A little more privacy with Tor

A week ago I had a rather long argument with a Danish MP about privacy, surveillance and Tor. It was a very fruitless experience, and I was quite saddened by the whole ordeal. She really didn’t “get” it. Surveillance and draconian measures against privacy was her cure against crime and terrorism. She was quite willing to yield basic democratic rights for a little bit of extra perceived safety.

Sad.

One good thing came out of it though: It pushed me to finally start actively supporting Tor.

What I wanted was to run a Tor exit node, as rumor has it that exit nodes are in high demand. What I also wanted was some basic protection against insane DMCA take down notices. So I set out to do three things:

  1. Familiarize myself with Tor
  2. Find somewhere to host an anonymous e-mail address
  3. Setup an anonymous BitCoin wallet
  4. Find a VPS host where I could pay for my server with BitCoins

1. was easy: I downloaded the Tor Browser Bundle, got it going and started using Tor. Also I read a whole bunch of wiki pages, blog posts and whatever else I could find about Tor and how to run a relay. All in all I’d say that using Tor and getting active with Tor is very easy. It does not require a whole heap of technical skill. If you can read, you can do this.

2. was as also surprisingly easy. After a bit of searching around (using the Tor browser of course!), I found a host that offered a webmail account without any hassle. I signed up, logged in and that was that. It took all of 5 minutes to setup.

With 3 I’m going to start sounding like a broken record, but it truly was dead-simple to get going. I opted for a few online wallets, and I used my newly created anonymous e-mail address to sign up. I then bought some BitCoins, and had them transferred to my personal wallet, from where I moved them to some newly created BitCoin addresses in my new anonymous wallets. BitCoins are awesome.

4 caused me the most trouble. I found a few hosts that apparently offered VPSs for BitCoins, but none of them responded when I asked them about their views on hosting Tor exit nodes on their network. I did though manage to find a host that blankly told me that they really didn’t care, as long as I paid my bills and handled DMCA notices myself. Obviously I can’t tell you the name of the host, as that would compromise my anonymity, but I can assure you that if you just shop around for a few hours, you will find a vendor that accepts BitCoins and at the same time will allow you to run an exit node. A good place to start is with the GoodBadISPs wiki page.

So with all of the above in place, I got my Tor relay up and running. Right now I’m just testing out things with a plain relay, but as soon as I’m comfortable with that and I’ve convinced myself that my server is properly configured, I’m going full in with a proper Tor exit node. Privacy for the win! Oh and do remember that if you want to stay anonymous, then you have to use something like usewithtor for SSH access to your server, else the host will know where you are, and potentially who you are. Obviously with the rather small amount of exit nodes available, my anonymity isn’t all that great, so I consider this mostly an academic exercise. :)

If you’d like to help Tor, but don’t feel like mucking about with servers, configuration, firewalls and whatnot, then take a look at the Tor Cloud project. For free you can setup a Tor bridge using a pre-configured AWS instance. The more bridges we have, the better, so please do this. It’s easy, and you support a good cause.

Remember: We need Tor, more than ever.

Leashes for our necks and whips for our backs

US and UK spy agencies defeat privacy and security on the internet

It goes on and on and on, ever deeper down the rabbit hole.

The fact that we can no longer rely on and trust commonly known encryption technologies is downright scary, and should bring every single corporation on the planet up in arms. We should be experiencing a tsunami of dissatisfied companies withdrawing from using hosted services in both the UK and US. Heck they should be moving in mass away from Windows and OS X and towards the only trustworthy alternatives: Linux and/or BSD.

But are we seeing this movement happening? I think not. For some odd reason it’s just business as usual. Is this perhaps because the subject matter at hand is too complex for the average shareholder? Or is it that the generic CEO/CTO of large corporations are already under the heel and that they dare not disturb what is considered equilibrium?

The same goes for governments around the globe. I can only assume that the complete lack of opposition to these programs is because they’re all in it together. Just this morning I heard that Sweden supposedly is one of the greatest allies of the US in their crusade against the internet and our most basic privacy rights.

Sweden. Of all places.

I’m going to go out on a limb, and assume that the Danish government is equally bad, seeing that not a single Danish politician is up in arms. They are all very quiet. Eerily so in fact.

The worst part is that all this really isn’t a surprise to me. Deep down I’ve always known that big government is bad, and that amassing large amounts of power in one place will always lead to one thing: Corruption. So all this really isn’t a huge surprise. What is new is that the fears I’ve voiced most of my adult life are now being confirmed. My worst tinfoil hat suspicions are all turning out to be true. So there. It is one thing knowing things are bad, it’s a different thing entirely knowing that things are bad.

What really scares me is that these programs rely on two fundamental things:

1. A sufficiently large group of highly intelligent engineers who’re willing to whore themselves and their abilities out to these programs.

2. A political environment, encompassing the entire range of political opinion, where it is accepted and perhaps even viewed as necessary, to spy on everybody. I refuse to believe that it is possible to keep these MASSIVE programs secret. I will assume that every single politician on the planet is corrupt to the core, and in opposition of its own electorate. I will assume this, and my assumption will probably be correct.

Reason number 1 saddens me to no end. The fact that so many intelligent people are participating in such evil and rotten violations of the rights of their fellow citizens is beyond belief. The fact that it apparently has taken many years for one Edward Snowden to appear is amazingly sad. Why wasn’t this leaked to the public the instant some ass-hat politician proposed the idea of mass-scale spying on everybody and the breaking of one the pillars of the internet to an engineer?

Reason number two really doesn’t come as much of a surprise. Government is corrupt everywhere, and people believing otherwise are just plain stupid. What is sad is that a huge amount of people are so endeared to the thought of a large motherly government, that they utterly refuse to accept the fact that they are merely cattle for the grinder. You don’t matter to your beloved government, so please stop giving them more power. Stop letting the bastards buy you for the snake-oil that is the allure of “safe, secure and cared for”. You’re not only betraying yourself, you’re betraying us all.

By far the biggest problem with all this is not the fact that they are spying on us, or that this is the largest industrial espionage program ever conceived, no the absolute worst part is that secret agencies now most certainly are aware of, and perhaps even actively pursuing, the dirty laundry of the people that are in “power”.

Let that sink in.

Some random secret agency knows the most inner secrets of the very people that pay their salaries and keep them in business.

I will claim that that is probably why the shakers and movers of the intelligence business are never fired or dishonorably removed from their positions. That is probably why the leadership of NSA hasn’t been thrown in jail.

Is that the world we want? A world where shadow agencies run amok and where our hard-earned taxes are being used to fund leashes for our necks and whips for our backs?

For sure it is not the world I want. The question then is: What can we do about it?

Using the Ada Web Server (AWS), part 2

In the Using the Ada Web Server (AWS), part 1 article I showed you how to setup a simple Hello world! server powered by the awesomeness that is the Ada Web Server (AWS) project. In this second part I will show you how to utilize the Templates_Parser module to build your HTML and I’ll also give a very short example on how to serve a flat file to visitors.

If you haven’t already read part 1, I strongly suggest doing so before proceeding with this article, as we will be building upon the code from part 1 in the following. I will not waste time on how to get the server going, or how to setup a dispatcher. We will jump straight into the template fray.

But first things first:

$ git clone git://github.com/ThomasLocke/AWS_Tutorial_2.git

The instructions on how to compile and run the program are the same as for part 1 of the article.

So what exactly is the point of using templates to generate your content, instead of just building the HTML directly in the Ada code? Well there are several good reasons for using templates:

  • With templates you don’t have to re-compile due to changes in the HTML.
  • With templates you get a very strong separation between logic and view.
  • With templates you can easily localize content by simply loading a different template file based on user preferences/IP address/whatever.
  • Your HTML people won’t need to learn a single line of Ada. They can stick to what they are good at.

There are probably more good reasons, but the ones mentioned above should be more than enough to convince you that using a template system is a good idea.

Lets take a peek at a very simple template file:

<!DOCTYPE html>
<html>
  <head>
    <meta charset="utf-8">
    <title>Not found</title>
  </head>
  <body>
    <h1>Not found</h1>
    <p>Resource @_RESOURCE_@ not found</p>
  </body>
</html>

As you can see it looks very much like normal HTML except for the special @_RESOURCE_@ tag (third line from below), which is what turns this otherwise plain looking HTML snippet into a proper template: @_RESOURCE_@ is a template tag that is replaced by some value defined in the Ada code. As you might’ve guessed this template is used to generate the “404 not found” content, so lets see how the Ada code looks now that we’ve moved the HTML into a template. This is our new Generate_Content function from the src/not_found.adb file:

with AWS.Messages;
with AWS.MIME;
with AWS.Response;
with AWS.Status;
with AWS.Templates;

package body Not_Found is

   --  Stuff...

   ------------------------
   --  Generate_Content  --
   ------------------------

   function Generate_Content
     (Request : in AWS.Status.Data)
      return AWS.Response.Data
   is
      use AWS.Templates;

      Resource : constant String := AWS.Status.URI (Request);

      Translations : Translate_Set;
   begin
      Insert (Translations, Assoc ("RESOURCE", Resource));

      return AWS.Response.Build
        (Content_Type  => AWS.MIME.Text_HTML,
         Message_Body  => Parse ("templates/not_found.tmpl", Translations),
         Status_Code   => AWS.Messages.S404);
   end Generate_Content;

end Not_Found;

If you compare it to the src/not_found.adb file from part 1 you’ll notice that the changes really aren’t that huge, but lets start at the top: At line 5 we with AWS.Templates; to bring in the templates parser module. With that we now have all the templating power at out fingertips.

The next change happens in the declarative part of Generate_Content where we now have a Use AWS.Templates; line and a Translations : Translate_Set; line. A Translate_Set is basically a dictionary to which you add your tags and their associated values, and to see how that is done we go down two lines to the Insert (Translations, Assoc ("RESOURCE", Resource)); line. Starting from the inside we associate the value of the Resource string with the template tag RESOURCE using the Assoc procedure and then we add the association to Translations with the Insert procedure.

Note that if you insert an association that already exists, then the existing association is overwritten by the new association.

In order to use the Translations dictionary we’ve created, we must call the AWS.Templates.Parse function:

function Parse
  (Filename          : String;
   Translations      : Translate_Set;
   Cached            : Boolean               := False;
   Keep_Unknown_Tags : Boolean               := False;
   Lazy_Tag          : Dyn.Lazy_Tag_Access   := Dyn.Null_Lazy_Tag;
   Cursor_Tag        : Dyn.Cursor_Tag_Access := Dyn.Null_Cursor_Tag)
   return String;

Only Filename and Translations are required, so that is exactly what we’re going to give Parse:

return AWS.Response.Build
  (Content_Type  => AWS.MIME.Text_HTML,
   Message_Body  => Parse ("templates/not_found.tmpl", Translations),
   Status_Code   => AWS.Messages.S404);

Parse then goes to work, matching all the added associations to the tags found in the template file, which in our case means replacing @_RESOURCE_@ with the value of RESOURCE.

And that is all. The 404 not found content is now fully templated.

Next lets take a peek at Generate_Content from src/hello_world.adb where we use a few more features from the AWS.Templates module:

with AWS.Messages;
with AWS.Templates;

package body Hello_World is

   --  Stuff...

   ------------------------
   --  Generate_Content  --
   ------------------------

   function Generate_Content
     (Request : in AWS.Status.Data)
      return AWS.Response.Data
   is
      use AWS.Templates;

      type Natural_List is array (0 .. 9) of Natural;
      Fibs : Natural_List;

      Browser : constant String := AWS.Status.User_Agent (Request);

      Fibonacci    : Vector_Tag;
      Position     : Vector_Tag;
      Translations : Translate_Set;
   begin
      Insert (Translations, Assoc ("BROWSER", Browser));

      for i in Fibs'Range loop
         case i is
            when 0 => Fibs (i) := 0;
            when 1 => Fibs (i) := 1;
            when others => Fibs (i) := Fibs (i - 1) + Fibs (i - 2);
         end case;

         Append (Position, i);
         Append (Fibonacci, Fibs (i));
      end loop;

      Insert (Translations, Assoc ("POSITION", Position));
      Insert (Translations, Assoc ("FIBONACCI", Fibonacci));

      return AWS.Response.Build
        (Content_Type  => AWS.MIME.Text_HTML,
         Message_Body  => Parse (Filename     => "templates/hello_world.tmpl",
                                    Translations => Translations,
                                    Cached       => True),
         Status_Code   => AWS.Messages.S200);
   end Generate_Content;

end Hello_World;

Let me start by saying that my Fibonacci implementation probably isn’t fast nor elegant, but it works and it doesn’t clutter the example with a whole bunch of code, and really the interesting part here is not how the Fibonacci sequence is generated but how it is added to the Translations Translate_Set. For this we have the Vector_Tag, which in all its simplicity allows us to build lists of values. As you can see we have two such vector tags: Fibonacci and Position. These two are populated by the Append calls in the for loop:

for i in Fibs'Range loop
   case i is
      when 0 => Fibs (i) := 0;
      when 1 => Fibs (i) := 1;
      when others => Fibs (i) := Fibs (i - 1) + Fibs (i - 2);
   end case;

   Append (Position, i);
   Append (Fibonacci, Fibs (i));
end loop;

Append add the values of i and Fibs (i) to Position and Fibonacci respectively. In case you're wondering about what kinds of data you can append to a vector, here's the specification of all the Append procedures:

procedure Append (T : in out Tag; Value : String);
procedure Append (T : in out Tag; Value : Character);
procedure Append (T : in out Tag; Value : Boolean);
procedure Append (T : in out Tag; Value : Unbounded_String);
procedure Append (T : in out Tag; Value : Integer);
procedure Append (T : in out Tag; Value : Tag);

Note the last one: Yes, you can append a vector tag to a vector tag, making it possible to build multi-dimensional arrays.

Adding our vector tags to Translations is still done using the Insert procedure, so nothing new there.

Finally we generate the content with Parse, where it is worth noting that we've now added the Cached => True parameter. What this does is allow the AWS.Templates module to cache the template itself. If you do this the server no longer read and parse the template file on every hit. The downside is that if you make changes to the template file, you will have to restart the server for the changes to be registered.

Now lets see how we deal with vector tags and do some other tricks in the template file:

@@--
@@--  First we define a macro.
@@--
@@MACRO(F)@@
<span style="font-style: italic;">F</span><span style="font-size: 60%;">@_$1_@</span>
@@END_MACRO@@
@@--
@@--  And then comes the actual HTML5 document
@@--
<!DOCTYPE html>
<html>
  <head>
    <meta charset="utf-8">
    <title>Hello world!</title>
  </head>
  <body>
    <h1>Hello world!</h1>
    <p>Browser used : @_BROWSER_@</p>
    <h2>Fibonacci's from 0 to 9</h2>
    <table>
      @@TABLE@@
        <tr>
          <td>@_F(@_POSITION_@)_@</td>
          <td>@_FIBONACCI_@</td>
        </tr>
      @@END_TABLE@@
    </table>
    <p>Now is @_NOW_@</p>
    <p>Now reversed is @_REVERSE:NOW_@</p>
    <p>Click <a href="/helloworld.tmpl">here</a> to see the hello_world.tmpl file.</p>
  </body>
</html>

Lines starting with @@-- are comments.

At line three we define a macro with the name F. When you call macros you can give them parameters which are then referenced in the macro as @_$n_@, where n corresponds to the N.th. parameter passed to the macro.

Moving on we add the visitors browser to the HTML using the @_BROWSER_@, and just below that we build the Fibonacci table, and here we encounter the @@TABLE@@ tag. Code between the @@TABLE@@ and @@END_TABLE@@ tags are repeated as many times as there are values in the POSITION and FIBONACCI vectors. @@TABLE@@ acts very much like an implicit iterator. Much fun can be had with the @@TABLE@@ tag - this example is the very simplest way to utilize it. Check the manual for more extensive examples.

There's a few more tricks in this template worth mentioning. The templates parser module sports a bunch of constants and filters, one of these being @_NOW_@ which is replaced with a time stamp in the format "YYYY-MM-DD HH:MM:SS". At the next line we reverse the contents of @_NOW_@ using the @_REVERSE:VAR_@ filter. There's a whole bunch of filters available and multiple filters can be applied to tags for pure awesomeness. As an added bonus you can even create your own filters.

And that was all I had about the templates parser module, but before I end this article I'd like to direct your attention to this new dispatcher in src/handlers.adb:

Dispatcher.Register (URI    => "/helloworld.tmpl",
                     Action => Hello_World.Hello_World_Template'Access);

The goal of this dispatcher is to return the contents of the exe/templates/hello_world.tmpl file to the user as text/plain. The Hello_World.Hello_World_Template function takes care of that:

function Hello_World_Template
  (Request : in AWS.Status.Data)
   return AWS.Response.Data
is (AWS.Response.File (AWS.MIME.Text_Plain,
                       "templates/hello_world.tmpl"));

That right there is an Ada 2012 expression function. Since all this function does is call AWS.Response.File we don't really need a body. Expression functions provides a shorthand to declare a function whose body consists of a single return statement. That is IMHO one very nice feature of Ada 2012.

And with that final piece of AWS.Response.File magic I will close this article. Stay tuned for part 3, where I plan on showing you a bit about how to handle HTTP request parameters using the Ada Web Server.

Ada Programming Community @ Google+

Google just rolled out its latest addition to the Google+ platform: Google+ Communities, and naturally we just had to have an Ada Programming Community.

Hopefully the community will grow at a steady pace and become a good place for general discussion about Ada. We’ve already got two solid posts, one about the state of building Ada programs and another one with a suggestion for a tool that can improve the current situation where many Ada tools heavily depend on GNU make and all sorts of environment variables.

Lively place eh?

If you’re interested in actual software engineering, be sure to join this new community and help make it spring to life.

MediaGoblin, an emerging free and open media publishing platform

I’ve already tried to raise awareness about GNU MediaGoblin at my Google+ stream using the #mediagoblin hashtag and as you can see there is some activity going on. But not enough. I wonder why that is. There’s a lot of open source people hanging out in the Google+ sphere, but judging from the relatively quiet #mediagoblin hashtag, they don’t much care for having a free and open source media publishing platform.

It is rather sad I think.

I’m guessing that most of us fsfe.org people are fully aware of MediaGoblin and their current fundraising campaign, but on the off chance that one of you have missed it completely, here goes: Please go support MediaGoblin. Most of us can easily spare a few $, and if not then at least help spread the word. Lets do our best to make MediaGoblin a new household word. Post about it on Google+, facebook, twitter, identi.ca – wherever you hang out. You might hate social websites such as Google+ like the plague, but understand that they can also be used to spread knowledge about free and open software. It’s not all bad.

Lets do our best to make the #mediagoblin hashtag fly!

“Hello World” GtkAda and Glade3 Tutorial

Many years ago I tried my hand at Glade and PHP-Gtk (don’t ask!), and I found the entire experience to be fairly horrible. Since then I’ve steered well clear of anything to do with Gtk – in fact I’ve steered clear of GUI (Gtk/Qt) programming in general, mostly because I’ve found that if a program I’m building needs a GUI, it is usually much easier to just deploy it in the browser using HTML/CSS/Javascript (Argh! I really detest Javascript – thank God for the Dart project).

Well, that was then, and this is now.

Today I noticed that a new article had been added to the Ada-DK Wiki: Building GUI With Glade3. Naturally the short tutorial make use of Ada and GtkAda, so it’s right up my alley.

It looks absolutely doable. The code is clean and simple, and not at all as messy as my PHP-Gtk experiments those many years ago. Maybe it is time for me to give GtkAda and Glade3 a try?

Yolk aligned with latest Ada Web Server update

When I got back from my trip to Iceland, I did a git pull on AWS and among the ~89 patches that had gone in since my departure from Denmark, a handful added some new configuration parameters. I’ve added these new parameters to Yolk, so it now requires AWS commit 30281b522ed43782c8f9e7fd1f0fd912510b48f0 in order to work. It is no longer enough to just grab the latest official AWS package from libre.adacore.com – you must use the developer version of AWS.

Labeled exit bug in GNAT GPL 2012 confirmed

While trying out the new Ada 2012 loop syntax, I discovered what appeared to be a bug in the compiler: I could not use labeled exit statements when using the new loop syntax. Observe this simple example:

with Ada.Text_IO;
 
procedure Loopy is
   use Ada.Text_IO;
 
   Foo : array (1 .. 3) of String (1 .. 3)
     := (2 => "Bar", others => "Foo");
begin
   --  Classic loop syntax
   for I in Foo'Range loop
      Put_Line (Foo (I));
   end loop;
 
   --  New loop syntax
   for K of Foo loop
      Put_Line (K);
   end loop;
end Loopy;

Compiling this with the -gnat2012 works like a charm and output from the program is as expected:

Foo
Bar
Foo
Foo
Bar
Foo

Obviously using labeled loops/exits in this example is more or less completely pointless, but since I’m a bit of a renegade (and for the sake of the argument), I’m going to do it anyway. Lets see what happens:

with Ada.Text_IO;
 
procedure Loopy is
   use Ada.Text_IO;
 
   Foo : array (1 .. 3) of String (1 .. 3)
     := (2 => "Bar", others => "Foo");
begin
   --  Classic loop syntax
   Loop_Classic : for I in Foo'Range loop
      exit Loop_Classic When Foo (I) = "Bar";	  
      Put_Line (Foo (I));
   end loop Loop_Classic;
 
   --  New loop syntax
   Loop_New : for K of Foo loop
      exit Loop_New when K = "Bar";    
      Put_Line (K);
   end loop Loop_New;
end Loopy;

Awesome labels I’ve come up with eh’?

Compiling the above example yields this little puppy:

gcc -c -gnat2012 loopy.adb
loopy.adb:17:07: invalid loop name in exit statement
gnatmake: "loopy.adb" compilation error

Gaagle! The horror! The pain! The bug has been reported to AdaCore by Marc A. Criley, and according to this notice they’ve sorta/kinda acknowledged it.

So all we have to do now is wait for a fix. When I cried out on comp.lang.ada that I wanted my labeled exit statements back, he replied with this:

GNAT GPL 2013

Hehe.. Dry fellow that Marc. But he’s probably right. I’m just going to have to patiently wait an entire year before I can actually use the new loop syntax and labeled exit statements at the same time. I can handle that. I think.