Gonçalo Valério

Author: Gonçalo Valério

  • The Web We Lost

    The Web We Lost, a two years old post with a message that still stands. For those who have an hour to spare, some good points are addressed in the video and in the Q&A afterwards.

  • “Nothing to hide” is not a good argument

    When talking about privacy and online surveillance (a topic that has been in the spotlight over the last year) with friends, colleagues and people that haven’t given much thought about these issues, the most common answer i hear is (as you’ve already guessed) “I’ve nothing to hide”, which is fallacious argument. Arguing with someone that has this mindset is really difficult because most of the time (in my experience) it means one of 4 things:

    1. I don’t care.
    2. I don’t know the quantity and/or quality of  information that can be gathered.
    3. I don’t believe small pieces of unrelated information leaked in different places will be added up to build a more complete profile.
    4. I’m not really aware of what the implications of surveillance are.

    Trying to convince this person that privacy in the age of the Internet is a topic worth discussing is really hard (it got a little easier after last year’s events).

    Today I’ve read an essay that really sums up some of the arguments i would use to show to someone that privacy matters. It is a long read but it worths the time spent:

    Why Privacy Matters Even if You Have ‘Nothing to Hide

  • The Ocean Cleanup

    https://www.youtube.com/watch?v=6IjaZ2g-21E

    More info: http://www.theoceancleanup.com/

  • Enigmail, passphrase issue

    This is a short post where I try to explain the steps i followed to fix the behavior of Enigmail on my machine.

    In the last few weeks i wasn’t able to use any signing and encryption capabilities on my emails due to a problem that showed an unclear error message.

    I don’t remember the cause of the issue but it is somehow related to a fresh install of my current operating system (Ubuntu). So every time i tried to sign a message, the following error message showed up: “Error – Bad passphrase”, even without inserting any password. I searched on the web to see if it was a common problem and most of the answers were related with the cache of “gpg-agent” and how to clean it. I tried most of the solutions without success.

    It took a while until i found an entry in the support forum that allowed me to fix the issue.

    So what happened?

    After a fresh system install I had the wrong “pinentry” application set up (i still don’t know why “pinentry-qt4” didn’t work) and it was making Enigmail show the error without asking for the passphrase. After going through the following steps i was able to put everything working again.

    1. Set the pinentry symlink to the “pinentry-gtk-2” application: 
      sudo ln -s -f /usr/bin/pinentry-gtk-2 /usr/bin/pinentry
    2. Edit  “~/.gnupg/gpg-agent.conf” and change the following line (if it exists): 
      pinentry-program /usr/bin/pinentry-qt4

      to

      pinentry-program /usr/bin/pinentry-gtk-2
    3. Log out of your system session and log in again.

    In the end it is easy to solve but it took me while until i found an answer that lead me in the right direction. So if you run into the same issue in the future i hope this might be useful to you and prevent you to waste a lot of time to solve it.

  • Moving to Python 3

    A week ago the support period for the last version of Python 2 was extended by 5 years (from 2015 to 2020) and this event just ignited once again the discussion about the fragmentation in the python ecosystem. Some have the opinion that version 2 should have a 2.8 release while others keep saying that the future is python 3 and this event will delay even more the adoption of the new version.

    The truth is, version 3 already has almost 5 and half years (released in December 2008) and it seem it didn’t have yet conquered enough number of users to dethrone the old version. While the first iterations of the new major version met many critics (3.0 until 3.2),  the last 2 releases seems to have conquered very good reviews and after many years the majority of the most important libraries and modules seems to have support for python 3 (can be checked here ).

    This way and after some thought, i decided that it is time (maybe a little late) to change my default development version for new projects to python3, since it really is the future of this programming language and it is time to move on. There will be exceptions of course, like old projects that need to be maintained,  new ones where the requirements do not allow the new version or where the needed packages do not yet support python 3.

    So lets check what this “new” version has to offer.

  • Codebits 2014

    The 3 days passed so fast that i got the sensation that the event took place in only one day. The only regret I felt in this year’s event was related with the fact that our team was unable to get the project ready for the presentation in 48h.

    We were developing a service that would  pay developers (using MEO Wallet) who contribute to open source projects, with bounties associated to specific issues, as soon as their pull request is merged in Github.

    The rest of the event was awesome as always and all the speakers of the talks i was able to attend (Christian Heilmann, Miguel Duarte, Miguel Mota Veiga, …) were up to the job.

    So next year the organization can count with my application to the event again.

  • My First Firefox OS App

    Recently, I’ve started digging into Mozilla technologies just for curiosity. One of the things that intrigued me more was the concept of the Firefox OS. I wondered how we could make a phone work mainly with web technologies and how the development process works for this kind of operating system.

    While i was reading documentation and other blog entries about Firefox OS some questions arose, since the whole concept seems to be different from the other big players:

    • How can we access phone features through JavaScript?
    • How do you start developing for this platform or what steps are required to transform an existing web application into a fully functional app?

    So once again i decided to learn by doing. Since i didn’t want to start from scratch, i tried to adapt Rapido (a simple project i made some time ago to learn the basic concepts of Meteor.js), make it work well on Firefox OS and submit everything to the marketplace.

    One of the things that amazed me at first, was the fact that almost everything you need to get started is already included in Firefox’s developer tools. For example, to launch a phone simulator to run your project you just need to open “Web Developer -> App Manager”, choose the version of the software and add the location of your project as an app.

    There are 2 kinds of applications, packaged and hosted. The first group works like regular applications where all JavaScript code is “downloaded” to the phone and is able to be correctly executed even without Internet. The other type, the one I used for Rapido, is like a website with access to certain phone features.

    The DOM of the existing project needs to be responsive but this demand isn’t an issue, since you already assume it as a requirement even without reading the first line of the documentation. In the end, i can assure that this was in fact the part of this project that gave me most work to get it done, almost all other steps were quick and easy.

    The only new concept that you need to learn to develop a hosted application is to write and serve its manifest. This file which should be in the application root (ex: app.domain.com/manifest.webapp) is a JSON file that describes the information about the authors, the special permissions that are needed, the location of the icons, etc.

    By using Meteor.js, I had to play with the Router package, like it is described in this blog post, to be able to serve this file within the app.

    For a very basic project, these steps were everything what I needed to do in order to transform Rapido in a Firefox OS application. One thing that I was reminded by the people who reviewed the app, was that all external links need to be opened in a new window since this devices don’t have a “back” button. Their validation form was also very helpful in the process of spotting common mistakes before the submission to the marketplace.

    One feature of Firefox for Android that i had no idea it existed and works like a charm, is the ability to install this applications on your Android device through Firefox Marketplace. So with little effort I’ve got my app working on my phone as well.

    Overall it was pretty easy to adapt Rapido to Firefox OS, the documentation is good, the process to submit the app to the market is intuitive and I’ve got a response in less than 24 hours on a weekend.

    Since the battle of IOS vs Android is getting boring, it’s really cool that other players are trying to join the race with different approaches to spice things up.

    The application is listed in the Marketplace and can be found here (Edit Nov 2014, i just removed the application from the market, since i no longer maintain it.)  

  • Open to new project ideas

  • Everything is a Remix, Case Study

    http://vimeo.com/81745843

    Following the other two posts (here and here) containing the 4 episodes of this great web series, i just had to share this video with a small case study about the iPhone.

  • Django Resources

    As I said in earlier posts in this blog, when i build websites or webapps where there are no technology impositions, i usually choose to do it in Python and in most of the cases, that’s the equivalent to say i choose to do it in Django.

    Over the last year, since i started using Bundlr,  I’ve been aggregating some resources like blog entries, tutorials and videos that i found useful and that could become handy in the future.

    Today I’m sharing the collection here, since it might helpful to someone else. I hope you like it and if you know more references that should be included in the list, please share it in the comments or send me an email.

    The list can be found here.

    Edit July 2016: Since I removed my account, the list is not longer available on Bundlr. Check recent posts, it will be published again soon.

  • Cheap, Safe and Friendly

    As a Portuguese citizen, after i come across an article named “Top 15 Cheap, Safe and Friendly Countries” and saw my country in this list, i have to leave here my two cents about the subject. I’m not gonna evaluate or judge the process and the origin of the data that led the author to his conclusion, but reinforce the raking given to Portugal and even argue why it should have been placed in a even better position.

    For those who dismiss reading the full article here is the final score given by the author (data available here):

    top15 ranking
    Source: http://www.kimeshan.com

    As you can see, despite of being in the list, the country ranks far behind the top ones in these 3 categories. Based on the hacker news discussion, i will add some aspects that people claimed as important when moving/traveling to a foreign country:

    • Health Care
    • Quality of the food
    • Racial/Sexual/Religious discrimination

    For the first aspect, the last World Health Organization ranking of health systems can give you a hint even though it’s relatively old and it’s methodology had been criticized. The second aspect depends on individual tastes but based on comments around the web, it seems fairly well appreciated. Finally, according to this document from the European commission, Portugal is relatively in line with the rest of the European union regarding any kind of discrimination (which i suppose it’s not bad at all).

    After that i will leave two opinions, that i found in the discussion and thought that are extremely positive:

    I’ve spent significant time in #3 (Morocco) and #4 (UAE) and would be hesitant to return. As a solo female these places are hostile once you leave the confines of the westernized areas. If you are just hanging out the business districts and make heavy use of taxis you’re fine but what’s the point..
    #15 Portugal on the other hand? If you can work remotely and can get a visa, I’d put it at the top. Amazing country, affordable, fantastic people and the language isn’t complicated to pick up if you have any Romance knowledge. (by marquis)

    I have lived in Portugal (Lisbon) for about two years. One of the cheapest countries in Europe, friendly, people are warm towards foreigners. Country itself is very beautiful and great food (one of the best fish cuisine).However, there are not many tech startups. (by morazow)

    In response to the second one, it’s true that there isn’t many but we are working on it.

    And for those interested, the better part of the country isn’t attached to it, just fly a little bit further south and west and you will find Madeira island. Meanwhile i will leave you with a short introduction to Portugal.

  • Improving your online privacy

    Following this PRISM thing that’s going on for several weeks now, Internet privacy become a hot topic with extensive discussions and vast amounts of content being written about it (a good thing from my perspective).

    In this post I will try to sum some tips to improve your privacy and safety while surfing the web. The majority of this suggestions are also available in other websites, as they are the result from my searches about this subject and in some cases they might not be the best ones (if you can point some improvements in the comment area, i would appreciate).

    Before starting i just want to make clear that this isn’t aimed to make you invisible on the web (is it possible?) or to protect you from all threats since that is huge task and involves a great deal of technical knowledge (a good start would be here).

    Browser

    First of all, if we are talking about navigating through the Internet, the first step must be the web browser, because almost every tip that i will write on the following lines depends on it and is the application in which we spend the majority of our time.

    My choice goes to Firefox, because it’s not strongly tied to any company that makes most of their profit based on the ability of tracking you and it’s open-source software (although only a small percentage of the users ever looked at its source code).

    The other major reason is related with the posture of the non-profit organization that developed Firefox, and their public stand defending the open web and its freedoms.

    Add-ons

    • Ghosthery: This add-on lets you visualize every advertiser and tracker that is embeded on a webpage and enables you to block the unwanted codes.
    • HTTPS Everywhere: When possible this plug-in makes the browser use a secure connection.
    • Adblock Plus: Advertisements finance a big number of Internet sites, paying for the people that work on them, but sometimes they are used in an abusive form. This add-on blocks them and all of their tracking codes.
    • Collusion: Lets you visualize the vast network of entities that collected information about you during the time you were on-line.

    Preferences / Options

    On the “privacy” tab of your browser’s options/preferences, there are some features you can turn on that will help you keep the house clean. First you can start by selecting the “Tell site that i do not want to be tracked” option, i doubt it will be respected but it doesn’t take more than 1 min. The other features are the ones that could improve your privacy a bit, such as “Always use private browsing mode”. If you don’t want to bother with this, you can always set less restricting options such as when to clear cookies (my recommendation is “when the browser is closed”).

    Profiles and Accounts

    Disable / Remove accounts of services that you do not use anymore and old content. If it is not needed anymore there is no excuse to keep it online or to maintain open accounts in those web companies.

    Search Engine

    Like is stated in a video that i shared sometime ago, your search queries can be recorded, analyzed and combined with other data to build a profile about your habits and to give you the results they (or their servers) think you want, with the possibility of keeping important information away from you. To escape this bubble, one solution would be to use one search engine that would give you generic results and my suggestion is to use DuckDuckGo. Its results are fairly good and has some interesting features like !Bangs and instant answers.

    Behavior

    Sure, these things improve your ability to avoid being tracked, make you able to connect you a list of websites in a secure way and don’t record your searches linking them to your profile, but this is a small drop in a big ocean, since a great deal of the privacy protection depends on the user behavior and his choices while surfing the web. Some good pratices would be not to use your real name when it isn’t necessary, choose well your webservices provider giving attention to their privacy policy and their reputation (examples: webmail, file storage, instant messaging, etc.). and finally, the no-brainer, be careful about what you publicly write or share online.

    Note: If you want to go deeper, you can find a set of more holistic recommendations here.

  • Starting out with Meteor.js

    For some time now, I’ve this urge to try to build something using meteor.js just for test purposes and to check what i can do with this framework that everybody is talking and writing about. So a few days ago i decided to give it a go, i installed meteor and I have put everything into place to start developing (and learning, while doing it of course).

    The problem was that i was short in ideas for a small project, the ones that came to my mind were a bit too complex for my first app and specially for the time i wished to spend on it. After a while, the solution came in the form of an eureka moment and decided to build the most original piece of software ever, a To-Do List.

    Ok, that wasn’t my brightest moment but at least i had something. To increase the difficulty of the task a little bit, i tried to build a simple clone of flask.io (without the good look), a tool that as Lifehacker says, lets you “create shareable To-Do lists on the fly, no account required”. Plus i added for each task a “progress feed” that lets you know what’s going on and what recently changed in it (good for shared tasks).

    So in the next “few” lines i will describe the most important steps i took to build this thing (summed) and since this was a discovery project probably you will find some stuff that could be done in a better way. The git repository with the code can be found here.

    To try it out, an instance of this application is running at rapido.ovalerio.net.

    (more…)

  • Tracking and bubbles everywhere

  • Some changes on the blog

    Recently i realized that the system that i used to blog wasn’t the most appropriate and that was preventing me from writing. To publish an article, i needed to go through too many steps (most of them to make the content look the way i wanted) and the maintenance of the system didn’t worth the time i was wasting on it. So as can you see i switched to WordPress, since it offers much better tools, to concentrate more on the content and soon i hope to get a more regular posting schedule. If you find any bug, please let me know.