Distant megaphones

I’m a big fan of cities. Whether I’m trying to settle in to sleep or just absorbing the ambience around me, I am an especially big fan of the sounds of cities. I’m not alone in this; Leonard Bernstein was inspired by the urban soundscape, Steve Reich composed New York Counterpoint and the even more blatant City Life, and the Konzerthausorchester Berlin paid homage to the sounds of Berlin with thirteen pieces that include such urban mundanities as the preparation of food and being snapped in a photo booth.

I live in an environment that could barely qualify as urban if you really squinted your ears at it. I do hear what I believe to be the world’s loudest street sweeper on a regular basis, but I’m more likely to hear the whistle of a factory or freight train than a bustling street performance. Working in DC, however, affords my ears a wonderful palette of sounds. There are a ton of police forces, all seemingly trying to outdo one another with their bizarre sirens. Bucket drummers abound, and for about a year I got to listen to the wonderful contrast provided by a stunning street harpist.

The District is also, by its inherently political nature, a hotbed for activism and protest1. Chanting forms its own unique rhythm, and the most confident and compelling protest emcees assert poetic lilts in their megaphone communiqués. And while I appreciate hearing the vocals of a revolution, there’s another magical sound that comes of this: that of distant megaphones.

Distant megaphones echo and blur. Distant megaphones are pronounced but inarticulate. Distant megaphones are at once familiar and alien. There’s almost an uncanniness about them, unquestionably human yet obscured and abstracted through the distortion of the machine, the reverberance of the city. The indecipherable lilt of the protest emcee now dances out of phase with itself.

This unwitting reduction of the voice of rebellion to little more than mechanized rhythmic moans is quite possibly my favorite of the city sounds. Unintelligible as it may be, there is a signal in the noise: We are here, and we need to be heard.

  1. It feels like the momentum is waning as of late. I hope it’s just been a lack of ‘actionable’ destruction coming out of the White House, but… Net neutrality, a host of anti-queer Supreme Court nominees, an absurd lack of conversation surrounding gun regulations… I fear the fire is dying down a bit. ↩︎

An interesting memcached/UDP amplification attack (external)

A handful of reports out there about a recent DDOS attack that relied on memcached and DDOS’s best friend, UDP. Link is to Cloudflare’s blog post about the attack, which is a thorough yet accessible explanation. It seems like this is the most amplified amplification attack yet, and without even using a significant number of memcached vectors. A lot of potential vectors were from cloud hosts like AWS and Linode – many of these have apparently closed up the hole. Hopefully this minimizes the potential for a larger attack, but it’s worth quoting Cloudflare:

The [UDP] specification shows that it’s one of the best protocols to use for amplification ever! There are absolutely zero checks, and the data WILL be delivered to the client, with blazing speed! […] Developers: Please please please: Stop using UDP.

Cloudflare also touches on the fact that the larger problem is IP spoofing, and they wrote a followup post about that specifically. I just found the memcached amplification attack fascinating.

Weird Amazon/CreateSpace fraud (external)

Brian Krebs reports on one of the stranger scams I’ve read about in recent years. Essentially an author’s name (and tax info) was used to publish a book of pure nonsense using CreateSpace, and sell it for an exorbitant price, presumably as part of a money-laundering scheme:

Reames said he suspects someone has been buying the book using stolen credit and/or debit cards, and pocketing the 60 percent that Amazon gives to authors. At $555 a pop, it would only take approximately 70 sales over three months to rack up the earnings that Amazon said he made.

Patrick Reames, the (real) author in question, discovered the whole thing upon being sent a 1099 for massive earnings he hadn’t actually made. A rather convoluted scheme, but it’s easy to see how it wouldn’t be detected for quite some time. Fascinating read.

Dotfile highlights: .vimrc

I use zsh, and portability across Darwin, Ubuntu, Red Hat, cygwin, WSL, various gvims, etc. means I may have pasted something in that’s system-specific by accident.

New series time, I guess! I thought for the benefit of my future self, as well as anyone who might wander through these parts, there might be value in documenting some of the more interesting bits of my various dotfiles (or other config files). First up is .vimrc, and while I have plenty of important yet trivial things set in there (like set shell=zsh and mitigating a security risk with set modelines=0), I don’t intend to go into anything that’s that straightforward. But things like:

"uncomment this on a terminal that supports italic ctrl codes
"but doesn't have a termcap file that reports them
"set t_ZH=^[[3m
"set t_ZR=^[[23m

…are a bit more interesting. I do attempt to maintain fairly portable dotfiles, which means occasionally some of the more meaningful bits start their lives commented out.

Generally speaking, I leave word wrapping on, and I don’t hard wrap anything1. I genuinely do not understand the continuing practice of hard wrapping in 2018. Even notepad.exe soft wraps. I like my indicator to be an ellipsis, and I need to set some other things related to tab handling:

"wrap lines, wrap them at logical breaks, adjust the indicator
set wrap
if has("linebreak")
	set linebreak
	set showbreak=…\ \ 
	set breakindentopt=shift:1,sbr

Note that there are two escaped spaces after the ellipsis in showbreak. I can easily see this trailing space because of set listchars=eol:↲,tab:→\ ,nbsp:·,trail:·,extends:…,precedes:…. I use a bent arrow in lieu of an actual LFCR symbol for the sake of portability. I use ellipses again for the ‘more stuff this way’ indicators on the rare occasions I turn wrapping off (set sidescroll=1 sidescrolloff=1 for basic unwrapped sanity). I use middots for both trailing and non-breaking spaces, either one shows me there’s something space-related happening. I also only set list if &t_Co==256, because that would get distracting quickly on a 16 color terminal.

Mouse handling isn’t necessarily a given:

if has("mouse") && (&ttymouse=="xterm" || &ttymouse=="xterm2")
	set mouse=a "all mouse reporting.

I’m not entirely sure why I check for xterm/2. I would think it would be enough to check that it isn’t null. I may need to look into this. At any rate, the variable doesn’t exist if not compiled with +mouse, and compiling with +mouse obviously doesn’t guarantee the termcap is there, so two separate checks are necessary.

I like my cursors to be different in normal and insert modes, which doesn’t happen by default on cygwin/mintty. So,

"test for cygwin; not sure if we can test for mintty specifically
"set up block/i cursor
if has("win32unix")
	let &t_ti.="\e[1 q"
	let &t_SI.="\e[5 q"
	let &t_EI.="\e[1 q"
	let &t_te.="\e[0 q"

Trivial, but very important to me:

"make ctrl-l & ctrl-z work in insert mode; these are crucial
imap <C-L> <C-O><C-L>
imap <C-Z> <C-O><C-Z>

I multitask w/ Unix job control constantly, and hugo server’s verbosity upon file write means I’m refreshing the display fairly often. Whacking Ctrlo before Ctrll or Ctrlz is easy enough, but I do it enough that I’d prefer to simplify.

I have some stuff in for handling menus on the CLI, but I realize I basically never use it… So while it may be interesting, it’s probably not useful. Learning how to do things in vim the vim way is generally preferable. So, finally, here we have my status line:

if has("statusline")
	set laststatus=2
	set statusline=%{winnr()}%<:%f\ %h%m%r%=%y%{\"[\".(&fenc==\"\"?&enc:&fenc).((exists(\"+bomb\")\ &&\ &bomb)?\",B\":\"\").\"]\ \"}%k\ %-14.(%l,%c%V%)\ %P

I don’t like my status line to be too fancy, or rely on anything nonstandard. But there are a few things here which are quite important to me. First, I start with the window number. This means when I have a bunch of splits, I can easily identify which I want to switch to with (say) 2Ctrlww. I forget what is shown by default, but toward my right side I show edited/not, detected filetype, file encoding, and presence or lack thereof of BOM. Here’s a sample:

2< [+][markdown][utf-8]  65,6           Bot

That’s about everything notable from my .vimrc. Obviously, I set my colorscheme, I set up some defaults for printing, I set a few system-dependent things, I set some things to pretty up folds. I set spell; display=lastline,uhex; syntax on; filetype on; undofile; backspace=indent,eol,start; confirm; timeoutlen=300. I would hesitantly recommend new users investigate Tim Pope’s sensible.vim, though I fundamentally disagree with some of his ideas on sensibility (incsearch? autoread? Madness).

  1. This is a lie, as already evidenced in this post. I will hard wrap comments and potentially code if I believe it may be distributed beyond my control. I hard wrap comments in my .vimrc partly because I may need to investigate it on a poorly-configured vim. ↩︎

Personal Log

For reasons that are not really relevant to this post, I am in search of a good solution for a personal log or journal type thing. Essentially, my goal is to be able to keep a record of certain events occurring, with a timestamp and brief explanation. Things like tags would be great, or fields for additional circumstances. Ideally, it’ll be portable and easily synced between several machines. Setting up an SQLite database would be a great solution, except that merge/sync issue sounds like a bit of a nightmare. jrnl looks really neat, but I haven’t been able to try it yet due to a borked homebrew on my home Mac1 and a lack of pip on my main Win machine. While syncing this could also be a chore, and there would be no mobile version, the interface itself is so straightforward that writing an entry could be done in any text editor, and then fed line-by-line into the command.

But I haven’t settled on anything yet, so I was just kind of maintaining a few separate text files using vim (Buffer Editor on iOS), and figuring I’d cat them together at some point. But I got to thinking about ways I can make my life easier (not having to manually insert entries at the right spot chronologically, etc.), and came to a few conclusions about ways to maintain a quick and dirty manual log file.

First thing was to standardize and always use a full date/timestamp. Originally I was doing something like:

    8.05a, sat on a chair.
    10.30p, ate a banana.


…which is very hard to sort. So I decided to simply preface every single entry with an ISO-formatted stamp down to the minute, and then delimit the entry with a tab (2018-01-29T22.30 ate a banana.). As a matter of principal, I don’t like customizing my environment too much, or in ways that will lead to my forgetting how to do things without customization. I don’t, therefore, have many custom mappings in vim, but why not simplify adding the current date and/or time:

"insert time and date in insert mode
imap <Leader>d <C-R>=strftime('%F')<CR>
imap <Leader>t <C-R>=strftime('%R')<CR>
imap <Leader>dt <C-R>=strftime('%FT%R')<CR>

Leaderd for ISO-formatted date, Leadert for ISO-formatted time (down to minutes), Leaderdt for both, separated by a ’T’. If everything is formatted the same, with lines beginning in ISO time formats, then every entry can readily be sorted. Sorting is simple in vim, :sort or, to strip unique lines, :sort u. I think that it’s more likely that the merge operation would happen outside of vim, in which case we’d use the sort command in the same way: cat log1.tsv log2.tsv >> log.tsv && sort -u -o log.tsv log.tsv. sorting in place like this was a new discovery for me; I had always used temporary files before, but apparently if the output file to sort (specified by -o) is the same as the input file, it handles all the temporary file stuff on its own.

I think it’d be neat to establish a file format for this in vim. Sort upon opening (with optional uniqueness filtering). Automatically timestamp each newline. Perhaps have some settings to visually reformat the timestamp to something friendlier while retaining ISO in the background (using conceal?). The whole thing is admittedly very simple and straightforward, but it’s a process that seems worthwhile to think about and optimize. While most journaling solutions are much more complicated, I think there is a lot of value in a simple timestamped list of events for tracking certain behaviors, etc. I’m a bit surprised there isn’t more out there for it.

  1. The joys of a package manager written in a scripting language. ↩︎