MFA tokens in your terminal

All the stuff described here I learned from my dear colleague Giulio. I’m sharing it here because it’s cool, and because I don’t think he’d share it anywhere other than our internal mailing list.

Do you use MFA a lot? Are you tired of reaching for your phone to check those codes on Google Authenticator app? Perhaps you’ve been logging to too many different AWS accounts because your work requires that? ­čśö Here’s a couple paragraphs of advice that will ease your pain.

First, install oath-toolkit. On OS X you can get it with homebrew. Once it’s installed, you’d want to define a function for your shell, like this perhaps:

function mfa () {
   oathtool --base32 --totp "$(cat ~/.aws/$1.mfa)" ;

This specifies an mfa alias which calls oathtool and expects one argument: name of a file (sans extension) inside your ~/.aws/ directory which contains a string that is the base for computing your time-based one-time passwords. To continue the AWS-based example, you can find the code in the AWS console while setting up a new virtual MFA device.


Once you click on “Show secret key for manual configuration,” you’ll be presented with a 64-character string, which you’ll need to put in a ~/.aws/account-name.mfa file. After that, whenever prompted for the MFA token, type mfa account-name in your terminal.

“Hunger makes me a modern girl”

I know Carrie Brownstein through “Portlandia,” a quirky sketch show she’s been doing with Fred Armisen for the last couple of years. I’m a huge fan of how accurately “Portlandia” pokes fun at alternative-culture so commonly associated with Pacific Northwest.1 What I learned later, only after doing some research on Fred and Carrie, is that they were both well-known before the show even started. Fred, to a perhaps lesser extent, through SNL, and Carrie, probably to a much greater extent, through Sleater-Kinney.

SNL is obviously not very popular in Europe, but the fact that during my teenage years I have never heard about Sleater-Kinney was always a bit surprising to me. Sure, alternative-scene rock bands from Seattle like Nirvana, Soundgarden and Pearl Jam made its way to (even Eastern) European radio stations, but the much larger phenomenon of what’s known as the “Pacific Northwest scene” remained rather unknown, or at least not commonly known. This way one could, as it turns out, live one’s life all through the crazy 90s and only discover Sleater-Kinney in 2012. Oh, and what a fantastic discovery that was. Continue reading ““Hunger makes me a modern girl””

How are zlib, gzip and Zip related?

Abhishek Jain asks Stack Overflow about the differences between zlib, gzip and Zip, and gets a fascinating and very insightful response from none other than Mark Adler. I particularly like the comment Adler made when the OP asked about referenecs for his answer.

I am the reference, having been part of all of that. This post could be cited in Wikipedia as an original source.

This, to me, is a perfect example of the enormous impact of open source and free software libraries developed in the 80s and 90s have on modern-day computing. All these small components of Linux or *BSD systems that were developed over the years now play such crucial parts in so many complex systems we rely on every day.

Free/open source software developers are the heroes of the internet era, and as such should have monuments built to their glory and schools named after them.

AlphaGo wins with Lee Sedol

Google Deep Mind‘s AlphaGo won two games against the world go champion, Lee Sedol. This is a ginormous triumph of statistical methods in general and machine learning in particular over “symbolic AI.”

I remember writing an essay for a class in philosophy some years ago about the progress of AI game engines and the somewhat unimpressive achievements of Deep Blue. It was of course exciting to see a computer beat a reigning chess world champion, but underneath all the heuristics IBM implemented for chess, it was all “brute force.” Chess has a game tree complexity of 10123, which is huge, but still “traversable” by modern computers using good heuristic functions. Go, on the other hand, was deemed unsolvable by any “brute force” methods, because its game tree complexity is 10360ÔÇöfar too big. I don’t think anyone in 2006 expected that within ten years a computer program will beat the best Go player (I know I didn’t), yet it just happened. Continue reading “AlphaGo wins with Lee Sedol”

Apple’s letter about the San Bernardino case


There are basically two groups of large software companies around right now: those which make their business by collecting data, and those which make their business by licensing software. The first group has an overwhelming incentive to not support privacy too strongly. The second group has an overwhelming incentive to not allow too much openness. Until a better business model (or zero-knowledge machine learning) is found, no large for profit company can support both goals to their final conclusion. So we are left choosing one evil or the other.

Apple published a “message to customers” today, and while there’s a lot of questions this letter raises,1 the above HN comment (full thread, definitely worth reading) captures the essence of the issue at hand when it comes to computing these days. You either sell software/hardware/licenses and create incentive for the general public to pay you more money by selling things, or you give stuff away for free, and your users become the product. It appears that the situation didn’t really change much for the last couple of years, and in the end we choose what we are willing to tolerate.

update, Feb 22: Apple published some more details about the case today.

  1. What kind of backdoor does Tim Cook have in mind exactly? If it could be implemented, then how? Are other companies complying with such requests from the FBI or other agencies (wikileaks and Edward clearly point to some evidence that they do)? 

Go vs. Scala

One of Go’s features is that it doesn’t have an excess of features, and frankly, I think that feature is undervalued.

There’s an interesting discussion on Quora about the differences between Golang and Scala.

As a former academic with tendencies towards functional programming, I used to be very tempted by Scala.1 It offers all the functional goodness without the exoticism of Haskell, and came with reasonably good tools and frameworks. Like Clojure, it’s a functional language you can actually do some work with.

The problem with Scala is, the more advanced you get, the more complicated (unreadable?) your code becomes. I remember that back in grad school the dude who was able to doodle the craziest and mathematically most challenging solution to some problem in Haskell was someone everyone looked up to. But it turns out in the “real world” simplicity always trumps virtuosity and sophistication, which is one of the many reasons I love Golang so much. A language with no “magic,” good concurrency support, great documentation and community that compiles into machine code and runs faster than Python? Yes, please.

Read the whole Quora thread, though, there’s a lot of interesting stuff there.

  1. This is not to say that I don’t like Scala. I really do, it’s just that my love for it is, hm, not as unconditional as it used to be. 

No more LaTeX

I made jokes about this before, but it actually happened: since I no longer use LaTeX, I removed it from my laptop and got rid of the config from my .vimrc. It’s nothing unusual, but I somewhat feel that the departure from LaTeX marks an important (sic!) moment in my life.

LaTeX was my “gateway drug” to programming. I kid you not. Since I was interested in publishing as a teenager (even ran a small but successful magazine for a while), got very disappointed in MS Word’s DTP capabilities, had no money or supported OS to run Adobe or Quark, LaTeX was for me, sadly, the only option to put my magazine together. A Polish magazine called Linux+ published an article about LaTeX, I went through the tutorial, then through lshort2e.pdf, and got hooked. I was of course impressed by the quality of the output, but most importantly I understood the powerful concept of source code and compilation. LaTeX is of course technically markup and not code,1 and it’s not exactly compiled but parsed, but still the process and concepts are easily translatable to programming. So then came going through AWK tutorials, and later came C and Perl. And much later came a lot of other stuff, but it all started with LaTeX.
Continue reading “No more LaTeX”

Best Jazz Albums of 2015

In the spirit of 2015 summaries, I felt like sharing my recommendations for the best, in my view, jazz albums of yesteryear. The list is, of course, highly subjective and biased towards contemporary and European jazz.1 I also admit that the great majority of what I listen to comes from ACT Music label, since many of my favorite artists record for them, and thus it’s somewhat easier for me to explore their catalogue. Nevertheless, I tried to be broader in my picks, which was really easy this year thanks to some very surprising albums from relatively unknown artists. Below are my 6 favorites, with three in the “must listen” category additionally marked with a “­čĺú” (how did internet function without emoji, eh?). Continue reading “Best Jazz Albums of 2015”

AWS Cloudformation template for OpenVPN server creation

Are you traveling for Christmas to a country where Netflix/Hulu isn’t available? Are you worried you might resort to violence against your own family once you’re fed up with them? Here’s a VPN server template to help the situation (and keep you away from prison).

Netflix is brilliant and there’s no better time to catch up on your Jessica Jones episodes than Christmas break. But what if your family resides in a country where Netflix isn’t available yet? ­čś▒ Fear not, there’s a way to circumvent geolocation-based legal barriers that protect, in my case, Eastern Europe from excellent comic book-based television. First, you’re gonna need a fast internet connection.1 Second, a VPN server into the country where Netflix is available, e.g., Bundesrepublik Deutschland.

update Jan 6, 2016: Oh, well. VPN servers can still be useful for other purposes.

To create one really quickly and cheaply (and destroy it as easily once it’s not needed), it’s best to use Cloudformation, an orchestration/templating tool that AWS provides. With Cloudformation, all the details2 of your stack are included in one JSON file which, once uploaded via AWS Console, deploys the stack defined by the template. The JSON file below defines an EC2 instance together with a security group suited for OpenVPN: Continue reading “AWS Cloudformation template for OpenVPN server creation”