Celebrate SFD 2014 on Saturday, September 20th
   
Text Size
Login
Canonical
Google
Linode
FSF
Linux Magazine
Ubuntu User
Linux Journal
Admin Network & Security Magazine
Smart Developer
Creative Commons
FreeBSD
Joomla!
Open Clipart Library
FSFE
Fundația Ceata
Atom 0.3 RSS 1.0 RSS 2.0 OPML FOAF

May 03, 2015

GNU & Improved GIFs

PromisedLand2460

Big ups to my friend Barry, who wrote a shell script for ffmpeg (based on this article shared in this comment by Paul Wise) and taught me how to use Terminal on my mac to make much better animated gifs than Flash exports directly. Currently it’s significantly more work than just exporting .gif from Flash, because I have to instead export a PNG sequence, import the frames to Quicktime 7, and export as a new .mov to use as an input file for making the gif. This may be streamlined a little bit in the future, but for now at least I can make higher quality gifs if I need to.

Below are close-up details of single frames. “Before” is here, “after” is above.

before

before

after

after

Here’s a smaller-sized (because fewer frames) animated gif for side-by-side before-and-after comparison:

before

before

after

after

Much better, no? Plus using Terminal is METAL.

Share/Bookmark

flattr this!

May 01, 2015

Upcoming Conferences 2015

Linode is making the rounds on the conference circuit! Check out where we’re going over the next few months.

angelhacklogo
Angelhack
Austin | Austin, TX | May 9-10
Brooklyn | Brooklyn, NY | June 6-7
Los Angeles | Los Angeles, CA | June 6-7

We’re sending our mentors all over the U.S. for Angelhack. Angelhack is a 24-hour hackathon where developers of all ages and skill levels go to create awesomeness. It’s open to the public, so check out their website for more details and to buy tickets: www.angelhack.com/events


DrupalCon_NA2015_LosAngeles
DrupalCon LA | Los Angeles, CA | May 11-15
This year’s DrupalCon is in Los Angeles so we’re packing our bags and heading to the west coast. If you’re attending, stop by booth #209 to meet our team and talk about what you can do with Linode.


Velocitylogo
Velocity | Santa Clara, CA | May 27-29
With amazing topics and incredible speakers, Velocity 2015 is shaping up to be one to remember. Our team will be hanging out at Booth #401 loaded with tons of Linode goodies.


logo_lcna
LinuxCon North America | Seattle, WA | August 17-19
We are thrilled to be part of LinuxCon North America this year! There will be over 100 sessions and we can’t wait to connect with all of the Linux pros in attendance. Stop by our booth for Linode swag PLUS credit towards your new account.


fossconlogo
FOSSCON | Philadelphia, PA | August 22
FOSSCON is a free-and-open-source software conference held in Philadelphia. Our team will be there, prepped and ready to talk cloud hosting with you.

Cppcheck for better QA in Debian, sources, deborphan

This would be somewhat a longish post about how to find c programs in Debian to how to use cppcheck on them to find problems and report them upstream Confession time – I am not a c programmer by any stretch of imagination. I can read but that’s about it. Let’s check first as to […]

April 30, 2015

Open Location Code: Addresses for everything, everywhere

Accurate street addresses are taken for granted in much of the world. But in many areas, formal street names and addresses don't exist and the only real alternative is to use addresses of the form "behind the old bus stop". Without a street address, it's difficult to organise deliveries, to receive visitors or to find businesses. And street addresses only work where there are named and numbered streets - without these, there's no easy way to provide someone with a location.
image03.png
Area with unknown street names in Indonesia. (Google Maps)
Latitude and longitude coordinates can specify any location, but they’re long and cumbersome. What if they were more human-friendly, like a very accurate postcode that refers to just your home? We’re happy to share Open Location Code, a stand-alone open source library for this purpose.
Open Location Codes are derived from latitude and longitude coordinates, so they already exist everywhere. They are similar in length to a telephone number -- 849VCWC8+R9, for example -- but can often be shortened to only four or six digits when combined with a locality (CWC8+R9, Mountain View).  Locations close to each other have similar codes. They can be encoded or decoded offline, and the character set was chosen to avoid spelling words in more than 30 different languages. We removed similar looking characters to reduce confusion and errors, and because they aren't case-sensitive, they can be easily exchanged over the phone.

image04.png
image00.png
World's largest carrot,
H3+XG Ohakune, New Zealand.
The big gumboot.
GV+8J Taihape, New Zealand.

Developers of websites that need location from users (such as delivery or taxi firms in locations where street addresses are poorly defined) could use these codes to get accurate locations from their users. Other services which map locations that don't have street addresses (such as water sources, mountain refuges, or nesting sites) could use these codes since they don't rely on street information.

image02.png
image01.png
The big trout.
2W+GW Gore, New Zealand.
Kime Hut, in New Zealand's Tararua Ranges.

We have a sample implementation to find and use codes at plus.codes. You can download the latest release of the library from our GitHub page and join our discussion list to learn more.

by Doug Rinckes, Travel team

January–March, 2015 Status Report

The January–March, 2015 Status Report is now available.

Horse Quiltimation

Horse (1)

HorseQuilt2Hero2400

Algorithmic quilt fill patterns by Chris Carlson

Concept, design, reverse-applique snipping by Nina Paley

Stitchcoding & binding by Theodore Gray

Stitched by Behemoth

Based on horse photographs by Eadweard Muybridge, 1878

Same horse at half speed

Same horse at half speed

Share/Bookmark

flattr this!

April 29, 2015

Linode Is Holding Its First Job Fair!

On May 7th and 8th, Linode will be hosting a job fair at our Kings Hall location in Haddonfield, NJ (literally, minutes outside of Philadelphia). We aim to hire as many as 10 Customer Support personnel immediately, with a goal of an additional 25 by year end.

Who are we looking for? People with a passion for Linux, who have the ability to troubleshoot problems, and have a strong desire to help our customers. Customer Support has the most contact with our customers, so we have high standards for this position. You must be able to write well, converse professionally on the phone, and, as Rudyard Kipling sagely advised,”keep your head when all about you are losing theirs and blaming it on you.”

What’ll make you really stand out? If you’ve got experience with technologies and topics like firewalls, iptable rules, DNS, Apache, nginx, MySQL, PostgreSQL, Postfix, BIND, Perl, Python, Bash, etc, etc. — you get the idea.

But if you don’t know all of these, don’t despair. We hire for cultural fit, social skills, technical aptitude and a solid work ethic. We’re committed to training and developing the people we hire.

And there’s the impact you can have. Other companies offer you the opportunity to fill a role; Linode offers you the chance to make a difference.

Of course we offer great benefits — health and dental insurance, a generous supply of paid time off (including to help a favored charity), MacBook Pro computers for everyone to use, weekly catered lunches, plenty of cool swag, social outings, conference attendance, etc.

The job fair runs from 9:00 a.m. to 5:00 p.m., Thursday, May 7th and Friday, May 8th at Kings Hall, 2 Kings Highway West, Haddonfield, NJ 08333. There’s parking in the area and a PATCO high-speed line station is within walking distance.

Find more Job Fair information at www.linode.com/events. Find more Linode career information at www.linode.com/careers. Find Kings Hall information at kingshallnj.com.

April 28, 2015

Sharing multiple links on Android

Did you try to share several URLs at once on Android before? Until now I copied and pasted each one of the links step-by-step into an e-mail or a text. While checking F-Droid for new programs last month, I discovered bulkshare, which offers an easier way to achieve this task.

First you share each of the links with bulkshare through Android’s share menu. Then you open bulkshare and re-share it with another program. In this step you can choose which of the links you want to share (by default all).

Screenshot of bulkshare with multiple links open

After sharing several links to bulkshare you can re-share all or a selection of them

This way you can share the link list for example with K-9 mail or other programs, edit the text around it and send it out.

Thanks to the author Alex Gherghișan for this nice program.

April 27, 2015

From the Trenches, Tips & Tricks Edition: Hacking "/ on ZFS" and GELI Encrypted Drives, the Old-School Way

Glen Barber is back to kick off our latest From The Trenches series: The Tips and Tricks Edition. 

All my personal machines run FreeBSD.

In fact, all my personal machines run FreeBSD-CURRENT. I do this primarily to keep track of changes that get committed to the head branch, so I can personally test changes (for the things I use, at least) before they get merged to the stable branches.

As one of the Release Engineers, I find it essential that, whenever possible, I find issues so they can be corrected before they are part of a release.

My primary work machine is a laptop, currently a Lenovo Thinkpad T540p. I picked this laptop, and all the other laptops before it, because it met my minimum requirements for a primary workstation: it is capable of supporting a large amount of RAM (16GB for my Thinkpad, 8GB for all previous laptops), an Intel Core i7 CPU, and I could replace the DVD drive with a second hard drive.

In addition to these hardware requirements, I also have a few personal requirements of any workstation - the drives must be encrypted, and the underlying filesystem must be ZFS.

For me, it is not so much about the data I have *on* the laptop that I need to protect, but the kinds of things within the FreeBSD Project I am permitted access. Without encrypted drives, a lost or stolen laptop would absolutely be my worst possible nightmare, because I only have my login passphrase protecting my data (GPG key, SSH keys, and so on).

Recent FreeBSD releases allow "/ on ZFS" installation with the option to enable GELI-based encryption. This predates my original installation, however, since each laptop I have purchased for the past several years used the hard drives from the previous laptop. According to zpool history, the installation was at least two and a half years ago, but I know it is much longer than that, because of zfs recv being one of the first things zpool history reports.

So, I needed to do things the old-fashioned way, and manually create the GELI-backed providers and perform the "/ on ZFS" installation myself.

While bsdinstall(8) may now cover the majority of use cases for such installations, there may be cases where someone specifically needs to do something a certain way that the installer does not provide.

Because I only had one hard drive in the system when the system was initially installed (a long time ago), I will only refer to one hard drive when describing the steps I used to perform the installation, for now.

I installed the system using the 9.0-RELEASE or 9.1-RELEASE memory stick installer (memstick.img), I cannot remember which, but that detail is not as important, since I did not use the installer anyway.

When I booted from the memory stick, the two drives recognized on the system were the internal hard drive, /dev/ada0, and the external USB flash drive for the installation, /dev/da0. The first menu screen has three options available: "Install", "Shell", "Live CD".

I selected "Live CD", and logged in as root (no password is necessary for the "Live CD" functionality). The hard drive did not have an operating system. Because I purchased the hard drive, in addition to the laptop, with the intention of replacing the laptop's drive, I did not need to remove any partitions from an existing installation. If I did need to remove partitions, I would have done so with:
# gpart destroy -F ada0
Here is where some technical details become important:
  • While you can install "/ on ZFS" on a drive partitioned with MBR (Master Boot Record), using GPT is far easier. In fact, I have forgotten much about how MBR partitioning is actually done.
  • When doing full disk encryption, you must keep /boot contents separate, otherwise loader(8) and the kernel will not be available when the BIOS hands over control to the operating system. As such, /boot should be given its own partition on the disk left unencrypted, and the rest of the system on its own encrypted partition.
I created four partitions on the drive. The first partition is for the boot blocks (not to be confused with the /boot contents), the second partition is for /boot, the third is for the encrypted system, and the fourth is for swap.
# gpart create -s gpt ada0
# gpart add -t freebsd-boot -s 512k -i 1 -l gptboot ada0
# gpart add -t freebsd-zfs -s 10G -i 2 -l bootfs ada0
# gpart add -t freebsd-swap -s 10G -i 3 -l swapfs ada0
# gpart add -t freebsd-zfs -s 180G -i 4 -l rootfs ada0
I decided to put the swap partition between the /boot partition and the rest of the system, in case I needed to increase or decrease the size of the /boot partition, it would be far easier (and safer) to do.

Then, I loaded the necessary kernel modules for ZFS and GELI:
# kldload /boot/kernel/opensolaris.ko
# kldload /boot/kernel/zfs.ko
# kldload /boot/kernel/geom_eli.ko
Now that GELI functionality is available, I created the backend provider for the ZFS dataset:
# geli init -b -a HMAC/SHA256 -e AES-CBC -l 256 \
-s 4096 /dev/ada0p4
Then I attached the GELI provider, and wrote data from /dev/randomto the new device /dev/ada0p4.eli:
# geli attach ada0p4
# dd if=/dev/random of=/dev/ada0p4.eli bs=4096

This took a while on the system this hard drive was originally installed, so I probably got coffee at this point. :-)

When the dd(1) command finished, I continued the installation.

I created temporary directories to use to import the pools after they were created:
# mkdir /tmp/zroot
# mkdir /tmp/zboot
Keep in mind, I am installing from a memory stick image, which by default, is read-only. The /tmp directory is writable, however, because it is a md(4)-backed memory disk filesystem.
# zpool create -O checksum=fletcher4 -O atime=off \
-m /tmp/zboot zboot /dev/ada0p2
# zpool create -O checksum=fletcher4 -O atime=off \
-m /tmp/zroot zroot /dev/ada0p4.eli
Then I made a few ZFS datasets for various paths:
# for i in var var/log var/tmp var/db usr usr/home \
usr/compat usr/ports \
usr/local tmp; do \
zfs create zroot/${i} \
done
I also made a separate ZFS dataset for the "bootfs" contents, and set the mountpoint to the /boot directory in the temporary working directory:
# zfs create zboot/boot
# zfs set mountpoint=/tmp/zroot/boot zboot/boot
On the memory stick installation media, the distribution sets are located in /usr/freebsd-dist. I extracted their contents into the newly-created filesystem:
# cd /tmp/zroot
# for i in base kernel lib32; do \
tar -xf /usr/freebsd-dist/${i}.txz -C . \
done
Then I wrote the bootcode to the first partition of the drive:
# gpart bootcode -b /tmp/zroot/boot/pmbr \
-p /tmp/zroot/boot/gptzfsboot -i 1 ada0
Because the "bootfs" (/boot) and "rootfs" (everything else) are both ZFS, I needed to use the gptzfsboot bootcode for the "freebsd-boot" partition.

Now the system is installed, but I needed to make a few modifications before I was ready to reboot. In particular, set a root password, edit /etc/fstab to enable swap, edit /etc/rc.conf to enable the zfs rc(8) startup script, and edit /boot/loader.conf to load the geom_eli.ko, opensolaris.ko, and zfs.ko kernel modules at boot.
# chroot /tmp/zroot
# passwd root
[enter password]
# echo '/dev/gpt/swapfs none swap sw 0 0' \
>> /etc/fstab
# echo 'zfs_enable="YES"' >> /etc/rc.conf
# echo 'geom_eli_load="YES"' >> /boot/loader.conf
# echo 'zfs_load="YES"' >> /boot/loader.conf
# exit
Before rebooting, I needed to make a few adjustments to where /boot from the zboot/boot dataset would be mounted at boot.
# zfs umount zboot/boot
# zfs set mountpoint=/realboot zboot/boot
This now makes the /boot directory mount as /realboot, so I then needed to point /boot in the zroot dataset to the correct place. This was easily solved with a symbolic link:
# cd /tmp/zroot
# ln -s boot /realboot
Now when the system boots, the filesystem will look something like this:
/bin
/sbin
/boot -> /realboot
/realboot
[...]
Finally, I needed to unmount the zroot dataset, and fix its mountpoints. I only needed to change the zroot mountpoint itself, since all children datasets adjusted their paths automatically.
# zfs umount -a
# zfs set mountpoint=/ zroot
At this point, the installation was complete. I rebooted the laptop, entered the GELI passphrase for /dev/ada0p4.eli when prompted, and was greeted by the "login: " prompt we have all grown to love.

Students announced for Google Summer of Code 2015

GoogleSummer_2015logo_horizontal.jpg


Congratulations to the 1,051 students accepted for our 2015 Google Summer of Code! It was tough for the 137 mentoring organizations to choose from the huge number of applications we received - 6,409 proposals from 4,425 students - and we want to thank everyone who applied.


Accepted students will now enter the community bonding period where they will get to know their mentors and prepare for the program by reading documentation, hanging out in their IRC channel and familiarizing themselves with their new community before beginning their actual coding in May.


If you are interested in learning more about the 137 organizations that the students will be working with during the summer or reviewing important dates, please visit the program website.


We look forward to an exciting and productive summer of coding.

By Carol Smith, Open Source Programs Office

New committer: Mariusz Zaborski (src)

April 24, 2015

Instant Messaging in Fedora Workstation 2

Last week I wrote about the suboptimal state of instant messaging in Fedora Workstation with some thoughts how it could be improved. I also asked Fedora users on Facebook and Google+ what IM clients they use. Especially in the case of Google+, I gathered votes from a number of people which is large enough to draw some conclusions.

I used different methods on FB and G+ because unlike G+ FB doesn’t support polls, so I asked people to submit their answers in comments. That grew much fewer answers, but people were not biased by pre-picked answers. Here are the results:

fb-clients-chartAs you can see there are pretty much just four IM clients that are widely used by Fedora users: Pidgin, Skype, Empathy, Telegram.

Google+ supports polls, so I created a poll where users could pick one of those answers: Empathy, Pidgin, KDE Telepathy, Other, or “I don’t use a desktop client”. Over 1200 users voted which is significantly more than on Facebook and gives a good statistical sample. And the results?

gplus-clients-chartPidgin is a clear winner, winning by a larger margin than among FB users. What is also interesting is the number of people who don’t use IM desktop clients any more – 37 %. This group is probably over-represented in this poll because it’s obvious that G+ users will favor web tools more than others since Google is such a proponent of web apps. I also asked users to add the name of their favorite IM client in the comments under the poll if it’s not among given options. And these are the results:

gplus-clients-othersEven though I was asking about desktop clients, most people voted for Hangouts which is not surprising on Google+. Some of them even consider Hangouts a desktop app because the Chrome app can partly behave that way. Telegram is also very popular among Fedora users on Google+.

And some conclusions?

Empathy – in both surveys Empathy lost to Pidgin which is not a good score for a default client. If alternative clients are more popular than the default one, then the default one is not doing a good job. Based on the comments, what people don’t like about Empathy is that how it behaves in GNOME 3. Transforming it into a single window would probably solve most of the complaints, but in the long run Empathy would need much more than that and is anyone interested in developing it? Now, it’s totally dead upstream.

Pidgin – is the most popular IM client among Fedora users even though it was ousted from the position of the default client many years ago. People don’t seem to be very enthusiastic about it, it hasn’t seen any higher development activity for years, but it’s still the best what we have according to most users. Going back to Pidgin as the default client would probably be the safest option. Unlike Empathy, it doesn’t have integration with GNOME Online Accounts, but apparently it’s not a significant inconvenience for users if they still prefer Pidgin to Empathy. However, in the long run we will hit problems that are related to very little upstream development activity – no GTK 3 port, no Wayland support, no HiDPI support etc.

KDE Telepathy & Kopete – I was quite surprised that KDE clients got so few votes. KDE is not as popular as GNOME among Fedora users, but it has a sizable user base. Does this mean that KDE users don’t use desktop IM clients any more or do they prefer Pidgin? In comments, I found several users saying that they use Pidgin in KDE.

Telegram – I was really surprised by the popularity of Telegram. I personally don’t know anyone who uses it, but it looks like it could be the new #1 IM service for open source enthusiasts as Jabber was in the last decade. It’s the only (at least a bit popular) modern IM service that is trying to be open and focused on privacy. It has a Linux desktop app written in Qt. You can find it in Copr although it’s not packaged very well and the app is missing an icon. I’m not sure how easy it would be for the package to make it into the official repositories. The website says they’re using slightly modified Qt which could make it difficult. There is also a plugin for Pidgin which doesn’t support advanced features, but works well for simple chat communication (again available in Copr). If we pick Pidgin as the default browser again, we should have this plugin pre-installed since Telegram seems to be becoming more and more popular.

Skype – ended second among Fedora users on Facebook. This IM service seems to be very popular even after a decade of its existence. Skype can’t be included in Fedora due to its license, but they provide an RPM package and it’s pretty easy to install it. Its protocol is closed, so we can’t really have support for it in open source clients, but maybe we can do a better job in integrating it to the desktop since it’s so popular among our users?

Hangouts – another popular closed service. Well, it’s not closed completely. Google still allows users to connect via XMPP, but you won’t get the advanced features and according to their plans they want to drop XMPP support anyway. So looks like the only way to give users Hangouts in the future will be the Chrome web app. Integrating web apps is in our Fedora Workstation tasklist. So things like converting Chrome Rich Notifications into standard desktop notifications, or installing the most popular Chrome web apps directly in Software would be worth looking into.

Facebook Chat/Messenger – no one really mentioned Facebook Chat which now has its own app – Messenger. People probably still don’t see it as a standalone service or don’t consider it a desktop app in any way (unlike Hangouts). However, it’s probably the most popular IM service nowadays. It still supports XMPP, but AFAIK they’re planning to drop it as well. Until then it works well with both Empathy and Pidgin. But after they drop XMPP, we won’t have many choices left. Maybe we could at least provide the web app messenger.com through Software?

GNOME Chat – some people also suggested that we drop Empathy and create a new app that should be part of the GNOME core apps. It would be based on Telepathy, so nothing like building it from scratch. It would fit very well to GNOME 3 (unlike Empathy) and it wouldn’t suffer from problems of Pidgin (Wayland, HiDPI support,…). There are even some designs and even some existing code, but no one has touched it for two years. So it hasn’t really stirred a lot of interest among GNOME contributors.

It all comes down to a question whether we want to provide one well integrated client that supports several IM services and whether it will even be possible in the future because the most popular services are closed or going to be closed, or whether we should give up our client and rather focus on supporting and integrating those dedicated, very often closed source clients. I always preferred to have one integrated tool for all IM networks, but the world seems to be going the other direction.


A tax hell on earth

This would be a short take on the Income Tax department and a recent news article and implications for the future. The article in question lies here . Now the article itself is what is known in local parlance as an ‘opinion piece’ and seems to be written on behalf of the bereaved FII’s who […]

April 23, 2015

Event about Copyright in Águeda (Portugal), next May

A workshop about Copyright and Digital Rights Management and a monkey on the poster? Are you lost? Here's an explanation... this famous monkey is a pro in taking selfies. If you want to know more, the rest of the story will be told next 9th of May!

I'll be talking about DRM on an event next to Paula Simões (Portuguese Education Freedom Association) who's going to talk about copyright levies, and Teresa Nobre (Creative Commons) who's going to talk about free culture.

It promises to be a great afternoon, I hope you'll be able to join us!

[Blog] Final PDFreaders advertisement squashing

We currently wrap-up the PDFreaders campaign, and we need your help to measure our success. Started in 2009 FSFE’s goal with the campaign was to get rid of advertisement for proprietary PDF readers. We focused on the websites of public administrations, and many people helped us gather contact details for over 2000 public websites which advertised non-free software. Many people helped us to contact the public administrations, governments were made aware of it and published guidelines. Until now we know that 772 of the 2110 bugs were fixed, which is a 36% success rate. But for most countries we did not check the status for several months now. That’s why we need your help now to make one final round. We are looking for volunteers who can help us checking websites in their native language, following the step-by-step guide in the blog post.

Support FSFE, join the Fellowship
Make a one time donation

Kokori news

A consequence from the fact that I almost stopped blogging is that those of you who still read this blog and were used to follow my musical endeavors through it were left in the dark.

I did refer at some point that I am 1/2 of a post-cyberpunk industrial duo named kokori. But from then until now, kokori has released three EPs and one single, besides participating on several compilations. Here's one of the tracks from our "Release Candid Hate" EP, so you know what I'm talking about:
But the flow never stops, and we are at this moment on an ambitious project - a crowdfunded compilation.
With your help, Kokori is going to be part of an awesome 3 tapes compilation. Metaphysical Circuits, a tape label from our good friend Christian of The Beard Of Snails Records (R.I.P.), is aiming to release "400/100", a three-hour, 43 track triple cassette compilation. An epic, eclectic statement, spanning ambient excursions, techno textures, slick synths, cinematic guitars, song-craft, improvisation, wyrld jamz, and no-fi noise melodies, this project has everything to be a must-have compilation, and we're proud to be a part of it with one new, exclusive track. Alongside with Kokori will be musical projects like Palm Era, TAKAHIRO MUKAI, Vejgaard Ambient, Northville Tunnels, The Child of a Creek, Stephen Connolly, Strange Mountain, cryptic scenery, Geoff, Les Bicyclettes de Belize and more. But why with your help? Well, because this endeavour needs you as much as you need it: your funding and pre-order will make it happen, and in the process you can even get some extra goodies. Find all about it on its campaign page!

Final PDFreaders advertisement squashing

We currently wrap-up the PDFreaders campaign, and we need your help to measure our success.

Started in 2009 FSFE’s goal with the campaign was to get rid of advertisement for proprietary PDF readers. We focused on the websites of public administrations, and many people helped us gather contact details for over 2000 public websites which advertised non-free software. Many people helped us to contact the public administrations, governments were made aware of it and published guidelines. Until now we know that 772 of the 2110 bugs were fixed, which is a 36% success rate.

A highway without any advertisement

A highway without any claims by the government which cars you need to drive there, or advertisemt for those cars

But for most countries we did not check the status for several months now. That’s why we need your help now to make one final round. We are looking for volunteers who can help us checking websites in their native language.

Here a step by step guide:

  1. Check the etherpad to see if someone is already working on your country list
    • If yes, please coordinate directly who takes care about what, so you do not waste your time
    • If no, please indicate in the pad that you start to work on it.
  2. For each web page listed on the page or the xml file, go to the web page and search if there is still an advertisement for non-free PDFreaders
    • If yes, keep the bug open.
    • If no, use your favourite search engine with a query like: “site:DomainNameOfOrganiation.TLD adobe acrobat pdf reader
      • If you have no results, close the bug by adding the current date in the “closed” field in the xml file
      • If you have some results and there is still advertisment without also listing Free Software PDF readers, let the bug open and change the link in the “institution-url” field to one from the results you just found.
    • If the link is broken, use the query from the point above
      • If you have some results and there is just advertisement for non-free PDF readers, change the broken url with a new one in the “institution-url” field.
      • If you have no result close the bug by adding the current date in the “closed” field.
    • When you have finished to update, please inform others by updating the status on the public pad and sent the xml file to This e-mail address is being protected from spambots. You need JavaScript enabled to view it .
    • Now, you have all our gratitude. Thank you very much!

Afterwards we will send an update about how many institutions removed the advertisement, and what else we achieved together with you in the campaign.

April 19, 2015

Instant Messaging in Fedora Workstation

Instant messaging in Fedora Workstation is suboptimal. The current default IM client – Empathy – doesn’t work very well. It’s an app that was designed for GNOME 2 and is not a good citizen in GNOME 3. Mainly because of its multi-window nature. Having a separate roster window makes sense if the app uses a status icon, and when you close the roster window, it stays online, and you can always bring it back from the status icon. Empathy used to work that way, but in GNOME 3 status icons were declared deprecated. Empathy now doesn’t have the status icon and if you close the roster window, it goes offline, so if you want to stay online, you need to have a roster window floating around all the time.

So fix it, you would say. The problem with Empathy is that no one really wants. The app hasn’t seen any significant development for several years. The original author – Collabora – is not interested in developing it any more and no one else wants to pick up the development. Mostly because the app has quite complicated architecture.

The only advantage of Empathy was integration into the Shell. You could reply directly in notifications and you had all the current chats in the systray, so you didn’t have to use the app, which itself didn’t really fit in GNOME 3. But the latter feature was removed in GNOME 3.16, the Shell doesn’t have the systray panel, that hosted the chats, any more.

Because Empathy no longer has any user experience advantages and its development prospects are zero, we’ve been thinking about replacing it with something else. Pretty much the only other GTK+ IM client with support for a wide range of networks is Pidgin which used to be the default client before it was replaced by Empathy. Would it be a viable option? Here are some of my findings:

  • While Empathy has zero development, I really can’t say that Pidgin has any vital development. If you look at its stats at OpenHub, you’ll find out that there has been pretty small activity in the last couple of years, and it’s definitely declining.
  • Pidgin can run in a single window mode due to a plugin which I built in Copr if anyone is interested in trying it out.
  • It relies on the systray status icon and I don’t think it will be very simple to get rid of it.
  • There is a Pidgin integration extension for GNOME Shell, but in 3.16 it only shows notifications (it doesn’t show the content of the messages in notification, you can’t reply in notifications) and provides contacts for desktop search (not a in transparent way because Pidgin is not recognized as a search source and you don’t find it in search settings). Overall, the plugin is not very useful any more.
  • Pidgin is not integrated with GNOME Online Accounts. It’s kinda lame that you let users connect to their online accounts and then the default IM client doesn’t know about it and they have to do it again in its settings.
  • Pidging is not integrated with Contacts app.
  • Pidgin is a GTK+ 2 app. The developers started working on the GTK+3 port 6 years ago. Although most problems seem to be solved, the last update is two years old. Looking at the development pace, I’m not sure it will ever happen. Without GTK+3, you can’t run on Wayland, you can’t reasonably support HiDPI monitors. It simply doesn’t make Pidgin a good fit for a modern system Fedora Workstation wants to be.

Simply going back to Pidgin would not really help much long term. Right now, it’s probably a better client than Empathy, with at least some development activity. On the other hand, it doesn’t integrate well with GNOME, it doesn’t support modern technologies. So for Fedora it’d be a short-term solution if we decided to give up IM completely eventually which might be the case after all.

Pidgin in single-window mode.

Pidgin in single-window mode

Instant messaging networks are nowadays walled gardens. Several years ago, the open source community was using Jabber and it looked like we might get some interoperability and openness in popular IM networks as well. XMPP looked promising. This trend has completely reversed lately. Not only do we have more closed networks with their dedicated clients (Whatsapp, Viber,…), but the adoption of Jabber, the only truly open IM network, has been declining. I’m still a heavy user of integrated desktop IM clients, but I hear more and more often that people don’t care about IM integration into the desktop and rather chat in the web browser (Messenger, Hangouts,…).

What about you? Is well-integrated IM in Fedora still important to you or you don’t care any more?


April 13, 2015

Statement on changed relations between the FSFE and Kern Sibbald

Statement on changed relations between the FSFE and Kern Sibbald

Since 2006, the FSFE has been the fiduciary for the copyrights held by developers in the Bacula.org software, on the basis of a Fiduciary License Agreement (FLA) and Memorandum of Understanding signed between Kern Sibbald and the FSFE on the 15th of November 2006

Being the fiduciary means that the FSFE has had the authority to act on matters of copyright infringement in Bacula.org software, as well as provide guidance on licensing matters to the project.

Effective the 6th of March 2015, the FLA between Kern Sibbald and FSFE has been terminated at the request of Kern Sibbald. The FSFE is committed to ensuring to the best of its ability that Bacula.org software remains Free Software, and can only regret that Kern Sibbald in this way chose to terminate the FLA.

Any contribution made to Bacula.org software after the 6th of March 2015, which was previously covered by this FLA, either directly or by an FLA or copyright assignment signed with Kern Sibbald, is now no longer assigned to the FSFE as the fiduciary.

At this time, FLAs which have been signed directly between a Bacula.org contributor and the FSFE remain unaffected. FLAs or copyright assignments specific to the Bacula Enterprise Version of the software signed directly with Bacula Systems or Kern Sibbald are also not affected, as they are excluded from the agreement between Kern Sibbald and the FSFE.

Due to there being multiple version of copyright assignments and FLAs in effect, and many other parameters to take into account, the exact implications of this termination may vary between individuals.

Should you have questions in relation to this termination or how it affects you, the FSFE has setup a contact point dedicated to answering these questions. You can address your questions to: This e-mail address is being protected from spambots. You need JavaScript enabled to view it

The FSFE is working with Kern Sibbald and its own legal counsel to address any questions or concerns that are raised in relation to this.

If you are a developer who has contributed to Bacula, we recommend that you look at what FLAs or copyright assignments you have agreed to, and make sure that you fully understand how this termination affect you. If you are not sure, you are welcome to email us and we will do our best to assist you. Please take a look at our FAQ on this issue first.

Support FSFE, join the Fellowship
Make a one time donation

Presentation – Crash Course Cloud 2.0

Presentation on the current state of cloud computing and the role that open source, containers and microservices are playing in the cloud.

Presented to Florida Linux Users Exchange on April 9th, 2015

[Link in case embed doesn’t work].

 

Technorati Tags: ,

March 31, 2015

OpenSource.com – Open source and DevOps aren’t mandatory, but neither is survival

I recently wrote an article for OpenSource.com – Open source and DevOps aren’t mandatory, but neither is survival This article is part of the Easy DevOps column coordinated by Greg Dekoenigsberg, VP of Community at Ansible. Share your stories and advice that helps to make DevOps practical—along with the tools, processes, culture, successes and glorious/inglorious failures from your experience by contacting us at This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

Technorati Tags:

March 24, 2015

LibrePlanet 2015 brings free software luminaries to MIT

Richard Stallman at LibrePlanet

Richard Stallman gave the opening keynote

At a ceremony on Saturday, March 21st, Free Software Foundation executive director John Sullivan announced the winners of the FSF's annual Free Software Awards. Two awards were given: the Award for the Advancement of Free Software was presented to Sébastien Jodogne for his work on free software medical imaging, and the Award for Projects of Social Benefit was presented to Reglue, an Austin, TX organization that gives GNU/Linux laptops to families in need.

Software Freedom Conservancy executive director Karen Sandler closed out the conference with a rallying cry to "Stand up for the GNU GPL," in which she discussed a lawsuit recently filed in Germany to defend the GNU General Public License. When she asked the audience who was willing to stand up for copyleft, the entire room rose to its feet.

Karen Sandler at LibrePlanet

Karen Sandler gave the closing keynote

Videos of all the conference sessions, along with photographs from the conference, will soon be available on https://media.libreplanet.org, the conference's instance of GNU MediaGoblin, a free software media publishing platform that anyone can run.

LibrePlanet 2015 was produced in partnership by the Free Software Foundation and the Student Information Processing Board (SIPB) at MIT.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contacts

Libby Reinish
Campaigns Manager
Free Software Foundation
+1 (617) 542 5942
This e-mail address is being protected from spambots. You need JavaScript enabled to view it

March 21, 2015

Sébastien Jodogne, Reglue are Free Software Award winners

The Award for the Advancement of Free Software is given annually to an individual who has made a great contribution to the progress and development of free software, through activities that accord with the spirit of free software.

This year, it was given to Sébastien Jodogne for his work on free software medical imaging with his project Orthanc.

Sébastien Jodogne

One of Jodogne's nominators said, "The Orthanc project started in 2011, when Sébastien noticed in his work as a medical imaging engineer that hospitals are very exposed to lock-in problems when dealing with their medical imaging flows....Freely creating electronic gateways between imaging modalities (autorouting), between medical departments, or even between hospitals remains a challenging task. But the amount of medical images that are generated, analyzed, and exchanged by hospitals is dramatically increasing. Medical imaging is indeed the first step to the treatment of more and more illnesses, such as cancers or cardiovascular diseases."

Jodogne said, "Technology and humanism are often opposed. This is especially true in the healthcare sector, where many people fear that technological progress will dehumanize the treatments and will reduce the patients to statistical objects. I am convinced that the continuous rising of free software is a huge opportunity for the patients to regain control of their personal health, as well as for the hospitals to provide more competitive, personalized treatments by improving the interoperability between medical devices. By guaranteeing the freedoms of the users, free software can definitely bring back together computers and human beings."

Jodogne joins a distinguished list of previous winners, including the 2013 winner, Matthew Garrett.

The Award for Projects of Social Benefit is presented to a project or team responsible for applying free software, or the ideas of the free software movement, in a project that intentionally and significantly benefits society in other aspects of life. This award stresses the use of free software in the service of humanity.

This year, the award went to Reglue, which gives GNU/Linux computers to underprivileged children and their families in Austin, TX. According to Reglue, Austin has an estimated 5,000 school-age children who cannot afford a computer or Internet access. Since 2005, Reglue has given over 1,100 computers to these children and their families. Reglue's strategy diverts computers from the waste stream, gives them new life with free software, and puts them in the hands of people who need these machines to advance their education and gain access to the Internet.

FSF executive director John Sullivan and Ken Starks

One nomination for Reglue read, "Mr. Starks has dedicated his life to distributing free software in many forms, both the digital form...and by building new computers from old parts, giving a new life to old machines by re-purposing them into computers given to extremely needy children and families. They are always loaded with free, GNU/Linux software, from the OS up."

Ken Starks, founder of Reglue, was present at the ceremony to accept the award. While all free 'as in freedom' software is not free of charge, Reglue focuses on finding empowering free software that is also gratis. He said of his work with Reglue, "A child's exposure to technology should never be predicated on the ability to afford it. Few things will eclipse the achievements wrought as a direct result of placing technology into the hands of tomorrow."

Nominations for both awards are submitted by members of the public, then evaluated by an award committee composed of previous winners and FSF founder and president Richard Stallman. This year's award committee was: Hong Feng, Marina Zhurakhinskaya, Yukihiro Matsumoto, Matthew Garrett, Suresh Ramasubramanian, Fernanda Weiden, Jonas Öberg, Wietse Venema, and Vernor Vinge.

More information about both awards, including the full list of previous winners, can be found at https://www.fsf.org/awards.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software—particularly the GNU operating system and its GNU/Linux variants—and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contacts

John Sullivan
Executive Director
Free Software Foundation
+1 (617) 542 5942
This e-mail address is being protected from spambots. You need JavaScript enabled to view it

Photos under CC BY-SA 4.0 Attribution

March 13, 2015

15th Anniversary and Spring Fundraising Kickoff

I'm so excited to announce our spring fundraising campaign. I know it's not officially spring yet, but it sure feels like it here at Foundation headquarters in Boulder, Colorado. We're kicking off our fundraising campaign in conjunction with some other exciting events. There's so much to celebrate. First, we are proud to be a Platinum sponsor of AsiaBSDCon. This is the tenth AsiaBSDCon, with over 140 attendees planned, and 31 talks, providing a venue for all things BSD in Asia. People from around the world attend this conference to learn about the BSD operating systems, share their knowledge and experience, and work together to develop, hack, fix, improve, and document the various BSD operating systems.

The most exciting news we have is that we are celebrating our 15th anniversary supporting the FreeBSD Project and community worldwide! We have grown from our president and founder, Justin Gibbs, creating a non-profit to support FreeBSD, to an eight member board with 7 staff members. In case you missed it earlier, check out Justin's interview about the history of the Foundation on BSDNow

As the first employee, 9 years ago, I've witnessed incredible growth in our ability to support the Project and community. The year we were founded we raised a whopping $7,000. My first year with the Foundation, in 2006, we raised a little over $100,000. And, last year we raised $2,436,194, spending $877,412 on the project.

When we first started out, we focused on funding project development, conference sponsorships, and travel grants. Fifteen years later, we have increased support in those areas and have now grown to providing legal support for the Project; purchasing and helping manage hardware for FreeBSD infrastructure; providing release engineering support for consistent and timely releases; creating marketing literature and presentations that not only inform people of what FreeBSD is, but also provides detailed information on what's in new releases; attending more conferences to promote FreeBSD; and publishing a professional online FreeBSD magazine, The FreeBSD Journal.

To celebrate our anniversary, we are kicking off a fundraising campaign to help broaden the reach of our mission, by adding 500 new community investors in the next four weeks. What's a new community investor? An individual or organization that makes their first 2015 donation during this spring campaign. 

Why donate to the Foundation? Your donations will help us continue and increase our support in the following areas:
  • Funding improvement and development projects, including: Native ISCSI kernel Stack, Updated video console (Newcons), UEFI system boot support, Capsicum component framework, IPv6 support in FreeBSD, Auditdistd improvements for FreeBSD cluster, and adding modern AES modes to OpenCrypto (to support IP/SEC).
  • Helping to provide consistent and on-time releases.
  • Educating the public and promoting FreeBSD with tools like our high-quality FreeBSD 10X Brochure and company visits to help
  • facilitate collaboration efforts with the Project.
  • Sponsoring BSD conferences and summits in Europe, Japan, Canada, and the US.
  • Protecting FreeBSD IP and providing legal support to the Project.
  • Purchasing hardware to build and improve FreeBSD project infrastructure.
For the last 15 years, you as a community have allowed us to make an major impact on the FreeBSD Project and Community. Please help us continue and increase our support by making a donation today.


Deb Goodkin, Executive Director

February 01, 2015

MariaDB turns 5!

I stopped working on MySQL at Sun Microsystems in late 2009 (after a lengthy period of garden leave), to join Monty Program Ab, and was greatly anticipating a MariaDB release that we could take to market. The first GA release of MariaDB came out February 1 2010 – MariaDB 5.1.42. Today is MariaDB Server’s 5th birthday!

We didn’t even want to call it GA back then — we referred to it as a “stable” release. We didn’t make our own builds because we figured source code tarballs were good enough; so builds were made and hosted at OurDelta. It took some months (around August 2010) when we moved release notes to the Knowledgebase (which you’ll notice has moved from kb.askmonty.org to its current location) from the old front page wiki install that we had at askmonty.org.

I didn’t go to the first company meeting in Malaga due to having the chickenpox, so my first meeting was the one we did in Reykjavik, Iceland. We did it towards the end of February 2010, and planned it literally in a month – maybe a celebration that we brought 5.1 to market on time, and also to plan 5.2.

Speaking of companies, we were Monty Program Ab (professionally this quickly became MariaDB Services Ab), then SkySQL Ab (via merger), and finally MariaDB Corporation Ab (via re-branding). Shortly before the SkySQL Ab merger, we even have the MariaDB Foundation appear.

Anyway, what have we released? MariaDB 5.1, MariaDB 5.2, MariaDB 5.3, MariaDB 5.5, MariaDB 10.0, MariaDB Galera Cluster 5.5 & 10.0, a special MariaDB 5.5 with TokuDB build and a special MariaDB with FusionIO improvements build. To boot, we also have three client libraries (connectors, if you must): C, Java, and ODBC.

So 5 major server releases (7 if you count the Galera series), and we’re now working on MariaDB 10.1. I count 88 releases of the server across various versions (with breakdowns: 9 alphas, 11 betas, 7 release candidates and 61 GAs). We’ve had 23 Galera releases and 15 releases for the various client libraries.

We are shipping in all major Linux and BSD distributions. In many, we are even the default

This birthday is a nice time to look back at our achievements, but also to remind ourselves to not rest on our laurels and continue to focus on growth. The last sanctioned press release talks of over 2 million users globally. 

Thank you to all our users. Thank you to all the contributors and developers. Here’s to a lot more adoption, growth, releases and technology improvements!

January 22, 2015

FLOSSK mbështetë Wiki Academy Kukës

FLOSSK do të mbështesë Wiki Academy-n e cila mbahet më 22 dhe 23 mars në Kukës. Akademia e Wikipedia-s përfshinë trajnimin e të rinjëve për të kontribuar në Wikipedia duke përfunduar me një vikend të plotë dedikuar shkrimit të artikujve në Enciklopedinë e Lirë Wikipedia.

January 20, 2015

Smart things powered by snappy Ubuntu Core on ARM and x86

“Smart, connected things” are redefining our home, work and play, with brilliant innovation built on standard processors that have shrunk in power and price to the point where it makes sense to turn almost every “thing” into a smart thing. I’m inspired by the inventors and innovators who are creating incredible machines – from robots that might clean or move things around the house, to drones that follow us at play, to smarter homes which use energy more efficiently or more insightful security systems. Prooving the power of open source to unleash innovation, most of this stuff runs on Linux - but it’s a hugely fragmented and insecure kind of Linux. Every device has custom “firmware” that lumps together the OS and drivers and devices-specific software, and that firmware is almost never updated. So let’s fix that!

Ubuntu is right at the heart of the “internet thing” revolution, and so we are in a good position to raise the bar for security and consistency across the whole ecosystem. Ubuntu is already pervasive on devices – you’ve probably seen lots of “Ubuntu in the wild” stories, from self-driving cars to space programs and robots and the occasional airport display. I’m excited that we can help underpin the next wave of innovation while also thoughtful about the responsibility that entails. So today we’re launching snappy Ubuntu Core on a wide range of boards, chips and chipsets, because the snappy system and Ubuntu Core are perfect for distributed, connected devices that need security updates for the OS and applications but also need to be completely reliable and self-healing. Snappy is much better than package dependencies for robust, distributed devices.

Transactional updates. App store. A huge range of hardware. Branding for device manufacturers.

In this release of Ubuntu Core we’ve added a hardware abstraction layer where platform-specific kernels live. We’re working commercially with the major silicon providers to guarantee free updates to every device built on their chips and boards. We’ve added a web device manager (“webdm”) that handles first-boot and app store access through the web consistently on every device. And we’ve preserved perfect compatibility with the snappy images of Ubuntu Core available on every major cloud today. So you can start your kickstarter project with a VM on your favourite cloud and pick your processor when you’re ready to finalise the device.

If you are an inventor or a developer of apps that might run on devices, then Ubuntu Core is for you. We’re launching it with a wide range of partners on a huge range of devices. From the pervasive Beaglebone Black to the $35 Odroid-C1 (1Ghz processor, 1 GB RAM), all the way up to the biggest Xeon servers, snappy Ubuntu Core gives you a crisp, ultra-reliable base platform, with all the goodness of Ubuntu at your fingertips and total control over the way you deliver your app to your users and devices. With an app store (well, a “snapp” store) built in and access to the amazing work of thousands of communities collaborating on Github and other forums, with code for robotics and autopilots and a million other things instantly accessible, I can’t wait to see what people build.

I for one welcome the ability to install AI on my next camera-toting drone, and am glad to be able to do it in a way that will get patched automatically with fixes for future heartbleeds!

Education Freedom Day registration launched!

efd-banner

We have just opened Education Freedom Day registration, scheduled on March 21st, 2015. For its second edition EFD has been moved to March to facilitate its celebration in both the south of the planet and China (at least…) and we hope to cater to more events this year.

As usual for all our Freedom celebrations the process is similar, you get together and decide to organize an event, then create a page in our wiki and register your team. As the date approaches you get to put more information in your wiki page (or on your organization website which is linked from the wiki) such as the date and time, the location and what people can expect to see.

Education Freedom Day is really the opportunity to review all the available Free Educational Resources available, how they have improved since last year and what you should start planning to implement to deploy in the coming months. More importantly it is the celebration of what is available and letting people aware of it!

So prepare well and see you all in two months to celebrate Education Freedom Day!

Celebrate EFD with us on March 21, 2015!

Education Freedom Day registration launched!

And to continue this busy week in announcements we have just opened Education Freedom Day registration, scheduled on March 21st, 2015. For its second edition EFD has been moved to March to facilitate its celebration in both the south of the planet and China (at least...) and we hope to cater to more events this year.

As usual for all our Freedom celebrations the process is similar, you get together and decide to organize an event, then create a page in our wiki and register your team. As the date approaches you get to put more information in your wiki page (or on your organization website which is linked from the wiki) such as the date and time, the location and what people can expect to see.

Education Freedom Day is really the opportunity to review all the available Free Educational Resources available, how they have improved since last year and what you should start planning to implement to deploy in the coming months. More importantly it is the celebration of what is available and letting people aware of it!

So prepare well and see you all in two months to celebrate Education Freedom Day!

January 19, 2015

Komentet e FLOSSK-ut ndaj ligjit për përgjimin e komunikimeve elektronike në Kosovë

Më 19 janar, përmes një letre dërguar Komisionit Parlamentar për Integrime Evropiane, FLOSSK-u ka reaguar ndaj Projektligjit për përgjimin e komunikimeve elektronike në Kosovë. Në këtë letër numërohet arsyet pse ky Projektligj në formën e tanishme është i dëmshëm për privatësinë e qytetarëve të Kosovës dhe si rrjedhojë i papranueshëm për ne.
 

Key Update

I’m a fossil, apparently. My oldest PGP key dates back to 1997, so around the time when GnuPG just got started – and I switched to it early. Over the years I’ve been working a lot with GnuPG, which perhaps isn’t surprising. Werner Koch has been one of the co-founders of the Free Software Foundation Europe (FSFE) and so we share quite a bit of a long and interesting history together. I was always proud of the work he did – and together with Bernhard Reiter and others was doing what I could to try and support GnuPG when most people did not seem to understand how essential it truly was – and even many security experts declared proprietary encryption technology acceptable. Bernhard was also crucial to start the more than 10 year track record of Kolab development supporting GnuPG over the years. And especially the usability of GnuPG has always been something I’ve advocated for. As the now famous video by Edward Snowden demonstrated, this unfortunately continued to be an unsolved problem but hopefully will be solved “real soon now.”

 

In any case. I’ve been happy with my GnuPG setup for a long time. Which is why the key I’ve been using for the past 16 years looked like this:
sec# 1024D/86574ACA 1999-02-20
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Brave GNU World <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
ssb>  1024R/B7DB041C 2005-05-02
ssb>  1024R/7DF16B24 2005-05-02
ssb>  1024R/5378AB47 2005-05-02
You’ll see that I kept the actual primary key off my work machines (look for the ‘#’) and I also moved the actual sub keys onto a hardware token. Naturally a FSFE Fellowship Smart Card from the first batch ever produced.
Given that smart card is battered and bruised, but its chip is still intact with 58470 signatures and counting, the key itself is likely still intact and hasn’t been compromised for lack of having been on a networked machine. But unfortunately there is no way to extend the length of a key. And while 1024 is probably still okay today, it’s not going to last much longer. So I finally went through the motions of generating a new key:
sec#  4096R/B358917A 2015-01-11 [expires: 2020-01-10]
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Community) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Free Software Foundation Europe, Founding President) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Free Software Foundation Europe, Founding President) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (digitalSTROM.org Board) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (GNU Project) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
ssb>  4096R/AD394E01 2015-01-11
ssb>  4096R/B0EE38D8 2015-01-11
ssb>  4096R/1B249D9E 2015-01-11

My basic setup is still the same, and the key has been uploaded to the key servers, signed by my old key, which I have meanwhile revoked and which you should stop using. From now on please use the key
pub   4096R/B358917A 2015-01-11 [expires: 2020-01-10]
      Key fingerprint = E39A C3F5 D81C 7069 B755  4466 CD08 3CE6 B358 917A
exclusively and feel free to verify the fingerprint with me through side channels.

 

Not that this key has any chance to ever again make it among the top 50… but then that is a good sign in so far as it means a lot more people are using GnuPG these days. And that is definitely good news.

And in case you haven’t done so already, go and support GnuPG right now.

 

 

30 years of FSF

After an exciting weekend celebrating Hardware Freedom Day what could possibly be better than going back to the very inspiring video made to celebrate the 30th anniversary of the Free Software Foundation? Indeed it’s been made using Free Software only and goes through the work of the foundation for the past thirty years. It’s actually nice to look at, positive and very well animated. We will definitely encourage all our software freedom day teams to use it during their events. But let us say no more and let you enjoy it if you’ve missed it so far:

And then, for the ones into this kind of work, and blender in particular, you can find a detailed explanation of the challenges that the makers of the work went through and how they fixed them right here. Definitely a great read into the whole process from design to finish. Great job guys! And of course a happy 30th anniversary to the FSF from the Digital Freedom Foundation and all its members!

30 years of FSF

After an exciting weekend celebrating Hardware Freedom Day what could possibly be better than going back to the very inspiring video made to celebrate the 30th anniversary of the Free Software Foundation? Indeed it's been made using Free Software only and goes through the work of the foundation for the past thirty years. It's actually nice to look at, positive and very well animated. We will definitely encourage all our software freedom day teams to use it during their events. But let us say no more and let you enjoy it if you've missed it so far:

And then, for the ones into this kind of work, and blender in particular, you can find a detailed explaination of the challenges that the makers of the work went through and how they fixed them right here. Definitely a great read into the whole process from design to finish. Great job guys! And of course a happy 30th anniversary to the FSF from the Digital Freedom Foundation and all its members!

December 23, 2014

GNOME Builder copr now for Rawhide only

GNOME Builder is under heavy development. This usually implies that such an application might require very new versions of its dependencies.

Upstream recently bumped their dependencies, and now require things that are only in Rawhide.

I have no intention to provide development builds of Gtk3 (among other things) in a Fedora 21 copr, as that might imply either breaking half of the distro, or having to rebuild it.

As a result, the GNOME Builder copr will from now on be Rawhide-only.

I have dropped the Fedora 21 repos, they won't be updated any more.

If you were using it on Fedora 21, please delete it:

# rm -f /etc/yum.repos.d/_copr_bochecha-gnome-builder.repo

If you still want to try GNOME Builder on Fedora 21, you'll now have to go the jhbuild route.

November 27, 2014

Lollipopp’d

I successfully updated my Nexus devices with Android 5.0 aka Lollipop earlier this week. Finally. After 3 tries with the download failing the first time, the install failing the next time and then it finally going through. Here is what I’m impressed with: * Look and feel polish – the visual change using new material […]

November 22, 2014

Release party in Barcelona

15794067981_0d173ce352_z

Another time, and there has been 16, ubuntaires celebrated the release party of the next Ubuntu version, in this case, 14.10 Utopic Unicorn.

This time, we went to Barcelona, at Raval, at the very centre, thanks to our friends of the TEB.

As always, we started with explaining what Ubuntu is and how our Catalan LoCo Team works and later Núria Alonso from the TEB explained the Ubuntu migration done at the Xarxa Òmnia.

15797518182_0a05d96fde_z

The installations room was plenty from the very first moment.

15611105340_1de89d36b4_z

There also was a very profitable auto-learning workshop on how to do an Ubuntu metadistribution.

15772275826_99d1a77d8b_z

 

And in another room, there were two Arduino workshops.

15610528118_927a8d7cc2_z15794076701_cc538bf9ba_z

 

And, of course, ubuntaires love to eat well.

 

15615259540_76daed408b_z 15614277959_c98bda1d33_z

 

Pictures by Martina Mayrhofer and Walter García, all rights reserved.

 
 

November 08, 2014

OpenStack on a diet, redux

Subhu writes that OpenStack’s blossoming project list comes at a cost to quality. I’d like to follow up with an even leaner approach based on an outline drafted during the OpenStack Core discussions after ODS Hong Kong, a year ago.

The key ideas in that draft are:

Only call services “core” if the user can detect them.

How the cloud is deployed or operated makes no difference to a user. We want app developers to

Define both “core” and “common” services, but require only “core” services for a cloud that calls itself OpenStack compatible.

Separation of core and common lets us recognise common practice today, while also acknowledging that many ideas we’ve had in the past year or three are just 1.0 iterations, we don’t know which of them will stick any more than one could predict which services on any major public cloud will thrive and which will vanish over time. Signalling that something is “core” means it is something we commit to keeping around a long time. Signalling something is “common” means it’s widespread practice for it to be available in an OpenStack environment, but not a requirement.

Require that “common” services can be self-deployed.

Just as you can install a library or a binary in your home directory, you can run services for yourself in a cloud. Services do not have to be provided by the cloud infrastructure provider, they can usually be run by a user themselves, under their own account, as a series of VMs providing network services. Making it a requirement that users can self-provide a service before designating it common means that users can build on it; if a particular cloud doesn’t offer it, their users can self-provide it. All this means is that the common service itself builds on core services, though it might also depend on other common services which could be self-deployed in advance of it.

Require that “common” services have a public integration test suite that can be run by any user of a cloud to evaluate conformance of a particular implementation of the service.

For example, a user might point the test suite at HP Cloud to verify that the common service there actually conforms to the service test standard. Alternatively, the user who self-provides a common service in a cloud which does not provide it can verify that their self-deployed common service is functioning correctly. This also serves to expand the test suite for the core: we can self-deploy common services and run their test suites to exercise the core more thoroughly than Tempest could.

Keep the whole set as small as possible.

We know that small is beautiful; small is cleaner, leaner, more comprehensible, more secure, easier to test, likely to be more efficiently implemented, easier to attract developer participation. In general, if something can be cut from the core specification it should. “Common” should reflect common practice and can be arbitrarily large, and also arbitrarily changed.

In the light of those ideas, I would designate the following items from Subhu’s list as core OpenStack services:

  • Keystone (without identity, nothing)
  • Nova (the basis for any other service is the ability to run processes somewhere)
    • Glance (hard to use Nova without it)
  • Neutron (where those services run)
    • Designate (DNS is a core aspect of the network)
  • Cinder (where they persist data)

I would consider these to be common OpenStack services:

  • SWIFT (widely deployed, can be self-provisioned with Cinder block backends)
  • Ceph RADOS-GW object storage (widely deployed as an implementation choice, common because it could be self-provided on Cinder block)
  • Horizon (widely deployed, but we want to encourage innovation in the dashboard)

And these I would consider neither core nor common, though some of them are clearly on track there:

  • Barbican (not widely implemented)
  • Ceilometer (internal implementation detail, can’t be common because it requires access to other parts)
  • Juju (not widely implemented)
  • Kite (not widely implemented)
  • HEAT (on track to become common if it can be self-deployed, besides, I eat controversy for breakfast)
  • MAAS (who cares how the cloud was built?)
  • Manila (not widely implemented, possibly core once solid, otherwise common once, err, common)
  • Sahara (not widely implemented, weird that we would want to hardcode one way of doing this in the project)
  • Triple-O (user doesn’t care how the cloud was deployed)
  • Trove (not widely implemented, might make it to “common” if widely deployed)
  • Tuskar (see Ironic)
  • Zaqar (not widely implemented)

In the current DefCore discussions, the “layer” idea has been introduced. My concern is simple: how many layers make sense? End users don’t want to have to figure out what lots of layers mean. If we had “OpenStack HPC” and “OpenStack Scientific” and “OpenStack Genomics” layers, that would just be confusing. Let’s keep it simple – use “common” as a layer, but be explicit that it will change to reflect common practice (of course, anything in common is self-reinforcing in that new players will defer to norms and implement common services, thereby entrenching common unless new ideas make services obsolete).

November 03, 2014

osquery is neat

Facebook recently made opensource, osquery. It gives you operating system data via SQL queries! Its very neat, and you can test this even on MacOSX (it works on that platform & Linux). It is by far the project with the most advanced functionality, linked here in this post.

I noticed that rather quickly, there was a PostgreSQL project, called pgosquery, based on Foreign Data Wrappers with a similar idea. (apparently it was written in less than 15 minutes; so a much lower learning curve than the regular MySQL storage engine interface)

I immediately thought about an older MySQL project, by Chip Turner (then at Google, now at Facebook), called mysql-filesystem-engine. This idea was kicking around in 2008. I was intrigued by hearing about this at a talk (probably at the MySQL Conference & Expo); it’s a pity no one took this further.

On a similar tangent, did you also know that there is the option to use MySQL as storage via FUSE (see: mysqlfs)? An article by Ben Martin shows some practical examples.

At its heyday, MySQL had many storage engines (maybe around 50). Wikipedia has an incomplete list. I see some engines on that list, and think that some of these folk are also creating MongoDB backends — competition. At MariaDB we are probably shipping the most storage engines of any MySQL-based distribution, however I think we could be doing an even better job at working with upstream vendors, and figuring out how to support & augment business around it.

October 23, 2014

Ten years of Ubuntu

Today marks 10 years of Ubuntu and the release of the 21st version. That is an incredible milestone and one which is worthy of reflection and celebration. I am fortunate enough to be spending the day at our devices sprint with 200+ of the folks that have helped make this possible. There are of course hundreds of others in Canonical and thousands in the community who have helped as well. The atmosphere here includes a lot of reminiscing about the early days and re-telling of the funny stories, and there is a palpable excitement in the air about the future. That same excitement was present at a Canonical Cloud Summit in Brussels last week.

The team here is closing in on shipping our first phone, marking a new era in Ubuntu’s history. There has been excellent work recently to close bugs and improve quality, and our partner BQ is as pleased with the results as we are. We are on the home stretch to this milestone, and are still on track to have Ubuntu phones in the market this year. Further, there is an impressive array of further announcements and phones lined up for 2015.

But of course that’s not all we do – the Ubuntu team and community continue to put out rock solid, high quality Ubuntu desktop releases like clockwork – the 21st of which will be released today. And with the same precision, our PC OEM team continues to make that great work available on a pre-installed basis on millions of PCs across hundreds of machine configurations. That’s an unparalleled achievement, and we really have changed the landscape of Linux and open source over the last decade. The impact of Ubuntu can be seen in countless ways – from the individuals, schools, and enterprises who now use Ubuntu; to proliferation of Codes of Conduct in open source communities; to the acceptance of faster (and near continuous) release cycles for operating systems; to the unique company/community collaboration that makes Ubuntu possible; to the vast number of developers who have now grown up with Ubuntu and in an open source world; to the many, many, many technical innovations to come out of Ubuntu, from single-CD installation in years past to the more recent work on image-based updates.

Ubuntu Server also sprang from our early desktop roots, and has now grown into the leading solution for scale out computing. Ubuntu and our suite of cloud products and services is the premier choice for any customer or partner looking to operate at scale, and it is indeed a “scale-out” world. From easy to consume Ubuntu images on public clouds; to managed cloud infrastructure via BootStack; to standard on-premise, self-managed clouds via Ubuntu OpenStack; to instant solutions delivered on any substrate via Juju, we are the leaders in a highly competitive, dynamic space. The agility, reliability and superior execution that have brought us to today’s milestone remains a critical competency for our cloud team. And as we release Ubuntu 14.10 today, which includes the latest OpenStack, new versions of our tooling such as MaaS and Juju, and initial versions of scale-out solutions for big data and Cloud Foundry, we build on a ten year history of “firsts”.

All Ubuntu releases seem to have their own personality, and Utopic is a fitting way to commemorate the realisation of a decade of vision, hard work and collaboration. We are poised on the edge of a very different decade in Canonical’s history, one in which we’ll carry forward the applicable successes and patterns, but will also forge a new path in the twin worlds of converged devices and scale-out computing. Thanks to everyone who has contributed to the journey thus far. Now, on to Vivid and the next ten years!

October 16, 2014

Ubuntu Security Update on Poodle (CVE-2014-3566) and SSLv3 Downgrade Attack

The following is an update on Ubuntu’s response to the latest Internet emergency security issue, POODLE (CVE-2014-3566), in combination with an
SSLv3 downgrade vulnerability.

Vulnerability Summary

“SSL 3.0 is an obsolete and insecure protocol. While for most practical purposes it has been replaced by its successors TLS 1.0, TLS 1.1, and TLS 1.2, many TLS implementations remain backwards­ compatible with SSL 3.0 to interoperate with legacy systems in the interest of a smooth user experience. The protocol handshake provides for authenticated version negotiation, so normally the latest protocol version common to the client and the server will be used.” -https://www.openssl.org/~bodo/ssl-poodle.pdf

A vulnerability was discovered that affects the protocol negotiation between browsers and HTTP servers, where a man-in-the-middle (MITM) attacker is able trigger a protocol downgrade (ie, force downgrade to SSLv3, CVE to be assigned).  Additionally, a new attack was discovered against the CBC block cipher used in SSLv3 (POODLE, CVE-2014-3566).  Because of this new weakness in the CBC block cipher and the known weaknesses in the RC4 stream cipher (both used with SSLv3), attackers who successfully downgrade the victim’s connection to SSLv3 can now exploit the weaknesses of these ciphers to ascertain the plaintext of portions of the connection through brute force attacks.  For example, an attacker who is able to manipulate the encrypted connection is able to steal HTTP cookies.  Note, the protocol downgrade vulnerability exists in web browsers and is not implemented in the ssl libraries.  Therefore, the downgrade attack is currently known to exist only for HTTP.

OpenSSL will be updated to guard against illegal protocol negotiation downgrades (TLS_FALLBACK_SCSV).  When the server and client are updated to use TLS_FALLBACK_SCSV, the protocol cannot be downgraded to below the highest protocol that is supported between the two (so if the client and the server both support TLS 1.2, SSLv3 cannot be used even if the server offers SSLv3).

The recommended course of action is ultimately for sites to disable SSLv3 on their servers, and for browsers to disable SSLv3 by default since the SSLv3 protocol is known to be broken.  However, it will take time for sites to disable SSLv3, and some sites will choose not to, in order to support legacy browsers (eg, IE6).  As a result, immediately disabling SSLv3 in Ubuntu in the openssl libraries, in servers or in browsers, will break sites that still rely on SSLv3.

Ubuntu’s Response:

Unfortunately, this issue cannot be addressed in a single USN because this is a vulnerability in a protocol, and the Internet must respond accordingly (ie SSLv3 must be disabled everywhere).  Ubuntu’s response provides a path forward to transition users towards safe defaults:

  • Add TLS_FALLBACK_SCSV to openssl in a USN:  In progress, upstream openssl is bundling this patch with other fixes that we will incorporate
  • Follow Google’s lead regarding chromium and chromium content api (as used in oxide):
    • Add TLS_FALLBACK_SCSV support to chromium and oxide:  Done – Added by Google months ago.
    • Disable fallback to SSLv3 in next major version:  In Progress
    • Disable SSLv3 in future version:  In Progress
  • Follow Mozilla’s lead regarding Mozilla products:
    • Disable SSLv3 by default in Firefox 34:  In Progress – due Nov 25
    • Add TLS_FALLBACK_SCSV support in Firefox 35:  In Progress

Ubuntu currently will not:

  • Disable SSLv3 in the OpenSSL libraries at this time, so as not to break compatibility where it is needed
  • Disable SSLv3 in Apache, nginx, etc, so as not to break compatibility where it is needed
  • Preempt Google’s and Mozilla’s plans.  The timing of their response is critical to giving sites an opportunity to migrate away from SSLv3 to minimize regressions

For more information on Ubuntu security notices that affect the current supported releases of Ubuntu, or to report a security vulnerability in an Ubuntu package, please visit http://www.ubuntu.com/usn/.

 

September 18, 2014

TL;DW for Clojure Data Science

Edmund Jackson talked at the 2012 Clojure/Conj, and you can see his talk here.

I took these notes as I watched it:
  1. What is "data science"?
    1. "That realm of endeavor that requires, simultaneously, advanced computational and statistical methods."
    2. Some people aren't sure whether "data science" is a thing, or just data analysis dressed up with a fancy name. That question amuses me.
  2. What's new, such that everybody suddenly cares about data science?
    1. widely available computing resources, open source tools such as R, and large amounts of data available in private companies and in public
    2. Compares to early days of Linux, when there was a bunch of new stuff that everybody could hack on
  3. Interactive tools aren't enough; you're not taking some data, analyzing it, and coming back with the answer. You need platform features like native language speed, data structures, language constructs, connectivity, and QC in order to embed your analysis in business processes.
  4. The tools with better analysis features (e.g., R, Mathematica) lack the platform features, and the tools with better platform features (he focuses primarily on C++ as his example here) lack the analysis features.
  5. Python is in the sweet spot, with platform features and (via numpy, scipy, and pandas) analysis features. But:
    1. It's full of mutable data!
    2. The mode of expression in imperative languages poorly matches the content of expression when you're dealing with maths.
  6. F#, Scala, and Clojure are all functional, and therefore (immutable data, more natural expression of maths) better alternatives than Python.
  7. Clojure yay! points:
    1. Native: Incanter, Storm, Cascalog, Datomic
    2. JVM: Mahout (ML on Hadoop), jBLAS, Weka (Java lib with many ML algorithms)
    3. Interop: Rincanter (call out to R), JNI
  8. From here he goes into calculating the entropy of a distribution, and the relative entropy of different distributions.
  9. Demonstrates using relative entropy fns in Datomic queries

September 11, 2014

Mozilla Webmaker at Olivarez College Tagaytay a success

2014-09-05 09.48.21

The Mozilla webmaker party at Olivarez College Tagaytay is a success last September 5, 2014. Which was attended by different department from Olivarez College Tagaytay at Computer Laboratory 2.  Since they only have 20 system units on their laboratory they created a two batches of participants, one in the morning and the other is in the afternoon. The event discussion is about Introduction Mozilla which was discuss by Me, The second lecturer discussed and demo “Thimble” by Mr. Ian Mark Martin and lastly Mr. Leo Caisip which  discussed  about “Popcorn Maker“, Both  attended the Mozilla PH orientation for web maker mentor last August 16, 2014  at Mozilla Community Space Manila. The event ended at exactly 4:00pm as mostly in afternoon participated by the nursing department.

DSC_2881

2014-09-11 12.59.54

We also distributed some Mozilla Swag (Bollard, Mozilla Sticker, Mozilla Tatoos and Mozilla Pins) for participants after the event. As part of the successfull event, based on their survey they are requesting for another event semilar to this.  but internet on the school is not that stable during that day but still we managed to make the event successfull.

 

DSC_2859

Pictures can be found here:  https://www.flickr.com/photos/83515207@N04/sets/72157646987948838/

September 04, 2014

TL;DW for "How To Design A Good API and Why it Matters"

Josh Bloch's Google Tech Talk video How To Design A Good API and Why it Matters is about an hour long, and well worth your time. It's focused on OOP, but has lots of good principles that can be followed elsewhere.

In case you don't have an hour right now, here's a summary/index kind of thing that points out the bits I thought were most important.
  1. 6:27: Characteristics of a good API:
    1. Easy to learn
    2. Easy to use, even without documentation
    3. Hard to misuse
    4. Easy to read and maintain code that uses it
    5. Sufficiently powerful to satisfy requirements
    6. Easy to evolve
    7. Appropriate to audience
  2. 7:52: Gather requirements, but differentiate between true requirements (which should take the form of use cases) and proposed solutions.
  3. 10:02: Start with a short spec; one page is ideal.
    1. Agility trumps completeness at this point.
    2. Get as many spec reviews from as many audiences as possible, modify according to feedback.
    3. Flesh the spec out as you gain confidence.
  4. 15:10: Write to your API early and often
    1. Start writing to your API before you've implemented it, or even specified it properly.
    2. Continue writing to your API as you flesh it out.
    3. Your code will live on in examples and unit tests.
  5. 17:32: Write to SPI [Service Provider Interface]
    1. Write at least three plugins before your release.
    2. Application in Clojure-land: Not sure...
  6. 19:35: Maintain realistic expectations.
    1. You won't please everyone.
    2. Aim to displease everyone equally.
    3. Expect to make mistakes and evolve the API in the future.
  7. 22:01: API should do one thing and do it well.
    1. Functionality should be easy to explain.
    2. If it's hard to name, that's a bad sign.
      1. Example of bad name that I can't leave out of this summary: OMGVMCID
  8. 24:32: API should be as small as possible but no smaller
    1. "When in doubt, leave it out." You can always add stuff, but you can't ever remove anything you've included. (The speaker calls this out as his most important point.)
  9. 26:27: Implementation should not impact API.
    1. Do not over-specify. For example, nobody needs to know how your hash function works, unless the hashes are persistent.
    2. Don't leak implementation details such as SQL exceptions!
  10. 29:36: Minimize accessibility of everything.
    1. Don't let API callers see stuff you don't want to be public, and that includes anything you might want to change in the future.
  11. 30:39: Names matter: API is a little language.
    1. Make names self-explanatory.
    2. Be consistent.
    3. Strive for symmetry. (If you can GET a monkey-uncle, make sure you can PUT a monkey-uncle, too.)
  12. 32:32: Documentation matters.
    1. Document parameter units! ("Length of banana in centimeters")
  13. 35:41: Consider performance consequences of API design decisions.
    1. Bad decisions can limit performance -- and this is permanent.
    2. Do not warp your API to gain performance -- the slow thing you avoided can be fixed and get faster, but your warped API will be permanent.
    3. Good design usually coincides with good performance.
  14. 40:00: Minimize mutability
    1. Make everything immutable unless there's a reason to do otherwise.
  15. 45:31: Don't make the caller do anything your code should do.
    1. If there are common use cases that require stringing a bunch of your stuff together in a boilerplate way, that's a bad sign.
  16. 48:36: Don't violate the principle of least astonishment
    1. Make sure your API callers are never surprised by what the API does.
  17. 50:03: Report errors as soon as possible after they occur.
  18. 52:00: Provide programmatic access to all data that is available in string form.
    1. Rich Hickey makes a similar point here.
  19. 56:15: Use consistent parameter ordering across methods.
    1. Here's a bad example:
      1. char *strncpy (char *dst, char *src, size_t n);
      2. void bcopy (void *src, void *dst, size_t n);
  20. 57:15: Avoid long parameter lists.
  21. 58:21: Avoid return values that demand exceptional processing.
    1. Example: return an empty list instead of nil/null.

August 22, 2014

GNU hackers unmask massive HACIENDA surveillance program and design a countermeasure

After making key discoveries about the details of HACIENDA, Julian Kirsch, Dr. Christian Grothoff, Jacob Appelbaum, and Dr. Holger Kenn designed the TCP Stealth system to protect unadvertised servers from port scanning.

According to Heise Online, the intelligence agencies of the United States, Canada, United Kingdom, Australia and New Zealand are involved in HACIENDA. The agencies share the data they collect. The HACIENDA system also hijacks civilian computers, allowing it to leach computing resources and cover its tracks.

Some of the creators of TCP Stealth are also prominent contributors to the GNU Project, a major facet of the free software community and a hub for political and technological action against bulk surveillance. Free software is safer because it is very hard to hide malicious code in a program anyone can read. In proprietary software, there is no way to guarantee that programs don't hide backdoors and other vulnerabilities. The team revealed their work on August 15, 2014 at the annual GNU Hackers' Meeting in Germany, and Julian Kirsch published about it in his master's degree thesis.

Maintainers of Parabola, an FSF-endorsed GNU/Linux distribution, have already implemented TCP Stealth, making Parabola users safer from surveillance. The FSF encourages other operating systems to follow Parabola's lead.

The Free Software Foundation supports and sponsors the GNU Project. FSF campaigns manager Zak Rogoff said, "Every time you use a free software program, you benefit from the work of free software developers inspired by the values of transparency and bottom-up collaboration. But on occassions like these, when our civil liberties are threatened with technological tools, the deep importance of these values becomes obvious. The FSF is proud to support the free software community in its contributions to the resistance against bulk surveillance."

The Free Software Foundation works politically for an end to mass surveillance. Simultaneously, the Foundation advocates for individuals of all technical skill levels to take a variety of actions against bulk surveillance.

About Julian Kirsch, Christian Grothoff, Jacob Appelbaum, and Holger Kenn

Julian Kirsch is the author of "Improved Kernel-Based Port-Knocking in Linux", his Master's Thesis in Informatics at Technische Universitat Munchen.

Dr. Christian Grothoff is the Emmy-Noether research group leader in Computer Science at Technische Universitat Munchen.

Jacob Appelbaum is an American independent computer security researcher and hacker. He was employed by the University of Washington, and is a core member of the Tor project, a free software network designed to provide online anonymity.

Dr. Holger Kenn is a computer scientist specializing in wearable computing, especially software architectures, context sensor systems, human machine interfaces, and wearable-mediated human robot cooperation.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

About the GNU Operating System and Linux

Richard Stallman announced in September 1983 the plan to develop a free software Unix-like operating system called GNU. GNU is the only operating system developed specifically for the sake of users' freedom. See https://www.gnu.org/gnu/the-gnu-project.

In 1992, the essential components of GNU were complete, except for one, the kernel. When in 1992 the kernel Linux was re-released under the GNU GPL, making it free software, the combination of GNU and Linux formed a complete free operating system, which made it possible for the first time to run a PC without non-free software. This combination is the GNU/Linux system. For more explanation, see https://www.gnu.org/gnu/gnu-linux-faq.

Media Contacts

Zak Rogoff
Campaigns Manager
Free Software Foundation
+1-617-542-5942
This e-mail address is being protected from spambots. You need JavaScript enabled to view it

"Knocking down the HACIENDA" by Julian Kirsch, produced by GNU, the GNUnet team, and edited on short notice by Carlo von Lynx from #youbroketheinternet is licensed under a Creative Commons Attribution NoDerivatives 3.0 Unported License.

August 13, 2014

SFD Tagaytay 2014 at Olivarez College

I am now again an official organizer for SFD 2014, but this time I will organized the event in Tagaytay City which will be hosted by Olivarez College in Tagaytay. The said event is scheduled on September 27, 2014.

SFD2014

The venue is on their “AMPITHEATER” where it can hold more than 500 participants. Here are some pictures of the exact venue.

cpdc-20140804131542221  cpdc-20140804131124356We also launch the online registration feel free to register using the this URL : https://www.eventbrite.com/e/software-freedom-day-2014-at-olivarez-college-tagaytay-tickets-12455543867

August 12, 2014

websites on this server

June 30, 2014

Scancation - Scanning the Standing Stones of the Outer Hebrides

I just came back from a vacation where Kio and I went and visited most of the megalithic monuments on the islands of the Outer Hebrides in Scotland. Stone circles are all over the place on these islands and the biggest one is the Callanish Stone Circle. One of the cool things about these places is that there is very little history known about them and so all you can know about them is from your experience of being around them. Most of them all taller than me and you get the sense that these places were the sacred spaces of 5000 years ago.

One of the things I say a lot at MakerBot is that they really make the most sense when you connect your MakerBot to your passion. Since I'm into rocks. I scanned a few of my favorite stones and ran them through 123D Catch which makes a 3D model from up to 70 photos of the object. It’s pretty cool to think that yesterday I was walking among these stones and today I’m printing them out on the MakerBots in my office. 

It’s interesting to note that this feels a lot like the old days of vacation film photography. The process of processing the photos into a 3D model feels a lot like when I used to develop celluloid film after a vacation.

Someday, printing 3D models will be normal for everyone, for now, it’s just normal for all the MakerBot operators in the world.

If you decide to go on your own scanning vacation, aka scancation, here’s my process and tips for acquiring models. I use a Canon S110 camera and then upload my photos later to the 123D Catch site and then upload all the models and a zip file of all the photos to Thingiverse because the photogrammetry software will get better someday and I want to have an archive of the photos so I can make better models later.

 

  • Lighting conditions matter. A cloudy sky is much better than a sunny one so that you can get all the details of your subject. 
  • Fill the frame, but make sure to leave some area around the object in the picture. 123D Catch uses reference points in the object to make everything fit together. 
  • Use all 70 pictures allowed by the software. The more pictures, the better the scan. 
  • Scan weird things. Sometimes the most iconic stuff of a location isn’t the most obvious. Some friends of mine scanned all of Canal St. in NYC and said the interesting parts were the giant piles of trash bags which are one of the local overlooked pieces of landscape art.
  • Don’t forget the top view. If you are capturing a subject that is tall, do your best to get above it and take a picture. A quadcopter could be handy for that
  • Fix it up with Netfabb. After I upload the photos into the 123D Catch online portal, then I use Netfabb basic to slice off all the weird parts and cut a flat bottom onto the object.
  • Make sure to upload your scans to Thingiverse. We can all make models of your SCANCATION. 

 

Do you have any other scanning tips for those that would like to experiment with vacation scanning? Leave them in the comments!

June 22, 2014

the meaning of a word

i learned the word "feminist" at my first job. I was 15 and a trainee engineer in a hydro power scheme. I recall one young man I worked with asking me urgently if i was a feminist. I asked what that was. he said, "women who hate men". oh.. i'm not one of them....

why would i get a job as the only woman deep in a power station if i hated men? It was a long long time before i heard any other definition of feminist.

June 20, 2014

Launceston June Meeting

G'day all

For this month's Launceston meeting, Phil will be giving us an introduction to NAS4Free, a BSD licenced fork/continuation of FreeNAS.

2:00pm
Saturday 28th June
Royal Oak
Launceston


As usual, some of us will be meeting for lunch beforehand at 1:00pm.

Hope to see you there!

Google Maps Link

NAS4Free Website
-----
Gov Hack 2014: June 11-13th (Hobart venue)
OpenStack 4th Birthday: June 17th (RSVP here: http://taslug-openstack.eventbrite.com.au/ )
Next Launceston meeting: 2:00pm July 26th (Topic TBC)

June 11, 2014

Hobart meeting - June 19th - (The aptosid fullstory)

Welcome to June. Yep. short days... stout beers. And source. LOTS OF SOURCE! I'm in the
middle of my exam session at uni so won't have time to prepare the usual slides and news
this month.

When: Thursday, June 19th, 18:00 for an 18:30 start
Where: Upstairs, Hotel Soho, 124 Davey St, Hobart.

Agenda:

18:00 - early mingle, chin wagging, discussion and install issues etc

19:00 - Trevor Walkley - aptosid fullstory


    This months talk will be given by Trevor Walkley, an aptosid
    dev,(bluewater on IRC), on building an iso using aptosid fullstory
    scripts which are currently held on github (and the 'how to do it' is
    not well known).

    A live build will take place (hopefully debian sid will cooperate on the
    night) followed by a live installation of the build to the famous milk
    crate computer belonging Scott, (faulteh on IRC).

20:00 - Meeting end. Dinner and drinks are available at the venue during the meeting.

We will probably get to a discussion on the Hobart LCA 2017 bid, ideas for upcoming
Software Freedom Day in September, Committee nomination and voting,
so our pre-talk discussion should be packed full of jam.

Also in June:
28th - Launceston meeting
July:
11-13th - Gov Hack 2014 - There's at least a Hobart venue for this event.
17th - OpenStack 4th Birthday - RSVP here: http://taslug-openstack.eventbrite.com.au/
September:
20th - Software Freedom Day - events in Hobart and Launceston

Who's Online

We have 168 guests online
Digital Freedom International (Aka SFI) is the non-profit organization at the origin of SFD and CFD. DFI handles sponsorship contracts, official team registrations, sending out schwags to teams, the annual Best Event Competition and many other things. Hundreds of teams around the world manage the local celebration and help to send out a global message. So do drop by and attend an SFD and CFD event nearby!

Login Form