The Basics Of Vi

 Computing, Linux, Tutorials  No Responses »
Dec 112016
 

Vi (or vim) is one of those editors that at first appearance appears to be insanely user-hostile, and some will say it looks the same way on a second, and third glance. Yet it remains one of the most popular editors under Linux, and even if you choose another editor as your mainstay, you are likely to encounter it in use a fair bit.

(Apologies for the little line at the top of that screenshot; lazy editing)

The strange thing about vi is that nobody uses the real thing any more (well almost nobody), but instead clones of one kind or another. That is mostly because vi originated in the commercial world of Unix, and clones were written to be open-source. It is perhaps worth remembering that vi has remained the mainstay of editing under Unix-based operating systems for three decades despite there being many alternatives.

It may look plain, but vi has almost every editor feature you can think of and almost certainly a few you never thought of.

The Modes

Almost every every other editor currently in use is a modeless editor, or at least mostly modeless. Vi is different in that it has three different modes that operate differently – insert mode, command mode, and ex-mode (essentially for extended commands). Of the three modes, the insert mode is the most like other editors, although are relatively few commands to use. As you can see in the screenshot above, the words “- INSERT -” appears at the bottom of the screen whenever you are insert mode (and the same for replace mode which is effectively the same).

Most commands are performed in the command mode, which can be thought of as the default mode – there is nothing saying that you are in command mode. If in doubt, you can press Esc to get from insert mode into command mode. There are some who will argue that in fact vi is modeless and that the “insert mode” is in fact a parameter to the insert command. This has a certain ring of validity to it – if you enter 32iHelloEsc in command mode, you will end up with 32 copies of the word “Hello” inserted.

But conventionally vi is written of as a mode-based editor, so it is best to think of it as such until you have learned enough to throw off conventional wisdom and go your own way.

The last mode is ex-mode, which at a basic level is covered only in enough detail to tell you how to get out of it! It is entered from command mode with the “:” command, at which point the cursor moves to the end of the screen leaving you free to type in lengthier commands. To exit simply hit the backspace key until the cursor returns to its normal location.

The Insert Mode

(and the replace mode)

The insert mode is started with a variety of commands, but the simplest is i(nsert).

Once in insert mode, you can start typing normal text without worrying about what commands it will run. There are a fair few things you can do with the control keys, but we’ll skip over those for the “basics”. To correct a few historical limitations :-

  1. You can move the cursor around with the arrow keys. It might seem a bit strange to say so, but the original vi didn’t allow you to move in insert mode partially because it pre-dates arrow keys (yes, really!) and had to use commands to move the cursor around the screen.
  2. You can move anywhere within the file and make changes anywhere; not just where the original change was intended. This may seem like an unnecessary feature to explain, but when you are changing a single word, it can seem wrong to also go somewhere else in the file and make changes elsewhere.

Without going into the more esoteric features, there is not a great deal more to say about the insert mode except it is exited with the Esc key.

The Command Mode

The movement commands :-

Arrow Keys Moves the cursor
h & l Moves the cursor left and right.
j & k Moves the cursor down and up.

The use of the h,j,k, and l keys to move the cursor around the screen seems rather bizarre except when you realise that some early terminals connected to Unix systems lacked cursor keys. They remain for compatibility reasons and because some people feel that they can be quicker to use as they require less hand movement than the cursor keys, or like me that those keys are burnt into muscle memory and so they are used almost without thought.

b(ack) Move backwards one word.
e(nd) Move forward to the end of the word.
f(orward){char} Move forwards on the same line to the next occurrence of {char}.
n(ext) Move to the next occurrence of the last search.
 / Search for something.

The most basic command for deleting text is “x” which deletes the character under the cursor, but a hint of what can be done with vi comes with the d(elete) command. The d(elete) command takes a movement as a parameter, and deletes from the current cursor position until where there movement takes you :-

dd Deletes line.
d$ Deletes to the end of the line.
d0 Deletes until the beginning of the line.
dw Delete until the end of the word.
diw Delete “in” word – deletes the current word.
df{char} Deletes until the next occurrence of {char}

But we now move finally to adding text :-

i(nsert) Insert at the current cursor.
o(pen) Open a new line below the current line.
O(pen) Open a new line above the current line.
a(ppend) Append text after the cursor.
A(ppend) Append new text at the end of the line.

Lastly, we can save and exit vi with “ZZ”.

Ex-Mode

This is going to be even more truncated than the last section (I know the last section doesn’t seem truncated, but trust me – it is!). There is a great deal more to this mode than just the three commands below :-

:write (or :w)

Writes the file being edited. Two options I am going to mention here.

Firstly you can add a filename to the command to write to an alternate file (:write new-filename) – very handy if you find you’re making changes to a file that you do not have permission to overwrite.

If you need to override a warning vi has about overwriting the current file, you can do so by appending an exclamation (!). Just don’t do it automatically (I’ve a sorry song to sing about doing that!).

:quit

And to quit vi, simply use the :quit command. If there are unsaved changes in the file you are editing, it will stop you, in which case if you really want to lose your changes add an exclamation (!).

Confessions Of A Spy In The Data Centre

 Humour, Security  No Responses »
Nov 262016
 

(actually we don’t usually sit in the data centre; it’s too noisy and usually the wrong temperature for people)

There is a perception amongst people that security “gurus” who work in network security are spying on all your network traffic. Not the hackers (which is a whole other matter), but the people who run enterprise firewalls. We do, but we’re not interested in what you are doing but instead what is being done to you (and the enterprise as a whole).

Frankly nothing strikes me as more boring than spying on someone’s porn browsing – if I really need to, I’ll hunt down my own porn thank you very much! And we’re busy; you could probably double the size of every network security team in every organisation on the planet and still nobody would be sitting around twiddling their thumbs.

On the subject of porn (as an extreme example), it is not a security issue. There is an argument that browsing porn sites is putting yourself at greater risk of picking up some kind of nasty infection, but avoiding porn sites to avoid getting infected with malware is a tactic that results in your computer being infected. So the intended content isn’t a problem as far as security is concerned, but we’re interested in unintended content.

Now there are places that enforce browsing censorship – blocking anything that isn’t work-related. That role is usually dumped on the network security people because they have the tools to do the job.

Does porn browsing on the office matter? Of course it does – some people are upset by the sight of such things, and almost as important, when someone is browsing porn they are not working. But such matters are best dealt with in the office by the line manager – if someone isn’t doing their work it doesn’t matter if they are browsing porn, hitting Facebook, or snoozing under the desk. All should be dealt with appropriately by the line manager.

And centralised censorship is a rather clumsy tool – blocking Facebook is all very well if it is to prevent personal usage of the Internet, but what about the Marketing department using Facebook for publicity? Or the Customer Service department keeping an eye on Facebook for product problems that they need to look into? These can be allowed through on a case-by-case basis, but it highlights that censorship is a clumsy tool.

The word from a nameless vendor who is in this space, is that in many cases this censorship has less to do with preventing people from doing “naughty” things, and more to do with controlling bandwidth usage. And as bandwidth becomes cheaper, there is less interest in censoring Internet activities – certainly from a personal perspective I notice a decrease in the number of people who complain they cannot visit certain sites because of work’s “firewall”.

There is also the subject of TLS inspection where firewalls intercept and inspect TLS or SSL encrypted traffic between you and “out there”. Again there is a suspicion that we are for whatever reason spying on your activities. The answer to this is the same as previously – why should we bother? It is too much like hard work, and frankly most of the information that passes through a firewall is unbelievably boring.

No, TLS interception is used to do the boring task of inspecting traffic for malware, spyware, and other security threats. And with the increasing use of TLS to encrypt traffic it is becoming more and more important to do TLS interception for security reasons.

Yes there are those who would use that sort of technology to spy on your activities, but those organisations are typically nation states … and repressive ones at that. But it is extreme foolishness to blame a useful tool for the abuses that an abusive government perpetrates.  Your average enterprise just isn’t that interested in what you’re up to.

And if you still don’t believe this, there is a simple answer: Do anything private on your own private network.

b84v37631-cubist-eye

Apple’s New Macbook Pro(s) (October 2016)

 Computing  No Responses »
Oct 302016
 

Meh.

With the sole exception of the touchscreen key strip that replaces the function keys, there’s pretty much nothing that interesting about the new Macbook Pro machines from Apple. That is not to say they are not nice machines, but they are a bit under-specified for a “pro” laptop tag, although I suspect that quite a few people complaining about the lack of a dedicated GPU in the 13″ model fail to realise that most serious professionals do most of their heavy number crunching in the cloud and not on a light-weight laptop.

macbook-pro

 

And frankly any laptop is light-weight compared to a rack-based server with a case full of Teslas.

A laptop is essentially a creative tool for accessing “the cloud” for anything that requires a real computer, and a 13″ Macbook Pro is fine for that (although the trendy tax is a touch high).

Now onto the function key replacement: As a devotee of the keyboard, I’m somewhat reluctant to cheer the replacement of real keys with a touch screen, but it could be quite a neat feature. In the old days when we used function keys much more widely than we do now, on-screen labels for what the function keys did were not uncommon … look at the bottom of the following screenshot :-

norton-textra-writer-21-4

 

And the ill-fated Apricot Computers had a competitor to the IBM PC which came with a keyboard that had six “soft keys” with LCD panels.

So Apple has not done anything new here, but when did they? Their core skill is taking technical innovations and making them user-friendly; I don’t have a problem with that.

This keyboard could be useful in many ways – in addition to resurrecting the old “function key labels” in a more usable way, there is also the possibility of using them to insert symbols that we should be using, but rarely do so because they are not to be found on our normal keyboards. Depending on your proffesion (or inclination), we have different symbols we could or should be using – perhaps the copyright symbol ©, the interrobang ⁤‽, or more. Of course how useful it becomes will be down to the relevant software developers.

Vim: The Ex Mode

 Computing, History  No Responses »
Oct 272016
 

I have recently been ‘entertaining’ myself with watching some videos on the vim editor which to the uninitiated is an extremely powerful if somewhat ‘unusual’ editor that is popular amongst Linux power users. One of the surprising things that came up was that apparently there are experienced vim users who are not aware of why the ex mode exists.

Or probably why the ex command exists.

In the dim and distant past (and in fact even longer than I’ve used Unix!), one of the possible ways of interacting with computers was with a printing terminal :-

On such a terminal, using a visual editor like vim (or it’s predecessor vi) would have been painful. Redrawing the screen would take a couple of minutes or more; imaging moving the cursor across from the beginning of the line to the end!

So it was common to use an alternative kind of editor – the line editor. The process of creating a file is somewhat clumsy :-

$ ex ~/Foo
"~/Foo" 1L, 4C
Entering Ex mode.  Type "visual" to go to Normal mode.
:p
Foo
:a
Bar
.
:p
Bar
:1
Foo
:write
:quit

Now for a quick explanation (although this is no tutorial on line editors!): The ex ~/Foo is the command given to start editing a pre-existing file called Foo in the ex editor. After the editor starts up, I enter the “p” command to print the current line. I then use the “a” command to append text after the first line, and enter a “.” on it’s own to finish adding lines. Again I use “p” to print the current line, and then “1” to print the first line.

Which is more than you’ll ever want to know about how to use ex, so why does it still exist?

The first reason is simply because it’s possible. It’s almost certainly fairly easy to support the ex mode with vim; after all the ex-mode is effectively the commands you get when you enter “:” within vim.

The next reason is that line editors were sometimes used within shell scripts to batch edit files, and somewhere out there is a shell script from hell that relies on ex to keep running.

Friday’s DDoS: Assisted By Poor DNS Configuration

 Computing, Security  No Responses »
Oct 222016
 

Yesterday lots of people found the Internet disappearing on them due to a significant DDoS attack against the DNS infrastructure of one company. Now there are all sorts of suggested fixes for this sort of problem, some of which are useful.

However it is notable that people have not mentioned one method built into DNS which could have been used more effectively. Indeed one suggestion was for the DNS to do something it already does – caching.

When you ask your ISP’s DNS servers to resolve a name such as example.org, the answer that your ISP’s DNS server gets back contains several bits of information in addition to the answer you are interested in (the IP address to connect to). One of which is how long to cache the value for, which means that your ISP’s DNS servers can save themselves some work for as long as they are allowed to cache the answer for.

Now it is awfully convenient to set this value to something like 5 minutes because if you have a need to change the value, it is nice to have the value change as quickly as possible.

But it also increases your vulnerability to a weaknesses in the DNS infrastructure.

If you increase the time-to-live (TTL) value to something more like 24 hours, then your DNS servers (or more usually the DNS servers of your DNS service provider) are required less frequently which means that if something takes them offline for any reason then there would be a decreased impact. It will still stop some people from getting the DNS answers they need, but the proportion unable to get an answer will drop dramatically.

 

damascus-dns

 Older Entries  Newer Entries