My name is Jeaye

I'm a leader, a problem solver, and a hacker with a passion for privacy and security.


Removing IME: Upgrading System76 firmware on Arch

In the wake of the Intel Management Engine security revelations, System76 developed a firmware upgrade for all of its machines and released an update plan in November 2017. In February 2018, owners of the Oryx Pro were informed that the firmware update was available through System76’s open source firmware updater. For anyone not on System76’s Pop!_OS or similar Debian-based distros, this firmware updater probably didn’t do anything. After waiting patiently for a couple of months for more updates and not seeing any fixes, I dug into how I could get things going. Herein lies the easiest way I found.

Switching from solarized to gruvbox

Ever since 2012, I’ve been using solarized dark for everything I can possibly configure. From my web browser to my terminal, and everything in between, I was a solarized user. Alas, I was experiencing regular eye strain, especially at night, even using solarized dark with low monitor brightness. I use a large font size (large enough for people to comment on it regularly) and, as of my recent tests, I have at least 20/20 sight and no known ocular issues. Still, I was determined I could ease the strain on my eyes.

Don't abandon Mozilla Firefox just yet

Just today, a diatribe against Mozilla made it to the front page of Hacker News, gathering a great deal of discussion. Unfortunately, a significant portion of that discussion was around choosing alternatives to Firefox, forking it, or otherwise abandoning ship. Please, if you do care about your privacy, security, and voice in the matter, refrain from the brash decisions and read on.

A guide to using NoScript 10.x

When Firefox 57 arrived, NoScript 5 users were left with the unsettling reality of not being able to selectively filter JavaScript until the next version was released, a week or so later. Worse, its release was poorly received, due to bugs and a brand new UI. Now that the dust has settled, and the bugs have been vanquished, NoScript users are still presented with the foreign UI and little to no official documentation. This post will serve as a guide for both old and new NoScript 10 users to get up to speed.

The five common forms of Clojure keywords

Depending on which libraries are being used, Clojure has a handful of various idiomatic forms keywords can take. When approaching some forms, like those in Datomic, the overall intention may not be immediately clear. For a new Clojure developer, it may also be unclear which form should be the default, and why. This post aims to add some clarity to the subject and it applies to both Clojure and ClojureScript. Along with explanations of each keyword form is a recommendation for when to use it and when to opt for something else.

Async/await in ClojureScript with Promesa

JavaScript (ES7/ES2016) introduced async and await as a clean way of working with promises. When porting this sort of asynchronous code to ClojureScript, it may be disappointing that there’s no equivalent language feature. Some may say “use core.async,” which is a fine suggestion, but it may not work with the existing JS promises/thenables. This is where promesa comes in. promesa is a Clojure/Script library for working with native promises; it also provides macro support for async/await and uses core.async machinery behind the scenes.

The state of code quality tools in Clojure

There are several projects for verifying quality and correctness in Clojure code bases. When surveying how they’ll work on a distributed Clojure server built for Heroku & Postgres, I took some notes on the issues that came up. These notes represent the current state of things, as well as how we, the Clojure community, can help move them forward.

NixOS: A lasting impression

Two years ago, I wrote about my first impression of NixOS, as I was using it in my workstation. While I adored the concept of declarative OS configuration, it didn’t quite fit the workflow I had in mind for my laptop. The post was concluded with me considering NixOS for my VPS, but I didn’t quite want to move away from DigitalOcean, which has support for only a few distros. What follows details how I’ve been running NixOS since, what it took, and what I’ve learned.

Porting Orchestra to ClojureScript

Orchestra is a Clojure library made as a drop-in replacement for clojure.spec.test.alpha, which provides custom instrumentation that validates all aspects of function specs. Now, it also works with ClojureScript. This post covers some pitfalls of porting Clojure projects to ClojureScript, as well as some instruction for those looking to do so while maintaining a respectable amount of sanity.

Dear Clojure devs, use clojure.spec please

Clojure 1.9 has introduced a novel library, clojure.spec, which allows developers to parse and validate data using a predicative API which is just composed of Clojure functions. If there’s one thing Clojure’s good at, though there’s not just one, it’s the pure transformation of data. With spec, that grasp is broadened to allow for exceedingly expressive validation of data as well. What’s most important is that Clojure developers understand this new tool and use it to improve the safety and readability of their code.

A RainLoop review and setup guide

RainLoop is a web-based MUA similar to Roundcube, Mailpile, and the like. When looking to setup portable email access for my wife, who no longer is happy with just Thunderbird, RainLoop seemed like a reasonable choice. Here are some integration notes, as well as a review and some ranting, based on my afternoon setting it up.

The deal with C++14 xvalues

I recently published a C++14 value category cheat-sheet, which was created to accompany a tech talk I gave at work. For the most part, examples on prvalues and lvalues were understood with minimal confusion. However, xvalues presented the biggest hurdle for existing C++ programmers. I’d like to explore, in greater detail, why C++11 introduced xvalues and how they are essential to safe and efficient programming in modern C++.

Finding an apartment with Clojure

Finding a reasonably-priced apartment in the Bay Area can be a stressful job. After factoring in the pressure of an expiring lease, making a poor decision can be even easier. One approach to weeding out the influx of duplicated, spammy, and unwanted postings is to use a bot and a set of filters. Such a bot could crawl various apartment listing sites, match all listings against your filters, and report to you in whichever format you prefer: email, HipChat, IRC, RSS, etc. Such a bot may look something like this.

Real artists ship

I want to tackle an issue which seems prevalent in the modern software engineering industry. The idea, laid down by Steve Jobs, is that “real artists ship” and everyone else is forgotten. What does it mean to be a “real artist,” and what does it mean to “ship” as one? Unfortunately, it’s become a facade, analogous to YOLO, intended to cover one’s tracks of poor engineering practices, lack of tooling, and lack of concern for the success of the product beyond delivery.

Continuous test coverage in Clojure

For those building Clojure applications backed by tests, you may be wondering just how broad, or deep, your test coverage is. Fortunately, automated coverage analysis can be integrated in a handful of minutes using cloverage and codecov.

A Clojure + Vim setup

Those in Emacs land need not worry about excellent Lisp and REPL support. Here in Vim land, however, the ground is less certain. There have been a myriad of attempts to provide Paredit-like editing and SLIME-like evaluating to those who edit modally. Here’s a contemporary look at helping Vim provide the expected slurpage, barfage, evaluation, and more.

Optimizing weechat log usage

weechat is a curses-based IRC client and a very sane alternative to irssi. For those with IRC bouncers, or those who spend a great deal of time on IRC, popular channels can start to accrue rather large logs. By default, those logs are quite verbose and are never rotated. In my case, weechat’s logs were taking up 2GB worth of disk space on my VPS.

BSON's design flaw

In situations where JSON’s convenient, human-readable syntax results in noticeably slower parse times and/or increased memory usage, one might look for the more compact BSON. Aside from sitting smaller in memory, BSON libraries can more easily provide non-owning solutions, which allow them to reference a read-only chunk of BSON data directly, rather than own a copy internally. This has the big selling point of allowing memory-mapped files to be used as a BSON backend, while all operations on the immutable BSON require no copying or ownership. Unfortunately, there exists an under-documented design flaw in BSON which renders it incompatible with common, standard JSON.

Running Clojure on Google App Engine

Clojure excels at pure transformations of persistent data. One area well-suited for this is a stateless server which transforms data between the client and the datastore. For distributed server development in Clojure, we already have Onyx, as well as wrappers for Mesos and others. An apparently less-explored option is the use of Clojure on Google App Engine, which runs sandboxed applications in Google-managed data centers while providing automatic scaling.

Clojure's forgotten for loop

Higher order functions in Clojure get a great deal of attention, and for good reason. Clojure has a rich standard library of functions which focus on purely transforming data. To those studying Clojure, the for macro for list comprehension may stand out as verbose and awkward; it may also go entirely unnoticed.

Installing Arch Linux with a fully-encrypted disk

On a typical GNU/Linux install, you won’t have disk encryption. Though you’re a keen user and you’ve chosen a very strong passphrase, your data is still stored openly. Should anyone steal, confiscate, buy, or otherwise obtain your hard drive, every bit of data is going to be readable. Should anyone boot into a live CD on your system and mount your drives, your data is readily available and your strong passphrase is none the wiser.

HTTPS and the illusion of privacy

With the rise of per-website encryption, and the ease at which it now comes, we begin to expect new sites, and popular sites, to adopt this added security. But what does it buy us? Don’t be misled into thinking your browsing is private.

Signing Git commits with GPG

Anyone can make a Git commit using any name and any email address. What prevents someone from using my name and my email to contribute a malicious commit, or even simply a commit no representative of me?

HTTPS for your Github Pages' custom domain

With the rise of free encryption through Let’s Encrypt, and the weight of global surveillance on our minds, adopting HTTPS is now more important than ever. Github now allows unforced HTTPS for its domains, but that coverage doesn’t carry over to those using custom domains. The approach I’m using for this blog and my home page, by way of reverse proxy, is documented herein.

Shave 20% off your optimized ClojureScript

ClojureScript uses the Google Closure compiler, which not only mangles and minifies code, it also inlines functions and removes dead code. Still, every extra KB in your application is distributed to every client who wants to use it. So how can we make it even smaller?

Unity3D and Arcadia on GNU/Linux

For the past decade, Unity3D has lacked official GNU/Linux support. Some tenacious users have worked around this with WINE, with varying degrees of success. Fortunately for us GNU/Linux users, Unity3D is now officially available and support is provided in the new Linux forums. To improve the situation further, Arcadia is also compatible with this new GNU/Linux build. I’ll cover here how to get things up and running.

From Vim-GTK to Vim-Qt

Vim-Qt is a gVim replacement which aims to address a number of graphical issues in the standard GTK-based Vim. After having used the default gVim for years, and putting up a number of its quirks, I decided to give Vim-Qt a run for its money. In short, I was pleasantly surprised.

NixOS: A first impression

NixOS is a novel GNU/Linux distribution started in 2003; it’s built upon the Nix package manger which provides a functional, declarative approach to package management. NixOS takes the direction of Nix, which can run on any Unix-like distro (including OS X), and continues further to allow control over the entire OS, from the file system to various services like SSH and HTTP, using the same declarative syntax. This means an entire NixOS setup, including all services, packages installed, and even configurations, can be represented in Nix configuration files and, potentially, stored some place like Github.

Trying Emacs (evil mode) after 5 years of Vim

As I’ve covered in a previous post, I’m a passionate Vim user; maybe a little obsessive at times (my configs). Setting my love for Vim aside, Emacs, being Vim’s life-long nemesis, presents some interesting benefits. I took a week, this month, to use Emacs exclusively in my work (including C++14, Clojure, and Common Lisp) in order to weigh its benefits. Here’s what I found.

Common Lisp, Parenscript, and AJAX

When looking to make full-stack web applications in lisp, Common Lisp and Parenscript are just as capable as Clojure and Clojurescript, if only less documented. As I wanted to make a web-based REPL for jank, my statically-typed functional programming language, I evaluated both the Clojure and Common Lisp stacks and, ultimately, decided on Common Lisp.

Vimb on Slackware

The popular vim text editor is known for its modal editing, intricate key sequences, and powerful capabilities and extensibility. Vim-style editing and navigation is incorporated deeply into my computing experience, covering:

sbopkg on Slackware

Package management in Slackware (14.1, currently) has a reputation for being rather manual. The official packages are distributed as binaries, with the source included, and can typically be manipulated using the slackpkg tool exclusively. SBo provides hundreds of unofficial packages, ranging from games, to multimedia players, to desktop environments.

Running Xen on Slackware 14.1 with GCC 5.1

My Slackware setup is unique, since, unlike most Slackers, I’ve compiled my entire OS from source. I require the latest GCC 5.1, for work with C++14, the latest Vim, for use with color_coded, and the ABI incompatibilities that follow have led me down a winding path.