Celebrate SFD 2014 on Saturday, September 20th
   
Text Size
Login
Canonical
Google
Linode
FSF
Linux Magazine
Ubuntu User
Linux Journal
Admin Network & Security Magazine
Smart Developer
Creative Commons
FreeBSD
Joomla!
Open Clipart Library
FSFE
Fundația Ceata
Atom 0.3 RSS 1.0 RSS 2.0 OPML FOAF

May 26, 2015

FSFE is looking for a systems administrator and architect

FSFE is looking for a systems administrator and architect

The Free Software Foundation Europe was founded in 2001 and has gone through a tremendous growth since then, both in the number of volunteers and staff, and also in the complexity of our technical infrastructure and the number of services we run and offer for both internal and external use. We're currently looking for a system administrator and architect that, for a limited time, can support us in our work to migrate our services to a new infrastructure.

The migration project will move our services to a new infrastructure and revise the services we currently offer. The goal of the project is to make the infrastructure more coherent, with less dependencies, and with a separation of services that make it easier for volunteers to manage and help the organisation manage individual services in the long term.

Who we're looking for

We're looking for a senior system administrator or systems architect that can work in close coordination with our existing system administrators, staff and volunteers, to support our migration project through all of its stages, starting with the archaeological challenge of creating a high level overview of our services and their dependencies, and ending with the migration of our core services. Key skills will include technical documentation, virtualization environments, MTAs (Postfix), database servers and web services.

What we need to do

The person we're looking with will be tasked with the following. Please note that the first steps are more detailed than the latter steps, and we'll work together to continuously revise this plan as we go. All of this will also involve coordination with others, and a lot of information, especially for the first parts, can be gotten from existing documentation or from other system administrators.

Create a high level service documentation, with a focus on (for each service): Authentication mechanisms Code base (custom work, patches, or off the shelf components) Interdependencies with other services Physical / virtual infrastructure location Usage (estimate usage from logs etc, as well as a brief synopsis of who the main users are: external, internal, etc) Additional documentation that may be needed for specific services (such as mail), the nature of which will need to be discussed and determined at a later time, when the first high level overview is complete. Analyse the current services and propose a new architecture, focusing on the services and the dependencies between them. Provide a migration plan that detail the steps needed to be taken in order to successfully migrate our existing services to the new architecture and infrastructure. Migrate, and support the migration, of core services to it, including shutting down and removing old services in an orderly fashion. Location and travel

The FSFE system administrators work largely remotely, and most of the work can be done from anywhere in the world. It's beneficial for communication that the person helping us is roughly located in Europe, and one or two trips may be needed to meet with other system administrators and staff.

More information

If you think that you're the right person, know someone who is, or just want more information, you're more than welcome to reach out to FSFE's executive director Jonas Öberg, preferrably by email to This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

Support FSFE, join the Fellowship
Make a one time donation

Roboto: Google’s signature font is now open source

The Roboto family of fonts, and the toolchain used in creating it, are now an open source project. Roboto is Google’s signature font, created by Google designer Christian Robertson. It is the default font used in Android and Chrome OS, and is the recommended font for Google’s visual language, Material Design.

The font files for the Roboto family of fonts were first released under the Apache license as part of Android 4.0 (Ice Cream Sandwich) in 2011. With this launch, we are making Roboto a true open source project, with a revamped font production toolchain that is completely based on open source software.

Another key improvement in the Roboto font family has been the vast expansion of its character coverage to include all Latin, Cyrillic and Greek characters in Unicode 7.0, as well as the currency symbol for the Georgian lari, to be published in Unicode 8.0. For the expansion, the number of glyphs provided in the fonts more than tripled in number, going from around 13,000 (1071 per font) to more than 40,000 (3350 per font). An earlier version of the expanded font family is included in Android 5.0 (Lollipop) and later.

This project involved close collaboration between various teams at Google: Material Design, Internationalization Engineering, Google Fonts and Android.

The Roboto open source project lives at https://github.com/google/roboto. Bug reports and other contributions are welcome.

By Roozbeh Pournader, Android Text team

The Exodus

Following the Ten Plagues - particularly the Death of the Firstborn Egyptians – the Hebrews finally leave Egypt.

Music: Free To Be You And Me by the New Seekers. More about that song and my use thereof in another post.

Exodus12-28

Exodus 12:28 And the children of Israel went away, and did as the Lord had commanded Moses and Aaron, so did they.

Exodus12-35

Exodus 12:35 And the children of Israel did according to the word of Moses; and they borrowed of the Egyptians jewels of silver, and jewels of gold, and raiment:

Exodus12-37

Exodus 12:37 And the children of Israel journeyed from Rameses to Succoth, about six hundred thousand on foot that were men, beside children.
:38 And a mixed multitude went up also with them; and flocks, and herds, even very much cattle.

Exodus13-21

Exodus 13:21 And the Lord went before them by day in a pillar of a cloud, to lead them the way; and by night in a pillar of fire, to give them light; to go by day and night:

Exodus14-21

Exodus 14:21 And Moses stretched out his hand over the sea; and the Lord caused the sea to go back by a strong east wind all that night, and made the sea dry land, and the waters were divided.

Exodus14-22

Exodus 14:22 And the children of Israel went into the midst of the sea upon the dry ground: and the waters were a wall unto them on their right hand, and on their left.

Exodus14-23

Exodus 14:23 And the Egyptians pursued, and went in after them to the midst of the sea, even all Pharaoh’s horses, his chariots, and his horsemen.

Exodus14-28

Exodus 14:28 And the waters returned, and covered the chariots, and the horsemen, and all the host of Pharaoh that came into the sea after them; there remained not so much as one of them.

Exodus14-30

Exodus 14:30 Thus the Lord saved Israel that day out of the hand of the Egyptians; and Israel saw the Egyptians dead upon the sea shore.

…..

The last beat is the desert, where the Hebrews will spend the next 40 years:

Exodus16-3

Exodus 16:3 And the children of Israel said unto them, Would to God we had died by the hand of theLord in the land of Egypt, when we sat by the flesh pots, and when we did eat bread to the full; for ye have brought us forth into this wilderness, to kill this whole assembly with hunger.

Share/Bookmark

flattr this!

May 25, 2015

Google Summer of Code coding has begun!


GoogleSummer_2015logo_horizontal.jpg

Today is the first day of coding for our 11th year of the Google Summer of Code program. This year more than 1,046 students will spend the next 12 weeks writing code for 137 different open source organizations.

We are excited to see the contributions this year’s students will make to the open source community.

For more information on important dates for the program please visit our timeline. Stay tuned as we will highlight some of the new mentoring organizations over the next few months.

Have a great summer!

By Carol Smith, Open Source Programs

Vivid release party in Terrassa

Catalan LoCo Team celebrated on May 9th release party of the next Ubuntu version, in this case, 15.04 Vivid Vervet. Sorry abaout the delay reporting.

This time, we went to Terrassa, near Barcelona, thanks to our friends of the Nicolau Copèrnic School.

As always, we started explaining what Ubuntu is and how it adapts to new times and devices, along with speeches from the school director and a Terrassa Councillor really understanding the Ubuntu meaning.

 

 

Quite a lot of people registering for the party.

 

Raspberry Pi and Open Source Hardware on Ubuntu were both present at the party.

 

And in another room, LibreOffice.

 

And, of course, Ubuntu Phone as well.

 

A lot of time passed since we offered a speech on Gimp.

 

Local TV came and made a report for the evening news.

May 22, 2015

I’m going to FUDCon APAC 2015!

Last year, I was really impressed by the level of organization and atmosphere at FUDCon APAC that took place in Beijing, China which is why I decided to submit a talk for FUDCon APAC 2015, which is going to take place in Pune, India. And guess what! My talk was accepted!

I named the talk “Present and Future of Fedora Workstation”. I’m now part of the Red Hat desktop team and we have a lot of interesting stuff that has made it to F22 and even more interesting stuff that is planned for F23. So I’ll talk about all the goodness that is changing Fedora Workstation into the best desktop system for active and creative users (developers, writers, designers,…).

I’m arriving to Mumbai at 8:35am on June 25th. I’ve seen that some people have arrivals around that time, too. It’d be great to organize transportation to Pune together. After FUDCon, I’m taking a week of holidays and would like to check interesting places around, hope to see e.g. Goa before the proper rain season starts. India will be my 50th visited country and I’m looking forward to it.

See you in Pune!


May 19, 2015

Pushing fast forward: Roundcube Next.

If you are a user of Roundcube, you want to contribute to roundcu.be/next. If you are a provider of services, you definitely want to get engaged and join the advisory group. Here is why.

Free Software has won. Or has it? Linux is certainly dominant on the internet. Every activated Android device is another Linux kernel running. At the same time we see a shift towards “dumber” devices which are in many ways more like thin clients of the past. Only they are not connected to your own infrastructure.

Alerted by the success of Google Apps, Microsoft has launched Office 365 to drive its own transformation from a software vendor into a cloud provider. Amazon and others have also joined the race to provide your collaboration platform. The pull of these providers is already enormous. Thanks to networking effects, economies of scale, and ability to leverage deliberate technical incompatibilities to their advantage, the drawing power of these providers is only going to increase.

Open Source has managed to catch up to the large providers in most functions, bypassing them in some, being slightly behind in others. Kolab has been essential in providing this alternative especially where cloud based services are concerned. Its web application is on par with Office 365 and Google Apps in usability, attractiveness and most functions. Its web application is the only fully Open Source alternative that offers scalability to millions of users and allows sharing of all data types in ways that are superior to what the proprietary competition has to offer.

Collaborative editing, chat, voice, video – all the forms of synchronous collaboration – are next and will be added incrementally. Just as Kolab Systems will keep driving the commercial ecosystem around the solution, allowing application service providers (ASP), institutions and users to run their own services with full professional support. And all parts of Kolab will remain Free and Open, as well as committed to the upstream, according to best Free Software principles. If you want to know what that means, please take a look at Thomas Brüderlis account of how Kolab Systems contributes to Roundcube.

TL;DR: Around 2009, Roundcube founder Thomas Brüderli got contacted by Kolab at a time when his day job left him so little time to work on Roundcube that he had played with the thought of just stepping back. Kolab Systems hired the primary developers of Roundcube to finish the project, contributing in the area of 95% of all code in all releases since 0.6, driving it its 1.0 release and beyond. At the same time, Kolab Systems carefully avoided to impose itself on the Roundcube project itself.

From a Kolab perspective, Roundcube is the web mail component of its web application.

The way we pursued its development made sure that it could be used by any other service provider or ISV. And it was. Roundcube has an enormous adoption rate with millions of downloads, hundreds of thousands of sites and an uncounted number beyond the tens of millions. According to cPanel, 62% of their users choose Roundcube as their web mail application. It’s been used in a wide number of other applications, including several service providers that offer mail services that are more robust against commercial and governmental spying. Everyone at Kolab considers this a great success, and finds it rewarding to see our technology contribute essential value to society in so many different ways.

But while adoption sky-rocketed, contribution did not grow in the same way. It’s still Kolab Systems driving the vast majority of all code development in Roundcube along with a small number of occasional contributors. And as a direct result of the Snowden revelations the development of web collaboration solutions fragmented further. There are a number of proprietary approaches, which should be self-evidently disqualified from being taken serious based on what we have learned about how solutions get compromised. But there are also Open Source solutions.

The Free Software community has largely responded in one of two ways. Many people felt re-enforced in their opinion that people just “should not use the cloud.” Many others declared self-hosting the universal answer to everything, and started to focus on developing solutions for the crypto-hermit.

The problem with that is that it takes an all or nothing approach to privacy and security. It also requires users to become more technical than most of them ever wanted to be, and give up features, convenience and ease of use as a price for privacy and security. In my view that ignores the most fundamental lesson we have learned about security throughout the past decades. People will work around security when they consider it necessary in order to get the job done. So the adoption rate of such technologies will necessarily remain limited to a very small group of users whose concerns are unusually strong.

These groups are often more exposed, more endangered, and more in need of protection and contribute to society in an unusually large way. So developing technology they can use is clearly a good thing.

It just won’t solve the problem at scale.

To do that we would need a generic web application geared towards all of tomorrow’s form factors and devices. It should be collaboration centric and allow deployment in environments from a single to hundreds of millions of users. It should enable meshed collaboration between sites, be fun to use, elegant, beautiful and provide security in a way that does not get into the users face.

Fully Free Software, that solution should be the generic collaboration application that could become in parts or as a whole the basis for solutions such as mailpile, which focus on local machine installations using extensive cryptography, intermediate solutions such as Mail-in-a-Box, all the way to generic cloud services by providers such as cPanel or Tucows. It should integrate all forms of on-line collaboration, make use of all the advances in usability for encryption, and be able to grow as technology advances further.

That, in short, is the goal Kolab Systems has set out to achieve with its plans for Roundcube Next.

While we can and of course will pursue that goal independently in incremental steps we believe that would be missing two rather major opportunities. Such as the opportunity to tackle this together, as a community. We have a lot of experience, a great UI/UX designer excited about the project, and many good ideas.

But we are not omniscient and we also want to use this opportunity to achieve what Roundcube 1.0 has not quite managed to accomplish: To build an active, multi-vendor community around a base technology that will be fully Open Source/Free Software and will address the collaborative web application need so well that it puts Google Apps and Office 365 to shame and provides that solution to everyone. And secondly, while incremental improvements are immensely powerful, sometimes leapfrogging innovation is what you really want.

All of that is what Roundcube Next really represents: The invitation to leapfrog all existing applications, as a community.

So if you are a user that has appreciated Roundcube in the past, or a user who would like to be able to choose fully featured services that leave nothing to be desired but do not compromise your privacy and security, please contribute to pushing the fast forward button on Roundcube Next.

And if you are an Application Service Provider, but your name is not Google, Microsoft, Amazon or Apple, Roundcube Next represents the small, strategic investment that might just put you in a position to remain competitive in the future. Become part of the advisory group and join the ongoing discussion about where to take that application, and how to make it reality, together.

 

May 15, 2015

The debian/watch file.

Hi all, This would be a sort of longish blog post which attempts to share what the debian/watch file is and how it’s important in the debian ecosystem. If you have looked at my 31st March 2015’s blog post you can see that I have mentioned the deb-src files in /etc/apt/sources.list as they make it […]

Automatic Problem Reporting in F22

I regularly go through most frequent problems reported to ABRT retrace server because it helps me prioritize bugs in Fedora that are assigned to my team. I think ABRT service is great for developers to prioritize their bugs + it helps collect much more data about the crash than an average user normally provides.

However,I’ve noticed a significant drop in number of reports in Fedora 22. It’s just two weeks before the final release when many early adopters are already running F22, but the difference in number of reports from F21 and F22 is huge: 64373:904.

12 days before F21 was released, we collected 16081 reports from this version. That’s almost 18x more. I don’t think we’re experiencing such a huge drop in adoption, so I investigated more…

…and learned that GNOME Control Center got a new privacy setting in F22: Problem reporting. And if you upgrade from Fedora 21 automatic crash reporting is disabled even though you had it enabled before the upgrade. To make it even more confusing if you go ABRT settings automatic reporting is enabled there. That’s because the setting in GNOME Control Center serves as a master setting that overrides settings in ABRT. So if you have upgraded to F22 and want to provide developers with very valuable data, please go to Control Center->Privacy->Problem Reporting and enable automatic reporting. Manual reporting is still possible from the ABRT app.

The ABRT team is working on a fix for this.

If you do a fresh installation, you should be able to allow automatic reporting in the Initial Experience after installation.


May 13, 2015

Free Software Foundation announces deputy director search

This new position would work closely in support of the executive director to coordinate and amplify the work of an expanding, 12-person staff; represent the FSF to conference, supporter, and donor audiences internationally; and play a key role in improving the FSF's overall effectiveness by driving initiative prioritization, fundraising, resource allocation, hiring, and internal process development.

Now is an especially exciting time to join the FSF team, since this year is our 30th anniversary. We are taking the opportunity to both reflect on the past and plan ahead for the next 30 years.

In addition to being a talented general manager and project coordinator, the right candidate will bring significant expertise to at least one of the FSF's major work areas -- technology infrastructure and software development, licensing and compliance, public advocacy and engagement, fundraising, or operations.

This role is for someone who:

  • is a dedicated free software user;
  • cares deeply about the impact of control over technology on the exercise of individual freedoms;
  • stays highly organized, even during high-stress situations,
  • inspires and motivates others;
  • is a reliably rational, diplomatic, and productive voice in discussions, both online and offline;
  • loves puzzles and problem-solving; and
  • enjoys the challenges of working in the public eye, including fielding and responding to criticisms.

Because of financial control duties, the position must be worked from the FSF's headquarters in Boston, Massachusetts. Relocation assistance is available. Candidates currently located outside the US may apply; we have sponsored visas in the past.

Salary would be commensurate with experience. Benefits include:

  • full family health coverage through Blue Cross/Blue Shield's HMO Blue program,
  • subsidized dental plan,
  • four weeks of paid vacation annually,
  • seventeen paid holidays annually,
  • public transit commuting cost reimbursement,
  • 403(b) program through TIAA-CREF,
  • a shiny silver Deputy star,
  • yearly cost-of-living pay increases, and
  • potential for an annual performance bonus.

Applications must be submitted via email to This e-mail address is being protected from spambots. You need JavaScript enabled to view it . The email must contain the subject line "Deputy Director". A complete application should include:

  • resume or CV,
  • cover letter,
  • writing sample (1000 words or less), and
  • links to published work online, such as articles, code contributions, or conference presentation videos.

All materials must be in a free format. Email submissions that do not follow these instructions will probably be overlooked. No phone calls, please.

Applications will be evaluated on a rolling basis.

The FSF is an equal opportunity employer and will not discriminate against any employee or application for employment on the basis of race, color, marital status, religion, age, sex, sexual orientation, national origin, handicap, or any other legally protected status recognized by federal, state, or local law. We value diversity in our workplace.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

VENOM (CVE-2015-3456) Vulnerability and Linode

A new security advisory, CVE-2015-3456 called VENOM (Virtualized Environment Neglected Operations Manipulation), was released today. Our Security Team has thoroughly reviewed this vulnerability and we wanted to take a moment to reassure Linode customers that this vulnerability does not affect any part of the Linode infrastructure and no action is required on your part.

What is VENOM?

VENOM is a security vulnerability that exploits virtual floppy drive code in QEMU that emulates a floppy disk controller. On certain platforms, this code can be exploited which allows attackers to escape from a Virtual Machine guest and gain privileged access to the host.

Why is Linode not affected?

In XSA-133, which is the Xen Security Advisory that provides details related to this vulnerability, it states that “Systems running only x86 PV guests are not vulnerable”. This vulnerability applies to QEMU guests on KVM and XEN HVM Guests. Linode only uses XEN PV guests which are not affected by this vulnerability. Specifically, XEN PV guests do not require the use of QEMU.

What do I need to do?

Fortunately, nothing needs to be done at this time to your Linode. The Linode Security Team constantly monitors all CVE’s and XSA’s to ensure that our internal infrastructure and customer Linode’s are as secure as possible.

Ubuntu Security Update on VENOM (CVE-2015-3456) [UPDATED]

A buffer overflow in the virtual floppy disk controller of QEMU has been discovered. An attacker could use this issue to cause QEMU to crash or execute arbitrary code in the host’s QEMU process.

This issue is mitigated in a couple ways on Ubuntu when using libvirt to manage QEMU virtual machines, which includes OpenStack’s use of QEMU. The QEMU process in the host environment is owned by a special libvirt-qemu user which helps to limit access to resources in the host environment. Additionally, the QEMU process is confined by an AppArmor profile that significantly lessens the impact of a vulnerability such as VENOM by reducing the host environment’s attack surface.

A fix for this issue has been committed in the upstream QEMU source code tracker. Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 14.10, and Ubuntu 15.04 are affected. To address the issue, ensure that qemu-kvm 1.0+noroms-0ubuntu14.22 (Ubuntu 12.04 LTS), qemu 2.0.0+dfsg-2ubuntu1.11 (Ubuntu 14.04 LTS), qemu 2.1+dfsg-4ubuntu6.6 (Ubuntu 14.10), qemu 1:2.2+dfsg-5expubuntu9.1 (Ubuntu 15.04) are installed.

For reference, the Ubuntu Security Notices website is the best place to find information on security updates and the affected supported releases of Ubuntu.  Users can get notifications via email and RSS feeds from the USN site, as well as access the Ubuntu CVE Tracker.

May 11, 2015

What Is Copyright?

Which picture best depicts Copyright? Vote in comments.

©Talk2015_10001

A.

©Talk2015_10002

B.

©Talk2015_10003

C.

I’ll be asking this question tonight at this talk:

Questioning Copyright: Sharing or Stealing?

Date: 5/11/2015
Start Time: 7:00 PM
End Time: 8:30 PM

This event will be at Pizza M, 208 West Main Street, downtown Urbana. Delicious snacks from Pizza M will be provided.

Description:
 Does copyright protect creative work? What impact does copyright have on censorship? And what would happen if we abolished copyright? Join us for a provocative conversation with two guests: artist and copyright abolitionist Nina Paley and UIUC law professor and activist Paul Heald.

Nina Paley is the creator of the animated musical feature film Sita Sings the Blues and the short This Land Is Mine. Her adventures in our broken copyright system led her to joinQuestionCopyright.org as artist-in-residence, where she produced a series of animated shorts about intellectual freedom called Minute Memes. As half of PaleGray Labs, she develops techniques to combine animation with her other passions of quilting and embroidery. Nina is a former syndicated cartoonist, a 2006 Guggenheim Fellow, and currently making a new animated feature called Seder-Masochism.

Paul Heald lectures on patent, copyright and international intellectual property law around the world. He is the University of Illinois Richard W. and Marie L. Corman Professor of Law and is currently a fellow and associated researcher at CREATe, the RCUK Centre for Copyright and New Business Models in the Creative Economy, based at the University of Glasgow. He’s also the author of a recently released mystery novel Death in Eden.

 

Share/Bookmark

flattr this!

Upcoming opportunities to talk MySQL/MariaDB in May 2015

May is quickly shaping up to be a month filled with activity in the MySQL/MariaDB space. Just a quick note to talk about where I’ll be; looking forward to meet folk to talk shop. 

  1. The London MySQL Meetup GroupMay 13 2015 – organized by former colleague & friend Ivan Zoratti, we will be doing a wrap up of recent announcements at Percona Live Santa Clara, and I’ll be showing off some of the spiffy new features we are building into MariaDB 10. 
  2. MariaDB Roadshow London – May 19 2015 – I’m going to give an overview of our roadmap, and there will be many excellent talks by colleagues there. I believe MariaDB Corporation CEO Patrik Sallner and Stu Schmidt, President at Zend will also be there. Should be a fun filled day. 
  3. Internet Society (ISOC) Hong Kong World Internet Developer Summit – May 21-22 2015 – I’ll be giving a keynote about MariaDB and how we are trying to make it important Internet infrastructure as well as making it developer friendly. 
  4. O’Reilly Velocity 2015 – May 27-29 2015 – I will in 90 minutes attempt to give a tutorial to attendees (over a 100 have already pre-registered) an overview of MySQL High Availability options and what their choices are in 2015. Expect a lot of talk on replication improvements from both MySQL & MariaDB, Galera Cluster, as well as tools around the ecosystem. 

May 07, 2015

Case of a potato, food park, potato chips ,the humble wada-pav and the farmer.

This would be a shortish blog post about the politics behind the humble potato and what I have seen around me. For number of years farmers have been doing suicides in India and governments shed crocodile tears. It became a big story last week when 2 farmers took their life. The prince-ling Mr. Rahul Gandhi […]

The FSF is hiring: Seeking a Boston-area full-time web developer

This position, reporting to the executive director, works closely with our sysadmin team to maintain and improve the FSF's Web presence. It's an especially exciting time to join the FSF team, because we will be celebrating our 30th anniversary this October.

The FSF uses several different free software web platforms in the course of its work, both internally and externally. These platforms are critical to work supporting the GNU Project, free software adoption, free media formats, and freedom on the Internet; and to opposing bulk surveillance, Digital Restrictions Management, software patents, and proprietary software.

We are looking for someone who is primarily interested in keeping these systems up-to-date and working, as well as customizing them when necessary. While the main duties will relate to the backend systems, frontend experience with templates, HTML, CSS, JavaScript, and design tools will be a big plus.

The web developer will also contribute to decisions about which new platforms to use or which existing ones to retire. The infrastructure of www.fsf.org, shop.fsf.org, and audio-video.gnu.org will likely be changed this year, so there will be some critically important research and work to be done right away.

We emphasize opportunities to contribute work done at the FSF to the upstream projects we use, to benefit the broader free software community.

You'll primarily work with:

  • CiviCRM
  • Drupal
  • MediaWiki
  • Plone / Zope
  • Ikiwiki
  • Request Tracker
  • Django / Satchmo
  • Etherpad
  • CAS
  • GNU social
  • GNU MediaGoblin

Because the FSF works globally and seeks to have our materials distributed in as many languages as possible, multilingual candidates will have an advantage. English, German, French, Spanish, Mandarin, Malagasy, and a little Japanese, are represented among current FSF staff.

With our small staff of twelve, each person makes a clear contribution. We work hard, but offer a humane and fun work environment at an office located in the heart of downtown Boston.

The FSF is a mature but growing organization that provides great potential for advancement; existing staff get the first chance at any new job openings. This position is a great starting point for anyone who might be interested in other roles on our technical team in the future.

Benefits and salary

The job must be worked on-site at FSF's downtown Boston office. An on-site interview will be required with the executive director and other team members.

This job is a union position. The salary is fixed at $51,646.40 annually. Other benefits include:

  • conference travel opportunities,
  • full family health coverage through Blue Cross/Blue Shield's HMO Blue program,
  • subsidized dental plan,
  • four weeks of paid vacation annually,
  • seventeen paid holidays annually,
  • public transit commuting cost reimbursement,
  • 403(b) program through TIAA-CREF,
  • yearly cost-of-living pay increases, and
  • potential for an annual performance bonus.

Application instructions

Applications must be submitted via email to This e-mail address is being protected from spambots. You need JavaScript enabled to view it . The email must contain the subject line "Web Developer". A complete application should include:

  • resume,
  • cover letter, and
  • links to any previous work online.

All materials must be in a free format (such as plain text, PDF, or OpenDocument, and not Microsoft Word). Email submissions that do not follow these instructions will probably be overlooked. No phone calls, please.

Applications will be reviewed on a rolling basis until the position is filled. To guarantee consideration, submit your application by Wednesday, May 27th, 10:00AM EDT.

The FSF is an equal opportunity employer and will not discriminate against any employee or application for employment on the basis of race, color, marital status, religion, age, sex, sexual orientation, national origin, handicap, or any other legally protected status recognized by federal, state or local law. We value diversity in our workplace.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

May 05, 2015

A restriction on technological restrictions

A restriction on technological restrictionsThe right to install other software on your computing devices

Safecast is a global project to map radiation data from around the world and release this information openly. When the project just started out, they used modified hardware, together with their own custom software and a few clever tweaks, to allow anyone to participate in the project. This kind of ingenuity, the ability to re-purpose or adapt existing technology by replacing or supplementing its software, should be permitted and encouraged by the law. In the example of Safecast, fortunately nobody prevented them from being innovative.

But all of us depend on the possibility to install or replace programs that we use every day, to increase our security, privacy or convenience -- or just because we happen to like using a different program on our laptop, tablet, phone, router, television, car, or on other devices.

Today, on the International Day Against DRM, the undersigned organisations are calling on lawmakers to safeguard the right to tinker for everyone. To make sure that the owner of every device is allowed to replace or supplement the software in that device if they so choose, thereby empowering owners to control their own property. Many manufacturers today add technological restrictions that prevent device owners from changing their devices, or having someone do so for them. This can be in breach of the licences on the devices (as with Free Software/Open Source Software licences, which grant the rights to use, study, share, and improve the software for any purpose). It is clear that any right to tinker must also be coupled with a legal provision that prevents technological restrictions of the same right.

To successfully guarantee that device owners are in control of their own technology, the following organisations ask that the right to tinker be guaranteed for everyone, and that technological restrictions that interfere with this right be limited by law.

Support FSFE, join the Fellowship
Make a one time donation

May 01, 2015

Upcoming Conferences 2015

Linode is making the rounds on the conference circuit! Check out where we’re going over the next few months.

angelhacklogo
Angelhack
Austin | Austin, TX | May 9-10
Brooklyn | Brooklyn, NY | June 6-7
Los Angeles | Los Angeles, CA | June 6-7

We’re sending our mentors all over the U.S. for Angelhack. Angelhack is a 24-hour hackathon where developers of all ages and skill levels go to create awesomeness. It’s open to the public, so check out their website for more details and to buy tickets: www.angelhack.com/events


DrupalCon_NA2015_LosAngeles
DrupalCon LA | Los Angeles, CA | May 11-15
This year’s DrupalCon is in Los Angeles so we’re packing our bags and heading to the west coast. If you’re attending, stop by booth #209 to meet our team and talk about what you can do with Linode.


Velocitylogo
Velocity | Santa Clara, CA | May 27-29
With amazing topics and incredible speakers, Velocity 2015 is shaping up to be one to remember. Our team will be hanging out at Booth #401 loaded with tons of Linode goodies.


logo_lcna
LinuxCon North America | Seattle, WA | August 17-19
We are thrilled to be part of LinuxCon North America this year! There will be over 100 sessions and we can’t wait to connect with all of the Linux pros in attendance. Stop by our booth for Linode swag PLUS credit towards your new account.


fossconlogo
FOSSCON | Philadelphia, PA | August 22
FOSSCON is a free-and-open-source software conference held in Philadelphia. Our team will be there, prepped and ready to talk cloud hosting with you.

April 30, 2015

January–March, 2015 Status Report

The January–March, 2015 Status Report is now available.

April 28, 2015

Sharing multiple links on Android

Did you try to share several URLs at once on Android before? Until now I copied and pasted each one of the links step-by-step into an e-mail or a text. While checking F-Droid for new programs last month, I discovered bulkshare, which offers an easier way to achieve this task.

First you share each of the links with bulkshare through Android’s share menu. Then you open bulkshare and re-share it with another program. In this step you can choose which of the links you want to share (by default all).

Screenshot of bulkshare with multiple links open

After sharing several links to bulkshare you can re-share all or a selection of them

This way you can share the link list for example with K-9 mail or other programs, edit the text around it and send it out.

Thanks to the author Alex Gherghișan for this nice program.

April 27, 2015

From the Trenches, Tips & Tricks Edition: Hacking "/ on ZFS" and GELI Encrypted Drives, the Old-School Way

Glen Barber is back to kick off our latest From The Trenches series: The Tips and Tricks Edition. 

All my personal machines run FreeBSD.

In fact, all my personal machines run FreeBSD-CURRENT. I do this primarily to keep track of changes that get committed to the head branch, so I can personally test changes (for the things I use, at least) before they get merged to the stable branches.

As one of the Release Engineers, I find it essential that, whenever possible, I find issues so they can be corrected before they are part of a release.

My primary work machine is a laptop, currently a Lenovo Thinkpad T540p. I picked this laptop, and all the other laptops before it, because it met my minimum requirements for a primary workstation: it is capable of supporting a large amount of RAM (16GB for my Thinkpad, 8GB for all previous laptops), an Intel Core i7 CPU, and I could replace the DVD drive with a second hard drive.

In addition to these hardware requirements, I also have a few personal requirements of any workstation - the drives must be encrypted, and the underlying filesystem must be ZFS.

For me, it is not so much about the data I have *on* the laptop that I need to protect, but the kinds of things within the FreeBSD Project I am permitted access. Without encrypted drives, a lost or stolen laptop would absolutely be my worst possible nightmare, because I only have my login passphrase protecting my data (GPG key, SSH keys, and so on).

Recent FreeBSD releases allow "/ on ZFS" installation with the option to enable GELI-based encryption. This predates my original installation, however, since each laptop I have purchased for the past several years used the hard drives from the previous laptop. According to zpool history, the installation was at least two and a half years ago, but I know it is much longer than that, because of zfs recv being one of the first things zpool history reports.

So, I needed to do things the old-fashioned way, and manually create the GELI-backed providers and perform the "/ on ZFS" installation myself.

While bsdinstall(8) may now cover the majority of use cases for such installations, there may be cases where someone specifically needs to do something a certain way that the installer does not provide.

Because I only had one hard drive in the system when the system was initially installed (a long time ago), I will only refer to one hard drive when describing the steps I used to perform the installation, for now.

I installed the system using the 9.0-RELEASE or 9.1-RELEASE memory stick installer (memstick.img), I cannot remember which, but that detail is not as important, since I did not use the installer anyway.

When I booted from the memory stick, the two drives recognized on the system were the internal hard drive, /dev/ada0, and the external USB flash drive for the installation, /dev/da0. The first menu screen has three options available: "Install", "Shell", "Live CD".

I selected "Live CD", and logged in as root (no password is necessary for the "Live CD" functionality). The hard drive did not have an operating system. Because I purchased the hard drive, in addition to the laptop, with the intention of replacing the laptop's drive, I did not need to remove any partitions from an existing installation. If I did need to remove partitions, I would have done so with:
# gpart destroy -F ada0
Here is where some technical details become important:
  • While you can install "/ on ZFS" on a drive partitioned with MBR (Master Boot Record), using GPT is far easier. In fact, I have forgotten much about how MBR partitioning is actually done.
  • When doing full disk encryption, you must keep /boot contents separate, otherwise loader(8) and the kernel will not be available when the BIOS hands over control to the operating system. As such, /boot should be given its own partition on the disk left unencrypted, and the rest of the system on its own encrypted partition.
I created four partitions on the drive. The first partition is for the boot blocks (not to be confused with the /boot contents), the second partition is for /boot, the third is for the encrypted system, and the fourth is for swap.
# gpart create -s gpt ada0
# gpart add -t freebsd-boot -s 512k -i 1 -l gptboot ada0
# gpart add -t freebsd-zfs -s 10G -i 2 -l bootfs ada0
# gpart add -t freebsd-swap -s 10G -i 3 -l swapfs ada0
# gpart add -t freebsd-zfs -s 180G -i 4 -l rootfs ada0
I decided to put the swap partition between the /boot partition and the rest of the system, in case I needed to increase or decrease the size of the /boot partition, it would be far easier (and safer) to do.

Then, I loaded the necessary kernel modules for ZFS and GELI:
# kldload /boot/kernel/opensolaris.ko
# kldload /boot/kernel/zfs.ko
# kldload /boot/kernel/geom_eli.ko
Now that GELI functionality is available, I created the backend provider for the ZFS dataset:
# geli init -b -a HMAC/SHA256 -e AES-CBC -l 256 \
-s 4096 /dev/ada0p4
Then I attached the GELI provider, and wrote data from /dev/randomto the new device /dev/ada0p4.eli:
# geli attach ada0p4
# dd if=/dev/random of=/dev/ada0p4.eli bs=4096

This took a while on the system this hard drive was originally installed, so I probably got coffee at this point. :-)

When the dd(1) command finished, I continued the installation.

I created temporary directories to use to import the pools after they were created:
# mkdir /tmp/zroot
# mkdir /tmp/zboot
Keep in mind, I am installing from a memory stick image, which by default, is read-only. The /tmp directory is writable, however, because it is a md(4)-backed memory disk filesystem.
# zpool create -O checksum=fletcher4 -O atime=off \
-m /tmp/zboot zboot /dev/ada0p2
# zpool create -O checksum=fletcher4 -O atime=off \
-m /tmp/zroot zroot /dev/ada0p4.eli
Then I made a few ZFS datasets for various paths:
# for i in var var/log var/tmp var/db usr usr/home \
usr/compat usr/ports \
usr/local tmp; do \
zfs create zroot/${i} \
done
I also made a separate ZFS dataset for the "bootfs" contents, and set the mountpoint to the /boot directory in the temporary working directory:
# zfs create zboot/boot
# zfs set mountpoint=/tmp/zroot/boot zboot/boot
On the memory stick installation media, the distribution sets are located in /usr/freebsd-dist. I extracted their contents into the newly-created filesystem:
# cd /tmp/zroot
# for i in base kernel lib32; do \
tar -xf /usr/freebsd-dist/${i}.txz -C . \
done
Then I wrote the bootcode to the first partition of the drive:
# gpart bootcode -b /tmp/zroot/boot/pmbr \
-p /tmp/zroot/boot/gptzfsboot -i 1 ada0
Because the "bootfs" (/boot) and "rootfs" (everything else) are both ZFS, I needed to use the gptzfsboot bootcode for the "freebsd-boot" partition.

Now the system is installed, but I needed to make a few modifications before I was ready to reboot. In particular, set a root password, edit /etc/fstab to enable swap, edit /etc/rc.conf to enable the zfs rc(8) startup script, and edit /boot/loader.conf to load the geom_eli.ko, opensolaris.ko, and zfs.ko kernel modules at boot.
# chroot /tmp/zroot
# passwd root
[enter password]
# echo '/dev/gpt/swapfs none swap sw 0 0' \
>> /etc/fstab
# echo 'zfs_enable="YES"' >> /etc/rc.conf
# echo 'geom_eli_load="YES"' >> /boot/loader.conf
# echo 'zfs_load="YES"' >> /boot/loader.conf
# exit
Before rebooting, I needed to make a few adjustments to where /boot from the zboot/boot dataset would be mounted at boot.
# zfs umount zboot/boot
# zfs set mountpoint=/realboot zboot/boot
This now makes the /boot directory mount as /realboot, so I then needed to point /boot in the zroot dataset to the correct place. This was easily solved with a symbolic link:
# cd /tmp/zroot
# ln -s boot /realboot
Now when the system boots, the filesystem will look something like this:
/bin
/sbin
/boot -> /realboot
/realboot
[...]
Finally, I needed to unmount the zroot dataset, and fix its mountpoints. I only needed to change the zroot mountpoint itself, since all children datasets adjusted their paths automatically.
# zfs umount -a
# zfs set mountpoint=/ zroot
At this point, the installation was complete. I rebooted the laptop, entered the GELI passphrase for /dev/ada0p4.eli when prompted, and was greeted by the "login: " prompt we have all grown to love.

New committer: Mariusz Zaborski (src)

April 23, 2015

Event about Copyright in Águeda (Portugal), next May

A workshop about Copyright and Digital Rights Management and a monkey on the poster? Are you lost? Here's an explanation... this famous monkey is a pro in taking selfies. If you want to know more, the rest of the story will be told next 9th of May!

I'll be talking about DRM on an event next to Paula Simões (Portuguese Education Freedom Association) who's going to talk about copyright levies, and Teresa Nobre (Creative Commons) who's going to talk about free culture.

It promises to be a great afternoon, I hope you'll be able to join us!

Kokori news

A consequence from the fact that I almost stopped blogging is that those of you who still read this blog and were used to follow my musical endeavors through it were left in the dark.

I did refer at some point that I am 1/2 of a post-cyberpunk industrial duo named kokori. But from then until now, kokori has released three EPs and one single, besides participating on several compilations. Here's one of the tracks from our "Release Candid Hate" EP, so you know what I'm talking about:
But the flow never stops, and we are at this moment on an ambitious project - a crowdfunded compilation.
With your help, Kokori is going to be part of an awesome 3 tapes compilation. Metaphysical Circuits, a tape label from our good friend Christian of The Beard Of Snails Records (R.I.P.), is aiming to release "400/100", a three-hour, 43 track triple cassette compilation. An epic, eclectic statement, spanning ambient excursions, techno textures, slick synths, cinematic guitars, song-craft, improvisation, wyrld jamz, and no-fi noise melodies, this project has everything to be a must-have compilation, and we're proud to be a part of it with one new, exclusive track. Alongside with Kokori will be musical projects like Palm Era, TAKAHIRO MUKAI, Vejgaard Ambient, Northville Tunnels, The Child of a Creek, Stephen Connolly, Strange Mountain, cryptic scenery, Geoff, Les Bicyclettes de Belize and more. But why with your help? Well, because this endeavour needs you as much as you need it: your funding and pre-order will make it happen, and in the process you can even get some extra goodies. Find all about it on its campaign page!

Final PDFreaders advertisement squashing

We currently wrap-up the PDFreaders campaign, and we need your help to measure our success.

Started in 2009 FSFE’s goal with the campaign was to get rid of advertisement for proprietary PDF readers. We focused on the websites of public administrations, and many people helped us gather contact details for over 2000 public websites which advertised non-free software. Many people helped us to contact the public administrations, governments were made aware of it and published guidelines. Until now we know that 772 of the 2110 bugs were fixed, which is a 36% success rate.

A highway without any advertisement

A highway without any claims by the government which cars you need to drive there, or advertisemt for those cars

But for most countries we did not check the status for several months now. That’s why we need your help now to make one final round. We are looking for volunteers who can help us checking websites in their native language.

Here a step by step guide:

  1. Check the etherpad to see if someone is already working on your country list
    • If yes, please coordinate directly who takes care about what, so you do not waste your time
    • If no, please indicate in the pad that you start to work on it.
  2. For each web page listed on the page or the xml file, go to the web page and search if there is still an advertisement for non-free PDFreaders
    • If yes, keep the bug open.
    • If no, use your favourite search engine with a query like: “site:DomainNameOfOrganiation.TLD adobe acrobat pdf reader
      • If you have no results, close the bug by adding the current date in the “closed” field in the xml file
      • If you have some results and there is still advertisment without also listing Free Software PDF readers, let the bug open and change the link in the “institution-url” field to one from the results you just found.
    • If the link is broken, use the query from the point above
      • If you have some results and there is just advertisement for non-free PDF readers, change the broken url with a new one in the “institution-url” field.
      • If you have no result close the bug by adding the current date in the “closed” field.
    • When you have finished to update, please inform others by updating the status on the public pad and sent the xml file to This e-mail address is being protected from spambots. You need JavaScript enabled to view it .
    • Now, you have all our gratitude. Thank you very much!

Afterwards we will send an update about how many institutions removed the advertisement, and what else we achieved together with you in the campaign.

April 13, 2015

Presentation – Crash Course Cloud 2.0

Presentation on the current state of cloud computing and the role that open source, containers and microservices are playing in the cloud.

Presented to Florida Linux Users Exchange on April 9th, 2015

[Link in case embed doesn’t work].

 

Technorati Tags: ,

March 31, 2015

OpenSource.com – Open source and DevOps aren’t mandatory, but neither is survival

I recently wrote an article for OpenSource.com – Open source and DevOps aren’t mandatory, but neither is survival This article is part of the Easy DevOps column coordinated by Greg Dekoenigsberg, VP of Community at Ansible. Share your stories and advice that helps to make DevOps practical—along with the tools, processes, culture, successes and glorious/inglorious failures from your experience by contacting us at This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

Technorati Tags:

March 13, 2015

15th Anniversary and Spring Fundraising Kickoff

I'm so excited to announce our spring fundraising campaign. I know it's not officially spring yet, but it sure feels like it here at Foundation headquarters in Boulder, Colorado. We're kicking off our fundraising campaign in conjunction with some other exciting events. There's so much to celebrate. First, we are proud to be a Platinum sponsor of AsiaBSDCon. This is the tenth AsiaBSDCon, with over 140 attendees planned, and 31 talks, providing a venue for all things BSD in Asia. People from around the world attend this conference to learn about the BSD operating systems, share their knowledge and experience, and work together to develop, hack, fix, improve, and document the various BSD operating systems.

The most exciting news we have is that we are celebrating our 15th anniversary supporting the FreeBSD Project and community worldwide! We have grown from our president and founder, Justin Gibbs, creating a non-profit to support FreeBSD, to an eight member board with 7 staff members. In case you missed it earlier, check out Justin's interview about the history of the Foundation on BSDNow

As the first employee, 9 years ago, I've witnessed incredible growth in our ability to support the Project and community. The year we were founded we raised a whopping $7,000. My first year with the Foundation, in 2006, we raised a little over $100,000. And, last year we raised $2,436,194, spending $877,412 on the project.

When we first started out, we focused on funding project development, conference sponsorships, and travel grants. Fifteen years later, we have increased support in those areas and have now grown to providing legal support for the Project; purchasing and helping manage hardware for FreeBSD infrastructure; providing release engineering support for consistent and timely releases; creating marketing literature and presentations that not only inform people of what FreeBSD is, but also provides detailed information on what's in new releases; attending more conferences to promote FreeBSD; and publishing a professional online FreeBSD magazine, The FreeBSD Journal.

To celebrate our anniversary, we are kicking off a fundraising campaign to help broaden the reach of our mission, by adding 500 new community investors in the next four weeks. What's a new community investor? An individual or organization that makes their first 2015 donation during this spring campaign. 

Why donate to the Foundation? Your donations will help us continue and increase our support in the following areas:
  • Funding improvement and development projects, including: Native ISCSI kernel Stack, Updated video console (Newcons), UEFI system boot support, Capsicum component framework, IPv6 support in FreeBSD, Auditdistd improvements for FreeBSD cluster, and adding modern AES modes to OpenCrypto (to support IP/SEC).
  • Helping to provide consistent and on-time releases.
  • Educating the public and promoting FreeBSD with tools like our high-quality FreeBSD 10X Brochure and company visits to help
  • facilitate collaboration efforts with the Project.
  • Sponsoring BSD conferences and summits in Europe, Japan, Canada, and the US.
  • Protecting FreeBSD IP and providing legal support to the Project.
  • Purchasing hardware to build and improve FreeBSD project infrastructure.
For the last 15 years, you as a community have allowed us to make an major impact on the FreeBSD Project and Community. Please help us continue and increase our support by making a donation today.


Deb Goodkin, Executive Director

February 01, 2015

MariaDB turns 5!

I stopped working on MySQL at Sun Microsystems in late 2009 (after a lengthy period of garden leave), to join Monty Program Ab, and was greatly anticipating a MariaDB release that we could take to market. The first GA release of MariaDB came out February 1 2010 – MariaDB 5.1.42. Today is MariaDB Server’s 5th birthday!

We didn’t even want to call it GA back then — we referred to it as a “stable” release. We didn’t make our own builds because we figured source code tarballs were good enough; so builds were made and hosted at OurDelta. It took some months (around August 2010) when we moved release notes to the Knowledgebase (which you’ll notice has moved from kb.askmonty.org to its current location) from the old front page wiki install that we had at askmonty.org.

I didn’t go to the first company meeting in Malaga due to having the chickenpox, so my first meeting was the one we did in Reykjavik, Iceland. We did it towards the end of February 2010, and planned it literally in a month – maybe a celebration that we brought 5.1 to market on time, and also to plan 5.2.

Speaking of companies, we were Monty Program Ab (professionally this quickly became MariaDB Services Ab), then SkySQL Ab (via merger), and finally MariaDB Corporation Ab (via re-branding). Shortly before the SkySQL Ab merger, we even have the MariaDB Foundation appear.

Anyway, what have we released? MariaDB 5.1, MariaDB 5.2, MariaDB 5.3, MariaDB 5.5, MariaDB 10.0, MariaDB Galera Cluster 5.5 & 10.0, a special MariaDB 5.5 with TokuDB build and a special MariaDB with FusionIO improvements build. To boot, we also have three client libraries (connectors, if you must): C, Java, and ODBC.

So 5 major server releases (7 if you count the Galera series), and we’re now working on MariaDB 10.1. I count 88 releases of the server across various versions (with breakdowns: 9 alphas, 11 betas, 7 release candidates and 61 GAs). We’ve had 23 Galera releases and 15 releases for the various client libraries.

We are shipping in all major Linux and BSD distributions. In many, we are even the default

This birthday is a nice time to look back at our achievements, but also to remind ourselves to not rest on our laurels and continue to focus on growth. The last sanctioned press release talks of over 2 million users globally. 

Thank you to all our users. Thank you to all the contributors and developers. Here’s to a lot more adoption, growth, releases and technology improvements!

January 22, 2015

FLOSSK mbështetë Wiki Academy Kukës

FLOSSK do të mbështesë Wiki Academy-n e cila mbahet më 22 dhe 23 mars në Kukës. Akademia e Wikipedia-s përfshinë trajnimin e të rinjëve për të kontribuar në Wikipedia duke përfunduar me një vikend të plotë dedikuar shkrimit të artikujve në Enciklopedinë e Lirë Wikipedia.

January 20, 2015

Smart things powered by snappy Ubuntu Core on ARM and x86

“Smart, connected things” are redefining our home, work and play, with brilliant innovation built on standard processors that have shrunk in power and price to the point where it makes sense to turn almost every “thing” into a smart thing. I’m inspired by the inventors and innovators who are creating incredible machines – from robots that might clean or move things around the house, to drones that follow us at play, to smarter homes which use energy more efficiently or more insightful security systems. Prooving the power of open source to unleash innovation, most of this stuff runs on Linux – but it’s a hugely fragmented and insecure kind of Linux. Every device has custom “firmware” that lumps together the OS and drivers and devices-specific software, and that firmware is almost never updated. So let’s fix that!

Ubuntu is right at the heart of the “internet thing” revolution, and so we are in a good position to raise the bar for security and consistency across the whole ecosystem. Ubuntu is already pervasive on devices – you’ve probably seen lots of “Ubuntu in the wild” stories, from self-driving cars to space programs and robots and the occasional airport display. I’m excited that we can help underpin the next wave of innovation while also thoughtful about the responsibility that entails. So today we’re launching snappy Ubuntu Core on a wide range of boards, chips and chipsets, because the snappy system and Ubuntu Core are perfect for distributed, connected devices that need security updates for the OS and applications but also need to be completely reliable and self-healing. Snappy is much better than package dependencies for robust, distributed devices.

Transactional updates. App store. A huge range of hardware. Branding for device manufacturers.

In this release of Ubuntu Core we’ve added a hardware abstraction layer where platform-specific kernels live. We’re working commercially with the major silicon providers to guarantee free updates to every device built on their chips and boards. We’ve added a web device manager (“webdm”) that handles first-boot and app store access through the web consistently on every device. And we’ve preserved perfect compatibility with the snappy images of Ubuntu Core available on every major cloud today. So you can start your kickstarter project with a VM on your favourite cloud and pick your processor when you’re ready to finalise the device.

If you are an inventor or a developer of apps that might run on devices, then Ubuntu Core is for you. We’re launching it with a wide range of partners on a huge range of devices. From the pervasive Beaglebone Black to the $35 Odroid-C1 (1Ghz processor, 1 GB RAM), all the way up to the biggest Xeon servers, snappy Ubuntu Core gives you a crisp, ultra-reliable base platform, with all the goodness of Ubuntu at your fingertips and total control over the way you deliver your app to your users and devices. With an app store (well, a “snapp” store) built in and access to the amazing work of thousands of communities collaborating on Github and other forums, with code for robotics and autopilots and a million other things instantly accessible, I can’t wait to see what people build.

I for one welcome the ability to install AI on my next camera-toting drone, and am glad to be able to do it in a way that will get patched automatically with fixes for future heartbleeds!

Education Freedom Day registration launched!

efd-banner

We have just opened Education Freedom Day registration, scheduled on March 21st, 2015. For its second edition EFD has been moved to March to facilitate its celebration in both the south of the planet and China (at least…) and we hope to cater to more events this year.

As usual for all our Freedom celebrations the process is similar, you get together and decide to organize an event, then create a page in our wiki and register your team. As the date approaches you get to put more information in your wiki page (or on your organization website which is linked from the wiki) such as the date and time, the location and what people can expect to see.

Education Freedom Day is really the opportunity to review all the available Free Educational Resources available, how they have improved since last year and what you should start planning to implement to deploy in the coming months. More importantly it is the celebration of what is available and letting people aware of it!

So prepare well and see you all in two months to celebrate Education Freedom Day!

Celebrate EFD with us on March 21, 2015!

Education Freedom Day registration launched!

And to continue this busy week in announcements we have just opened Education Freedom Day registration, scheduled on March 21st, 2015. For its second edition EFD has been moved to March to facilitate its celebration in both the south of the planet and China (at least...) and we hope to cater to more events this year.

As usual for all our Freedom celebrations the process is similar, you get together and decide to organize an event, then create a page in our wiki and register your team. As the date approaches you get to put more information in your wiki page (or on your organization website which is linked from the wiki) such as the date and time, the location and what people can expect to see.

Education Freedom Day is really the opportunity to review all the available Free Educational Resources available, how they have improved since last year and what you should start planning to implement to deploy in the coming months. More importantly it is the celebration of what is available and letting people aware of it!

So prepare well and see you all in two months to celebrate Education Freedom Day!

January 19, 2015

Komentet e FLOSSK-ut ndaj ligjit për përgjimin e komunikimeve elektronike në Kosovë

Më 19 janar, përmes një letre dërguar Komisionit Parlamentar për Integrime Evropiane, FLOSSK-u ka reaguar ndaj Projektligjit për përgjimin e komunikimeve elektronike në Kosovë. Në këtë letër numërohet arsyet pse ky Projektligj në formën e tanishme është i dëmshëm për privatësinë e qytetarëve të Kosovës dhe si rrjedhojë i papranueshëm për ne.
 

Key Update

I’m a fossil, apparently. My oldest PGP key dates back to 1997, so around the time when GnuPG just got started – and I switched to it early. Over the years I’ve been working a lot with GnuPG, which perhaps isn’t surprising. Werner Koch has been one of the co-founders of the Free Software Foundation Europe (FSFE) and so we share quite a bit of a long and interesting history together. I was always proud of the work he did – and together with Bernhard Reiter and others was doing what I could to try and support GnuPG when most people did not seem to understand how essential it truly was – and even many security experts declared proprietary encryption technology acceptable. Bernhard was also crucial to start the more than 10 year track record of Kolab development supporting GnuPG over the years. And especially the usability of GnuPG has always been something I’ve advocated for. As the now famous video by Edward Snowden demonstrated, this unfortunately continued to be an unsolved problem but hopefully will be solved “real soon now.”
In any case. I’ve been happy with my GnuPG setup for a long time. Which is why the key I’ve been using for the past 16 years looked like this:
sec# 1024D/86574ACA 1999-02-20
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Brave GNU World <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
ssb>  1024R/B7DB041C 2005-05-02
ssb>  1024R/7DF16B24 2005-05-02
ssb>  1024R/5378AB47 2005-05-02
You’ll see that I kept the actual primary key off my work machines (look for the ‘#’) and I also moved the actual sub keys onto a hardware token. Naturally a FSFE Fellowship Smart Card from the first batch ever produced.
Given that smart card is battered and bruised, but its chip is still intact with 58470 signatures and counting, the key itself is likely still intact and hasn’t been compromised for lack of having been on a networked machine. But unfortunately there is no way to extend the length of a key. And while 1024 is probably still okay today, it’s not going to last much longer. So I finally went through the motions of generating a new key:
sec#  4096R/B358917A 2015-01-11 [expires: 2020-01-10]
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Community) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Free Software Foundation Europe, Founding President) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Free Software Foundation Europe, Founding President) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (digitalSTROM.org Board) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (GNU Project) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
ssb>  4096R/AD394E01 2015-01-11
ssb>  4096R/B0EE38D8 2015-01-11
ssb>  4096R/1B249D9E 2015-01-11

My basic setup is still the same, and the key has been uploaded to the key servers, signed by my old key, which I have meanwhile revoked and which you should stop using. From now on please use the key
pub   4096R/B358917A 2015-01-11 [expires: 2020-01-10]
      Key fingerprint = E39A C3F5 D81C 7069 B755  4466 CD08 3CE6 B358 917A
exclusively and feel free to verify the fingerprint with me through side channels.

Not that this key has any chance to ever again make it among the top 50… but then that is a good sign in so far as it means a lot more people are using GnuPG these days. And that is definitely good news.

And in case you haven’t done so already, go and support GnuPG right now.

 

 

30 years of FSF

After an exciting weekend celebrating Hardware Freedom Day what could possibly be better than going back to the very inspiring video made to celebrate the 30th anniversary of the Free Software Foundation? Indeed it’s been made using Free Software only and goes through the work of the foundation for the past thirty years. It’s actually nice to look at, positive and very well animated. We will definitely encourage all our software freedom day teams to use it during their events. But let us say no more and let you enjoy it if you’ve missed it so far:

And then, for the ones into this kind of work, and blender in particular, you can find a detailed explanation of the challenges that the makers of the work went through and how they fixed them right here. Definitely a great read into the whole process from design to finish. Great job guys! And of course a happy 30th anniversary to the FSF from the Digital Freedom Foundation and all its members!

30 years of FSF

After an exciting weekend celebrating Hardware Freedom Day what could possibly be better than going back to the very inspiring video made to celebrate the 30th anniversary of the Free Software Foundation? Indeed it's been made using Free Software only and goes through the work of the foundation for the past thirty years. It's actually nice to look at, positive and very well animated. We will definitely encourage all our software freedom day teams to use it during their events. But let us say no more and let you enjoy it if you've missed it so far:

And then, for the ones into this kind of work, and blender in particular, you can find a detailed explaination of the challenges that the makers of the work went through and how they fixed them right here. Definitely a great read into the whole process from design to finish. Great job guys! And of course a happy 30th anniversary to the FSF from the Digital Freedom Foundation and all its members!

December 23, 2014

GNOME Builder copr now for Rawhide only

GNOME Builder is under heavy development. This usually implies that such an application might require very new versions of its dependencies.

Upstream recently bumped their dependencies, and now require things that are only in Rawhide.

I have no intention to provide development builds of Gtk3 (among other things) in a Fedora 21 copr, as that might imply either breaking half of the distro, or having to rebuild it.

As a result, the GNOME Builder copr will from now on be Rawhide-only.

I have dropped the Fedora 21 repos, they won't be updated any more.

If you were using it on Fedora 21, please delete it:

# rm -f /etc/yum.repos.d/_copr_bochecha-gnome-builder.repo

If you still want to try GNOME Builder on Fedora 21, you'll now have to go the jhbuild route.

November 27, 2014

Lollipopp’d

I successfully updated my Nexus devices with Android 5.0 aka Lollipop earlier this week. Finally. After 3 tries with the download failing the first time, the install failing the next time and then it finally going through. Here is what I’m impressed with: * Look and feel polish – the visual change using new material […]

November 22, 2014

Release party in Barcelona

15794067981_0d173ce352_z

Another time, and there has been 16, ubuntaires celebrated the release party of the next Ubuntu version, in this case, 14.10 Utopic Unicorn.

This time, we went to Barcelona, at Raval, at the very centre, thanks to our friends of the TEB.

As always, we started with explaining what Ubuntu is and how our Catalan LoCo Team works and later Núria Alonso from the TEB explained the Ubuntu migration done at the Xarxa Òmnia.

15797518182_0a05d96fde_z

The installations room was plenty from the very first moment.

15611105340_1de89d36b4_z

There also was a very profitable auto-learning workshop on how to do an Ubuntu metadistribution.

15772275826_99d1a77d8b_z

 

And in another room, there were two Arduino workshops.

15610528118_927a8d7cc2_z15794076701_cc538bf9ba_z

 

And, of course, ubuntaires love to eat well.

 

15615259540_76daed408b_z 15614277959_c98bda1d33_z

 

Pictures by Martina Mayrhofer and Walter García, all rights reserved.

 
 

November 08, 2014

OpenStack on a diet, redux

Subhu writes that OpenStack’s blossoming project list comes at a cost to quality. I’d like to follow up with an even leaner approach based on an outline drafted during the OpenStack Core discussions after ODS Hong Kong, a year ago.

The key ideas in that draft are:

Only call services “core” if the user can detect them.

How the cloud is deployed or operated makes no difference to a user. We want app developers to

Define both “core” and “common” services, but require only “core” services for a cloud that calls itself OpenStack compatible.

Separation of core and common lets us recognise common practice today, while also acknowledging that many ideas we’ve had in the past year or three are just 1.0 iterations, we don’t know which of them will stick any more than one could predict which services on any major public cloud will thrive and which will vanish over time. Signalling that something is “core” means it is something we commit to keeping around a long time. Signalling something is “common” means it’s widespread practice for it to be available in an OpenStack environment, but not a requirement.

Require that “common” services can be self-deployed.

Just as you can install a library or a binary in your home directory, you can run services for yourself in a cloud. Services do not have to be provided by the cloud infrastructure provider, they can usually be run by a user themselves, under their own account, as a series of VMs providing network services. Making it a requirement that users can self-provide a service before designating it common means that users can build on it; if a particular cloud doesn’t offer it, their users can self-provide it. All this means is that the common service itself builds on core services, though it might also depend on other common services which could be self-deployed in advance of it.

Require that “common” services have a public integration test suite that can be run by any user of a cloud to evaluate conformance of a particular implementation of the service.

For example, a user might point the test suite at HP Cloud to verify that the common service there actually conforms to the service test standard. Alternatively, the user who self-provides a common service in a cloud which does not provide it can verify that their self-deployed common service is functioning correctly. This also serves to expand the test suite for the core: we can self-deploy common services and run their test suites to exercise the core more thoroughly than Tempest could.

Keep the whole set as small as possible.

We know that small is beautiful; small is cleaner, leaner, more comprehensible, more secure, easier to test, likely to be more efficiently implemented, easier to attract developer participation. In general, if something can be cut from the core specification it should. “Common” should reflect common practice and can be arbitrarily large, and also arbitrarily changed.

In the light of those ideas, I would designate the following items from Subhu’s list as core OpenStack services:

  • Keystone (without identity, nothing)
  • Nova (the basis for any other service is the ability to run processes somewhere)
    • Glance (hard to use Nova without it)
  • Neutron (where those services run)
    • Designate (DNS is a core aspect of the network)
  • Cinder (where they persist data)

I would consider these to be common OpenStack services:

  • SWIFT (widely deployed, can be self-provisioned with Cinder block backends)
  • Ceph RADOS-GW object storage (widely deployed as an implementation choice, common because it could be self-provided on Cinder block)
  • Horizon (widely deployed, but we want to encourage innovation in the dashboard)

And these I would consider neither core nor common, though some of them are clearly on track there:

  • Barbican (not widely implemented)
  • Ceilometer (internal implementation detail, can’t be common because it requires access to other parts)
  • Juju (not widely implemented)
  • Kite (not widely implemented)
  • HEAT (on track to become common if it can be self-deployed, besides, I eat controversy for breakfast)
  • MAAS (who cares how the cloud was built?)
  • Manila (not widely implemented, possibly core once solid, otherwise common once, err, common)
  • Sahara (not widely implemented, weird that we would want to hardcode one way of doing this in the project)
  • Triple-O (user doesn’t care how the cloud was deployed)
  • Trove (not widely implemented, might make it to “common” if widely deployed)
  • Tuskar (see Ironic)
  • Zaqar (not widely implemented)

In the current DefCore discussions, the “layer” idea has been introduced. My concern is simple: how many layers make sense? End users don’t want to have to figure out what lots of layers mean. If we had “OpenStack HPC” and “OpenStack Scientific” and “OpenStack Genomics” layers, that would just be confusing. Let’s keep it simple – use “common” as a layer, but be explicit that it will change to reflect common practice (of course, anything in common is self-reinforcing in that new players will defer to norms and implement common services, thereby entrenching common unless new ideas make services obsolete).

October 23, 2014

Ten years of Ubuntu

Today marks 10 years of Ubuntu and the release of the 21st version. That is an incredible milestone and one which is worthy of reflection and celebration. I am fortunate enough to be spending the day at our devices sprint with 200+ of the folks that have helped make this possible. There are of course hundreds of others in Canonical and thousands in the community who have helped as well. The atmosphere here includes a lot of reminiscing about the early days and re-telling of the funny stories, and there is a palpable excitement in the air about the future. That same excitement was present at a Canonical Cloud Summit in Brussels last week.

The team here is closing in on shipping our first phone, marking a new era in Ubuntu’s history. There has been excellent work recently to close bugs and improve quality, and our partner BQ is as pleased with the results as we are. We are on the home stretch to this milestone, and are still on track to have Ubuntu phones in the market this year. Further, there is an impressive array of further announcements and phones lined up for 2015.

But of course that’s not all we do – the Ubuntu team and community continue to put out rock solid, high quality Ubuntu desktop releases like clockwork – the 21st of which will be released today. And with the same precision, our PC OEM team continues to make that great work available on a pre-installed basis on millions of PCs across hundreds of machine configurations. That’s an unparalleled achievement, and we really have changed the landscape of Linux and open source over the last decade. The impact of Ubuntu can be seen in countless ways – from the individuals, schools, and enterprises who now use Ubuntu; to proliferation of Codes of Conduct in open source communities; to the acceptance of faster (and near continuous) release cycles for operating systems; to the unique company/community collaboration that makes Ubuntu possible; to the vast number of developers who have now grown up with Ubuntu and in an open source world; to the many, many, many technical innovations to come out of Ubuntu, from single-CD installation in years past to the more recent work on image-based updates.

Ubuntu Server also sprang from our early desktop roots, and has now grown into the leading solution for scale out computing. Ubuntu and our suite of cloud products and services is the premier choice for any customer or partner looking to operate at scale, and it is indeed a “scale-out” world. From easy to consume Ubuntu images on public clouds; to managed cloud infrastructure via BootStack; to standard on-premise, self-managed clouds via Ubuntu OpenStack; to instant solutions delivered on any substrate via Juju, we are the leaders in a highly competitive, dynamic space. The agility, reliability and superior execution that have brought us to today’s milestone remains a critical competency for our cloud team. And as we release Ubuntu 14.10 today, which includes the latest OpenStack, new versions of our tooling such as MaaS and Juju, and initial versions of scale-out solutions for big data and Cloud Foundry, we build on a ten year history of “firsts”.

All Ubuntu releases seem to have their own personality, and Utopic is a fitting way to commemorate the realisation of a decade of vision, hard work and collaboration. We are poised on the edge of a very different decade in Canonical’s history, one in which we’ll carry forward the applicable successes and patterns, but will also forge a new path in the twin worlds of converged devices and scale-out computing. Thanks to everyone who has contributed to the journey thus far. Now, on to Vivid and the next ten years!

September 18, 2014

TL;DW for Clojure Data Science

Edmund Jackson talked at the 2012 Clojure/Conj, and you can see his talk here.

I took these notes as I watched it:
  1. What is "data science"?
    1. "That realm of endeavor that requires, simultaneously, advanced computational and statistical methods."
    2. Some people aren't sure whether "data science" is a thing, or just data analysis dressed up with a fancy name. That question amuses me.
  2. What's new, such that everybody suddenly cares about data science?
    1. widely available computing resources, open source tools such as R, and large amounts of data available in private companies and in public
    2. Compares to early days of Linux, when there was a bunch of new stuff that everybody could hack on
  3. Interactive tools aren't enough; you're not taking some data, analyzing it, and coming back with the answer. You need platform features like native language speed, data structures, language constructs, connectivity, and QC in order to embed your analysis in business processes.
  4. The tools with better analysis features (e.g., R, Mathematica) lack the platform features, and the tools with better platform features (he focuses primarily on C++ as his example here) lack the analysis features.
  5. Python is in the sweet spot, with platform features and (via numpy, scipy, and pandas) analysis features. But:
    1. It's full of mutable data!
    2. The mode of expression in imperative languages poorly matches the content of expression when you're dealing with maths.
  6. F#, Scala, and Clojure are all functional, and therefore (immutable data, more natural expression of maths) better alternatives than Python.
  7. Clojure yay! points:
    1. Native: Incanter, Storm, Cascalog, Datomic
    2. JVM: Mahout (ML on Hadoop), jBLAS, Weka (Java lib with many ML algorithms)
    3. Interop: Rincanter (call out to R), JNI
  8. From here he goes into calculating the entropy of a distribution, and the relative entropy of different distributions.
  9. Demonstrates using relative entropy fns in Datomic queries

September 11, 2014

Mozilla Webmaker at Olivarez College Tagaytay a success

2014-09-05 09.48.21

The Mozilla webmaker party at Olivarez College Tagaytay is a success last September 5, 2014. Which was attended by different department from Olivarez College Tagaytay at Computer Laboratory 2.  Since they only have 20 system units on their laboratory they created a two batches of participants, one in the morning and the other is in the afternoon. The event discussion is about Introduction Mozilla which was discuss by Me, The second lecturer discussed and demo “Thimble” by Mr. Ian Mark Martin and lastly Mr. Leo Caisip which  discussed  about “Popcorn Maker“, Both  attended the Mozilla PH orientation for web maker mentor last August 16, 2014  at Mozilla Community Space Manila. The event ended at exactly 4:00pm as mostly in afternoon participated by the nursing department.

DSC_2881

2014-09-11 12.59.54

We also distributed some Mozilla Swag (Bollard, Mozilla Sticker, Mozilla Tatoos and Mozilla Pins) for participants after the event. As part of the successfull event, based on their survey they are requesting for another event semilar to this.  but internet on the school is not that stable during that day but still we managed to make the event successfull.

 

DSC_2859

Pictures can be found here:  https://www.flickr.com/photos/83515207@N04/sets/72157646987948838/

September 04, 2014

TL;DW for "How To Design A Good API and Why it Matters"

Josh Bloch's Google Tech Talk video How To Design A Good API and Why it Matters is about an hour long, and well worth your time. It's focused on OOP, but has lots of good principles that can be followed elsewhere.

In case you don't have an hour right now, here's a summary/index kind of thing that points out the bits I thought were most important.
  1. 6:27: Characteristics of a good API:
    1. Easy to learn
    2. Easy to use, even without documentation
    3. Hard to misuse
    4. Easy to read and maintain code that uses it
    5. Sufficiently powerful to satisfy requirements
    6. Easy to evolve
    7. Appropriate to audience
  2. 7:52: Gather requirements, but differentiate between true requirements (which should take the form of use cases) and proposed solutions.
  3. 10:02: Start with a short spec; one page is ideal.
    1. Agility trumps completeness at this point.
    2. Get as many spec reviews from as many audiences as possible, modify according to feedback.
    3. Flesh the spec out as you gain confidence.
  4. 15:10: Write to your API early and often
    1. Start writing to your API before you've implemented it, or even specified it properly.
    2. Continue writing to your API as you flesh it out.
    3. Your code will live on in examples and unit tests.
  5. 17:32: Write to SPI [Service Provider Interface]
    1. Write at least three plugins before your release.
    2. Application in Clojure-land: Not sure...
  6. 19:35: Maintain realistic expectations.
    1. You won't please everyone.
    2. Aim to displease everyone equally.
    3. Expect to make mistakes and evolve the API in the future.
  7. 22:01: API should do one thing and do it well.
    1. Functionality should be easy to explain.
    2. If it's hard to name, that's a bad sign.
      1. Example of bad name that I can't leave out of this summary: OMGVMCID
  8. 24:32: API should be as small as possible but no smaller
    1. "When in doubt, leave it out." You can always add stuff, but you can't ever remove anything you've included. (The speaker calls this out as his most important point.)
  9. 26:27: Implementation should not impact API.
    1. Do not over-specify. For example, nobody needs to know how your hash function works, unless the hashes are persistent.
    2. Don't leak implementation details such as SQL exceptions!
  10. 29:36: Minimize accessibility of everything.
    1. Don't let API callers see stuff you don't want to be public, and that includes anything you might want to change in the future.
  11. 30:39: Names matter: API is a little language.
    1. Make names self-explanatory.
    2. Be consistent.
    3. Strive for symmetry. (If you can GET a monkey-uncle, make sure you can PUT a monkey-uncle, too.)
  12. 32:32: Documentation matters.
    1. Document parameter units! ("Length of banana in centimeters")
  13. 35:41: Consider performance consequences of API design decisions.
    1. Bad decisions can limit performance -- and this is permanent.
    2. Do not warp your API to gain performance -- the slow thing you avoided can be fixed and get faster, but your warped API will be permanent.
    3. Good design usually coincides with good performance.
  14. 40:00: Minimize mutability
    1. Make everything immutable unless there's a reason to do otherwise.
  15. 45:31: Don't make the caller do anything your code should do.
    1. If there are common use cases that require stringing a bunch of your stuff together in a boilerplate way, that's a bad sign.
  16. 48:36: Don't violate the principle of least astonishment
    1. Make sure your API callers are never surprised by what the API does.
  17. 50:03: Report errors as soon as possible after they occur.
  18. 52:00: Provide programmatic access to all data that is available in string form.
    1. Rich Hickey makes a similar point here.
  19. 56:15: Use consistent parameter ordering across methods.
    1. Here's a bad example:
      1. char *strncpy (char *dst, char *src, size_t n);
      2. void bcopy (void *src, void *dst, size_t n);
  20. 57:15: Avoid long parameter lists.
  21. 58:21: Avoid return values that demand exceptional processing.
    1. Example: return an empty list instead of nil/null.

August 22, 2014

GNU hackers unmask massive HACIENDA surveillance program and design a countermeasure

After making key discoveries about the details of HACIENDA, Julian Kirsch, Dr. Christian Grothoff, Jacob Appelbaum, and Dr. Holger Kenn designed the TCP Stealth system to protect unadvertised servers from port scanning.

According to Heise Online, the intelligence agencies of the United States, Canada, United Kingdom, Australia and New Zealand are involved in HACIENDA. The agencies share the data they collect. The HACIENDA system also hijacks civilian computers, allowing it to leach computing resources and cover its tracks.

Some of the creators of TCP Stealth are also prominent contributors to the GNU Project, a major facet of the free software community and a hub for political and technological action against bulk surveillance. Free software is safer because it is very hard to hide malicious code in a program anyone can read. In proprietary software, there is no way to guarantee that programs don't hide backdoors and other vulnerabilities. The team revealed their work on August 15, 2014 at the annual GNU Hackers' Meeting in Germany, and Julian Kirsch published about it in his master's degree thesis.

Maintainers of Parabola, an FSF-endorsed GNU/Linux distribution, have already implemented TCP Stealth, making Parabola users safer from surveillance. The FSF encourages other operating systems to follow Parabola's lead.

The Free Software Foundation supports and sponsors the GNU Project. FSF campaigns manager Zak Rogoff said, "Every time you use a free software program, you benefit from the work of free software developers inspired by the values of transparency and bottom-up collaboration. But on occassions like these, when our civil liberties are threatened with technological tools, the deep importance of these values becomes obvious. The FSF is proud to support the free software community in its contributions to the resistance against bulk surveillance."

The Free Software Foundation works politically for an end to mass surveillance. Simultaneously, the Foundation advocates for individuals of all technical skill levels to take a variety of actions against bulk surveillance.

About Julian Kirsch, Christian Grothoff, Jacob Appelbaum, and Holger Kenn

Julian Kirsch is the author of "Improved Kernel-Based Port-Knocking in Linux", his Master's Thesis in Informatics at Technische Universitat Munchen.

Dr. Christian Grothoff is the Emmy-Noether research group leader in Computer Science at Technische Universitat Munchen.

Jacob Appelbaum is an American independent computer security researcher and hacker. He was employed by the University of Washington, and is a core member of the Tor project, a free software network designed to provide online anonymity.

Dr. Holger Kenn is a computer scientist specializing in wearable computing, especially software architectures, context sensor systems, human machine interfaces, and wearable-mediated human robot cooperation.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

About the GNU Operating System and Linux

Richard Stallman announced in September 1983 the plan to develop a free software Unix-like operating system called GNU. GNU is the only operating system developed specifically for the sake of users' freedom. See https://www.gnu.org/gnu/the-gnu-project.

In 1992, the essential components of GNU were complete, except for one, the kernel. When in 1992 the kernel Linux was re-released under the GNU GPL, making it free software, the combination of GNU and Linux formed a complete free operating system, which made it possible for the first time to run a PC without non-free software. This combination is the GNU/Linux system. For more explanation, see https://www.gnu.org/gnu/gnu-linux-faq.

Media Contacts

Zak Rogoff
Campaigns Manager
Free Software Foundation
+1-617-542-5942
This e-mail address is being protected from spambots. You need JavaScript enabled to view it

"Knocking down the HACIENDA" by Julian Kirsch, produced by GNU, the GNUnet team, and edited on short notice by Carlo von Lynx from #youbroketheinternet is licensed under a Creative Commons Attribution NoDerivatives 3.0 Unported License.

August 13, 2014

SFD Tagaytay 2014 at Olivarez College

I am now again an official organizer for SFD 2014, but this time I will organized the event in Tagaytay City which will be hosted by Olivarez College in Tagaytay. The said event is scheduled on September 27, 2014.

SFD2014

The venue is on their “AMPITHEATER” where it can hold more than 500 participants. Here are some pictures of the exact venue.

cpdc-20140804131542221  cpdc-20140804131124356We also launch the online registration feel free to register using the this URL : https://www.eventbrite.com/e/software-freedom-day-2014-at-olivarez-college-tagaytay-tickets-12455543867

August 12, 2014

websites on this server

June 30, 2014

Scancation - Scanning the Standing Stones of the Outer Hebrides

I just came back from a vacation where Kio and I went and visited most of the megalithic monuments on the islands of the Outer Hebrides in Scotland. Stone circles are all over the place on these islands and the biggest one is the Callanish Stone Circle. One of the cool things about these places is that there is very little history known about them and so all you can know about them is from your experience of being around them. Most of them all taller than me and you get the sense that these places were the sacred spaces of 5000 years ago.

One of the things I say a lot at MakerBot is that they really make the most sense when you connect your MakerBot to your passion. Since I'm into rocks. I scanned a few of my favorite stones and ran them through 123D Catch which makes a 3D model from up to 70 photos of the object. It’s pretty cool to think that yesterday I was walking among these stones and today I’m printing them out on the MakerBots in my office. 

It’s interesting to note that this feels a lot like the old days of vacation film photography. The process of processing the photos into a 3D model feels a lot like when I used to develop celluloid film after a vacation.

Someday, printing 3D models will be normal for everyone, for now, it’s just normal for all the MakerBot operators in the world.

If you decide to go on your own scanning vacation, aka scancation, here’s my process and tips for acquiring models. I use a Canon S110 camera and then upload my photos later to the 123D Catch site and then upload all the models and a zip file of all the photos to Thingiverse because the photogrammetry software will get better someday and I want to have an archive of the photos so I can make better models later.

 

  • Lighting conditions matter. A cloudy sky is much better than a sunny one so that you can get all the details of your subject. 
  • Fill the frame, but make sure to leave some area around the object in the picture. 123D Catch uses reference points in the object to make everything fit together. 
  • Use all 70 pictures allowed by the software. The more pictures, the better the scan. 
  • Scan weird things. Sometimes the most iconic stuff of a location isn’t the most obvious. Some friends of mine scanned all of Canal St. in NYC and said the interesting parts were the giant piles of trash bags which are one of the local overlooked pieces of landscape art.
  • Don’t forget the top view. If you are capturing a subject that is tall, do your best to get above it and take a picture. A quadcopter could be handy for that
  • Fix it up with Netfabb. After I upload the photos into the 123D Catch online portal, then I use Netfabb basic to slice off all the weird parts and cut a flat bottom onto the object.
  • Make sure to upload your scans to Thingiverse. We can all make models of your SCANCATION. 

 

Do you have any other scanning tips for those that would like to experiment with vacation scanning? Leave them in the comments!

June 22, 2014

the meaning of a word

i learned the word "feminist" at my first job. I was 15 and a trainee engineer in a hydro power scheme. I recall one young man I worked with asking me urgently if i was a feminist. I asked what that was. he said, "women who hate men". oh.. i'm not one of them....

why would i get a job as the only woman deep in a power station if i hated men? It was a long long time before i heard any other definition of feminist.

Who's Online

We have 229 guests online
Digital Freedom International (Aka SFI) is the non-profit organization at the origin of SFD and CFD. DFI handles sponsorship contracts, official team registrations, sending out schwags to teams, the annual Best Event Competition and many other things. Hundreds of teams around the world manage the local celebration and help to send out a global message. So do drop by and attend an SFD and CFD event nearby!

Login Form