PSR coding standards

October 26, 2013

I think cross-project, language wide coding standards like PSR are great. It makes reading or writing code from other projects easy. And since PSR is so widely adopted in the PHP programming scene, it’s a really good coding standard to adopt. When studying it, though, I came across two things that I really dislike in their standard. They both apply to PSR-2.

The eternal Spaces vs. Tabs debate

Indents are a really personal thing. Some people find 4 spaces a good indentation width, others prefer 2 spaces, even others prefer 8. That’s why tabs are so awesome, every good editor allows you to set your own tab width, so that your indentation is perfect for you in your editor, and perfect for somebody else in his or her editor of choice. Now, i’m really talking about indentation, not alignment. Allignment SHOULD be done using spaces. Things will still align, even if the tab with is changed. This is perfect in every case.

An example. . are spaces, and thus fixed width spacing. - stands for one space width inside a tab in a certain editor.

One tab is 2 spaces wide

class.ClassName {

One tab is 4 spaces wide


As you can see in these two examples, things keep aligning perfectly, everyone gets to use their own prefered indentation width, *and* your git history is as clean as using only spaces. When used consistently this method has all the upsides of the PSR-2 “only spaces” rule, and none of the downsides.

Curly brackets

PSR is not really consistent in this case. Control structures like if, elseif, switch, for and while must have their opening brackets on the same line, while functions, methods and classes must have their opening brackets on the next line.
I think it would be more consistent if control structures, functions, methods and classes would all have the same notation with brackets on the same line, like in this example:

namespace Vendor\Package;

class ClassName {
    public function fooBar($argument1, $argument2 = null) {
        if ($argument1 === $argument2) {
            // Return Foo
        else {
            // Return Bar

Also notice in the above example that every closing bracket is on its own line, unlike the PSR-2 standard way of putting the if closing bracket on the same line as the else statement, like this:

if ($argument1 === $argument2) {
    // Return Foo
} else {
    // Return Bar

I think this is inconsistent, and doesn’t help for readability.

That’s all…


“I have nothing to hide”

December 31, 2012

Just for the record, almost every time i have a discussion about privacy, the other party comes with this argument.

“I have nothing to hide, i’m not a criminal, …”

This is a non-argument.

My reaction always goes like this:


And then usually i give them some of these questions to think about:

  1. “Do you have curtains on your windows at home? why?”
  2. “Would you like your employer or assurance company to know you were super-drunk yesterday and drove home in your car? Maybe toss some pictures in of you at the party?”
  3. “Would you give your credit card data, or your address, or your girlfriend’s name, or your vacation photos to a random stranger on the street?”
  4. “Would you happily tell your government you’re a ‘hacker’, you attend sessions in the local hackerspace and you go to security conferences?” (Even if you legally do nothing wrong, the term hacker can get you in a difficult position)
  5. “Can i bring my video recorder to your bedroom tonight when you bring the action with your girlfriend?”

I must admit, the last one doesn’t work quite well with everyone, but overall these questions make people come to the conclusion that they certainly do want privacy.

That at least takes that stupid argument off the table.


People keep asking me why i’m not on facebook. This post is just to sum up some reasons (not even all of them) of why i don’t have (and never had) an account on facebook. To sum it up quickly: i’m old-fashioned in some ways, maybe, i don’t like to be a commercial product, and i’m passionate about security and anonymity.

– Facebook doesn’t want you to use a fake name or a nickname. They use the good old ‘totalitarian-regime’-strategy of letting neighbours spy on each other, so that if you use a nickname that does not correspond with your real name, they can report you, and your account will be removed.

– Just like a real totalitarian regime, they use a censorship policy to control what topics can be discussed or not discussed. If you try to break it or circumvent it, guess what, your account will be suspended. Even if your comment does not add value to the context of the original post, or if it’s ‘irrelevant or inappropriate‘ (whatever that means) facebook wil censor your content. Also, facebook doesn’t allow you to post your political views, when they are not in line with what they think. Read here and here if you want to know more about this topic.

– Speaking about totalitarianism, tracking of every user/inhabitant is an important part of that. Facebook is the absolute expert at this. Many other social networking companies do it, two other really big players are google and twitter. Also web advertisers play a big role here. Everywhere you go on the internet, you’ll find social buttons like the facebook ‘like’ button or a twitter ‘tweet this’ button. Since the button is loaded from eg:’s domain, the social network site knows you have visited the site that included the button, even without you clicking it. Every site you visit is more data for their social graph. For instance, if you start visiting a lot of sites about pregnancy and babies, they can easily deduct you may be expecting a baby soon.

– Facebook doesn’t tell you they gather this data about you, you can’t see what they have, and if you ask them, they won’t give it to you. Even when you’re not on facebook, like me, facebook knows (or can guess accurately) a lot about you, for instance your name, your sex, your age, where you live, who your friends are (they send invites!), and they can also (less or more) track your surfing history. This makes for a quite complete ghost profile for almost everybody with internet access.

– You can imagine, with all that data at hand, facebook has a great many opportunities to make money of your personal life. Based on your (ghost) profile they can present you with targeted advertisement (it’s a lot more lucrative than non-targeted ads), they can sell that data to market researching companies, they can sell it to everyone they want. Even the companies behind those stupid facebook games get to see all your data if you decide to play that game. Last but not least, if the authorities suspect you of a crime, even if you have nothing to do with it, they’ll happily give all your data to them too.

– Facebook uses an opt-out policy. They’ll add new features, mostly making your data more public, and if you don’t agree with that you’ll have to search through your settings to undo them, if you’re even allowed to do so.

– The facebook ‘social’ network works in an exclusive way. I mean that many people just don’t send you an invitation to a party or event if you’re not on facebook, and you can’t see their travel pictures because you’re not on facebook. Also, it seems to be a trend to move all communication for workshops, small teams (any subject), and general banter to facebook. I’m a volunteer in many organisations, and most of them need to make exceptions in their communication just for me. That’s not a social network. It’s a join-or-be-excluded network, or an anti-social network.

– Recently, i met Jacob Appelbaum and had a great afternoon talking and listening to him about privacy, communication and many other things. While we were talking someone made a really good point: in the fifties, sixties and seventies, East-Germany needed a whole secret intelligence unit (Stasi) to know only a fraction of the information we gave facebook for free, and willingly. If tomorrow someone decides to start torturing everyone who is gay, or politically left-minded, or whatever, they’ll only have to ask facebook who to catch. It’s true, and really crazy if you start thinking about it.

– Last but not least: i like to meet and talk to people in person, i like to accidentally walk into an old friend and go drink a coffee with him, i like to talk to strangers on the train. These things go away when everyone’s social life moves to the internet.

That’s it.

PS: I know, haters gonna hate. Don’t bother commenting.
PPS: I know, it’s not only facebook. It’s also the X social network and the Y advertiser and the Z company. I know. Facebook is just the one everyone seems to want me to join.

For a few years now, i’ve been amazed with how many methods there are for one to install software on his computer (GNU/Linux or Mac OSX).

  • Manual compilation
  • Download binary and put it in place manually
  • Download an installer and let it put the binary in place
  • Work with the package manager of your OS (eg: apt, pacman, yum on linux and fink, macports on OSX)
  • Work with an app store of some sort (Ubuntu Software Center, Mac App Store, …)
  • Various other methods

Let me just sum up some thoughts on every entry.

Manual compilation
This is the most difficult installation methods for non-power users, AND it’s very time-consuming. All dependencies need to be present, a compiler, and the knowledge of how to do it. If you want your software to be installed by a large mainstream population, offering only the source and compile instructions will not be enough. It is, on the other hand a convenient way to distribute software if your program is exclusively for power users, or if it needs every bit of speed and power it can use (since compiling it specifically for your system will make it run extra fast).

Download binary and put it in place manually
This was, until recently, the default installation method for every Mac OSX app. You’d download a compressed disk image (.dmg), mount it, and drag-and-drop the application inside of it to your /Applications directory. It’s quite convenient for installing software, and offers the user control over where to put his app. If this method is used for installing command line programs in /usr/bin or /bin directories, it gets a lot less convenient. You need su or sudo privileges to put it there.

Download an installer and let it put the binary in place
This is my least favorite installation method. You don’t know where the packages are going, and you mostly don’t have control over anything. It makes me think about MS Windows Install exe’s. Examples are the .pkg and .dpkg packages on Mac OSX.

Work with the package manager for your OS
This is a really convenient, and maybe the most convenient, way for users to install software. You look up the package you want to install, the package manager installs it, takes care of the dependencies, updates the software when new versions are released, and can uninstall the package when you want to. It’s mostly a little bit difficult if you want software to be installed on other locations than the defaults. Also, you’re dependent on repositories that other people made, the choose from. On most GNU/Linux systems, this is the preferred way to install software.

Work with an app store of some sort
Mac OSX and Ubuntu both offer an ‘app store’. It’s a convenient way to install and update software (but not to uninstall, on OSX…) for non-power users, and it’s really nice for developers who want to earn money with their apps. The good thing, AND the bad thing about this, is that it’s non-free. Not every application will be allowed in the store (which is, as said previously good and bad at the same time). For developers, it’s handy because the store offers a practical system to earn money for their apps, although Apple takes a percentage of each payment. To me, this is like a package manager for noobs.

Other methods
There are, of course, other methods to install software. Lately i found one i want to talk about. It’s a hybrid between ‘Manually put your binary in place’, and an ‘installer’, to which they added an update mechanism. The way they let you install there software is like this (in a terminal):

curl | sh
or for wget fans:
wget -O - | sh

What this does is this: curl or wget downloads a plaintext webpage, and tunnels the output to the sh program. Sh then interprets the text, which is shell a script that determines the OS, processor architecture, and checks if the meteor application (in this case) is already installed or not. After that, it downloads and installs or updates the right package for your OS and processor architecture. I was really amazed by this because it works on both Mac OSX and Linux, and for a whole lot of architectures, so it’s really cross-platform. Also, as a power user, you can first download the plaintext sh script, read it, make changes, and then run it. Nice.

Of course, there are pro’s and con’s to every item of this list, and i don’t even know which one i prefer. You can always try to persuade me in the comments below.

That’s it! 🙂

Hello world!

February 25, 2010

Nice… I finally got my blog online 🙂

You read that correctly, this is MY blog, i write this for me. It’s my cookbook of Mac OSX and GNU/Linux tricks, php scripts, commands that i need to remember, and other random computer stuff. These ‘things i need to remember’ can of course be interesting to other people as well, and everyone is encouraged to use them (at their own risk).

I’ll be posting soon