Celebrate SFD 2014 on Saturday, September 20th
   
Text Size
Login
Canonical
Google
Linode
FSF
Linux Magazine
Ubuntu User
Linux Journal
Admin Network & Security Magazine
Smart Developer
Creative Commons
FreeBSD
Joomla!
Open Clipart Library
FSFE
Fundația Ceata
Atom 0.3 RSS 1.0 RSS 2.0 OPML FOAF

October 21, 2014

Mercurial Makers Meet in Munich

Back in August, the Google Open Source Programs Office sponsored a meetup for contributors to Mercurial, a distributed version control system. Learn more about their two day hackfest below.

On August 29th-31st, the Mercurial project held one of its twice-a-year sprints in the Google Munich office. Mercurial is a distributed version control system, used by Python, OpenJDK, and Firefox among others. We had 24 developers in attendance, some from companies with large Mercurial deployments and some individual contributors who volunteer in their spare time.

One of the problems Mercurial wants to tackle soon is scaling from supporting hundreds of thousands of files to supporting millions of files in a single repository. The community has identified two approaches to scaling: shallow clones and narrow clones. Shallow clones will allow clients to pull down only part of a repository’s history, and narrow clones will make it possible to pull history for only some files.

At the sprint, we talked through some of the initial narrow/shallow clone implementation hurdles, like how to securely and efficiently store large manifests, and made good progress on a plan. We spent time working on changeset evolution, which makes it easier to manage the process of collaborating on a patch before it’s done. A group also discussed how to make bookmarks work better for users of changeset evolution in large systems, including developing a good plan around remote bookmark management.
If you are interested in finding out more about Mercurial (or perhaps you’d like to contribute to make it scale even better!) you can find our mailing list information here.

By Augie Fackler and Lennard de Rijk, Google Engineering

October 20, 2014

Passover Satyr

PassoverSatyr_white

When I told a (gentile) friend I was making a movie about the Seder, she thought I said “satyr.” The idea cracked me up, but I didn’t illustrate it because who needs more associations of Jews with horns and cloven hooves? Until now. Here is the Passover Satyr.

I was worried this was in questionable taste. Too soon? But after posting this illustration on Facebook, so many people asked for a T-shirt that I set one up for pre-orders here.

teespring1You have until November 3 to order one.

 

Share/Bookmark

flattr this!

EuroBSDCon Trip Report: Bjoern Heidotting

The FreeBSD Foundation was a gold sponsor of EuroBSDCon 2014, which was held in Sofia, Bulgaria in September. The Foundation also sponsored Bjoern Heidotting to attend the conference, who provides the following trip report:

Since I'm fairly new to the FreeBSD community I would like to introduce myself first. My name is Bjoern Heidotting, I live in Germany, I work as a system administrator and I'm a FreeBSD user since 2006 and a contributor since 2012. I mostly contribute patches for the German documentation in the doc-tree. Why do I contribute? Well, the short version is that I simply wanted to give something back to FreeBSD and the community.

Thanks to Benedict Reuschling, who invited me, and the FreeBSD Foundation, I was able to attend the DevSummit and the conference at EuroBSDCon 2014 in Sofia.

I arrived at Sofia airport on Wednesday and I took a taxi to get to my hotel the Best Western Expo, directly located at the IEC where the conference was held. However, the taxidriver decided to take me on a sightseeing tour through the city of Sofia. But after 1,5 hours I finally arrived at the hotel. The actual time to get from the airport to my hotel is about 10 minutes. Fortunately taxis are cheap in Bulgaria compared to Germany. And the city is really, really worth seeing.

Later that day, I met Daniel Peyrolon, a GSoC student with whom I shared a room. We decided to take dinner together and started getting to know each other. Afterwards, we socialized with some other FreeBSD people at the hotel bar.

On Thursday the DevSummit started with every attendee and developer introducing himself. Then some interesting topics and roadmaps were discussed for the upcoming 11.0 release, as well as other topics such as ASLR, UEFI, 10G Ethernet, just to name a few. It was a very interesting brainstorming with valuable input from all attendees. Since it was my first time at a DevSummit, I was impressed to see how fast these people can fill a bunch of foils with topics and ideas. Awesome!

After lunch a small group, including me, sat together in another room where I started to work on several patches for the Handbook. In the evening we had dinner at Lebed Restaurant. A very nice location. This is where I first met Deb Goodkin from the Foundation. She was the one I talked to prior to the conference and she brought Daniel and me together. Thank you Deb. It was very nice meeting her.

On Friday I mostly worked on a big patch for the network-servers section in the Handbook. I also met Beat Gaetzi while catching fresh air outside and we talked about our roles in the Project and what we do. After lunch the documentation topic started, which I was very interested in. We talked about issues on the website, Handbook sections, etc. The details of the session can be found on the wiki.

In the evening we had dinner at "The Windmill" and I met Henning Brauer from the OpenBSD project. It was really fun talking to him. Man, this guy can tell crazy stories.

Saturday and Sunday were conference days with one interesting talk chasing the next. All the talks were great, altough I had some favorites, including "Snapshots, Replication, and Boot-Environments" by Kris Moore, "Introducing ASLR in FreeBSD" by Shawn Webb, and "Securing sensitive & restricted data" by Dag-Erling Smorgrav. One of the highlights for me was the social event in Hotel Balkan on Saturday. Again, meeting the people behind the email addresses and talking to them was a great experience.

A big thanks goes out to Shteryana Shopova and her crew for organizing this great event.

October 17, 2014

The Free Software Foundation opens nominations for the 17th annual Free Software Awards

Award for the Advancement of Free Software

The Free Software Foundation Award for the Advancement of Free Software is presented annually by FSF president Richard Stallman to an individual who has made a great contribution to the progress and development of free software, through activities that accord with the spirit of free software.

Individuals who describe their projects as "open" instead of "free" are eligible nonetheless, provided the software is in fact free/libre.

Last year, Matthew Garrett was recognized with the Award for the Advancement of Free Software for his work to keep "Secure Boot" free software compatible, as well as his other work to make sure that so-called security measures do not come at the expense of user freedom. Garrett joined a prestigious list of previous winners including Dr. Fernando Perez, Yukihiro Matsumoto, Rob Savoye, John Gilmore, Wietse Venema, Harald Welte, Ted Ts'o, Andrew Tridgell, Theo de Raadt, Alan Cox, Larry Lessig, Guido van Rossum, Brian Paul, Miguel de Icaza, and Larry Wall.

Award for Projects of Social Benefit

Nominations are also open for the 2014 Award for Projects of Social Benefit.

The Award for Projects of Social Benefit is presented to the project or team responsible for applying free software, or the ideas of the free software movement, in a project that intentionally and significantly benefits society in other aspects of life.

We look to recognize projects or teams that encourage people to cooperate in freedom to accomplish social tasks. A long-term commitment to one's project (or the potential for a long-term commitment) is crucial to this end.

This award stresses the use of free software in the service of humanity. We have deliberately chosen this broad criterion so that many different areas of activity can be considered. However, one area that is not included is that of free software itself. Projects with a primary goal of promoting or advancing free software are not eligible for this award (we honor individuals working on those projects with our annual Award for the Advancement of Free Software).

We will consider any project or team that uses free software or its philosophy to address a goal important to society. To qualify, a project must use free software, produce free documentation, or use the idea of free software as defined in the Free Software Definition. Projects that promote or depend on the use of non-free software are not eligible for this award. Commercial projects are not excluded, but commercial success is not our scale for judging projects.

Last year, the GNOME Foundation's Outreach Program for Women (OPW) received the award, in recognition of its work to involve women (cis and trans) and genderqueer people in free software development. OPW's work benefits society more broadly, addressing gender discrimination by empowering women to develop leadership and development skills in a society which runs on technology. OPW does this critical work using the ideals and collaborative culture of the free software movement.

Other previous winners have included OpenMRS, GNU Health, Tor, the Internet Archive, Creative Commons, Groklaw, the Sahana project, and Wikipedia.

Eligibility

In the case of both awards, previous winners are not eligible for nomination, but renomination of other previous nominees is encouraged. Only individuals are eligible for nomination for the Advancement of Free Software Award (not projects), and only projects can be nominated for the Social Benefit Award (not individuals). For a list of previous winners, please visit https://www.fsf.org/awards.

Current FSF staff and board members, as well as award committee members, are not eligible.

The tentative award committee members are: Marina Zhurakhinskaya, Matthew Garrett, Rob Savoye, Wietse Venema, Richard Stallman, Suresh Ramasubramanian, Vernor Vinge, Hong Feng, Fernanda G. Weiden, Harald Welte, Vernor Vinge, Jonas Oberg, and Yukihiro Matsumoto.

Instructions

After reviewing the eligibility rules above, please send your nominations to This e-mail address is being protected from spambots. You need JavaScript enabled to view it , on or before Sunday, November 16th, 2014 at 23:59 UTC. Please submit nominations in the following format:

  • In the email message subject line, either put the name of the person you are nominating for the Award for Advancement of Free Software, or put the name of the project for the Award for Projects of Social Benefit.

  • Please include, in the body of your message, an explanation (forty lines or less) of the work done and why you think it is especially important to the advancement of software freedom or how it benefits society, respectively.

  • Please state, in the body of your message, where to find the materials (e.g., software, manuals, or writing) which your nomination is based on.

Information about the previous awards can be found at https://www.fsf.org/awards. Winners will be announced at an awards ceremony at the LibrePlanet conference, March 21-22 2015, in Cambridge, Massachusetts.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contacts

Libby Reinish
Campaigns Manager
Free Software Foundation
+1 (617) 542 5942
This e-mail address is being protected from spambots. You need JavaScript enabled to view it

October 16, 2014

Italian consumers shouldn’t have to pay for software they don’t want – Letter to Regulators

Italian consumers shouldn’t have to pay for software they don’t want – Letter to Regulators

FSFE and Italian consumer association ADUC, along with Italian group ILS, are asking regulators to take concrete steps to protect Italians from being forced to pay for software they do not want or need. Italy’s High Court ruled in September that computer vendors must reimburse customers for the price of unwanted non-free software that comes pre-installed on PCs and laptops. Today, FSFE, ADUC and ILS have sent a letter to the Italian competition authorities, calling on them to ensure that vendors will comply with the High Court’s decision, and respect the rights of their customers.

“Vendors can’t rightfully ask consumers to jump through hoops in order to enjoy their legal rights, and the authorities have a duty to protect those rights,” says FSFE’s President Karsten Gerloff. “The simple steps we are calling for today would lead to much greater freedom of choice for Italians. We are hopeful that the competition authorities will take action to implement the High Court's ruling.”

When non-free software is pre-installed on a device, it must carry a prominent notice to users to make them aware of the possibility to receive a reimbursement for the price of the software license. Hardware vendors should put in place simple procedures for consumers to claim reimbursements for pre-installed software in line with market prices. Reimbursement procedures must not be unnecessarily complicated, and need to be easy for consumers to find and follow. Warranty and support provisions for the device must not be affected by whether a consumer chooses to have the price of the software reimbursed.

Alternatively, vendors could sell their devices pre-installed with Free Software, releasing them from the above obligations.

“Only Free Software allows users to fully control what their computers are doing, and where their personal data goes,” says FSFE’s President Karsten Gerloff. “Anyone who buys a computer should have the option of receiving it with Free Software pre-installed.”

In most European countries, it is difficult for consumers to acquire PCs and laptops without being forced to pay for a license for a non-free operating system at the same time. FSFE has long been pushing for vendors to end their current practice of pushing non-free software on consumers who do not want or need it. The organisation maintains a wiki page with advice for consumers. Here, buyers can also report their experiences in obtaining reimbursements from different vendors in various countries.

Support FSFE, join the Fellowship
Make a one time donation

FSFE is looking for an intern for Document Freedom Day

FSFE is looking for an intern for Document Freedom Day

Every year, the FSFE is organising the "Document Freedom Day", a global campaign to highlight the importance of Open Standards for our freedom of communication, interoperability and indepedence from vendor lock-in. For this campaign, FSFE's Berlin office is looking for an Intern PR / Campaigning in full time from January 1st until March 31st.

Your tasks will be: maintenance of the campaigns web page www.documentfreedom.org direct contact with and support of local communities all around the world taking care of our promotion section writing PR texts for different (social) media translations

and this is how you can convince us: you like to support Free Software and Open Standards you are at least in 3rd semester of a relevant field of study OR you bring similar experience from another field you speak fluent English (speaking Spanish or French would be a plus) you are a team player and you have a helping attitude towards volunteers you like to work with Free IT systems

What you can expect from us: an international work environment out of an office in the heart of Berlin a young and motivated team room for creative ideas and solutions flexible working times

Please send your application only digital to This e-mail address is being protected from spambots. You need JavaScript enabled to view it (PDF). You are welcome to encrypt your application. You find the public key on the keyserver (8639DC81)

We pay 450 Euro/month and you receive gratitude by volunteers all over the world (priceless).

Application deadline is November 7, 2014.

Support FSFE, join the Fellowship
Make a one time donation

Matthew Garrett joins Free Software Foundation board of directors

Matthew Garrett

He becomes the eighth director on the FSF's board. The full list of their names and biographies can be found at http://www.fsf.org/about/staff-and-board.

"Matthew Garrett is a truly committed defender of users' freedom. The FSF is fortunate to have him on the board of directors," said FSF president Richard M. Stallman.

A developer specializing in the interactions between operating system kernels, platform firmware and system security, much of Garrett's work has focused on mechanisms for avoiding the oft-suggested tradeoff between user security and user freedom, ensuring that users have ultimate control over which software their devices will and will not run.

FSF executive director John Sullivan said, "Matthew has generously donated his time and expertise to advise the FSF on many issues in recent years, especially Restricted Boot and other disconcerting trends at the intersection of hardware and proprietary software distribution. His willingness to increase his involvement in FSF technical and policy leadership is fantastic news for our members and supporters."

Earlier this year, Garrett won the Free Software Foundation Award for the Advancement of Free Software. He holds a PhD in genetics from the University of Cambridge, and presents frequently around the world on the topic of free software in wider society.

On accepting the invitation to join the board, Garrett said, "It's been almost thirty years since the Free Software Foundation was founded, and in that time free software has become an indispensable part of computer use everywhere, creating an entire new generation of users and developers for whom free software has always been ubiquitous. Unfortunately, the number of threats to user freedom has also increased over that time. The FSF continues to campaign against attempts to restrict the rights of users and developers to be in ultimate control of the software that they use and the devices that they own, and I'm proud to be able to be a part of that."

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contacts

John Sullivan
Executive Director
Free Software Foundation
+1 (617) 542 5942
This e-mail address is being protected from spambots. You need JavaScript enabled to view it

The above image is licensed under Creative Commons Attribution-ShareAlike 2.0 by nekonoir on Flickr.

Ubuntu Security Update on Poodle (CVE-2014-3566) and SSLv3 Downgrade Attack

The following is an update on Ubuntu’s response to the latest Internet emergency security issue, POODLE (CVE-2014-3566), in combination with an
SSLv3 downgrade vulnerability.

Vulnerability Summary

“SSL 3.0 is an obsolete and insecure protocol. While for most practical purposes it has been replaced by its successors TLS 1.0, TLS 1.1, and TLS 1.2, many TLS implementations remain backwards­ compatible with SSL 3.0 to interoperate with legacy systems in the interest of a smooth user experience. The protocol handshake provides for authenticated version negotiation, so normally the latest protocol version common to the client and the server will be used.” -https://www.openssl.org/~bodo/ssl-poodle.pdf

A vulnerability was discovered that affects the protocol negotiation between browsers and HTTP servers, where a man-in-the-middle (MITM) attacker is able trigger a protocol downgrade (ie, force downgrade to SSLv3, CVE to be assigned).  Additionally, a new attack was discovered against the CBC block cipher used in SSLv3 (POODLE, CVE-2014-3566).  Because of this new weakness in the CBC block cipher and the known weaknesses in the RC4 stream cipher (both used with SSLv3), attackers who successfully downgrade the victim’s connection to SSLv3 can now exploit the weaknesses of these ciphers to ascertain the plaintext of portions of the connection through brute force attacks.  For example, an attacker who is able to manipulate the encrypted connection is able to steal HTTP cookies.  Note, the protocol downgrade vulnerability exists in web browsers and is not implemented in the ssl libraries.  Therefore, the downgrade attack is currently known to exist only for HTTP.

OpenSSL will be updated to guard against illegal protocol negotiation downgrades (TLS_FALLBACK_SCSV).  When the server and client are updated to use TLS_FALLBACK_SCSV, the protocol cannot be downgraded to below the highest protocol that is supported between the two (so if the client and the server both support TLS 1.2, SSLv3 cannot be used even if the server offers SSLv3).

The recommended course of action is ultimately for sites to disable SSLv3 on their servers, and for browsers to disable SSLv3 by default since the SSLv3 protocol is known to be broken.  However, it will take time for sites to disable SSLv3, and some sites will choose not to, in order to support legacy browsers (eg, IE6).  As a result, immediately disabling SSLv3 in Ubuntu in the openssl libraries, in servers or in browsers, will break sites that still rely on SSLv3.

Ubuntu’s Response:

Unfortunately, this issue cannot be addressed in a single USN because this is a vulnerability in a protocol, and the Internet must respond accordingly (ie SSLv3 must be disabled everywhere).  Ubuntu’s response provides a path forward to transition users towards safe defaults:

  • Add TLS_FALLBACK_SCSV to openssl in a USN:  In progress, upstream openssl is bundling this patch with other fixes that we will incorporate
  • Follow Google’s lead regarding chromium and chromium content api (as used in oxide):
    • Add TLS_FALLBACK_SCSV support to chromium and oxide:  Done – Added by Google months ago.
    • Disable fallback to SSLv3 in next major version:  In Progress
    • Disable SSLv3 in future version:  In Progress
  • Follow Mozilla’s lead regarding Mozilla products:
    • Disable SSLv3 by default in Firefox 34:  In Progress – due Nov 25
    • Add TLS_FALLBACK_SCSV support in Firefox 35:  In Progress

Ubuntu currently will not:

  • Disable SSLv3 in the OpenSSL libraries at this time, so as not to break compatibility where it is needed
  • Disable SSLv3 in Apache, nginx, etc, so as not to break compatibility where it is needed
  • Preempt Google’s and Mozilla’s plans.  The timing of their response is critical to giving sites an opportunity to migrate away from SSLv3 to minimize regressions

For more information on Ubuntu security notices that affect the current supported releases of Ubuntu, or to report a security vulnerability in an Ubuntu package, please visit http://www.ubuntu.com/usn/.

 

October 15, 2014

POODLE SSL 3.0 Vulnerability

Yesterday, Google published the discovery of an SSL 3.0 vulnerability named “POODLE.” This vulnerability allows an attacker to decrypt transferred data and successfully read plain text. While many browsers support newer, more secure protocols, an attacker can create connectivity issues, causing the browser to fall-back to the vulnerable SSL 3.0 protocol.

Is Linode Infrastructure Vulnerable?

We have disabled SSL 3.0 on our web servers, NodeBalancers, and the rest of our infrastructure. Quick execution from our Security Team has protected our infrastructure from this vulnerability.

Am I Vulnerable?

If your Internet-facing Linode allows for encrypted connections you will need to make sure that SSL 3.0 is completely disabled. This doesn’t mean that a stronger protocol such as TLS is offered first but rather that SSL 3.0 should not be an option at all. You can check if you’re vulnerable and how to disable SSL 3.0 using our guide: Disabling SSLv3 for POODLE.

October 14, 2014

July–September, 2014 Status Report

The July–September, 2014 Status Report is now available.

October 13, 2014

My summer of code and galaxies

Today we have a post from Doris Lee, a 2014 Google Summer of Code student for the Laboratory for Cosmological Data Mining. Doris talks about her fascinating summer project exploring the galaxy. 
I first learned about Google Summer of Code (GSoC) through an informational session at my school, UC Berkeley. I was interested because of the program’s project-based nature which sounded like a lot of fun. I started by listing my favorite projects from each organization’s ideas page, and ended up getting so engrossed in the project and the code problem associated with the application that I submitted just one to the Laboratory of Cosmological Data Mining. The Laboratory was founded in 2002 at the University of Illinois by Professor Robert J. Brunner to develop and apply computational technologies to extract cosmological information from large astrophysical data sets being generated within the community.
During GSoC’s community bonding period, my mentor and I discovered my initial project proposal had been completed by another contributor. Together, we came up with an alternative project involving creating image mosaics of galaxies. Although I wasn’t as familiar with the subject matter of this new project, I was still very excited and couldn’t wait to get started!

I soon realized that not knowing much about the topic was actually a good thing. I was always learning something new throughout the summer which kept it both interesting and challenging. It was also the first time that I undertook such a large individual project. 
But what I enjoyed the most about GSoC was the freedom to define the direction of my own work. The initial goal of the project was to make mosaics for large, bright galaxies from the Sloan Digital Sky Survey. However, in our first attempts some of the pictures that we made of the sky contained no galaxy at all! We discovered this was due to inherent inaccuracies in the coordinate values because the catalog was quite old. The course of my GSoC project was turned into developing an algorithm that uses newer imaging data to fix these inaccuracies and then mosaic them into pretty images. In the end, I designed a pipeline that enables users to automatically generate multi-band color images on any catalog of their choice. In addition, this pipeline is designed so it could be used on any set of data taken in the future. 

Overall, my mentor was very helpful with guiding me through my project and addressing my questions. I feel lucky to have worked on a project that I was so excited about and something I truly wanted to see working. 

Since my project made heavy use of open source software developed by other programmers and members of the scientific community, I learned a lot about how open source software projects are managed, documented, distributed and maintained. This was especially useful when I was developing the user interface and documentation to present my final GSoC project and making the code open source. In addition, I learned that in the free and open-source software community, effective documentation and readable code can be just as important as getting the code to work. The value of publicly-available code derives from how other users can benefit from it. You can view the work here on GitHub

There are so many organizations who participate in GSoC, it would be hard to find one that isn’t up your alley. I would encourage any interested student to look at the GSoC organizations and ideas lists when they are posted in February. GSoC enables students of all skill sets and levels to learn and contribute to the open source community and to develop skills in real-world software coding and design.  And not to mention—it’s a great way to spend your summer! 

By Doris Lee, 2014 Google Summer of Code student

FreeBSD 10.1-RC2 Now Available

The second RC build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

The image checksums follow are included in the original announcement email.

Installer images and memory stick images are available here.

If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list.

If you would like to use SVN to do a source based update of an existing system, use the "releng/10.1" branch.

A list of changes since 10.0-RELEASE are available here.

Changes between 10.1-RC1 and 10.1-RC2 include:
  • Fix XHCI driver for devices which have more than 15 physical root HUB ports.
  • Fix old iSCSI initiator to work with new CAM locking.
  • Fix page length reported for Block Limits VPD page.
  • Add QCOW v1 & v2 support to mkimg(1).
Pre-installed virtual machine images for 10.1-RC2 are also available for amd64 and i386 architectures.  The images are located here.

The disk images are available in QCOW2, VHD, VMDK, and raw disk image formats.  The image download size is approximately 135 MB, which decompress to a 20GB sparse image.

The partition layout is:
  • 512k - freebsd-boot GPT partition type (bootfs GPT label)
  • 1GB  - freebsd-swap GPT partition type (swapfs GPT label)
  • ~17GB - freebsd-ufs GPT partition type (rootfs GPT label)
To install packages from the dvd1.iso installer, create and mount the /dist directory:

# mkdir -p /dist
# mount -t cd9660 /dev/cd0 /dist

Next, install pkg(8) from the DVD:
 

# env REPOS_DIR=/dist/packages/repos pkg bootstrap

At this point, pkg-add(8) can be used to install additional packages from the DVD.  Please note, the REPOS_DIR environment variable should be used each time using the DVD as the package repository, otherwise conflicts with packages from the upstream mirrors may occur when they are fetched.  For example, to install Gnome and Xorg, run:
 

# env REPOS_DIR=/dist/packages/repos pkg install \
  xorg-server xorg gnome2 [...]

The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier
FreeBSD releases can upgrade as follows:

# freebsd-update upgrade -r 10.1-RC2

During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically
performed merging was done correctly.

# freebsd-update install

The system must be rebooted with the newly installed kernel before continuing.


# shutdown -r now

After rebooting, freebsd-update needs to be run again to install the new userland components:


# freebsd-update install
It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example,
FreeBSD 8.x.  Alternatively, the user can install misc/compat9x and other compatibility libraries, afterwards the system must be rebooted
into the new userland:

# shutdown -r now

Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

# freebsd-update install

Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

CloudOpen 2014 – Mixing Your Open Source Cloud Cocktail

Here’s the presentation I gave at the Linux Foundation’s CloudOpen in Dusseldorf on October 13, 2014 titled Mixing Your Open Source Cloud Cocktail

Add two parts virtualization, one part orchestration add a little networking shake and pour. Unfortunately cloud computing isn’t that easy but then again not all clouds are the same and tastes may vary. This talk will discuss how the varying open source technologies like OpenStack, Docker, LXC and others can be mixed together to make something that appeals to the needs of a wide variety of users. There’s also no problem in abstaining from building your own cloud but still benefiting from the open source tooling to maximize the benefits of the public cloud.

 

FreeBSD 10.1-RC2 Available

The second RC build for the FreeBSD 10.1 release cycle is now available. ISO images for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures are available on most of our FreeBSD mirror sites.

October 12, 2014

Death of the Firstborn Egyptians


The most recently-completed scene from my feature-in-progress Seder-Masochism.

written, directed, designed, animated, produced, etc. by Nina Paley
music from “Spider Suite” by The Duke of Uke and His Novelty Orchestra
sound effects by Greg Sextro

DONATE HERE: questioncopyright.org/sedermasochism

Based on Exodus 12:
21 Then Moses called for all the elders of Israel, and said unto them, Draw out and take you a lamb according to your families, and kill the passover.
22 And ye shall take a bunch of hyssop, and dip it in the blood that is in the bason, and strike the lintel and the two side posts with the blood that is in the bason; and none of you shall go out at the door of his house until the morning.
23 For the Lord will pass through to smite the Egyptians; and when he seeth the blood upon the lintel, and on the two side posts, the Lord will pass over the door, and will not suffer the destroyer to come in unto your houses to smite you.
24 And ye shall observe this thing for an ordinance to thee and to thy sons for ever.
25 And it shall come to pass, when ye be come to the land which the Lord will give you, according as he hath promised, that ye shall keep this service.
26 And it shall come to pass, when your children shall say unto you, What mean ye by this service?
27 That ye shall say, It is the sacrifice of the Lord’s passover, who passed over the houses of the children of Israel in Egypt, when he smote the Egyptians, and delivered our houses. And the people bowed the head and worshipped.
28 And the children of Israel went away, and did as the Lord had commanded Moses and Aaron, so did they.
29 And it came to pass, that at midnight the Lord smote all the firstborn in the land of Egypt, from the firstborn of Pharaoh that sat on his throne unto the firstborn of the captive that was in the dungeon; and all the firstborn of cattle.
30 And Pharaoh rose up in the night, he, and all his servants, and all the Egyptians; and there was a great cry in Egypt; for there was not a house where there was not one dead.

*****

LYRICS by David King, aka Duke of Uke:

DEATH: Falling stars you wished upon
are cinders now and now they’re gone
their residue festoons my fetid field.
Unfeeling husks of lovers past
the shells are all that ever last
I’ve taken everything that they concealed.
Whoever told you life was fair?
Look around you, everywhere
the cruelty of nature is displayed!
Why the scorn?
Why the surprise?
Everything that’s born must die
and it isn’t I who made the world that way.

What wicked little twist of fate
placed you her upon my plate
Here, where no one hears your cries?
Where was your god to steer you through
Perhaps your god’s forsaken you
Otherwise why lead you here to die?

BA (spirit of the dead): I, I know the way how
I’ll melt away now
I know the way.
I’m feeling bliss now
Dissolved to mist how
strangely I go
away
Now I finally know

DEATH: It’s merely moments now,
moments now until
your feeble flesh bends to my will
and it will
so rest your weary head.
There’ll be no pain,
no pain at all
as everything you are dissolves
Your fate resolved
upon my silky thread.

BA: I, I know the way how
I’ll melt away now
I know the way.
I’m feeling bliss now
Dissolved to mist how
strangely I go
away
Now I finally know
(repeat)

Share/Bookmark

flattr this!

September 30, 2014

Oracle Linux ships MariaDB

I can’t remember why I was installing Oracle Enterprise Linux 7 on Oracle VirtualBox a while back, but I did notice something interesting. It ships, just like CentOS 7, MariaDB Server 5.5. Presumably, this means that MariaDB is now supported by Oracle, too ;-) [jokes aside, It’s likely because OEL7 is meant to be 100% compatible to RHEL7]

OEL7__Running_

The only reason I mention this now is Vadim Tkachenko, probably got his most retweeted tweet recently, stating just that. If you want to upgrade to MariaDB 10, don’t forget that the repository download tool provides CentOS 7 binaries, which should “just work”.

If you want to switch to MySQL, there is a Public Yum repository that MySQL provides (and also don’t forget to check the Extras directory of the full installation – from OEL7 docs sub-titled: MySQL Community and MariaDB Packages). Be sure to read the MySQL docs about using the Yum repository. I also just noticed that the docs now have information on replacing a third-party distribution of MySQL using the MySQL yum repository.

Fedora InstallFest @ FIT BUT

Yesterday, I and Fedora QA guys were helping new students at Brno University of Technology to install and start using Fedora. On Thursday, I had a presentation in front of 300 students in a “Basics of Programming” class, gave away some DVDs, stickers, and offered them to come to our Red Hat lab on Monday if they need any help to install and use Fedora.

Morning was pretty boring. The only attendee we had was an old retired guy who saw the announcement on the Internet and came to solve several smaller problems he had with Fedora. What was interesting was that he asked how to get into the magical command line everyone had been talking about on the Internet. He had been maintaining and using Fedora for over a year and hadn’t had a clue what the command line was.

After lunch, students started coming and it was an interesting experience for all of us. They all came because they couldn’t install Fedora themselves. We had to tackle many UEFI-related problems. Our specialist for it was Kamil Parál who I now call the Master of GRUB. There is a big improvement in UEFI support between F20 and F21, so in two cases we didn’t have a choice and had to install F21 in the end although it is still just alpha. Another very frequent problem was dual graphics cards. Unfortunately both things are very common on Windows laptops nowadays. And I must say installing Linux into dualboot on a standard Windows laptop is often a struggle, much bigger than it was like 3 years ago.

Nevertheless, we were able to get Fedora working on all laptops except for one that had a broken partition table and the owner didn’t want to format the hard drive.

Several findings from the event:

  • it’s a really good idea to advertise Fedora at universities and introduce it to new students because many of them are tempted or even encouraged by teachers to try Linux. And if you introduce Fedora to them there are high changes it will be the Linux of their choice. I introduced Fedora to another group of 300 students yesterday which makes it 600 in total and because the student are strongly advised by the teacher to use Linux for their C projects I’m pretty sure we’ve achieved tens, maybe even hundreds of installations.
  • it’s a great experience to interact with the users. Computer science students are the target audience of Fedora Workstation and it’s very beneficial and eye-opening to see how they interact with Fedora, what they struggle with. It’s something every Fedora developer should try from time to time, to get out from our shells and go see how our target audience use our software. That would definitely help user experience of our software.
  • it was a very beneficial thing for the QA guys because they could see how Fedora (mostly Anaconda in this case) worked on real life hardware. Most of the testing is done in virtual machines and if they test on real hardware it’s mostly ThinkPads with an empty hard drive. Our ThinkPads usually have Linux-friendly hardware and no crazy Windows installations. But the world is full of Acers, Asuses, Dells with all kinds of Windows setups. BTW we’ve invited an Anaconda developer to the next installfest that will take place next Monday.
  • installfests still matter. We’ve solved problems with wireless network drivers etc., but UEFI and dual video cards have come to the scene and a lot of people struggle to install Linux on their computers again.
  • DevAssistant should be our big thing for developers. Something others don’t have right now. I’ve been explaining it to devel beginners and have been observing how they interact with it and unfortunately I have to say it’s not very useful to such target audience. It has many design flaws. It doesn’t explain what it is doing and why, what is the result. I think Mo nailed it very well.

Linode Managed is even better than before!

Linode Managed is getting even better. With 24/7/365 incident response, backups, Longview Pro, application tuning and architecture advice, it’s already a great value. Now, three more upgrades, exclusive to Linode Managed customers, make it a better value than before:

  1. Linode Managed now includes free cPanel & WHM.
  2. Linode Managed now includes free site migrations.
  3. Linode Managed now includes a discounted rate on Professional Services.

Free cPanel

cPanel & WHM, the world’s most popular control panel for managing websites, is now free to Linode Managed customers. Our team of experts will even install it for you.

Free Site Migrations

As a Linode Managed customer, you are entitled to free site migrations by Linode’s expert team.

Discounted Rate on Professional Services

This past August, we launched Professional Services: a team of experts that can handle installations, configurations, architectures, deployments, one-off sysadmin jobs, and site migrations — literally dozens of technologies to solve almost any infrastructure problem you may encounter. As a Linode Managed customer, you can engage this team of experts at 20% off the normal rate – should you need such assistance.

For more information, give us a call, send us an email or open a ticket.

As always… Enjoy!

September 29, 2014

Trip report: LinuxCon North America, CentOS Dojo Paris, WebExpo Prague

I had quite a good time at LinuxCon North America/CloudOpen North America 2014, alongside my colleague Max Mether – between us, we gave a total of five talks. I noticed that this year there was a database heavy track — Morgan Tocker from Oracle’s MySQL Team had a few talks as did Martin MC Brown from Continuent. 

The interest in MariaDB stems from the fact that people are starting to just see it appear in CentOS 7, and its just everywhere (you can even get it from the latest Ubuntu LTS). This makes for giving interesting talks, since many are shipping MariaDB 5.5 as the default choice, but that’s something we released over 2 years ago; clearly there are many interesting new bits in MariaDB 10.0 that need attention!

Chicago is a fun place to be — the speaker gift was an architectural tour of Chicago by boat, probably one of the most useful gifts I’ve ever received (yes, I took plenty of photos!). The Linux Foundation team organised the event wonderfully as always, and I reckon the way the keynotes were setup with the booths in the same room was a clear winner — pity we didn’t have a booth there this year. 

Shortly afterwards, I headed to Paris for the CentOS Dojo. The room was full (some 50 attendees?), whom were mainly using CentOS and its clear that CentOS 7 comes with MariaDB so this was a talk to get people up to speed with what’s different with MySQL 5.5, what’s missing from MySQL 5.6, and when to look at MariaDB 10. We want to build CentOS 7 packages for the MariaDB repository (10.0 is already available with MariaDB 10.0.14), so watch MDEV-6433 in the meantime for the latest 5.5 builds.

Then there was WebExpo Prague, with over 1,400 attendees, held in various theatres around Prague. Lots of people here also using MariaDB, some rather interesting conversations on having a redis front-end, how we power many sites, etc. Its clear that there is a need for a meetup group here, there’s plenty of usage.

TRAI seeks Your Views for better broadband services

This is somewhat of a short post about some possible answers that are needed for better functioning of whatever broadband is needed/wanted. Before I start off, a slight note about where I am coming from. I am a user who has been using web services since its inception which is circa 1996 (somewhat of a […]

September 20, 2014

Happy Software Freedom Day 2014

Another year and another celebration! It has been eleven years now that we are celebrating Software Freedom worldwide and thanks to the many teams around the world (which not all appear on the map, check the wiki to be sure), our sponsors and partners of which Google, Canonical, Linode, the Free Software Foundation have been supporting us for many years and hopefully many years to come, as well as Lulzbot, our newest supporter.

For those of you not familiar with, or doubtful about Free and Open Source Software, this is the day to go and check at any event nearby what are the latest developments and if your problem could not simply be resolved by using Free and Open Source Software. It is also the day to understand better what Free and Open Source Software is about, and why it has been created. Because beyond solving computational problems Free and Open Source Software is here to put you back in control of your computer, and let you understand what your machine is really doing! So wait no more and head toward a celebration nearby!

Happy Software Freedom Day!

September 18, 2014

TL;DW for Clojure Data Science

Edmund Jackson talked at the 2012 Clojure/Conj, and you can see his talk here.

I took these notes as I watched it:
  1. What is "data science"?
    1. "That realm of endeavor that requires, simultaneously, advanced computational and statistical methods."
    2. Some people aren't sure whether "data science" is a thing, or just data analysis dressed up with a fancy name. That question amuses me.
  2. What's new, such that everybody suddenly cares about data science?
    1. widely available computing resources, open source tools such as R, and large amounts of data available in private companies and in public
    2. Compares to early days of Linux, when there was a bunch of new stuff that everybody could hack on
  3. Interactive tools aren't enough; you're not taking some data, analyzing it, and coming back with the answer. You need platform features like native language speed, data structures, language constructs, connectivity, and QC in order to embed your analysis in business processes.
  4. The tools with better analysis features (e.g., R, Mathematica) lack the platform features, and the tools with better platform features (he focuses primarily on C++ as his example here) lack the analysis features.
  5. Python is in the sweet spot, with platform features and (via numpy, scipy, and pandas) analysis features. But:
    1. It's full of mutable data!
    2. The mode of expression in imperative languages poorly matches the content of expression when you're dealing with maths.
  6. F#, Scala, and Clojure are all functional, and therefore (immutable data, more natural expression of maths) better alternatives than Python.
  7. Clojure yay! points:
    1. Native: Incanter, Storm, Cascalog, Datomic
    2. JVM: Mahout (ML on Hadoop), jBLAS, Weka (Java lib with many ML algorithms)
    3. Interop: Rincanter (call out to R), JNI
  8. From here he goes into calculating the entropy of a distribution, and the relative entropy of different distributions.
  9. Demonstrates using relative entropy fns in Datomic queries

How not to run an event and lessons for upcoming debutsav.in

This will be a short take on how people can crap an event by not planning properly or getting the business sense right and what we could perhaps learn from it. For a long time, have been an avid reader of all kinds of books, fiction as well non-fiction, although my non-fiction is limited to […]

September 12, 2014

Cycling in London

As the CEO of Canonical, I am proud of the growth of the team in London.  From a team of 5 around a kitchen table in London 10 years ago, the business has grown to 650 employees globally of which over 100 are based in London.

Like many businesses in London, one of the most popular modes of transport to the office is cycling and an even larger proportion of the team would cycle to the office if they felt it was safer than it is now.

We value employee satisfaction, health and freedom and firmly endorse the Mayor’s Vision for Cycling in London. We specifically support the cross London plans from City Hall to create new segregated routes through the heart of the city.

These plans are good for London and Londoners, making it a more attractive and productive city in which we can build a business and serve customers.

Proposed Farringdon Road route. Image from Transport For London 2014.

 

I encourage everyone to respond directly to TFL about these proposals. This particularly applies to businesses whose support for cycling is often not registered.

I know that there many business leaders like me who feel the same and will be speaking up over the coming days.

September 11, 2014

Mozilla Webmaker at Olivarez College Tagaytay a success

2014-09-05 09.48.21

The Mozilla webmaker party at Olivarez College Tagaytay is a success last September 5, 2014. Which was attended by different department from Olivarez College Tagaytay at Computer Laboratory 2.  Since they only have 20 system units on their laboratory they created a two batches of participants, one in the morning and the other is in the afternoon. The event discussion is about Introduction Mozilla which was discuss by Me, The second lecturer discussed and demo “Thimble” by Mr. Ian Mark Martin and lastly Mr. Leo Caisip which  discussed  about “Popcorn Maker“, Both  attended the Mozilla PH orientation for web maker mentor last August 16, 2014  at Mozilla Community Space Manila. The event ended at exactly 4:00pm as mostly in afternoon participated by the nursing department.

DSC_2881

2014-09-11 12.59.54

We also distributed some Mozilla Swag (Bollard, Mozilla Sticker, Mozilla Tatoos and Mozilla Pins) for participants after the event. As part of the successfull event, based on their survey they are requesting for another event semilar to this.  but internet on the school is not that stable during that day but still we managed to make the event successfull.

 

DSC_2859

Pictures can be found here:  https://www.flickr.com/photos/83515207@N04/sets/72157646987948838/

September 04, 2014

TL;DW for "How To Design A Good API and Why it Matters"

Josh Bloch's Google Tech Talk video How To Design A Good API and Why it Matters is about an hour long, and well worth your time. It's focused on OOP, but has lots of good principles that can be followed elsewhere.

In case you don't have an hour right now, here's a summary/index kind of thing that points out the bits I thought were most important.
  1. 6:27: Characteristics of a good API:
    1. Easy to learn
    2. Easy to use, even without documentation
    3. Hard to misuse
    4. Easy to read and maintain code that uses it
    5. Sufficiently powerful to satisfy requirements
    6. Easy to evolve
    7. Appropriate to audience
  2. 7:52: Gather requirements, but differentiate between true requirements (which should take the form of use cases) and proposed solutions.
  3. 10:02: Start with a short spec; one page is ideal.
    1. Agility trumps completeness at this point.
    2. Get as many spec reviews from as many audiences as possible, modify according to feedback.
    3. Flesh the spec out as you gain confidence.
  4. 15:10: Write to your API early and often
    1. Start writing to your API before you've implemented it, or even specified it properly.
    2. Continue writing to your API as you flesh it out.
    3. Your code will live on in examples and unit tests.
  5. 17:32: Write to SPI [Service Provider Interface]
    1. Write at least three plugins before your release.
    2. Application in Clojure-land: Not sure...
  6. 19:35: Maintain realistic expectations.
    1. You won't please everyone.
    2. Aim to displease everyone equally.
    3. Expect to make mistakes and evolve the API in the future.
  7. 22:01: API should do one thing and do it well.
    1. Functionality should be easy to explain.
    2. If it's hard to name, that's a bad sign.
      1. Example of bad name that I can't leave out of this summary: OMGVMCID
  8. 24:32: API should be as small as possible but no smaller
    1. "When in doubt, leave it out." You can always add stuff, but you can't ever remove anything you've included. (The speaker calls this out as his most important point.)
  9. 26:27: Implementation should not impact API.
    1. Do not over-specify. For example, nobody needs to know how your hash function works, unless the hashes are persistent.
    2. Don't leak implementation details such as SQL exceptions!
  10. 29:36: Minimize accessibility of everything.
    1. Don't let API callers see stuff you don't want to be public, and that includes anything you might want to change in the future.
  11. 30:39: Names matter: API is a little language.
    1. Make names self-explanatory.
    2. Be consistent.
    3. Strive for symmetry. (If you can GET a monkey-uncle, make sure you can PUT a monkey-uncle, too.)
  12. 32:32: Documentation matters.
    1. Document parameter units! ("Length of banana in centimeters")
  13. 35:41: Consider performance consequences of API design decisions.
    1. Bad decisions can limit performance -- and this is permanent.
    2. Do not warp your API to gain performance -- the slow thing you avoided can be fixed and get faster, but your warped API will be permanent.
    3. Good design usually coincides with good performance.
  14. 40:00: Minimize mutability
    1. Make everything immutable unless there's a reason to do otherwise.
  15. 45:31: Don't make the caller do anything your code should do.
    1. If there are common use cases that require stringing a bunch of your stuff together in a boilerplate way, that's a bad sign.
  16. 48:36: Don't violate the principle of least astonishment
    1. Make sure your API callers are never surprised by what the API does.
  17. 50:03: Report errors as soon as possible after they occur.
  18. 52:00: Provide programmatic access to all data that is available in string form.
    1. Rich Hickey makes a similar point here.
  19. 56:15: Use consistent parameter ordering across methods.
    1. Here's a bad example:
      1. char *strncpy (char *dst, char *src, size_t n);
      2. void bcopy (void *src, void *dst, size_t n);
  20. 57:15: Avoid long parameter lists.
  21. 58:21: Avoid return values that demand exceptional processing.
    1. Example: return an empty list instead of nil/null.

September 03, 2014

Celebrate Software Freedom Day on September 20

200teamsI am very glad to share with you that registration of the eleventh edition of Software Freedom Day has been opened since early August and you can see from our SFD event map, we already have 129 events from more than 50 countries shown in our map. As usual registration happens after you have created your event page on the wiki. We have a detail guide here for newcomers and for the others who need help, the SFD-Discuss mailing would be the best place to get prompt support.

Don’t forget to tell people about SFD! Simply use one of the banners we’ve made if you are organizing, participating, attending or speaking at a SFD event by placing it on your webpages and link it back to your SFD event page or http://www.softwarefreedomday.org. You can also help us to promote SFD by placing our SFD counter with your own language as well!

So get ready to celebrate and happy preparations to all!
Celebrate SFD with us on September 20, 2014!

August 27, 2014

Preso: Things I Learned about Open Source…The Hard Way

My presentation at the Bay Area Open Source Meet-Up – OS in Big Organizations: Failures, Success Stories & Best Practices on August 13, 2014.

Mark Hinkle runs the Citrix Open Source Business Office and has spent 20 years working with open source communities and delivering open source software. Topics covered in this presentation will include the benefit of his mistakes and successes both in evaluating open source ad an end-user and in delivering enterprise solutions based on open source software.

Technorati Tags: ,

August 22, 2014

GNU hackers unmask massive HACIENDA surveillance program and design a countermeasure

After making key discoveries about the details of HACIENDA, Julian Kirsch, Dr. Christian Grothoff, Jacob Appelbaum, and Dr. Holger Kenn designed the TCP Stealth system to protect unadvertised servers from port scanning.

According to Heise Online, the intelligence agencies of the United States, Canada, United Kingdom, Australia and New Zealand are involved in HACIENDA. The agencies share the data they collect. The HACIENDA system also hijacks civilian computers, allowing it to leach computing resources and cover its tracks.

Some of the creators of TCP Stealth are also prominent contributors to the GNU Project, a major facet of the free software community and a hub for political and technological action against bulk surveillance. Free software is safer because it is very hard to hide malicious code in a program anyone can read. In proprietary software, there is no way to guarantee that programs don't hide backdoors and other vulnerabilities. The team revealed their work on August 15, 2014 at the annual GNU Hackers' Meeting in Germany, and Julian Kirsch published about it in his master's degree thesis.

Maintainers of Parabola, an FSF-endorsed GNU/Linux distribution, have already implemented TCP Stealth, making Parabola users safer from surveillance. The FSF encourages other operating systems to follow Parabola's lead.

The Free Software Foundation supports and sponsors the GNU Project. FSF campaigns manager Zak Rogoff said, "Every time you use a free software program, you benefit from the work of free software developers inspired by the values of transparency and bottom-up collaboration. But on occassions like these, when our civil liberties are threatened with technological tools, the deep importance of these values becomes obvious. The FSF is proud to support the free software community in its contributions to the resistance against bulk surveillance."

The Free Software Foundation works politically for an end to mass surveillance. Simultaneously, the Foundation advocates for individuals of all technical skill levels to take a variety of actions against bulk surveillance.

About Julian Kirsch, Christian Grothoff, Jacob Appelbaum, and Holger Kenn

Julian Kirsch is the author of "Improved Kernel-Based Port-Knocking in Linux", his Master's Thesis in Informatics at Technische Universitat Munchen.

Dr. Christian Grothoff is the Emmy-Noether research group leader in Computer Science at Technische Universitat Munchen.

Jacob Appelbaum is an American independent computer security researcher and hacker. He was employed by the University of Washington, and is a core member of the Tor project, a free software network designed to provide online anonymity.

Dr. Holger Kenn is a computer scientist specializing in wearable computing, especially software architectures, context sensor systems, human machine interfaces, and wearable-mediated human robot cooperation.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

About the GNU Operating System and Linux

Richard Stallman announced in September 1983 the plan to develop a free software Unix-like operating system called GNU. GNU is the only operating system developed specifically for the sake of users' freedom. See https://www.gnu.org/gnu/the-gnu-project.

In 1992, the essential components of GNU were complete, except for one, the kernel. When in 1992 the kernel Linux was re-released under the GNU GPL, making it free software, the combination of GNU and Linux formed a complete free operating system, which made it possible for the first time to run a PC without non-free software. This combination is the GNU/Linux system. For more explanation, see https://www.gnu.org/gnu/gnu-linux-faq.

Media Contacts

Zak Rogoff
Campaigns Manager
Free Software Foundation
+1-617-542-5942
This e-mail address is being protected from spambots. You need JavaScript enabled to view it

"Knocking down the HACIENDA" by Julian Kirsch, produced by GNU, the GNUnet team, and edited on short notice by Carlo von Lynx from #youbroketheinternet is licensed under a Creative Commons Attribution NoDerivatives 3.0 Unported License.

August 13, 2014

SFD Tagaytay 2014 at Olivarez College

I am now again an official organizer for SFD 2014, but this time I will organized the event in Tagaytay City which will be hosted by Olivarez College in Tagaytay. The said event is scheduled on September 27, 2014.

SFD2014

The venue is on their “AMPITHEATER” where it can hold more than 500 participants. Here are some pictures of the exact venue.

cpdc-20140804131542221  cpdc-20140804131124356We also launch the online registration feel free to register using the this URL : https://www.eventbrite.com/e/software-freedom-day-2014-at-olivarez-college-tagaytay-tickets-12455543867

August 12, 2014

websites on this server

SFD 2014 Registration is on!

With a bit of delay, the Digital Freedom Foundation is very happy to announce that registration of the eleventh edition of Software Freedom Day opened early August. This year we are unfortunately unable to ship any goodies for the pre-registered teams: as we have mentioned before, our involvment with the Cambodian system of education required us to relocate. Being happy owners of a few special animals (CITES-II listed species) we would not have moved without them. This took us about 3-4 months to make it happen and we arrived in Phnom Penh end of May. We then had to look for a place to live, get our furnitures out of the customs and a member of our team got hospitalized for ten days in July. With all this, identifying new suppliers for the schwag just could not happen. Nevertheless, SFD teams have been very patient and nice with us and hopefully SFD 2014 will not be too much impacted by this.

So as usual registration happens after you have created your event page on the wiki. We have an exhaustive guide here for newcomers and for the others who need help, the SFD-Discuss mailing is probably the best place to get prompt support. We will come back with more details regarding sponsors, things to do or worth mentioning to bring inspiration and motivation to the celebration.

So get ready to celebrate and happy preparations to all!

July 24, 2014

Flock: Behind the Scenes 4

Another set of news and tips from the organization of Flock 2014:

Offline guide for Guidebook.com – I’ve published an offline guide for Guidebook.com. You can download their apps for Android or iOS and they even have a web mobile version, so you can use it on other platforms, too. The “Flock 2014″ is currently pending approval, but it should be available really soon (UPDATE: it’s been approved and is available!). The guide contains the conference schedule, maps (conference venue, how to get to parties, hotel,…), information about social events, lunches,  Diplomat Hotel, Sinkuleho dormitories, mobile data plans, public transport in Prague, taxi services, useful websites and apps for visiting Prague, numbers and contacts for emergency situations. You can also connect with other attendees through it or receive important messages from us, organizers, during the conference.

Some tips:

Transport in Prague – a lot of people ask about this because every Flock attendee will have to get around in Prague somehow. I strongly recommend you use public transport. The Prague public transport has been rated as 4th best in Europe. It’s safe, cheap and runs 24/7. You can find more info about it on the Transportation page at flocktofedora.org. Taxi drivers in Prague have generally a bad reputation because of overcharging. It’s not really necessary to take a taxi from the airport to Hotel Diplomat or Sinkuleho dormitories because it’s very easy and quick by bus. If you need to take a taxi, it’s better to order it via an app or call rather than flagging it down on a street. Recommended taxi companies:

  • Tick Tack – comfortable Audi A6 and A8 cars, accepts also credit cards or euros, multimedia passenger system where you can track the taxi on a map, watch TVs, wifi on board, power plugs, phone number: 14222.

Mobile Data Plans – many of us with smart phones can’t imagine being without Internet connection and data roaming is still pretty expensive in most countries. For this purpose, you can buy a Czech SIM card and prepay a data plan. There are three mobile network providers (Vodafone, T-Mobile, O2) and a handful of virtual operators (TESCO Mobile, Sazka Mobile, Mobil.cz,…). See emails from me and Jaroslav Řezník for data plans and price comparison. Vodafone has a store right in the arrivals hall of the Prague airport. T-Mobile and O2 have stores on Vítězné náměstí (Victory Square) which is just a few minutes from Diplomat Hotel and Sinkuleho dormitories. Mobile networks in the Czech Republic are based on GSM 900 and 1800, Edge, 3G and Prague should be fully covered by LTE.

Useful websites and apps for visiting Prague:

My Prague – interactive guide to Prague, hundreds of points of interest, web app at mypragueapp.com or in Google Play and App Store.

Prague Minos Guide – a comprehensive guide to Prague, hundreds of points of interest, offline maps,… in Google Play and App Store.

CG Transit – the best app for timetables and searching journeys, timetables are paid for, but have free one-month trials, in Google Play and App Store.

Other timetables and transport connection searching – website IDOS.cz, Pubtran (for Android), Jízdní řády iDNES.cz (for iPhone).

Google Maps use local timetables to find the best journey using public transport in Prague. The easest way to get around!

SMS ticket – an app that makes purchasing sms tickets for public transport faster and more convenient, but you still need to have a Czech sim card, Google Play, App Store.

Sejf – an app that allows you to pay for public transport tickets and other services (parking,…) even if you don’t have a Czech sim card, Google Play, App Store.

Czech Money – yes, the Czech Republic hasn’t adopted euro, but still has Czech crowns (CZK). The Czech National Bank has created an app to show what coins and banknotes look like and what are their security measurements so that you never get fooled by fake money. Google Play, App Store.
Lunchtime – lists daily lunch options in near restaurants, lunchtime.cz or in Google Play or App Store.

Cheapest Taxi Prague – an app that helps you order a taxi, in Google Play and App Store.

Taxi.eu – another app that helps you order a taxi, not only for Prague, in Google Play and App Store, or web app.

If you know other useful websites and apps I’ll be happy if you share them with others in comments.


July 18, 2014

An invisible part of the Free Software Foundation Europe

In all organisations you have people, who do crucial work which is invisible to the public. But without them, the organisation would not function. In the FSFE, one of this people who takes care of a lot of invisible tasks is Reinhard Müller. After maintaining FSFE’s website, coordinating FSFE’s translation team, and taking care of our Fellowship database for many years, in 2007 he volunteered to be FSFE’s Financial Officer. With this post I want to offer you an insight into the invisible tasks performed by Reinhard.

Karsten and Reinhard working together Karsten, with FSCONS shirt, and Reinhard, with Mach Dich Frei shirt, working Matthias Kirschner CC BY-SA

July 11, 2014

FSFE’s German speaking team meeting 2014

From 13 – 15 June 2014 FSFE had its German speaking team meeting in the Linuxhotel in Essen. The participants had some problems to travel there because of the chaos resulting from a heavy thunderstorm in the region. A lot of train lines where not functional, and the situation on the streets was also chaotic. But just because no ICE trains stop in Essen does not mean we will not continue our work for Free Software. In the end we were able to bring all volunteers to the Linuxhotel.

The two buildings from Linuxhotel linuxhotel_landschaft Linuxhotel CC BY-SA

June 30, 2014

Scancation - Scanning the Standing Stones of the Outer Hebrides

I just came back from a vacation where Kio and I went and visited most of the megalithic monuments on the islands of the Outer Hebrides in Scotland. Stone circles are all over the place on these islands and the biggest one is the Callanish Stone Circle. One of the cool things about these places is that there is very little history known about them and so all you can know about them is from your experience of being around them. Most of them all taller than me and you get the sense that these places were the sacred spaces of 5000 years ago.

One of the things I say a lot at MakerBot is that they really make the most sense when you connect your MakerBot to your passion. Since I'm into rocks. I scanned a few of my favorite stones and ran them through 123D Catch which makes a 3D model from up to 70 photos of the object. It’s pretty cool to think that yesterday I was walking among these stones and today I’m printing them out on the MakerBots in my office. 

It’s interesting to note that this feels a lot like the old days of vacation film photography. The process of processing the photos into a 3D model feels a lot like when I used to develop celluloid film after a vacation.

Someday, printing 3D models will be normal for everyone, for now, it’s just normal for all the MakerBot operators in the world.

If you decide to go on your own scanning vacation, aka scancation, here’s my process and tips for acquiring models. I use a Canon S110 camera and then upload my photos later to the 123D Catch site and then upload all the models and a zip file of all the photos to Thingiverse because the photogrammetry software will get better someday and I want to have an archive of the photos so I can make better models later.

 

  • Lighting conditions matter. A cloudy sky is much better than a sunny one so that you can get all the details of your subject. 
  • Fill the frame, but make sure to leave some area around the object in the picture. 123D Catch uses reference points in the object to make everything fit together. 
  • Use all 70 pictures allowed by the software. The more pictures, the better the scan. 
  • Scan weird things. Sometimes the most iconic stuff of a location isn’t the most obvious. Some friends of mine scanned all of Canal St. in NYC and said the interesting parts were the giant piles of trash bags which are one of the local overlooked pieces of landscape art.
  • Don’t forget the top view. If you are capturing a subject that is tall, do your best to get above it and take a picture. A quadcopter could be handy for that
  • Fix it up with Netfabb. After I upload the photos into the 123D Catch online portal, then I use Netfabb basic to slice off all the weird parts and cut a flat bottom onto the object.
  • Make sure to upload your scans to Thingiverse. We can all make models of your SCANCATION. 

 

Do you have any other scanning tips for those that would like to experiment with vacation scanning? Leave them in the comments!

June 23, 2014

A country list - good for all

If you are a web developer, pc software programmer, app developer, Linux distro packager you have probably heard many complaints from your users about you list of countries and country codes.
Most of the complaint come from people not finding their country on the list. For example, Europe has changed a lot in the last two decades. Countries have dissolved and new ones were created. There are changes in Asia, Africa and in South America.

June 22, 2014

the meaning of a word

i learned the word "feminist" at my first job. I was 15 and a trainee engineer in a hydro power scheme. I recall one young man I worked with asking me urgently if i was a feminist. I asked what that was. he said, "women who hate men". oh.. i'm not one of them....

why would i get a job as the only woman deep in a power station if i hated men? It was a long long time before i heard any other definition of feminist.

June 20, 2014

Launceston June Meeting

G'day all

For this month's Launceston meeting, Phil will be giving us an introduction to NAS4Free, a BSD licenced fork/continuation of FreeNAS.

2:00pm
Saturday 28th June
Royal Oak
Launceston


As usual, some of us will be meeting for lunch beforehand at 1:00pm.

Hope to see you there!

Google Maps Link

NAS4Free Website
-----
Gov Hack 2014: June 11-13th (Hobart venue)
OpenStack 4th Birthday: June 17th (RSVP here: http://taslug-openstack.eventbrite.com.au/ )
Next Launceston meeting: 2:00pm July 26th (Topic TBC)

June 11, 2014

Hobart meeting - June 19th - (The aptosid fullstory)

Welcome to June. Yep. short days... stout beers. And source. LOTS OF SOURCE! I'm in the
middle of my exam session at uni so won't have time to prepare the usual slides and news
this month.

When: Thursday, June 19th, 18:00 for an 18:30 start
Where: Upstairs, Hotel Soho, 124 Davey St, Hobart.

Agenda:

18:00 - early mingle, chin wagging, discussion and install issues etc

19:00 - Trevor Walkley - aptosid fullstory


    This months talk will be given by Trevor Walkley, an aptosid
    dev,(bluewater on IRC), on building an iso using aptosid fullstory
    scripts which are currently held on github (and the 'how to do it' is
    not well known).

    A live build will take place (hopefully debian sid will cooperate on the
    night) followed by a live installation of the build to the famous milk
    crate computer belonging Scott, (faulteh on IRC).

20:00 - Meeting end. Dinner and drinks are available at the venue during the meeting.

We will probably get to a discussion on the Hobart LCA 2017 bid, ideas for upcoming
Software Freedom Day in September, Committee nomination and voting,
so our pre-talk discussion should be packed full of jam.

Also in June:
28th - Launceston meeting
July:
11-13th - Gov Hack 2014 - There's at least a Hobart venue for this event.
17th - OpenStack 4th Birthday - RSVP here: http://taslug-openstack.eventbrite.com.au/
September:
20th - Software Freedom Day - events in Hobart and Launceston

June 10, 2014

Integrate ToDo.txt into Claws Mail

I use Claws Mail for many years now. I like to call it “the mutt mail client for people who prefer a graphical user interface”. Like Mutt, Claws is really powerful and allows you to adjust it exactly to your needs. During the last year I began to enjoy managing my open tasks with ToDo.txt. A powerful but still simple way to manage your tasks based on text files. This allows me not only to manage my tasks on my computer but also to keep it in sync with my mobile devices. But there is one thing I always missed. Often a task starts with an email conversation and I always wanted to be able to transfer a mail easily to as task in a way, that the task links back to the original mail conversation. Finally I found some time to make it happen and this is the result:

To integrate ToDo.txt into Claws-Mail I wrote the Python program mail2todotxt.py. You need to pass the path to the mail you want to add as parameter. By default the program will create a ToDo.txt task which looks like this:


<task_creation_date> <subject_of_the_mail> <link_to_the_mail>

Additionally you can call the program with the parameter “-i” to switch to the interactive mode. Now the program will ask you for a task description and will use the provided description instead of the mail subject. If you don’t enter a subscription the program will fall back to the mail subject as task description. To use the interactive mode you need to install the Gtk3 Python bindings.

To call this program directly from Claws Mail you need to go to Configuration->Actions and create a action to execute following command:


/path_to_mail2todotxt/mail2todotxt.py -i %f &

Just skip the -i parameter if you always want to use the subject as task description. Now you can execute the program for the selected mail by calling Tools->Actions-><The_name_you_chose_for_the_action>. Additional you can add a short-cut if you wish, e.g. I use “Ctrl-t” to create a new task.

Now that I’m able to transfer a mail to a ToDo.txt item I also want to go back to the mail while looking at my open tasks. Therefore I use the “open” action from Sebastian Heinlein which I extended with an handler to open claws mail links. After you added this action to your ~/.todo.action.d you can start Claws-Mail and jump directly to the referred mail by typing:


t open <task_number_which_referes_to_a_mail>

The original version of the “open” action can be found at Gitorious. The modified version you need to open the Claws-Mail links can be found here.

June 06, 2014

Bodhi 2 FAD

I just came back from the Bodhi 2 FAD in Denver.

I flew from Paris on Saturday 31st morning. Luke, Kevin, Ricky and I started hacking on Sunday morning, the other participants arriving during the day.

The first two days, I started with many small things, as a warm up: packaging in Fedora some of the Bodhi 2 dependencies, escaping raw HTML in forms, adding license headers to all files, fixing some small issues in the update management,...

On Tuesday I implemented the whole release management. This area is particularly lacking in Bodhi 1, but Bodhi 2 should be a big improvement:

  • releng can't create a new release in Bodhi 1 when branching it (i.e when creating it in Git, Koji, PkgDB,...) because we don't use Bodhi right away (we start using it only at Alpha freeze). With Bodhi 2, a release can be created but kept disabled, which fixes this annoyance
  • when a Fedora release reaches end-of-life, we delete it from the Bodhi 1 database, which makes us lose all metrics, and breaks all the URLs to the updates pushed for these old releases. With Bodhi 2, we can now « archive » an old release, so that it doesn't appear in the web UI any more, we can't push updates for it any more, but URLs of old updates will still work.
  • the Release Engineers regularly need to resort to a TurboGears 1 shell to enter some Python code in order to create / modify a release in Bodhi 1. Bodhi 2 now exposes a web API to manage releases, and a command-line tool which uses this API.

Before dinner, I then quickly implemented the file-based creation of updates as needed by « fedpkg update ».

On Wednesday, I started implementing the management of buildroot overrides, tagging the build appropriately in Koji, ... That's not all done though, so I'll try to finish it in the next few days. :-)

We also had some discussions about the mashing process. We haven't decided whether we'd use the koji-mash plugin I wrote, or the more generic « run any command as root » plugin, but now that we have a working staging instance of Koji we should be able to test them and take the decision.

Overall, it was a great event. We made lots of progress, and had tons of fun.

Finally, I'd like to thank Ralph for organizing the event, Kevin for picking me up at the airport on Saturday, Tim for bringing me to the airport on Thursday (at 7am!), and Red Hat for funding my trip.

It was my first FAD, and I loved it. Looking forward to the next one. :-)

May 23, 2014

European Elections: get out and vote!

The European Elections are happening this weekend. In Portugal, they're on Sunday, but my first message goes to all Europeans: go out and vote. You think we're heading in the right direction? Go out and say it. You think we're heading in the wrong direction? Go out and say it. You're not planning to go out and vote because you're fed up with politics and politicians? Well, if you're fed up with the ones you have, go out and vote for others - if you don't, others will choose for yourself, and you'll still be fed up. In summary: there's no reason not to vote.

Vote!

My second message goes towards the Portuguese people. I am not going to tell you how to vote: that's really up to you. You have a life, and your life is deeply impacted by European politics. The countries finances, the money you have on your pocket, even the currency you use, the taxes you pay, the choices you're able to make, the laws you have, the things you do. So, even if you think you're not, you're fully capable of choosing for yourself, and to choose who will better defend your interests. So, with that in mind, I urge you pay attention to the choices that are laid out in front of you. You have sixteen (16!) parties to choose from. Pick one, go out, vote.

These are your options next Sunday:


Aliança Portugal (AP: PSD + CDS-PP)
Bloco de Esquerda (BE)
Coligação Democrática Unitária (CDU: PCP + PEV)
Livre
Movimento Alternativa Socialista (MAS)
Nova Democracia (PND)
Partido Comunista dos Trabalhadores Portugueses (PCTP/MRPP)
Partido da Terra (MPT)
Partido Democrático do Atlântico (PDA)
Partido Nacional Renovador (PNR)
Partido Operário de Unidade Socialista (POUS)
Partido pelos Animais e pela Natureza (PAN)
Partido Popular Monárquico (PPM)
Partido Socialista (PS)
Partido Trabalhista Português (PTP)
Portugal pro Vida (PPV)

I've also made a small summary and comparison text about the position of these parties, if you're interested. I'm sorry it isn't as complete as I wished it to be, but it might be helpful all the same. If you're interested, read it here.

Sunday is a great day: one of those days you can make a difference, where you can speak up and say what do you want in your life, your future. Don't let others decide for you. Vote!

May 07, 2014

gom in Fedora

I've been experimenting with gom, the GObject data mapper recently.

With a lot of help from Bastien Nocera, I eventually managed to get started using it as an experiment for one of my projects.

I have to say I'm quite impressed. Sure, writing GObject code is super verbose, but then managing objects and properties is so much nicer than managing strings full of SQL queries. And I hear the verbosity might be greatly reduced in the near future! :-D

Long story short, I've started building gom packages from Git snapshots in a Copr.

I'll eventually push it to Fedora proper, but I'd rather wait for an actual release. Maybe in time for GNOME 3.14?

In the meantime, if you want to try it out, go grab the packages from the Copr. Gom is under quick development, and now is a great time to test it and ensure it has the features your application needs. For example, I needed boolean properties and columns with a UNIQUE constraint, and both are now possible in master. :-)

Now to play some more with it...

April 23, 2014

U talking to me?

This upstirring undertaking Ubuntu is, as my colleague MPT explains, performance art. Not only must it be art, it must also perform, and that on a deadline. So many thanks and much credit to the teams and individuals who made our most recent release, the Trusty Tahr, into the gem of 14.04 LTS. And after the uproarious ululation and post-release respite, it’s time to open the floodgates to umpteen pent-up changes and begin shaping our next show.

The discipline of an LTS constrains our creativity – our users appreciate the results of a focused effort on performance and stability and maintainability, and we appreciate the spring cleaning that comes with a focus on technical debt. But the point of spring cleaning is to make room for fresh ideas and new art, and our next release has to raise the roof in that regard. And what a spectacular time to be unleashing creativity in Ubuntu. We have the foundations of convergence so beautifully demonstrated by our core apps teams – with examples that shine on phone and tablet and PC. And we have equally interesting innovation landed in the foundational LXC 1.0, the fastest, lightest virtual machines on the planet, born and raised on Ubuntu. With an LTS hot off the press, now is the time to refresh the foundations of the next generation of Linux: faster, smaller, better scaled and better maintained. We’re in a unique position to bring useful change to the ubiquitary Ubuntu developer, that hardy and precise pioneer of frontiers new and potent.

That future Ubuntu developer wants to deliver app updates instantly to users everywhere; we can make that possible. They want to deploy distributed brilliance instantly on all the clouds and all the hardware. We’ll make that possible. They want PAAS and SAAS and an Internet of Things that Don’t Bite, let’s make that possible. If free software is to fulfil its true promise it needs to be useful for people putting precious parts into production, and we’ll stand by our commitment that Ubuntu be the most useful platform for free software developers who carry the responsibilities of Dev and Ops.

It’s a good time to shine a light on umbrageous if understandably imminent undulations in the landscape we love – time to bring systemd to the centre of Ubuntu, time to untwist ourselves from Python 2.x and time to walk a little uphill and, thereby, upstream. Time to purge the ugsome and prune the unusable. We’ve all got our ucky code, and now’s a good time to stand united in favour of the useful over the uncolike and the utile over the uncous. It’s not a time to become unhinged or ultrafidian, just a time for careful review and consideration of business as usual.

So bring your upstanding best to the table – or the forum – or the mailing list – and let’s make something amazing. Something unified and upright, something about which we can be universally proud. And since we’re getting that once-every-two-years chance to make fresh starts and dream unconstrained dreams about what the future should look like, we may as well go all out and give it a dreamlike name. Let’s get going on the utopic unicorn. Give it stick. See you at vUDS.

April 06, 2014

Books and Music in 2013

Another year gone. Just like in years before, here's a recommendation of music and books, from what has been released during the year (in the case of music), and what I've read in 2013 (for books). Note that there are other, great 2013 music releases, that I only got my hands on in 2014, and those aren't on this list. Without further ado:

Books:


* Neal Stephenson - The Mongoliad (Books 2 and 3)
* Iain M. Banks - The Hydrogen Sonata
* Cory Doctorow's fiction - The Rapture of Nerds and Pirate Cinema
* Music - Looking For Europe
* Tech - Videojogos em Portugal

Music:


* Kokori - Release Candid Hate (Vinyl)
* Gvar - Vraii (Cass)
* Charanga - Borda Tu! (CD)
* Dismal - Giostra Di Vapori (CD)
* Mindless Self Indulgence - How I Learned To Stop Giving A Shit And Love Mindless Self Indulgence (CD)

March 30, 2014

Upcoming Greenboard deployment

fossasia-group-sOver the past few months we have been busy introducing the Greenboard project in a few places, namely at Teach for China in Shantou and at FOSSASIA in Phnom Penh to name just two places. Both have been very interested in the concept, its flexibility, past deployments and more importantly using it within their environment.

greenboard-teamWe are now working on refurbishing a classroom of sixty computers in a school not too far from Shantou, classroom which was installed ten years ago and has never ever been used. Of course not all the machines start (in fact only 15 out of 60) but the room is properly set up and looks like a very nice place to start in the region. The people we are working with from Teach for China are very motivated as well which brings a lot to the equation.

usaidOn the Cambodian side, the discussions we had with USAID and the representative from the Ministry of Education were very positive too. We will have further discussions during April and need to start checking the translation status of all the components we use. Luckily the person in charge of packaging Greenboard happens to be Cambodian too!

All in all we are pretty excited about what’s coming ahead of us and will work hard to make it happen. Stay connected to learn more as the projects move forward!

March 28, 2014

Promote OpenClipart on Culture Freedom Day!

As Culture Freedom Day preparation is ongoing we got the chance to meet up with Jon Philips from the Open Clipart Library, a good friend of ours and a strong supporter of our events. Jon kindly authored a video to support us and encourage participants to take a closer look at the Open Clipart Library new website design and functionalities. So without further ado we will let Jon do the presentation and thank him and the Open Clipart team for their support!

So don't forget to use and showcase the Open Clipart Library at your event!

March 17, 2014

ACPI, firmware and your security

ACPI comes from an era when the operating system was proprietary and couldn’t be changed by the hardware manufacturer.

We don’t live in that era any more.

However, we DO live in an era where any firmware code running on your phone, tablet, PC, TV, wifi router, washing machine, server, or the server running the cloud your SAAS app is running on, is a threat vector against you.

If you read the catalogue of spy tools and digital weaponry provided to us by Edward Snowden, you’ll see that firmware on your device is the NSA’s best friend. Your biggest mistake might be to assume that the NSA is the only institution abusing this position of trust – in fact, it’s reasonable to assume that all firmware is a cesspool of insecurity courtesy of incompetence of the worst degree from manufacturers, and competence of the highest degree from a very wide range of such agencies.

In ye olden days, a manufacturer would ship Windows, which could not be changed, and they wanted to innovate on the motherboard, so they used firmware to present a standard interface for things like power management to a platform that could not modified to accommodate their innovation.

Today, that same manufacturer can innovate on the hardware and publish a patch for Linux to express that innovation – and Linux is almost certainly the platform that matters. If Windows enters this market then the Windows driver model can evolve to give manufacturers this same ability to innovate in the Windows world, where proprietary unverifiable blobs are the norm.

Arguing for ACPI on your next-generation device is arguing for a trojan horse of monumental proportions to be installed in your living room and in your data centre. I’ve been to Troy, there is not much left.

We’ve spent a good deal of time working towards a world where you can inspect the code that is running on any device you run. In Ubuntu we work hard to make sure that any issues in that code can be fixed and delivered right away to millions of users. Bruce Schneier wisely calls security a process, not a product. But the processes for finding and fixing problems in firmware are non-existent and not improving.

I would very much like to be part of FIXING the security problem we engineers have created in our rush to ship products in the olden days. I’m totally committed to that.

So from my perspective:

  • Upstream kernel is the place to deliver the software portion of the innovation you’re selling. We have great processes now to deliver that innovation to users, and the same processes help us improve security and efficiency too.
  • Declarative firmware that describes hardware linkages and dependencies but doesn’t include executable code is the best chance we have of real bottom-up security. The Linux device tree is a very good starting point. We have work to do to improve it, and we need to recognise the importance of being able to fix declarations over the life of a product, but we must not introduce blobs in order to short cut that process.

Let’s do this right. Each generation gets its turn to define the platforms it wants to pass on – let’s pass on something we can be proud of.

Our mission in Ubuntu is to give the world’s people a free platform they can trust.  I suspect a lot of the Linux community is motivated by the same goal regardless of their distro. That also means finding ways to ensure that those trustworthy platforms can’t be compromised elsewhere. We can help vendors innovate AND ensure that users have a fighting chance of privacy and security in this brave new world. But we can’t do that if we cling to the tools of the past. Don’t cave in to expediency. Design a better future, it really can be much healthier than the present if we care and act accordingly.

 

February 21, 2014

Some updates (EFD, Greenboard, etc)

We are getting back with some good and bad news. On the bad side we will not be able to run any Education Freedom Day event in Hong Kong this year as we actually need to take care of some urgent personal problems. On the good news side we will be discussing with several organizations in the coming weeks about Greenboard deployments including Teach For China in Shantou this weekend and more located in Cambodia next weekend. We are very excited about those potential opportunities and hope to have a lot more to tell soon. And of course you can definitely attend our next development session here in Hong Kong and get a better feeling about some of the things we do. Thanks and happy FOSS'ing!

Who's Online

We have 88 guests online
Digital Freedom International (Aka SFI) is the non-profit organization at the origin of SFD and CFD. DFI handles sponsorship contracts, official team registrations, sending out schwags to teams, the annual Best Event Competition and many other things. Hundreds of teams around the world manage the local celebration and help to send out a global message. So do drop by and attend an SFD and CFD event nearby!

Login Form