modern vcs

Recently moved all my stuff from weird place hosted Subversion repo to github and bitbucket. Bitbucket only to host private repos I can’t just share around, like previous freelance work, coursera homeworks and stuff.

continuous integration

OK, honestly I’d have more private stuff on bitbucket, but I just couldn’t resist goodie-goodies from Travis-CI. Seems that it is the best free cloud based CI option available, due to the deployment options to popular PaaS services and obj-c capabilities. You can also ask for help on #travis when your job hangs, thanks guys. Works just for public github repos in free plan, but that is all I actually need.


Anyway, in efforts to ditch hosting which houses housed my blog and Spring Roo stack that powers REST APIs that my iOS apps use, I’ve begun to experiment with Heroku and Openshift. Currently in process of migrating my iOS apps to iOS 7 and relinking urls to Openshift and REST stack is already set-up. What is so cool about it, I don’t have to upload war files, which are not famous for their small footprint, no more downgrading JEE Stack to ‘02 version to be able to run it against Tomcat-5, only option available in cPanel. What?! Wait, what? It’s 2013 guys, how ‘bout a little upgrade.


I didn’t know what to do with hosted wordpress instance that had all my blog entries from Japan trip – only actually valuable thing on this blog. Saw jekyll somewhere, put in action with octopress – still not sure whether to go with twitter bootstrap option or not and hosted it in github pages. Could go with openshift or heroku, but I wanted to save free slugs there for future use, github does good job here.

era of powerful cli

All that stuff I can do just using command line. Monitor travis builds, deploy to openshift on my own even I have travis configured to do that automatically, write blog entries in markdown. I also started using CocoaPods, xctool for obj-c work, super easy.

Late March 2013 I visited Amazon offices in Seattle for interview. Got an offer few days after flying out. WHOAT ACCEPTED!?!1!!

Then I got email from immigration attorney asking me to send my documents as soon as possible. Sure. What lottery?! Gee, there is frickin’ lottery for H1B as well!? My chances were around 60%. Didn’t get through, was never much of a gambler. Better luck next year. Damn!

Thing I regret is not visiting Bruce Lee’s grave to pay respects while I was there. Not gonna miss it next time.


Be sure to have latest backup in TimeMachine. This can keep your transfer to new machine much easier.


Be sure to back up your private keys, certificates… Make sure you know passphrase on your private key. These took me few hours of sweating on new machine to realize I used one of my regular passwords with little typo. This is nasty shit, loosing private keys is hell.

Passwords and browsing data

Clean all data on browser you have installed, including Skype, MSN, Jabbers…


Log out from iTunes Store and deauthorize computer you are about to sell. You are limited to 5 authorized computers by Apple.

Sensitive data

Not talking here about your music collection, I’m talking about projects you work on. Maybe there is local svn copy of one of your company’s secret projects or project you signed NDA for. Think about leaking cPanel or Apple Developer Program credentials of your clients, maybe company’s disk image you did forensics on and that kind of stuff.

Data Recovery

Do not just erase your disk, you have to erase it in safe way. Even if files are deleted, data can be restored with bCheck security options in Mac OS X, not to mention EnCase stuff. Usual zeroing device is fine if you are regular user, but if you work for high-profile clients, don’t hesitate to leave your computer writing clever random patterns 47 times all over your storage devices. Or just take these out and do not sell them.

Sniffing plaintext traffic on IPSec endpoint works for incoming traffic, since it’s already decrypted, but outgoing traffic can not be sniffed in original form but only as ESP packets with encapsulated original. This also means that these packages can’t be sniffed with dst address of real destination, but address of IPSec peer. You need to get some traffic with tcpdump/Wireshark/tshark/whateva, but when you analye it, you will need Wireshark built with gcrypt support. So, fire up your favourite pcap compatible sniffer and get outgoing packets by setting dst address filter with address of IPSec peer. While sniffing, get encryption and authentication keys and algos by hitting ip xfrm state or racoonctl show-sa esp There is also nice perl script written by some anon dude on wireshark mailing list. Script prepares above command output to Wireshark friendly form. Play with it a little. *BEWARE* you IPSec/IKE daemon is probably rekeying every half an hour so you might need to split sniff and analyze separately with different keys. open(RACOON, "racoonctl show-sa esp|") || die "can't execute racoonctl successfully\n"; $sa = 1; while (<RACOON>) { chop(); # look for a line starting with an IP addr… yes, I know there are # better regexps… but racoon seems to only have one line starting with… if (/^[0-9]/) { ($ip1, $ip2) = split(/\s+/, $_); # print the SA #1 line for wireshark print “SA #$sa:\t\t\tIPv4|$ip1|$ip2|*\n”; $sa++; } if (/^\s*E: aes-cbc/) { if (!$aes_1) { # print “AES-1:\t0x”; print “Encryption Key #1:\t0x”; ($x, $x, $x, $one, $two, $three, $four) = split(/\s+/, $_); $aes_1 = “$one$two$three$four”; # print “AES-1: $aes_1\n”; print “$aes_1\n”; } else { # print “AES-2:\t0x”; print “Encryption Key #2:\t0x”; ($x, $x, $x, $one, $two, $three, $four) = split(/\s+/, $_); $aes_2 = “$one$two$three$four”; # print “AES-2: $aes_2\n”; print “$aes_2\n”; } } if (/^\s*A: hmac-sha1/) { if (!$hmac_1) { # print “HMAC-1:\t0x”; print “Authentication Key #1:\t0x”; ($x, $x, $x, $one, $two, $three, $four, $five) = split(/\s+/, $_); $hmac_1 = “$one$two$three$four$five”; # print “HMAC-1: $hmac_1\n”; print “$hmac_1\n”; } else { # print “HMAC-2:\t0x”; print “Authentication Key #2:\t0x”; ($x, $x, $x, $one, $two, $three, $four, $five) = split(/\s+/, $_); $hmac_2 = “$one$two$three$four$five”; # print “HMAC-2: $hmac_2\n”; print “$hmac_2\n”; } } } Fire up wireshark and open your sniff Just paste these values into Preferences->Protocols->ESP, enable decryption too and hit apply. Enjoy your plaintext traffic.
Kada ici na Thailand? Najbolje vrijeme za otic na Thailand je od početka studenog do kraja veljace kada je razdoblje hladne klime. U ostatku godine, Thailand nije ugodno mjesto za ljude naviknute na nasu, balkansku klimu zbog ogromne vlage u zraku pa se boravak na otvorenom može pretvoriti u pakleno iskustvo s otežnim disanjem. FYI na tajlandu nema 4 godisnja doba kao kod nas, nego ima hladno, toplo i kisno. Klima je tropska. Kako otici na Thailand? Avionom! No shit Sherlock. Svakako izbjegavati Aeroflot, normalna cijena povratne karte po osobi je oko 5k kn, a ako malo zakasnite s bookiranjem, penje se i do 8k ili 10k. Planirajte put barem 6 mjeseci ranije, dogovorite na vrijeme godisnji na poslu (tocne dane) i bookirajte kartu sto prije. Isto vrijedi i za hotele i resorte koji nude popuste (10-15%) ako bookirate sobe ranije. Kako putovati Thailandom?  Opet, avionom! Za vrijeme sezone, busevi i vlakovi kasne i po nekoliko sati, a da biste stigli od Bangkoka do, recimo, Ko Phi Phia, trebate kombinirati vlak (s krevetom), pa privatni taxi do busa, pa bus, pa opet privatni taxi do pjera i katamaran/trajekt/brod. Ako vam vlak kasni, necete uloviti dogovoreni prijevoz sto ce rezultirati opcim kaosom i u najboljem slucaju cete izgubiti samo pola dana zasluzenog odmora na plazi. Generalno, vlak je ok sredstvo prijevoza, ima aircon i krevete, cist je i siguran. Ali za sigurnost vlastitog uma i zivaca, vozite se lijepo avionom i kupite karte na vrijeme pa nece ni biti skupe. Air Asia i Bangkok Airlines imaju ok lokalne linije, a vecina popularnih mjesta na moru ili otocima ima zracnu luku. Ako pak zelite ili morate ici zemljanim putevima, imate agenciju  na stanici za vlak u Hua Lampong, Bangkok koji ce vam organizirati lokalno putovanje (karte za vlakove, brodove, buseve, smjestaj… bez provizije).  Što vidjeti u Bangkoku?
  • Tapkajući po Bangkoku shvatiš da je cijeli grad jedan veliki buvljak. Recimo na Sukhumvit Roadu možeš kupiti dildo, šlape, dres od Barcelone, kopiju viagre u bilo koje doba dana ili noći na uličnim štandovima. Svakako mjesto koje treba posjetiti je Chatuchak Weekend Market, ogromni Hrelić veličine… hm, nemam pojma. Uglavnom, ogroman je. Prodaje se sve, od polovnih knjiga, umjetnina, lažnih Armani satova, kućnih ljubimaca… Market radi samo subotom i nedjeljom i ogromna je guzva.
  • Bangkok obiluje hramovima, a oni koje se svakako isplati pogledati su Wat Phra Kaew i Grand Palace, Wat Arun, Wat Pho i Golden Mount. Kad prelazis Chao Praya rijeku do Wat Arun hrama, nije lose svratiti ni muzeja medicinskog fakulteta gdje je izlozena zanimljiva zbirka konzerviranih sijamskih blizanaca i tijela osakacenih na vrlo zivopisne nacine.
  • Barem jedan zalazak sunca u Bangkoku treba docekati na 8x. katu Baiyoke Sky Hotela gdje se nalazi rotirajuca kupola, lounge itd. Baiyoke je najvisa zgrada u Bangkoku i pogled odande je must see.
  • Vožnja tuktukom od mjesta do mjesta lako pređe u naviku, ne treba ju platiti vise od 150THB, a u suprotnom su vas preveslali. I ovako su vas preveslali, al jebiga. Inace vozaci tuktukova su specijalna gamad, pokusati ce trejdat ultrajeftinu voznju pod uvjetom da vas odbace do svog draguljara ili krojaca. *NE IDITE* tamo jer se necete izvuci bez da kupite moronsko odijelo ili lazno kamenje. Dakle, tuktuk od tocke A do tocke B, nema stajanja. U pravilu ce vas vozac voziti kroz shortcute i ulicice gdje hrpa lokalnih likova nesto utovara, pretovara, odvozi, dovozi i u takvim ulicima obicno bude zastoj u prometu pa drzite vrijedne stvari na vidiku.
  • Sukhumvit Road je poznat po kurvaluku, prosetajte se ulicom i bez problema cete nesto ubosti, s tim da se prvo treba opijati. WARNING: shemale se na Thaiu kaze kathoey/ ladyboy, a ima ih u post-operation i pre-operation stanju. Ko pita ne skita.
  • Day trip do Ayuthaye za sve ljubitelje hramova i povjesnih siteova. Ne znam u kakvom je stanju poslije popave, ali sigurno se ima sto za vidjeti.
Kuda na kupanjac?  Najbliže Bangkoku nalazi se Hua Hin, nekakav ok resort u kojem nisam bio, a kojeg mi je preporucila frendica iz Singapura, tamo valjda si idu u Hua Hin.Na istocnoj obali, u Tajlandskom zaljevu nalaze se Koh Samui, Koh Pha Ngan i Koh Tao. Na zapadnoj obali, u Andamanskom moru je Koh Phi Phi Don (Beach s DiCaprijem je sniman na Koh Phi Phi Lay, to je otocic krajem), Ko Lanta i Phuket. Bili samo na Phi Phiu i Samuiu i iskreno mi je Samui puno bolje sjeo. Phi Phi je mrtav u 22h, nista ne radi, plaza je lijepa ali nije za kupanje jer je ogradjeni dio preplitak. Samui je puno zivlji, a nije toliko iskomercijaliziran i umjetan kao Phi Phi. Pored je Koh Tao, raj za svakog tko voli ronjenje.  
When developing iOS app that works on both iPhone and iPad, there are probably many places where you have to apply different size of image, font, button, whatever… If you insert device discrimination snippets, code becomes dirty and unreadable. What you want is to have as much code as possible to look like there is no any difference whether running on iPad or iPhone. Since macros are resolved even before compile time, but besides @2x and ~ipad image nomenclature, there is no some magical way to decide which size of cell, label, button (…) to use, iPhone one or iPad. You have to do that in runtime using one of built-in calls to iOS API. Check this ugly example:
#define IMAGE_WIDTH_IPAD 100
- (void)doSomething
  // if device iPad, use large height and width, if iPhone, use small
  float IMAGE_WIDTH = ([UIDevice currentDevice].userInterfaceIdiom == UIUserInterfaceIdiomPhone) ? IMAGE_WIDTH_IPHONE : IMAGE_WIDTH_IPAD;
  float IMAGE_HEIGHT = ([UIDevice currentDevice].userInterfaceIdiom == UIUserInterfaceIdiomPhone) ? IMAGE_HEIGHT_IPHONE : IMAGE_HEIGHT_IPAD;
  iconView = [[UIImageView alloc] initWithFrame:CGRectMake(0, 0, IMAGE_WIDTH, IMAGE_HEIGHT)];
Of source, you can put that huge call into another MACRO that evaluates device discrimination, but still, there are two variables that make code fuzzy. Now, check this example:
#define IMAGE_WIDTH_IPAD 100
#define DEVICE_IS_IPHONE ([UIDevice currentDevice].userInterfaceIdiom == UIUserInterfaceIdiomPhone)
- (void)doSomething
  // nice code, if you read it you have no clue which crap is going on behind simple looking macro
  iconView = [[UIImageView alloc] initWithFrame:CGRectMake(0, 0, IMAGE_WIDTH, IMAGE_HEIGHT)];
There, DEVICE_IS_IPHONE is a macro evaluated before compile time, but actual evaluation of expression is happened at run-time. Therefore, every time you use constant defined this way, call is made determine which device is app running on, if there isn’t too many of them, it’s not a problem. And code is readable :)
Toliko dugo ne živim u Đakovu da se još vrlo malo smatram Đakovčanom. Kako god, svako malo, tipa jednom u dva mjeseca, kapnem doma do svojih, vidjet starce i sestru, par frendova do kojih mi je još stalo itd itd… Enivej, nije se još dogodio takav posjet Đakovu, a da nije uključivao rješavanje problema s MaxTV-om, ADSL-om, ruterima, antenama, laptopima i svim ostalim sranjima za koje moja okolina smatra da sam ekspert i da baš volim tražit drivere za printere, defragmentirat diskove i brisat viruse, a posebno razgovarati s T-Com službom za podršku… sigh… Tu dolazimo i do današnje epizdoe, ali prije toga, mali uvod u problematiku… Kako živi T-Com? Tko imalo zna kretanje cijena Internet i IPTV usluga u Rvata, vjerojatno se pitao kako T-Com uspijeva opstati pored Optime, Bneta, BTNeta, Iskona, Metroneta, H1 i inih koje više ne znam niti nabrojati, a svi redom nude usluge po cijena prema kojima T-Com izgleda kao… kao T-Com, valjda nema boljeg primjera. E pa, sva ta sila, nazovimo ih tako, inih operatera nema svoju infrastrukturu u svim malim vukojebinama i bespućima Lijepe Naše, nego je T-Com još uvijek tata-mata i nema druge alternative nego se lijepo naguzit, duboko udahnit i platit da “Živimo zajedno”. Eto, valjda tako živi T-Com. Srž problema To nas dovodi i do problema naše priče. Stari je bio isfrustriran malim brojema kanala na telki, meni dopizdilo svaki put kad dodjem doma hakiravat susjedov wlan ili wireless udrugu da bi pročitao mailove (nije tad još bilo ajfona) i stari doneo povijesnu odluku da ubodu 3u1 u T-Comu. Bilo to sve divno i krasno mjesec dva dana, telka malo štekala, smrzlo bi se tu i tamo, ali jebiga, tehnologija u nastanku, ovo ono. Bili T-Comovi inženjeri (LMFAO), mijenjali rutere, mjerkali ovo, mjerkali ono, pa sve kao u redu, al niš ne valja. Stari im jebao rodbinu ne do sedmog koljena nego do sedmog stoljeca pa kao pocela telka radit bez smrzavanja. Internet kako tako, ali eto… Prošla ljeta i zime, vukla se nekako sva ta tehnologija, malo naprijed, malo nazad. Brezobrazluk Zadnjih nekoliko puta kako sam bio doma, bio mi nekako Internet sporiji, al mi se nije dalo još i s tim zajebavat, ionako dođem na dan, dva, proletim ko vihor i uteknem nazad u Metropolu. Silom prilike, tjedan dana sam doma. Link zakucan na 150 KB, nekako mi smrdi sve da ću opet nazvat 0800 9000. Tako i bi, zovem ja sad, javi se lik, kažem mu link mi je zakucan na 150 KB, šta se događa… pokušava on samnom debagirat WLAN ovo ono, kao možda sam daleko, možda ovo možda ono… Nekako mu uspijevam objasnit da dobro znam kako mi mreža doma izgleda i da nema s njom problema, ide on probat izmjerit brzinu linka. Kaže, izmjerio je 5Mbita na parici što nije dosta za MaxTV i ADSL na 4Mbita… Pa naravno da nije, pas vam mater T-Comovsku. Vrhunac Uglavnom, ustanovili smo da su T-Comovi inženjeri limitirali MaxADSL link na 1Mbit (4Mbit flat je ono što plaćamo), kako se ne bi pojavljivali problemi na MaxTV-u, kojem treba isto 4Mbita. Jednostavno matematikom, ako imas 5 jabuka, a trebas 8, imas problem. Evidentno je to da T-Com mjesecima naplaćuje uslugu koju nije u stanju isporučiti (i to su znali i prešutno postavili limit na MaxADSL). Tip s kojim sam razgovarao mi je rekao da je prijavio kvar te da mogu poslati pismeni zahtjev da nam smanje iznos mjesečne pretplate. I šta sad, nije meni krivo što, jebiga, ne valja parica, ne skida se nešto ovako brzo ili onako brzo, nego što netko od lopova nije nazvao i rekao “gle, ne može internet onako baš brzo kako mi kažemo da može, nego malo sporije, aj ak oćeš pa ti smanjimo pretplatu” i svima srce na mjestu. Ovo smatram prijevarom najpodlijeg oblika. Zadnje što želim je moliti ih da mi smanje pretplatu, ionako istječe uskoro 2 godine ugovora pa zbogom T-Come, jednom za svagda, želim ti dugu starost i tešku bolest.
Partially inspired by this great article. AppStore rating system isn’t something developers like, generally. There are several problems which I found myself: 1. Developer will not receive any notification about new rating/review. There is no problem if all ratings are 5-star, but let’s be more reallistic… Bad ratings are omnipresent and usually tackle a problem with your application. In some cases, bad ratings are actually feature requests rather than bug reports. So, if developer doesn’t often check ratings, someone can report a bug that stays untouched until dev sees it. AppStore rating/review maybe wants to be both, but it actually isn’t any of it. 2. Developer can’t reply to a rating. If someone writes a review telling “I want (imagine some feature) in this app”, you can’t tell him that you are working on it and it will be there in next update. You can just hope that this user will keep this app and download your next update. 3. Bad ratings. Every rated app will receive at least one bad rating. This is not something Apple should bother with, but no one wants a bad rating to make new shiny app unpopular. How to tackle all 3in1? Make in-app links (buttons, whateva…) to redirect happy user to rate app on the AppStore and unsatisfied user to send you an email. So, you removed a bad rating from AppStore, you got notified about something bad in you app instantly and you know who sent you email and you can respond directly to unsatisfied user. Awesome! Instrusive or not? I really hate those pop-ups asking me to rate app. I don’t want to bother a user who is using my app to rate it when he wants to use the app. So, I still use Appirater, which I found to be one of greatest open source frameworks for iOS SDK, but I just don’t make a callbacks to Appirater. What I do is using Appirater config and method to open AppStore url, but when user wants to rate, e.g. tapping a button.
I can remember my early days of colleague when students were gathered into a small teams working on a week-projects. We all know these Node_FinalVersionThisIsReallyFinalOkNowItsFinalFixedv47.cpp files shared via e-mail and how confusing all this could get. Along with computer-aided software development in general, source control software evolved from crappy CVS to GIT and others which got so nicely integrated into IDEs (Eclipse Team) and file managers so people started to use it not just for software versioning but versioning and sharing of any files. Since I discovered beautys of SVN in my early days, I use personal repository to store some small projects source code, bunch of simple bash and perl scripts, old code that I may reuse sometimes, random files I need very often (like CV), artwork… It may be an overuse, but this suites my needs and I don’t have any issues with current setup for couple of years. Few times I considered moving to GIT, but eventually gave up as I didn’t have real need to make a step into it. And because of laziness too… Anyway, lately I’m using Xcode on daily basis for iPhone development. Xcode has few diseases but in bottom line, it’s one fine IDE, comparable to Eclipse/STS I use daily too. What I really can’t understand is why Xcode can be so awesome and still suck at one of basic features that any IDE must have. Several times I tried to setup repositories in Organizer to handle my code, ending shit-pissed off and confused with such idiotic design and implementation of such a simple (ok, it’s not so simple, but anyway…) feature. Still today, I’m using Terminal commands to commit/update code and really hope that in some of future realeses, Xcode would do VCS better… P.S. Xcode now hangs with “Checking source control status” message… blegh
If you run some soft of Linux and you have iPhone which you sync in virtual machine in VirtualBox, you may run into problems when updating iPhone firmware… When iPhone gets into recovery mode, usb can’t be attached to virtual machine in VirtualBox… Finally, I found out that you have to run VirtualBox as root!