since there are so many different types that are effectively the same, but the compiler really things are different. For example, the types size_t, int and long can be the same type, and yet the compiler thinks they are not.

read more

Modern Propaganda



I recently got into an argument, by clamming that the new HBO mini series Chernobyl was modern propaganda. The counter was, I could not evaluate this since I had not yet seen it. The series seems really interesting and well made, and I just have not yet found a legal way to watch it in Germany. But I assert, that this dramatized not quite documentary is propaganda, even if they remain true to the real events and facts. I give Chernobyl the benefit of the doubt, even though I have grounds to believe that they got some facts wrong.

read more

The Second 90%



A few years back I read a long lost article for indy game devs, that you should:

"Take your worst case estimate, double it and use that as your best case estimate."

This puts it mildly, but humans are for the most part really bad at estimating effort.

The standard project management aproach to managing large tasks with a high degree of uncertainty is to break down the large task into smaller and smaller tasks. The idea is that each task can be reasoned about and thus estimated to a higher degree of certainty. This is true, but...

In many project management software, you can show single task progress in percent. Unfortunately, almost all tasks in progress are pegged at 90% and the software will helpfully show nice charts. But this is misleading, since a task that is not done, is not done. A task has exactly 3 relevant states:

read more

Plausible Deniability in Threema



Threema’s private chat feature is worse than useless and desperately needs plausible deniability. The hidden chat feature must be implemented in a way that allows the user to plausibly deny that the a private chat actually exists, up to the point to unlock the application and “prove” it.

In the current implementation of threema, the following problems exist:

Problem 1: One Passcode

Threema uses the same passcode to unlock the application user interface and to show private chats. The problem here is that this only one security token, that once revealed basically renders the remaining safeguards null.

Problem 2; Show Private Chats Leaks Information

The “Show Private Chats” divulges the current state of the application. First this user interface element is only visible when there are private chats. This leaks the information that there is more to get.

read more

How To Get a Stack Trace on Windows



Getting a stack trace from a C++ executable under Windows is not trivial. The key problem is, that in C++ there is no simple stack_trace function and the Windows API only provides StackWalk, not some handy function like glibc's backtrace function.

I will show you how to get a perfect stack trace under windows for all your logging and debugging needs, like such:

read more




I was looking for a simple and good build notification tray icon for Team Foundation Server and I think I just found it: CatLight

Cat light is a commercial usable freeware (not open source / free software) of uncertain providence. The website catlight.io is has no clear attribution to a person or company. Also a whois request only brings up the company WhoisGuard Inc. in Panama. (Suspicions!)

The software is appealing in it's simplicity. It key feature is the tray icon:

If something happens, you get nice toast nonfictions:

If you want to know what the status of the individual builds is, you can double click the icon and you get the status dashboard:

And that is all the there is to the application. Simple and does what it should.

Attribution: The screenshots where taken from the catlight.io website directly and are catio.io's copyright. (I did this because I can't talk about unreleased software.)

read more

Recursive Descent Parser



Generally I advise people who write parsers to use parser generation tools such as bison and flex. But with small languages it may be advisable to write your own recursive descent parser.

To illustrate how to write a recursive descent parser, I will show you around a parser I wrote a while ago for INI style configuration files. The parser in question is the parse for the cfg library:

Anatomy of a Parser

But before we go into the code, first a little bit of theory.

Parser are generally split into two bits, the lexical analyser (lexer) and the actual parser. The lexical analyser takes a stream of characters from a file or any other source and converts this to a stream of tokens. These tokens are then consumed by the parser and converted into an abstract syntax tree (AST).

If you would write a compiler for a programming language, you would now pass the AST to an optimizer and code generator. But when reading simple data you omit these steps and just generate the data.

read more

Older Posts