Celebrate SFD 2014 on Saturday, September 20th
   
Text Size
Login
Canonical
Google
Linode
FSF
Linux Magazine
Ubuntu User
Linux Journal
Admin Network & Security Magazine
Smart Developer
Creative Commons
FreeBSD
Joomla!
Open Clipart Library
FSFE
Fundația Ceata
Atom 0.3 RSS 1.0 RSS 2.0 OPML FOAF

January 29, 2015

Libreboot X200 laptop now FSF-certified to respect your freedom

LibreBoot X200

This is the second Libreboot laptop from Gluglug (a project of Minifree, Ltd.) to achieve RYF certification, the first being the Libreboot X60 in December 2013. The Libreboot X200 offers many improvements over the Libreboot X60, including a faster CPU, faster graphics, 64-bit GNU/Linux support (on all models), support for more RAM, higher screen resolution, and more. The Libreboot X200 can be purchased from Gluglug at http://shop.gluglug.org.uk/product/libreboot-x200/.

The Libreboot X200 is a refurbished and updated laptop based on the Lenovo ThinkPad X200. In order to produce a laptop that achieved the Free Software Foundation's certification guidelines, the developers at Gluglug had to replace the low-level firmware as well as the operating system. Microsoft Windows was replaced with the FSF-endorsed Trisquel GNU/Linux operating system, which includes the GNOME 3 desktop environment. The free software boot system of Libreboot and the GNU GRUB 2 bootloader were adapted to replace the stock proprietary firmware, which included a BIOS, Intel's Management Engine system, and Intel's Active Management Technology (AMT) firmware.

The FSF has previously written about Intel's ME and AMT, calling attention to how this proprietary software introduces a fundamental security flaw -- a back door -- into a person's machine that allows a perpetrator to remotely access the computer over a network. It enables powering the computer on and off, configuring and upgrading the BIOS, wiping the hard drives, reinstalling the operating system, and more. While there is a BIOS option to ostensibly disable AMT, because the BIOS itself is proprietary, the user has no means to verify whether this is sufficient. The functionality provided by the ME/AMT could be a very useful security and recovery measure, but only if the user has control over the software and the ability to install modified versions of it.

"The ME and its extension, AMT, are serious security issues on modern Intel hardware and one of the main obstacles preventing most Intel based systems from being liberated by users. On most systems, it is extremely difficult to remove, and nearly impossible to replace. Libreboot X200 is the first system where it has actually been removed, permanently," said Gluglug Founder and CEO, Francis Rowe.

"This is a huge accomplishment, but unfortunately, it is not known if the work they have done to remove the ME and AMT from this device will be applicable to newer Intel-based laptops. It is incredibly frustrating to think that free software developers may have to invest even more time and energy into figuring out how to simply remove proprietary firmware without rendering the hardware nonfunctional. On top of that, the firmware in question poses a serious security threat to its users -- and the organizations who employ them. We call on Intel to work with us to enable removal of ME and AMT for users who don't want it on their machines," said FSF's executive director, John Sullivan.

In order to remove the ME, AMT, and other proprietary firmware from the laptop, the Libreboot developers had to first reverse engineer Intel's firmware. They then created a small software utility to produce a free firmware image that conforms to Intel's specifications. Finally, to install their firmware on the device, they used special hardware (an SPI flasher) that they directly connected to a small chip on the motherboard itself. After many months of work, the Libreboot developers managed to completely overwrite the proprietary firmware with Libreboot and GNU GRUB 2. Those who purchase a Libreboot X200 from Gluglug will receive a laptop that has had all of this work already done to it and will be able to update or install new firmware to their device without needing to make use of any special hardware or complicated procedures.

To learn more about the Respects Your Freedom hardware certification, including details on the certification of the Libreboot X200, visit http://www.fsf.org/ryf. Hardware sellers interested in applying for certification can consult http://www.fsf.org/resources/hw/endorsement/criteria.

Subscribers to the FSF's Free Software Supporter newsletter will receive announcements about future Respects Your Freedom products.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

About Gluglug and Minifree, Ltd

Francis Rowe is the Founder and CEO of Minifree Ltd in the UK, which owns and operates Gluglug, a project to promote adoption of free software globally. To purchase products sold by Gluglug, visit http://shop.gluglug.org.uk.

Media Contacts

Joshua Gay
Licensing & Compliance Manager
Free Software Foundation
+1 (617) 542 5942
This e-mail address is being protected from spambots. You need JavaScript enabled to view it

Francis Rowe
Founder & CEO
Gluglug
This e-mail address is being protected from spambots. You need JavaScript enabled to view it

January 28, 2015

The GHOST Vulnerability

Heads up everybody – a Linux vulnerability known as GHOST (CVE-2015-0235), discovered by Qualys, has recently been publicized. This particular vulnerability is a nasty one, since it allows for remote code execution.

The vulnerability has been exhaustively documented in this Security Advisory, which you may find interesting. In short, the vulnerability exists within glibc in __ns_hostname_digits_dots(), which deals with hostname resolution via the gethostbyname() call.

Am I Vulnerable?

Yes, most likely. In order to address this, you’ll want to ensure that you have updated and rebooted your systems.

Debian and Ubuntu have updated packages for their supported distributions. Run apt-get update && apt-get dist-upgrade to bring your system up to date, and then reboot to ensure no references to the old libraries still exist.

For other popular distributions, please follow their equivalent steps for upgrading packages.  For more information, you can follow our GHOST guide.

Is Linode Infrastructure vulnerable?

No. Our Security Team has worked to protect our infrastructure from this vulnerability and we have taken the appropriate steps to address this issue on all of our systems.

Laptop over-heating issues.

Hi all, There was a Mini-Debconf held in IIT Mumbai on January 17 – 18 .  The event was good from outsider’s perspective but there were and are a lot of kinks we need to work out when holding future mini-debconfs. I was hoping we would be getting some photos from the event by our […]

January 27, 2015

Kythe: a new approach to making developer tools

Building development tools that support multiple programming languages can be a real grind. Doing it well takes a lot of work, and historically each tool has done it largely from scratch for each language it supports. It would be far easier if that hard work could be done just once in a reusable fashion that any tool can make use of. That’s the idea behind the Kythe project: by using a common structured format to represent source code in varied programming languages, Kythe-enabled tools are able to work with code in any supported language. Support for new languages can be plugged in as needed.


The name Kythe means "to make visible", specifically, making the structure of your code visible. It's early days and we've just opened up our project to the community, but we aim to build up a community of developers around these ideas. We've had a lot of experience building and maintaining similar cross-language tools inside Google and now we want to share the benefits of those tools with software developers beyond Google.


Kythe is open source and currently supports source code written in C++ and Java. (Support for Go is in progress.) It also includes a proof-of-concept source code browser that demonstrates how the pieces fit together. We have documentation available and invite you to join our mailing list for questions and discussions.


There's much more work to do and we look forward to evolving Kythe with the open source community's help.


by James Dennett, Kythe Team

January 26, 2015

Kicking off 2015 at FOSDEM

2014 was a monumental year for all of us in the Google Open Source Programs Office as we celebrated the 10th instance of Google Summer of Code and the fifth year of Google Code-in. As we start 2015, we are excited to continue spreading the word about open source.

One of the highlights for our team in 2014 was our February trip to FOSDEM where we had a table dedicated to our Google Summer of Code and Google Code-in programs. We are thrilled to be back this year for FOSDEM 2015 held on January 31-February 1 in Brussels at Université libre de Bruxelles. We look forward to chatting again with some of the expected 5,000+ attendees at this energetic, free to the public conference. Having the opportunity to talk face to face with some of the thousands of former students, mentors, and organization administrators about their experiences with the program and seeing the difference the programs make in people’s lives and careers is a true reward for our team. And if that wasn’t fun enough, we also have the opportunity to spread the word about our programs to hundreds of interested students and teachers by chatting with them one on one at our table.

Googlers will be speaking during the conference at the sessions below:

Saturday, January 31
16:00   Pete Williamson, Emacs and Elisp on the Chromebook

Sunday, February 1
On Sunday there will be a Go Developer room from 9:50 - 16:30 with talks including a couple from Googlers.


If you are attending FOSDEM, be sure to stop by our table and say hi!

By Stephanie Taylor, Open Source Programs Office

January 22, 2015

FLOSSK mbështetë Wiki Academy Kukës

FLOSSK do të mbështesë Wiki Academy-n e cila mbahet më 22 dhe 23 mars në Kukës. Akademia e Wikipedia-s përfshinë trajnimin e të rinjëve për të kontribuar në Wikipedia duke përfunduar me një vikend të plotë dedikuar shkrimit të artikujve në Enciklopedinë e Lirë Wikipedia.

January 21, 2015

Books and Music in 2014

As tradition mandates, here's my yearly post about music release and books I've read the previously here.

Click on the images for details.
Top 10 music releases of 2014

Top 5 books I've read in 2014
You can also see last year's list.

January 20, 2015

Tapdancing yin-yang goat chorus line

Yes these will be in the film. Too bad the animated gif doesn’t have music.

Goat yin-yang dance3gif

Share/Bookmark

flattr this!

A new video about meeeeeeeee

Share/Bookmark

flattr this!

Smart things powered by snappy Ubuntu Core on ARM and x86

“Smart, connected things” are redefining our home, work and play, with brilliant innovation built on standard processors that have shrunk in power and price to the point where it makes sense to turn almost every “thing” into a smart thing. I’m inspired by the inventors and innovators who are creating incredible machines – from robots that might clean or move things around the house, to drones that follow us at play, to smarter homes which use energy more efficiently or more insightful security systems. Prooving the power of open source to unleash innovation, most of this stuff runs on Linux - but it’s a hugely fragmented and insecure kind of Linux. Every device has custom “firmware” that lumps together the OS and drivers and devices-specific software, and that firmware is almost never updated. So let’s fix that!

Ubuntu is right at the heart of the “internet thing” revolution, and so we are in a good position to raise the bar for security and consistency across the whole ecosystem. Ubuntu is already pervasive on devices – you’ve probably seen lots of “Ubuntu in the wild” stories, from self-driving cars to space programs and robots and the occasional airport display. I’m excited that we can help underpin the next wave of innovation while also thoughtful about the responsibility that entails. So today we’re launching snappy Ubuntu Core on a wide range of boards, chips and chipsets, because the snappy system and Ubuntu Core are perfect for distributed, connected devices that need security updates for the OS and applications but also need to be completely reliable and self-healing. Snappy is much better than package dependencies for robust, distributed devices.

Transactional updates. App store. A huge range of hardware. Branding for device manufacturers.

In this release of Ubuntu Core we’ve added a hardware abstraction layer where platform-specific kernels live. We’re working commercially with the major silicon providers to guarantee free updates to every device built on their chips and boards. We’ve added a web device manager (“webdm”) that handles first-boot and app store access through the web consistently on every device. And we’ve preserved perfect compatibility with the snappy images of Ubuntu Core available on every major cloud today. So you can start your kickstarter project with a VM on your favourite cloud and pick your processor when you’re ready to finalise the device.

If you are an inventor or a developer of apps that might run on devices, then Ubuntu Core is for you. We’re launching it with a wide range of partners on a huge range of devices. From the pervasive Beaglebone Black to the $35 Odroid-C1 (1Ghz processor, 1 GB RAM), all the way up to the biggest Xeon servers, snappy Ubuntu Core gives you a crisp, ultra-reliable base platform, with all the goodness of Ubuntu at your fingertips and total control over the way you deliver your app to your users and devices. With an app store (well, a “snapp” store) built in and access to the amazing work of thousands of communities collaborating on Github and other forums, with code for robotics and autopilots and a million other things instantly accessible, I can’t wait to see what people build.

I for one welcome the ability to install AI on my next camera-toting drone, and am glad to be able to do it in a way that will get patched automatically with fixes for future heartbleeds!

Education Freedom Day registration launched!

efd-banner

We have just opened Education Freedom Day registration, scheduled on March 21st, 2015. For its second edition EFD has been moved to March to facilitate its celebration in both the south of the planet and China (at least…) and we hope to cater to more events this year.

As usual for all our Freedom celebrations the process is similar, you get together and decide to organize an event, then create a page in our wiki and register your team. As the date approaches you get to put more information in your wiki page (or on your organization website which is linked from the wiki) such as the date and time, the location and what people can expect to see.

Education Freedom Day is really the opportunity to review all the available Free Educational Resources available, how they have improved since last year and what you should start planning to implement to deploy in the coming months. More importantly it is the celebration of what is available and letting people aware of it!

So prepare well and see you all in two months to celebrate Education Freedom Day!

Celebrate EFD with us on March 21, 2015!

Education Freedom Day registration launched!

And to continue this busy week in announcements we have just opened Education Freedom Day registration, scheduled on March 21st, 2015. For its second edition EFD has been moved to March to facilitate its celebration in both the south of the planet and China (at least...) and we hope to cater to more events this year.

As usual for all our Freedom celebrations the process is similar, you get together and decide to organize an event, then create a page in our wiki and register your team. As the date approaches you get to put more information in your wiki page (or on your organization website which is linked from the wiki) such as the date and time, the location and what people can expect to see.

Education Freedom Day is really the opportunity to review all the available Free Educational Resources available, how they have improved since last year and what you should start planning to implement to deploy in the coming months. More importantly it is the celebration of what is available and letting people aware of it!

So prepare well and see you all in two months to celebrate Education Freedom Day!

January 19, 2015

Komentet e FLOSSK-ut ndaj ligjit për përgjimin e komunikimeve elektronike në Kosovë

Më 19 janar, përmes një letre dërguar Komisionit Parlamentar për Integrime Evropiane, FLOSSK-u ka reaguar ndaj Projektligjit për përgjimin e komunikimeve elektronike në Kosovë. Në këtë letër numërohet arsyet pse ky Projektligj në formën e tanishme është i dëmshëm për privatësinë e qytetarëve të Kosovës dhe si rrjedhojë i papranueshëm për ne.
 

Key Update

I’m a fossil, apparently. My oldest PGP key dates back to 1997, so around the time when GnuPG just got started – and I switched to it early. Over the years I’ve been working a lot with GnuPG, which perhaps isn’t surprising. Werner Koch has been one of the co-founders of the Free Software Foundation Europe (FSFE) and so we share quite a bit of a long and interesting history together. I was always proud of the work he did – and together with Bernhard Reiter and others was doing what I could to try and support GnuPG when most people did not seem to understand how essential it truly was – and even many security experts declared proprietary encryption technology acceptable. Bernhard was also crucial to start the more than 10 year track record of Kolab development supporting GnuPG over the years. And especially the usability of GnuPG has always been something I’ve advocated for. As the now famous video by Edward Snowden demonstrated, this unfortunately continued to be an unsolved problem but hopefully will be solved “real soon now.”

 

In any case. I’ve been happy with my GnuPG setup for a long time. Which is why the key I’ve been using for the past 16 years looked like this:
sec# 1024D/86574ACA 1999-02-20
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Brave GNU World <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
ssb>  1024R/B7DB041C 2005-05-02
ssb>  1024R/7DF16B24 2005-05-02
ssb>  1024R/5378AB47 2005-05-02
You’ll see that I kept the actual primary key off my work machines (look for the ‘#’) and I also moved the actual sub keys onto a hardware token. Naturally a FSFE Fellowship Smart Card from the first batch ever produced.
Given that smart card is battered and bruised, but its chip is still intact with 58470 signatures and counting, the key itself is likely still intact and hasn’t been compromised for lack of having been on a networked machine. But unfortunately there is no way to extend the length of a key. And while 1024 is probably still okay today, it’s not going to last much longer. So I finally went through the motions of generating a new key:
sec#  4096R/B358917A 2015-01-11 [expires: 2020-01-10]
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Systems AG, CEO) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Kolab Community) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Free Software Foundation Europe, Founding President) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (Free Software Foundation Europe, Founding President) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (digitalSTROM.org Board) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
uid                  Georg C. F. Greve (GNU Project) <
 This e-mail address is being protected from spambots. You need JavaScript enabled to view it
 >
ssb>  4096R/AD394E01 2015-01-11
ssb>  4096R/B0EE38D8 2015-01-11
ssb>  4096R/1B249D9E 2015-01-11

My basic setup is still the same, and the key has been uploaded to the key servers, signed by my old key, which I have meanwhile revoked and which you should stop using. From now on please use the key
pub   4096R/B358917A 2015-01-11 [expires: 2020-01-10]
      Key fingerprint = E39A C3F5 D81C 7069 B755  4466 CD08 3CE6 B358 917A
exclusively and feel free to verify the fingerprint with me through side channels.

 

Not that this key has any chance to ever again make it among the top 50… but then that is a good sign in so far as it means a lot more people are using GnuPG these days. And that is definitely good news.

And in case you haven’t done so already, go and support GnuPG right now.

 

 

New committer: Jan Beich (ports)

30 years of FSF

After an exciting weekend celebrating Hardware Freedom Day what could possibly be better than going back to the very inspiring video made to celebrate the 30th anniversary of the Free Software Foundation? Indeed it’s been made using Free Software only and goes through the work of the foundation for the past thirty years. It’s actually nice to look at, positive and very well animated. We will definitely encourage all our software freedom day teams to use it during their events. But let us say no more and let you enjoy it if you’ve missed it so far:

And then, for the ones into this kind of work, and blender in particular, you can find a detailed explanation of the challenges that the makers of the work went through and how they fixed them right here. Definitely a great read into the whole process from design to finish. Great job guys! And of course a happy 30th anniversary to the FSF from the Digital Freedom Foundation and all its members!

30 years of FSF

After an exciting weekend celebrating Hardware Freedom Day what could possibly be better than going back to the very inspiring video made to celebrate the 30th anniversary of the Free Software Foundation? Indeed it's been made using Free Software only and goes through the work of the foundation for the past thirty years. It's actually nice to look at, positive and very well animated. We will definitely encourage all our software freedom day teams to use it during their events. But let us say no more and let you enjoy it if you've missed it so far:

And then, for the ones into this kind of work, and blender in particular, you can find a detailed explaination of the challenges that the makers of the work went through and how they fixed them right here. Definitely a great read into the whole process from design to finish. Great job guys! And of course a happy 30th anniversary to the FSF from the Digital Freedom Foundation and all its members!

January 16, 2015

Linode Datacenter Expansion

Happy New Year! 2014 was a great year at Linode and we’re very excited about all the projects we have planned for 2015.  Here’s a sneak peek at our datacenter expansion plans.

Singapore, SG

First, we’ll be expanding our presence in the Asia-Pacific region with a datacenter in Singapore. This new deployment will support all of the existing Linode services, including NodeBalancers, Backups, native IPv6, and features our latest generation SSD-based servers and 40 Gbit connectivity to each host machine. The facility will be a fantastic alternative/complement to our Tokyo location, with great connectivity to Australia, China, Hong Kong, India and the rest of Asia.

All of the networking and server hardware has been installed, and our team should have Singapore ready for customer Linodes in the next few weeks!

Frankfurt, Germany

We’re also expanding our European footprint with a deployment into Frankfurt, Germany. This will complement our UK-based facility. Interestingly, more than 35% of all European cloud traffic flows through Frankfurt and this location will enable customers to comply with Germany’s Federal Data Protection Act (a.k.a., Bundesdatenschutzgesetz (BDSG)) by hosting their data on German soil. Frankfurt is also centrally located in continental Europe, and we believe this will be a great location for all of Europe.

The Linode Frankfurt deployment will be coming in the next few months.

Tokyo, Japan

Our Tokyo facility has been a great success. So much so that we’ve actually exhausted all of the resources available there. Linodes in Tokyo are in limited supply and the datacenter is frequently sold out. While Singapore will be an excellent alternative for a presence in this region, we are also exploring a second Tokyo datacenter.

Stay tuned for the official announcements of these new locations and several other exciting developments coming soon!

January 15, 2015

October–December, 2014 Status Report

The October–December, 2014 Status Report is now available.

January 13, 2015

Django Girls Workshop at DevConf.cz 2015

One of the events that is co-hosted with DevConf.cz 2015 this year is Django Girls Workshop. It’s organized for females who want to learn to code websites using the Django framework. It takes place in our lovely Red Hat lab on the campus of Faculty of Information Technologies of Brno University of Technology on the 5th of February, one day prior the conference.

It has free admission and thanks to sponsors (Red Hat and ElasticSearch), you can even get financial aid to travel to Brno and get accommodation. The deadline for registration is on January 15th, so don’t hesitate and sign up!


Fedora at DevConf.cz 2015

DevConf.cz 2015 is just three weeks away, and the schedule was announced a few days ago. There are 150 talks and workshops in three days and Fedora plays an important role in it, especially on the last day which is mostly devoted to Fedora and thus called Fedora Day. Let’s look at which Fedora-focused talks the schedule offers:

Fedora Atomic – Collin Walters
Fedora and Red Hat Enterprise Linux Desktop – Christian Schaller
Vagrant for your Fedora – Tomáš Hrčka, Josef Stříbrný
Using Fedora as a base for the IoT revolution – Peter Robinson
Fedora: State of the Project – Matthew Miller
CentOS for Fedora – Karanbir Singh
Fedora Workstation Roadmap – panel discussion with the Workstation working group
Automation with Fedora in Taskotron – Tim Flink
Google, ownCloud and your Fedora Workstation – Debarshi Ray
Bodhi2, MirrorManager2, progit, FAS3, anitya, the-new-coolness… What’s going on in Fedora infra? – Pierre-Yves Chibon
Fedora Server – getting back to roots – Stephen Gallagher
Fedora Release Engineering Today – Dennis Gilmore
Life of a Fedora Cloud image – Kushal Das
Discuss environment and stacks in Fedora – Honza Horák
SCE wide system assessment for upgrading Fedora – Petr Hráček
Fedora Council Joint Session – panel discussion with the Council members
Packaging Workshop – Matthias Runge

 And these are just talks that are focused on Fedora, there are much more talks that are on technologies which are very related to Fedora. So don’t hesitate and come to join us in Brno on Feb 6-8th!


January 04, 2015

FSFE Newsletter - January 2015

FSFE Newsletter – January 2015 A revolution

The Earth has once again completed a full, customarily counted revolution. Here at FSFE we have been busy throughout 2014, working hard to ensure that users remain in control of their devices and that Free Software may once compete on a level playing field for public tenders. More information, including the extent of our limited success and our future prospects, on both these issues and our other frontiers may be found in our annual report for 2014, penned by our President Karsten Gerloff.

In addition to providing a comprehensive overview of our activities in 2014, Karsten finishes the report with a sneak peek of the challenges we are going to face and overcome in revolution 2015. For instance, we intend to build on the success of the Free Software Pact to spread awareness about Free Software among both the elected representatives of the European citizenry and the unelected bureaucrats of the executive branch.

We also intend to invest more in our local volunteers and Fellowship groups. We are hopeful that not only will we reach a wider audience and have a greater impact with increased local participation, but this will also be much more fun for everyone involved.

Fellowship elections

FSFE has a bit less than 1500 Fellows or sustaining members. In addition to receiving certain benefits useful for digital activists, all of them have a say in the governance of the FSFE. This right is exercised by electing representatives to the General Assembly, the highest decision-making body of FSFE. Your temporary editor will have served his term as a Fellowship Representative by this spring, and hence a new Representative will be elected by the orderly Fellows from February 20th to March 6th 2015, 12pm.

Your outgoing Representative would like to take this opportunity to invite all our Fellows to partake in the elections. The General Assembly is responsible for making all strategic decisions for FSFE, and all Fellows, whether true idealists or business-minded pragmatists, have the same right to affect our future growth and direction, so please do so.

EU: the good and the bad

On December 17, 2014, the European Parliament adopted the EU budget for 2015. We are very happy to report that thanks to the efforts of MEPs Julia Reda (Pirates) and Max Andersson (Greens), the Parliament has allocated up to a million euros to audit Free Software used by the European Parliament and Commission. We hope that the institutions concerned will closely work with upstream developers to best benefit the public. We also welcome further allocations that aim to allow equal participation in the digital society.

Unfortunately, we must still call upon EU institutions to make use of Open Standards and Free Software, as a recent study prepared for the Greens/EFA has found that the EU Parliament falls woefully short of its democratic obligations to ensure transparency and openness. Among other shortcomings the parliamentarians lack access to a standards-compliant e-mail solution.

Something completely different From the planet aggregation: Paul Boddie writes about the ‘unplanned obsolescence’ of early Fairphone devices, justifiedly arguing that Fairphone's decision to overlook or deprioritize hardware support for Free Software was unwise considering the abundance of information available on the lack of hardware support for Free Software. Otto Kekäläinen writes about password management while recognizing that people are not storage media. Otto's piece is an excellent read when taken with a pinch of salt. Nico Rikken contemplates the right to make bad choices in his piece ‘Optional rights’.

2015 will bring a new etiquette to our Fellowship Planet. A proposed draft will be presented to the Fellows for consultation at the earliest convenience.

Get active: spread free software

The gift giving season has just ended. No doubt you have a friend or relative unfortunate enough to have been given a computer bundled with non-free software as a gift. Help them install a free GNU/Linux distribution or Replicant.

Thanks to all the volunteers, Fellows and corporate donors who enable our work, Heiki Ojasild Fellowship Representative, FSFE

Support FSFE, join the Fellowship
Make a one time donation

December 23, 2014

GNOME Builder copr now for Rawhide only

GNOME Builder is under heavy development. This usually implies that such an application might require very new versions of its dependencies.

Upstream recently bumped their dependencies, and now require things that are only in Rawhide.

I have no intention to provide development builds of Gtk3 (among other things) in a Fedora 21 copr, as that might imply either breaking half of the distro, or having to rebuild it.

As a result, the GNOME Builder copr will from now on be Rawhide-only.

I have dropped the Fedora 21 repos, they won't be updated any more.

If you were using it on Fedora 21, please delete it:

# rm -f /etc/yum.repos.d/_copr_bochecha-gnome-builder.repo

If you still want to try GNOME Builder on Fedora 21, you'll now have to go the jhbuild route.

December 18, 2014

EU to fund Free Software code review

EU to fund Free Software code review

The European Parliament has approved funding for several projects related to Free Software and privacy. In the EU budget for 2015, which the European Parliament adopted on December 17, the Parliamentarians have allocated up to one million Euro for a project to audit Free Software programs in use at the Commission and the Parliament in order to identify and fix security vulnerabilities.

Even though these institutions are tightly locked into non-free file formats, much of their infrastructure is based on Free Software.

“This is a very welcome decision,” says FSFE's president Karsten Gerloff. “Like most public bodies, the European institutions rely heavily on Free Software for their daily operations. It is good to see that the Parliament and the Commission will invest at least a little in improving the quality and the programs they use.”

The European Commission's Directorate General for Informatics (DIGIT) will be in charge of implementing the pilot, which was submitted by MEPs Julia Reda (Pirates) and Max Andersson (Greens). FSFE urges the Commission to work closely with upstream developers. The EC should make the audit results public as soon as possible, and contribute any improvements it makes to the upstream projects.

The budget further lists a project to encrypt communications among the EU institutions, funded with EUR 500,000; and a pilot that uses Free Software and Open Standards to help civil society actors participate in lawmaking, by improving AT4AM, the software that MEPs use for drafting legislation, which the Parliament published as Free Software in 2013. Another project is intended to enable the European Commission to make unclassified documents publicly available by default.

“Taken together, these projects are a first step towards more transparent policy making in Europe,” says Gerloff. “We will continue to work with the Commission and the Parliament to help them along the path of engaging more consistently and effectively with the Free Software community.”

Media contact: Karsten Gerloff Mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it tel.: +49 176 9690 4298

Support FSFE, join the Fellowship
Make a one time donation

December 12, 2014

More From Your Newest Board Member: An Interview with Cheryl R. Blain

Recently, The FreeBSD Foundation announced the addition of Cheryl R. Blain to the Board of Directors. We sat down with Cheryl to find out more about her background and what brought her to the Foundation. Take a look at what she has to say:

Tell us a little about yourself, and how you got involved with FreeBSD?
I was bit by the entrepreneur bug in 1999 when working for a non-profit. I’ve worked with high-tech, venture-backed, small-cap companies ever since.  My typical engagement finds
Cheryl R. Blain
me streamlining operations and sales teams to prepare companies for their next step forward, which most often involves financing.  


I have a master’s degree in business administration with a dual emphasis in finance and sustainable enterprise, from Saint Mary’s College and as a visiting student at UNC Kenan-Flagler.

Xinuos is the latest high-tech, venture-backed company to which I’ve plied my wares.  While working for Xinuos, I was exposed to FreeBSD for the first time in 2013.  During my first week on the job, I was asked if I was willing to go to Ottawa, Canada to learn more about FreeBSD and the community of developers.  The head of engineering and I felt the conference was very important to Xinuos’ future, so we decided it was an opportunity not to be missed.  Since the trip was so unexpected, I actually had to have my passport over-night shipped to me in our New Jersey office so I could leave the following day!  My colleague and I attended BSDCan and it was everything we had hoped it would be.  We were welcomed by the development community and pleasantly inundated with inquiries about our interest in FreeBSD.  David Chisnall was an especially helpful evangelist of FreeBSD, and made sure my colleague and I had the information we needed.

Why are you passionate about serving on the FreeBSD Foundation Board?
The FreeBSD community (including the board) is in no small part the reason I chose to learn more about the project as a commercial offering two years ago.  My passion is in building businesses, and I wanted to work on a project that was technologically sound, well supported and attractive to people who I like and respect.  The FreeBSD community quickly forgave me for being the least technical person in the room, and was wonderful in embracing the value I can bring to the community from a business perspective.

I look forward to doing my part to ensure that the FreeBSD project has a vibrant future.

What excited you about our work?
There are many things that make FreeBSD interesting...but the first time I think I got really excited was in Ottawa in 2013, when Matt Ahrens gave his talk on ZFS.  Every developer in the room was abuzz with excitement.  In Matt’s presentation he listed logos of the other open source operating systems using ZFS, but I connected with how the room full of BSD developers really embraced Matt as their own.  His bold move to pack his box at Oracle to continue his open source work, helped me realize the people associated with FreeBSD are not status quo...they are pushing the envelope. Then I met Peter Grehan and Neel Natu and was introduced to their work on bhyve, and Justin and George as Foundation board members and FreeBSD committers and knew that even though the FreeBSD project has been around since 1993, new excitement and innovation is happening right now.  And I haven’t even mentioned Capsicum or Clang! Oh and I can’t forget, I was there for the naming of Groff with all the rowdy laughter and good spirited banter, and it was then that I felt like I was among friends.   

 What are you hoping to bring to the organization and the community through your new leadership role?
I hope that my participation in the planning discussions will encourage other business leaders to join in the discussions as well.   

I also hope to encourage those who use FreeBSD commercially to become more vocal about their experiences and use cases, to encourage others to develop with FreeBSD as well.  In doing so, there is a great opportunity to build an endowment among alum to ensure a vibrant future for FreeBSD.

How do you see your background and experience complementing the current board? 
I will be delighted if I am successful in bringing a business lens to the board discussions.  I would like to help elevate FreeBSD in the minds of technology companies worldwide and see a broader acceptance of the OS as a commercially desirable alternative.

December 11, 2014

Super Computing Trip Report: Michael Dexter

Michael Dexter has also provided his trip report for Super Computing:

In case you have not heard of the Supercomputing.org conference, it is a meeting of 10,000 researchers, computer scientists, engineers, students, managers, sales engineers and three-letter agency representatives that takes place in a different US city every year. I have hosted a booth at the event since 2009 when it passed through Portland and this year showcased the bhyve Hypervisor and explained all things BSD to brilliant attendees from around the world. I was joined by Patrick Masson, General Manager of the Open Source Initiative, who helped shed light on the pervasive yet unrecognized use of open source software by the universities, organizations and companies at the event. Literally 90% or more of the exhibitors rely on open source but few give it any recognition. For years, GNU/Linux has dominated the Top500 list of supercomputers that is announced at the event each year and I set out to help change that by highlighting bhyve, OpenZFS and other great technologies in FreeBSD.

SC14 could not have started on a better note thanks to the announcement on the first day that the FreeBSD Foundation received a million dollar donation from WhatsApp founder Jan Koum. I heard many people say "I used FreeBSD ten years ago" and the news instantly got their attention and set the tone for the rest of the event. By showcasing ZFS, we drew the attention of ex-Sun Microsystems engineers and executives and even had a visit by UC Berkeley CSRG research assistant Clem Cole. The message that "BSD is back" was loud and clear and I canvased the Student Cluster Competition to help inspire a new generation of users who had never heard of the BSDs.

The bhyve booth was in the heart of the ARM pavilion which made for some enlightening conversations. bhyve and the ARM CPU architecture both stand out for operating without emulation, resulting in simplicity and performance for bhyve and significant power savings for ARM. A roadmap exists for bhyve support on ARM and hopefully this will be something to showcase at SC15. Of the exhibiting ARM partners, the SoftIron team stood out as loud and proud users of FreeBSD and I look forward to seeing them at future BSD events.

FreeBSD vendor iXsystems was also at the event demonstrating FreeNAS and TrueNAS, as were the SaltStack team who received a bhyve demo and expressed a sincere desire to include support for bhyve. A handful of other open source vendors like Red Hat were in attendance plus FreeBSD consumers like Spectra Logic, EMC/Isilon, NetApp and Juniper. Many individual open source users came to the booth and my favorite quotation came from a conversation at a Mellanox event: "Our administrators use FreeNAS at home and come work and ask 'why the heck aren't we using ZFS?'" Open source is winning but there is still much work to be done.

Speaking of work, I asked many people, including Navy researchers moving massive uncompressed video streams, what FreeBSD needs to do get back on the Top500 list of supercomputers. The short list of answers I received was: OFED/OpenFabrics Enterprise Distribution support, OpenMPI/Message Passing Interface support and Lustre distributed file system support. Surprisingly, NUMA/Non-Uniform Memory Access did not come up. Interconnect vendor Chelsio Communications stood out as a solid supporter of FreeBSD and dominant player Mellanox expressed interest in expanding their support for FreeBSD given the opportunity it represents. All in all, people were very receptive to giving FreeBSD and other BSDs a try, especially given that it would be a homecoming for so many users.

I wish to thank the FreeBSD Foundation for sponsoring the bhyve booth at SC14 and I am delighted to hear that ARM has just made a generous $50,000 donation to the Foundation. In total I gave out 250 tri-fold brochures and talked to hundreds of people at SC14. Hopefully those seeds will take root and we will start seeing FreeBSD systems in the Student Cluster Competition and on the 2015 Top500 supercomputer list!

December 08, 2014

Committee begins review of High Priority Projects list -- your input is needed

High Priority Projects logo

This announcement was written by the FSF's volunteer High Priority Projects Committee.

Nine and a half years ago the first version of the High Priority Free Software Projects (HPP) list debuted with only four projects, three of them related to Java. Eighteen months later, Sun began to free Java users. The current HPP list includes fourteen categories mentioning over forty distinct projects. Computing is ever more ubiquitous and diverse, multiplying challenges to surmount in order for all computer users to be free.

Undoubtedly there are thousands of free software projects that are high priority, each having potential to displace non-free programs for many users, substantially increasing the freedom of those users. But the potential value of a list of High Priority Free Software Projects maintained by the Free Software Foundation is its ability to bring attention to a relatively small number of projects of great strategic importance to the goal of freedom for all computer users. Over the years the list has received praise and criticism -- frankly not nearly enough, given the importance of its aims -- and been rebooted. As the list approaches its tenth year, we aim to revitalize and rethink it, on an ongoing basis.

The first step has been to assemble a committee which will maintain the list, initially composed of the following free software activists: ginger coons, Máirín Duffy, Matthew Garrett, Benjamin Mako Hill, Mike Linksvayer, Lydia Pintscher, Karen Sandler, Seth Schoen, and Stefano Zacchiroli. The committee has drafted this announcement and the following plan.

We need your input! Send your suggestions of projects to This e-mail address is being protected from spambots. You need JavaScript enabled to view it . Remember, we're looking for projects of great strategic importance to the goal of freedom for all computer users. If you wish, we encourage you to publish your thoughts independently (e.g., on your blog) and send a us a link. Keep in mind that not every project of great strategic importance to the goal of freedom for all computer users will be a software development project. If you believe other forms of activism, internal or external (e.g., making free software communities safe for diverse participants, mandating use of free software in the public sector), are most crucial, please make the case and suggest such a project!

Based on the received input, the current content of the list, and our own contributions, we will publish a substantially revised list and an analysis before LibrePlanet 2015 and expect a lively discussion at that event. If we are successful, we will have the immediate impact of bringing widespread coverage of free software movement strategy and the ongoing impact of garnering substantial attention and new effort for listed projects. (Note that we're also interested in outreach and measurement suggestions. A revised and maintained list is necessary but not sufficient for success.)

Finally, we've already made a few minor changes to the HPP list in order to fix long-standing issues that have been reported in the past. We are looking forward to your feedback at This e-mail address is being protected from spambots. You need JavaScript enabled to view it as we work on more substantial improvements!

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

Media Contacts

John Sullivan
Executive Director
Free Software Foundation
+1 (617) 542 5942
This e-mail address is being protected from spambots. You need JavaScript enabled to view it

November 27, 2014

New stickers and leaflets: No cloud and e-mail self-defense

This week we received new additions for our information materials in the Berlin office.

First of all, the English version of the “e-mail self-defense” leaflet. In September Erik layouted and printed a German version of that leaflet to distribute at the “freedom not fear demonstration“ in Berlin. We received a lot of positive feedback about the leaflet, and had to order the German version three times already. Now we also have the English version, and our translators are working on Dutch, Italian, French, Spanish, Greek, and Chinese.

gnupg-leaflet.en FSFE CC BY-SA

Lollipopp’d

I successfully updated my Nexus devices with Android 5.0 aka Lollipop earlier this week. Finally. After 3 tries with the download failing the first time, the install failing the next time and then it finally going through. Here is what I’m impressed with: * Look and feel polish – the visual change using new material […]

November 22, 2014

Release party in Barcelona

15794067981_0d173ce352_z

Another time, and there has been 16, ubuntaires celebrated the release party of the next Ubuntu version, in this case, 14.10 Utopic Unicorn.

This time, we went to Barcelona, at Raval, at the very centre, thanks to our friends of the TEB.

As always, we started with explaining what Ubuntu is and how our Catalan LoCo Team works and later Núria Alonso from the TEB explained the Ubuntu migration done at the Xarxa Òmnia.

15797518182_0a05d96fde_z

The installations room was plenty from the very first moment.

15611105340_1de89d36b4_z

There also was a very profitable auto-learning workshop on how to do an Ubuntu metadistribution.

15772275826_99d1a77d8b_z

 

And in another room, there were two Arduino workshops.

15610528118_927a8d7cc2_z15794076701_cc538bf9ba_z

 

And, of course, ubuntaires love to eat well.

 

15615259540_76daed408b_z 15614277959_c98bda1d33_z

 

Pictures by Martina Mayrhofer and Walter García, all rights reserved.

 
 

November 08, 2014

OpenStack on a diet, redux

Subhu writes that OpenStack’s blossoming project list comes at a cost to quality. I’d like to follow up with an even leaner approach based on an outline drafted during the OpenStack Core discussions after ODS Hong Kong, a year ago.

The key ideas in that draft are:

Only call services “core” if the user can detect them.

How the cloud is deployed or operated makes no difference to a user. We want app developers to

Define both “core” and “common” services, but require only “core” services for a cloud that calls itself OpenStack compatible.

Separation of core and common lets us recognise common practice today, while also acknowledging that many ideas we’ve had in the past year or three are just 1.0 iterations, we don’t know which of them will stick any more than one could predict which services on any major public cloud will thrive and which will vanish over time. Signalling that something is “core” means it is something we commit to keeping around a long time. Signalling something is “common” means it’s widespread practice for it to be available in an OpenStack environment, but not a requirement.

Require that “common” services can be self-deployed.

Just as you can install a library or a binary in your home directory, you can run services for yourself in a cloud. Services do not have to be provided by the cloud infrastructure provider, they can usually be run by a user themselves, under their own account, as a series of VMs providing network services. Making it a requirement that users can self-provide a service before designating it common means that users can build on it; if a particular cloud doesn’t offer it, their users can self-provide it. All this means is that the common service itself builds on core services, though it might also depend on other common services which could be self-deployed in advance of it.

Require that “common” services have a public integration test suite that can be run by any user of a cloud to evaluate conformance of a particular implementation of the service.

For example, a user might point the test suite at HP Cloud to verify that the common service there actually conforms to the service test standard. Alternatively, the user who self-provides a common service in a cloud which does not provide it can verify that their self-deployed common service is functioning correctly. This also serves to expand the test suite for the core: we can self-deploy common services and run their test suites to exercise the core more thoroughly than Tempest could.

Keep the whole set as small as possible.

We know that small is beautiful; small is cleaner, leaner, more comprehensible, more secure, easier to test, likely to be more efficiently implemented, easier to attract developer participation. In general, if something can be cut from the core specification it should. “Common” should reflect common practice and can be arbitrarily large, and also arbitrarily changed.

In the light of those ideas, I would designate the following items from Subhu’s list as core OpenStack services:

  • Keystone (without identity, nothing)
  • Nova (the basis for any other service is the ability to run processes somewhere)
    • Glance (hard to use Nova without it)
  • Neutron (where those services run)
    • Designate (DNS is a core aspect of the network)
  • Cinder (where they persist data)

I would consider these to be common OpenStack services:

  • SWIFT (widely deployed, can be self-provisioned with Cinder block backends)
  • Ceph RADOS-GW object storage (widely deployed as an implementation choice, common because it could be self-provided on Cinder block)
  • Horizon (widely deployed, but we want to encourage innovation in the dashboard)

And these I would consider neither core nor common, though some of them are clearly on track there:

  • Barbican (not widely implemented)
  • Ceilometer (internal implementation detail, can’t be common because it requires access to other parts)
  • Juju (not widely implemented)
  • Kite (not widely implemented)
  • HEAT (on track to become common if it can be self-deployed, besides, I eat controversy for breakfast)
  • MAAS (who cares how the cloud was built?)
  • Manila (not widely implemented, possibly core once solid, otherwise common once, err, common)
  • Sahara (not widely implemented, weird that we would want to hardcode one way of doing this in the project)
  • Triple-O (user doesn’t care how the cloud was deployed)
  • Trove (not widely implemented, might make it to “common” if widely deployed)
  • Tuskar (see Ironic)
  • Zaqar (not widely implemented)

In the current DefCore discussions, the “layer” idea has been introduced. My concern is simple: how many layers make sense? End users don’t want to have to figure out what lots of layers mean. If we had “OpenStack HPC” and “OpenStack Scientific” and “OpenStack Genomics” layers, that would just be confusing. Let’s keep it simple – use “common” as a layer, but be explicit that it will change to reflect common practice (of course, anything in common is self-reinforcing in that new players will defer to norms and implement common services, thereby entrenching common unless new ideas make services obsolete).

November 05, 2014

Debutsav 2014 Experiences – Day 2

This will be the last post in series on Debutsav 2014 held at Amrita University and consequently will be biggish. As shared in the last blog post as well, the day started with Anup making sure that all of us were awake and had our bed tea. As most (or almost all) of us had […]

November 03, 2014

osquery is neat

Facebook recently made opensource, osquery. It gives you operating system data via SQL queries! Its very neat, and you can test this even on MacOSX (it works on that platform & Linux). It is by far the project with the most advanced functionality, linked here in this post.

I noticed that rather quickly, there was a PostgreSQL project, called pgosquery, based on Foreign Data Wrappers with a similar idea. (apparently it was written in less than 15 minutes; so a much lower learning curve than the regular MySQL storage engine interface)

I immediately thought about an older MySQL project, by Chip Turner (then at Google, now at Facebook), called mysql-filesystem-engine. This idea was kicking around in 2008. I was intrigued by hearing about this at a talk (probably at the MySQL Conference & Expo); it’s a pity no one took this further.

On a similar tangent, did you also know that there is the option to use MySQL as storage via FUSE (see: mysqlfs)? An article by Ben Martin shows some practical examples.

At its heyday, MySQL had many storage engines (maybe around 50). Wikipedia has an incomplete list. I see some engines on that list, and think that some of these folk are also creating MongoDB backends — competition. At MariaDB we are probably shipping the most storage engines of any MySQL-based distribution, however I think we could be doing an even better job at working with upstream vendors, and figuring out how to support & augment business around it.

October 23, 2014

Ten years of Ubuntu

Today marks 10 years of Ubuntu and the release of the 21st version. That is an incredible milestone and one which is worthy of reflection and celebration. I am fortunate enough to be spending the day at our devices sprint with 200+ of the folks that have helped make this possible. There are of course hundreds of others in Canonical and thousands in the community who have helped as well. The atmosphere here includes a lot of reminiscing about the early days and re-telling of the funny stories, and there is a palpable excitement in the air about the future. That same excitement was present at a Canonical Cloud Summit in Brussels last week.

The team here is closing in on shipping our first phone, marking a new era in Ubuntu’s history. There has been excellent work recently to close bugs and improve quality, and our partner BQ is as pleased with the results as we are. We are on the home stretch to this milestone, and are still on track to have Ubuntu phones in the market this year. Further, there is an impressive array of further announcements and phones lined up for 2015.

But of course that’s not all we do – the Ubuntu team and community continue to put out rock solid, high quality Ubuntu desktop releases like clockwork – the 21st of which will be released today. And with the same precision, our PC OEM team continues to make that great work available on a pre-installed basis on millions of PCs across hundreds of machine configurations. That’s an unparalleled achievement, and we really have changed the landscape of Linux and open source over the last decade. The impact of Ubuntu can be seen in countless ways – from the individuals, schools, and enterprises who now use Ubuntu; to proliferation of Codes of Conduct in open source communities; to the acceptance of faster (and near continuous) release cycles for operating systems; to the unique company/community collaboration that makes Ubuntu possible; to the vast number of developers who have now grown up with Ubuntu and in an open source world; to the many, many, many technical innovations to come out of Ubuntu, from single-CD installation in years past to the more recent work on image-based updates.

Ubuntu Server also sprang from our early desktop roots, and has now grown into the leading solution for scale out computing. Ubuntu and our suite of cloud products and services is the premier choice for any customer or partner looking to operate at scale, and it is indeed a “scale-out” world. From easy to consume Ubuntu images on public clouds; to managed cloud infrastructure via BootStack; to standard on-premise, self-managed clouds via Ubuntu OpenStack; to instant solutions delivered on any substrate via Juju, we are the leaders in a highly competitive, dynamic space. The agility, reliability and superior execution that have brought us to today’s milestone remains a critical competency for our cloud team. And as we release Ubuntu 14.10 today, which includes the latest OpenStack, new versions of our tooling such as MaaS and Juju, and initial versions of scale-out solutions for big data and Cloud Foundry, we build on a ten year history of “firsts”.

All Ubuntu releases seem to have their own personality, and Utopic is a fitting way to commemorate the realisation of a decade of vision, hard work and collaboration. We are poised on the edge of a very different decade in Canonical’s history, one in which we’ll carry forward the applicable successes and patterns, but will also forge a new path in the twin worlds of converged devices and scale-out computing. Thanks to everyone who has contributed to the journey thus far. Now, on to Vivid and the next ten years!

October 16, 2014

Ubuntu Security Update on Poodle (CVE-2014-3566) and SSLv3 Downgrade Attack

The following is an update on Ubuntu’s response to the latest Internet emergency security issue, POODLE (CVE-2014-3566), in combination with an
SSLv3 downgrade vulnerability.

Vulnerability Summary

“SSL 3.0 is an obsolete and insecure protocol. While for most practical purposes it has been replaced by its successors TLS 1.0, TLS 1.1, and TLS 1.2, many TLS implementations remain backwards­ compatible with SSL 3.0 to interoperate with legacy systems in the interest of a smooth user experience. The protocol handshake provides for authenticated version negotiation, so normally the latest protocol version common to the client and the server will be used.” -https://www.openssl.org/~bodo/ssl-poodle.pdf

A vulnerability was discovered that affects the protocol negotiation between browsers and HTTP servers, where a man-in-the-middle (MITM) attacker is able trigger a protocol downgrade (ie, force downgrade to SSLv3, CVE to be assigned).  Additionally, a new attack was discovered against the CBC block cipher used in SSLv3 (POODLE, CVE-2014-3566).  Because of this new weakness in the CBC block cipher and the known weaknesses in the RC4 stream cipher (both used with SSLv3), attackers who successfully downgrade the victim’s connection to SSLv3 can now exploit the weaknesses of these ciphers to ascertain the plaintext of portions of the connection through brute force attacks.  For example, an attacker who is able to manipulate the encrypted connection is able to steal HTTP cookies.  Note, the protocol downgrade vulnerability exists in web browsers and is not implemented in the ssl libraries.  Therefore, the downgrade attack is currently known to exist only for HTTP.

OpenSSL will be updated to guard against illegal protocol negotiation downgrades (TLS_FALLBACK_SCSV).  When the server and client are updated to use TLS_FALLBACK_SCSV, the protocol cannot be downgraded to below the highest protocol that is supported between the two (so if the client and the server both support TLS 1.2, SSLv3 cannot be used even if the server offers SSLv3).

The recommended course of action is ultimately for sites to disable SSLv3 on their servers, and for browsers to disable SSLv3 by default since the SSLv3 protocol is known to be broken.  However, it will take time for sites to disable SSLv3, and some sites will choose not to, in order to support legacy browsers (eg, IE6).  As a result, immediately disabling SSLv3 in Ubuntu in the openssl libraries, in servers or in browsers, will break sites that still rely on SSLv3.

Ubuntu’s Response:

Unfortunately, this issue cannot be addressed in a single USN because this is a vulnerability in a protocol, and the Internet must respond accordingly (ie SSLv3 must be disabled everywhere).  Ubuntu’s response provides a path forward to transition users towards safe defaults:

  • Add TLS_FALLBACK_SCSV to openssl in a USN:  In progress, upstream openssl is bundling this patch with other fixes that we will incorporate
  • Follow Google’s lead regarding chromium and chromium content api (as used in oxide):
    • Add TLS_FALLBACK_SCSV support to chromium and oxide:  Done – Added by Google months ago.
    • Disable fallback to SSLv3 in next major version:  In Progress
    • Disable SSLv3 in future version:  In Progress
  • Follow Mozilla’s lead regarding Mozilla products:
    • Disable SSLv3 by default in Firefox 34:  In Progress – due Nov 25
    • Add TLS_FALLBACK_SCSV support in Firefox 35:  In Progress

Ubuntu currently will not:

  • Disable SSLv3 in the OpenSSL libraries at this time, so as not to break compatibility where it is needed
  • Disable SSLv3 in Apache, nginx, etc, so as not to break compatibility where it is needed
  • Preempt Google’s and Mozilla’s plans.  The timing of their response is critical to giving sites an opportunity to migrate away from SSLv3 to minimize regressions

For more information on Ubuntu security notices that affect the current supported releases of Ubuntu, or to report a security vulnerability in an Ubuntu package, please visit http://www.ubuntu.com/usn/.

 

October 13, 2014

CloudOpen 2014 – Mixing Your Open Source Cloud Cocktail

Here’s the presentation I gave at the Linux Foundation’s CloudOpen in Dusseldorf on October 13, 2014 titled Mixing Your Open Source Cloud Cocktail

Add two parts virtualization, one part orchestration add a little networking shake and pour. Unfortunately cloud computing isn’t that easy but then again not all clouds are the same and tastes may vary. This talk will discuss how the varying open source technologies like OpenStack, Docker, LXC and others can be mixed together to make something that appeals to the needs of a wide variety of users. There’s also no problem in abstaining from building your own cloud but still benefiting from the open source tooling to maximize the benefits of the public cloud.

 

September 30, 2014

Oracle Linux ships MariaDB

I can’t remember why I was installing Oracle Enterprise Linux 7 on Oracle VirtualBox a while back, but I did notice something interesting. It ships, just like CentOS 7, MariaDB Server 5.5. Presumably, this means that MariaDB is now supported by Oracle, too ;-) [jokes aside, It’s likely because OEL7 is meant to be 100% compatible to RHEL7]

OEL7__Running_

The only reason I mention this now is Vadim Tkachenko, probably got his most retweeted tweet recently, stating just that. If you want to upgrade to MariaDB 10, don’t forget that the repository download tool provides CentOS 7 binaries, which should “just work”.

If you want to switch to MySQL, there is a Public Yum repository that MySQL provides (and also don’t forget to check the Extras directory of the full installation – from OEL7 docs sub-titled: MySQL Community and MariaDB Packages). Be sure to read the MySQL docs about using the Yum repository. I also just noticed that the docs now have information on replacing a third-party distribution of MySQL using the MySQL yum repository.

September 18, 2014

TL;DW for Clojure Data Science

Edmund Jackson talked at the 2012 Clojure/Conj, and you can see his talk here.

I took these notes as I watched it:
  1. What is "data science"?
    1. "That realm of endeavor that requires, simultaneously, advanced computational and statistical methods."
    2. Some people aren't sure whether "data science" is a thing, or just data analysis dressed up with a fancy name. That question amuses me.
  2. What's new, such that everybody suddenly cares about data science?
    1. widely available computing resources, open source tools such as R, and large amounts of data available in private companies and in public
    2. Compares to early days of Linux, when there was a bunch of new stuff that everybody could hack on
  3. Interactive tools aren't enough; you're not taking some data, analyzing it, and coming back with the answer. You need platform features like native language speed, data structures, language constructs, connectivity, and QC in order to embed your analysis in business processes.
  4. The tools with better analysis features (e.g., R, Mathematica) lack the platform features, and the tools with better platform features (he focuses primarily on C++ as his example here) lack the analysis features.
  5. Python is in the sweet spot, with platform features and (via numpy, scipy, and pandas) analysis features. But:
    1. It's full of mutable data!
    2. The mode of expression in imperative languages poorly matches the content of expression when you're dealing with maths.
  6. F#, Scala, and Clojure are all functional, and therefore (immutable data, more natural expression of maths) better alternatives than Python.
  7. Clojure yay! points:
    1. Native: Incanter, Storm, Cascalog, Datomic
    2. JVM: Mahout (ML on Hadoop), jBLAS, Weka (Java lib with many ML algorithms)
    3. Interop: Rincanter (call out to R), JNI
  8. From here he goes into calculating the entropy of a distribution, and the relative entropy of different distributions.
  9. Demonstrates using relative entropy fns in Datomic queries

September 11, 2014

Mozilla Webmaker at Olivarez College Tagaytay a success

2014-09-05 09.48.21

The Mozilla webmaker party at Olivarez College Tagaytay is a success last September 5, 2014. Which was attended by different department from Olivarez College Tagaytay at Computer Laboratory 2.  Since they only have 20 system units on their laboratory they created a two batches of participants, one in the morning and the other is in the afternoon. The event discussion is about Introduction Mozilla which was discuss by Me, The second lecturer discussed and demo “Thimble” by Mr. Ian Mark Martin and lastly Mr. Leo Caisip which  discussed  about “Popcorn Maker“, Both  attended the Mozilla PH orientation for web maker mentor last August 16, 2014  at Mozilla Community Space Manila. The event ended at exactly 4:00pm as mostly in afternoon participated by the nursing department.

DSC_2881

2014-09-11 12.59.54

We also distributed some Mozilla Swag (Bollard, Mozilla Sticker, Mozilla Tatoos and Mozilla Pins) for participants after the event. As part of the successfull event, based on their survey they are requesting for another event semilar to this.  but internet on the school is not that stable during that day but still we managed to make the event successfull.

 

DSC_2859

Pictures can be found here:  https://www.flickr.com/photos/83515207@N04/sets/72157646987948838/

September 04, 2014

TL;DW for "How To Design A Good API and Why it Matters"

Josh Bloch's Google Tech Talk video How To Design A Good API and Why it Matters is about an hour long, and well worth your time. It's focused on OOP, but has lots of good principles that can be followed elsewhere.

In case you don't have an hour right now, here's a summary/index kind of thing that points out the bits I thought were most important.
  1. 6:27: Characteristics of a good API:
    1. Easy to learn
    2. Easy to use, even without documentation
    3. Hard to misuse
    4. Easy to read and maintain code that uses it
    5. Sufficiently powerful to satisfy requirements
    6. Easy to evolve
    7. Appropriate to audience
  2. 7:52: Gather requirements, but differentiate between true requirements (which should take the form of use cases) and proposed solutions.
  3. 10:02: Start with a short spec; one page is ideal.
    1. Agility trumps completeness at this point.
    2. Get as many spec reviews from as many audiences as possible, modify according to feedback.
    3. Flesh the spec out as you gain confidence.
  4. 15:10: Write to your API early and often
    1. Start writing to your API before you've implemented it, or even specified it properly.
    2. Continue writing to your API as you flesh it out.
    3. Your code will live on in examples and unit tests.
  5. 17:32: Write to SPI [Service Provider Interface]
    1. Write at least three plugins before your release.
    2. Application in Clojure-land: Not sure...
  6. 19:35: Maintain realistic expectations.
    1. You won't please everyone.
    2. Aim to displease everyone equally.
    3. Expect to make mistakes and evolve the API in the future.
  7. 22:01: API should do one thing and do it well.
    1. Functionality should be easy to explain.
    2. If it's hard to name, that's a bad sign.
      1. Example of bad name that I can't leave out of this summary: OMGVMCID
  8. 24:32: API should be as small as possible but no smaller
    1. "When in doubt, leave it out." You can always add stuff, but you can't ever remove anything you've included. (The speaker calls this out as his most important point.)
  9. 26:27: Implementation should not impact API.
    1. Do not over-specify. For example, nobody needs to know how your hash function works, unless the hashes are persistent.
    2. Don't leak implementation details such as SQL exceptions!
  10. 29:36: Minimize accessibility of everything.
    1. Don't let API callers see stuff you don't want to be public, and that includes anything you might want to change in the future.
  11. 30:39: Names matter: API is a little language.
    1. Make names self-explanatory.
    2. Be consistent.
    3. Strive for symmetry. (If you can GET a monkey-uncle, make sure you can PUT a monkey-uncle, too.)
  12. 32:32: Documentation matters.
    1. Document parameter units! ("Length of banana in centimeters")
  13. 35:41: Consider performance consequences of API design decisions.
    1. Bad decisions can limit performance -- and this is permanent.
    2. Do not warp your API to gain performance -- the slow thing you avoided can be fixed and get faster, but your warped API will be permanent.
    3. Good design usually coincides with good performance.
  14. 40:00: Minimize mutability
    1. Make everything immutable unless there's a reason to do otherwise.
  15. 45:31: Don't make the caller do anything your code should do.
    1. If there are common use cases that require stringing a bunch of your stuff together in a boilerplate way, that's a bad sign.
  16. 48:36: Don't violate the principle of least astonishment
    1. Make sure your API callers are never surprised by what the API does.
  17. 50:03: Report errors as soon as possible after they occur.
  18. 52:00: Provide programmatic access to all data that is available in string form.
    1. Rich Hickey makes a similar point here.
  19. 56:15: Use consistent parameter ordering across methods.
    1. Here's a bad example:
      1. char *strncpy (char *dst, char *src, size_t n);
      2. void bcopy (void *src, void *dst, size_t n);
  20. 57:15: Avoid long parameter lists.
  21. 58:21: Avoid return values that demand exceptional processing.
    1. Example: return an empty list instead of nil/null.

August 27, 2014

Preso: Things I Learned about Open Source…The Hard Way

My presentation at the Bay Area Open Source Meet-Up – OS in Big Organizations: Failures, Success Stories & Best Practices on August 13, 2014.

Mark Hinkle runs the Citrix Open Source Business Office and has spent 20 years working with open source communities and delivering open source software. Topics covered in this presentation will include the benefit of his mistakes and successes both in evaluating open source ad an end-user and in delivering enterprise solutions based on open source software.

Technorati Tags: ,

August 22, 2014

GNU hackers unmask massive HACIENDA surveillance program and design a countermeasure

After making key discoveries about the details of HACIENDA, Julian Kirsch, Dr. Christian Grothoff, Jacob Appelbaum, and Dr. Holger Kenn designed the TCP Stealth system to protect unadvertised servers from port scanning.

According to Heise Online, the intelligence agencies of the United States, Canada, United Kingdom, Australia and New Zealand are involved in HACIENDA. The agencies share the data they collect. The HACIENDA system also hijacks civilian computers, allowing it to leach computing resources and cover its tracks.

Some of the creators of TCP Stealth are also prominent contributors to the GNU Project, a major facet of the free software community and a hub for political and technological action against bulk surveillance. Free software is safer because it is very hard to hide malicious code in a program anyone can read. In proprietary software, there is no way to guarantee that programs don't hide backdoors and other vulnerabilities. The team revealed their work on August 15, 2014 at the annual GNU Hackers' Meeting in Germany, and Julian Kirsch published about it in his master's degree thesis.

Maintainers of Parabola, an FSF-endorsed GNU/Linux distribution, have already implemented TCP Stealth, making Parabola users safer from surveillance. The FSF encourages other operating systems to follow Parabola's lead.

The Free Software Foundation supports and sponsors the GNU Project. FSF campaigns manager Zak Rogoff said, "Every time you use a free software program, you benefit from the work of free software developers inspired by the values of transparency and bottom-up collaboration. But on occassions like these, when our civil liberties are threatened with technological tools, the deep importance of these values becomes obvious. The FSF is proud to support the free software community in its contributions to the resistance against bulk surveillance."

The Free Software Foundation works politically for an end to mass surveillance. Simultaneously, the Foundation advocates for individuals of all technical skill levels to take a variety of actions against bulk surveillance.

About Julian Kirsch, Christian Grothoff, Jacob Appelbaum, and Holger Kenn

Julian Kirsch is the author of "Improved Kernel-Based Port-Knocking in Linux", his Master's Thesis in Informatics at Technische Universitat Munchen.

Dr. Christian Grothoff is the Emmy-Noether research group leader in Computer Science at Technische Universitat Munchen.

Jacob Appelbaum is an American independent computer security researcher and hacker. He was employed by the University of Washington, and is a core member of the Tor project, a free software network designed to provide online anonymity.

Dr. Holger Kenn is a computer scientist specializing in wearable computing, especially software architectures, context sensor systems, human machine interfaces, and wearable-mediated human robot cooperation.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

About the GNU Operating System and Linux

Richard Stallman announced in September 1983 the plan to develop a free software Unix-like operating system called GNU. GNU is the only operating system developed specifically for the sake of users' freedom. See https://www.gnu.org/gnu/the-gnu-project.

In 1992, the essential components of GNU were complete, except for one, the kernel. When in 1992 the kernel Linux was re-released under the GNU GPL, making it free software, the combination of GNU and Linux formed a complete free operating system, which made it possible for the first time to run a PC without non-free software. This combination is the GNU/Linux system. For more explanation, see https://www.gnu.org/gnu/gnu-linux-faq.

Media Contacts

Zak Rogoff
Campaigns Manager
Free Software Foundation
+1-617-542-5942
This e-mail address is being protected from spambots. You need JavaScript enabled to view it

"Knocking down the HACIENDA" by Julian Kirsch, produced by GNU, the GNUnet team, and edited on short notice by Carlo von Lynx from #youbroketheinternet is licensed under a Creative Commons Attribution NoDerivatives 3.0 Unported License.

August 13, 2014

SFD Tagaytay 2014 at Olivarez College

I am now again an official organizer for SFD 2014, but this time I will organized the event in Tagaytay City which will be hosted by Olivarez College in Tagaytay. The said event is scheduled on September 27, 2014.

SFD2014

The venue is on their “AMPITHEATER” where it can hold more than 500 participants. Here are some pictures of the exact venue.

cpdc-20140804131542221  cpdc-20140804131124356We also launch the online registration feel free to register using the this URL : https://www.eventbrite.com/e/software-freedom-day-2014-at-olivarez-college-tagaytay-tickets-12455543867

August 12, 2014

websites on this server

July 18, 2014

An invisible part of the Free Software Foundation Europe

In all organisations you have people, who do crucial work which is invisible to the public. But without them, the organisation would not function. In the FSFE, one of this people who takes care of a lot of invisible tasks is Reinhard Müller. After maintaining FSFE’s website, coordinating FSFE’s translation team, and taking care of our Fellowship database for many years, in 2007 he volunteered to be FSFE’s Financial Officer. With this post I want to offer you an insight into the invisible tasks performed by Reinhard.

Karsten and Reinhard working together Karsten, with FSCONS shirt, and Reinhard, with Mach Dich Frei shirt, working Matthias Kirschner CC BY-SA

June 30, 2014

Scancation - Scanning the Standing Stones of the Outer Hebrides

I just came back from a vacation where Kio and I went and visited most of the megalithic monuments on the islands of the Outer Hebrides in Scotland. Stone circles are all over the place on these islands and the biggest one is the Callanish Stone Circle. One of the cool things about these places is that there is very little history known about them and so all you can know about them is from your experience of being around them. Most of them all taller than me and you get the sense that these places were the sacred spaces of 5000 years ago.

One of the things I say a lot at MakerBot is that they really make the most sense when you connect your MakerBot to your passion. Since I'm into rocks. I scanned a few of my favorite stones and ran them through 123D Catch which makes a 3D model from up to 70 photos of the object. It’s pretty cool to think that yesterday I was walking among these stones and today I’m printing them out on the MakerBots in my office. 

It’s interesting to note that this feels a lot like the old days of vacation film photography. The process of processing the photos into a 3D model feels a lot like when I used to develop celluloid film after a vacation.

Someday, printing 3D models will be normal for everyone, for now, it’s just normal for all the MakerBot operators in the world.

If you decide to go on your own scanning vacation, aka scancation, here’s my process and tips for acquiring models. I use a Canon S110 camera and then upload my photos later to the 123D Catch site and then upload all the models and a zip file of all the photos to Thingiverse because the photogrammetry software will get better someday and I want to have an archive of the photos so I can make better models later.

 

  • Lighting conditions matter. A cloudy sky is much better than a sunny one so that you can get all the details of your subject. 
  • Fill the frame, but make sure to leave some area around the object in the picture. 123D Catch uses reference points in the object to make everything fit together. 
  • Use all 70 pictures allowed by the software. The more pictures, the better the scan. 
  • Scan weird things. Sometimes the most iconic stuff of a location isn’t the most obvious. Some friends of mine scanned all of Canal St. in NYC and said the interesting parts were the giant piles of trash bags which are one of the local overlooked pieces of landscape art.
  • Don’t forget the top view. If you are capturing a subject that is tall, do your best to get above it and take a picture. A quadcopter could be handy for that
  • Fix it up with Netfabb. After I upload the photos into the 123D Catch online portal, then I use Netfabb basic to slice off all the weird parts and cut a flat bottom onto the object.
  • Make sure to upload your scans to Thingiverse. We can all make models of your SCANCATION. 

 

Do you have any other scanning tips for those that would like to experiment with vacation scanning? Leave them in the comments!

June 22, 2014

the meaning of a word

i learned the word "feminist" at my first job. I was 15 and a trainee engineer in a hydro power scheme. I recall one young man I worked with asking me urgently if i was a feminist. I asked what that was. he said, "women who hate men". oh.. i'm not one of them....

why would i get a job as the only woman deep in a power station if i hated men? It was a long long time before i heard any other definition of feminist.

June 20, 2014

Launceston June Meeting

G'day all

For this month's Launceston meeting, Phil will be giving us an introduction to NAS4Free, a BSD licenced fork/continuation of FreeNAS.

2:00pm
Saturday 28th June
Royal Oak
Launceston


As usual, some of us will be meeting for lunch beforehand at 1:00pm.

Hope to see you there!

Google Maps Link

NAS4Free Website
-----
Gov Hack 2014: June 11-13th (Hobart venue)
OpenStack 4th Birthday: June 17th (RSVP here: http://taslug-openstack.eventbrite.com.au/ )
Next Launceston meeting: 2:00pm July 26th (Topic TBC)

June 11, 2014

Hobart meeting - June 19th - (The aptosid fullstory)

Welcome to June. Yep. short days... stout beers. And source. LOTS OF SOURCE! I'm in the
middle of my exam session at uni so won't have time to prepare the usual slides and news
this month.

When: Thursday, June 19th, 18:00 for an 18:30 start
Where: Upstairs, Hotel Soho, 124 Davey St, Hobart.

Agenda:

18:00 - early mingle, chin wagging, discussion and install issues etc

19:00 - Trevor Walkley - aptosid fullstory


    This months talk will be given by Trevor Walkley, an aptosid
    dev,(bluewater on IRC), on building an iso using aptosid fullstory
    scripts which are currently held on github (and the 'how to do it' is
    not well known).

    A live build will take place (hopefully debian sid will cooperate on the
    night) followed by a live installation of the build to the famous milk
    crate computer belonging Scott, (faulteh on IRC).

20:00 - Meeting end. Dinner and drinks are available at the venue during the meeting.

We will probably get to a discussion on the Hobart LCA 2017 bid, ideas for upcoming
Software Freedom Day in September, Committee nomination and voting,
so our pre-talk discussion should be packed full of jam.

Also in June:
28th - Launceston meeting
July:
11-13th - Gov Hack 2014 - There's at least a Hobart venue for this event.
17th - OpenStack 4th Birthday - RSVP here: http://taslug-openstack.eventbrite.com.au/
September:
20th - Software Freedom Day - events in Hobart and Launceston

June 10, 2014

Integrate ToDo.txt into Claws Mail

I use Claws Mail for many years now. I like to call it “the mutt mail client for people who prefer a graphical user interface”. Like Mutt, Claws is really powerful and allows you to adjust it exactly to your needs. During the last year I began to enjoy managing my open tasks with ToDo.txt. A powerful but still simple way to manage your tasks based on text files. This allows me not only to manage my tasks on my computer but also to keep it in sync with my mobile devices. But there is one thing I always missed. Often a task starts with an email conversation and I always wanted to be able to transfer a mail easily to as task in a way, that the task links back to the original mail conversation. Finally I found some time to make it happen and this is the result:

To integrate ToDo.txt into Claws-Mail I wrote the Python program mail2todotxt.py. You need to pass the path to the mail you want to add as parameter. By default the program will create a ToDo.txt task which looks like this:


<task_creation_date> <subject_of_the_mail> <link_to_the_mail>

Additionally you can call the program with the parameter “-i” to switch to the interactive mode. Now the program will ask you for a task description and will use the provided description instead of the mail subject. If you don’t enter a subscription the program will fall back to the mail subject as task description. To use the interactive mode you need to install the Gtk3 Python bindings.

To call this program directly from Claws Mail you need to go to Configuration->Actions and create a action to execute following command:


/path_to_mail2todotxt/mail2todotxt.py -i %f &

Just skip the -i parameter if you always want to use the subject as task description. Now you can execute the program for the selected mail by calling Tools->Actions-><The_name_you_chose_for_the_action>. Additional you can add a short-cut if you wish, e.g. I use “Ctrl-t” to create a new task.

Now that I’m able to transfer a mail to a ToDo.txt item I also want to go back to the mail while looking at my open tasks. Therefore I use the “open” action from Sebastian Heinlein which I extended with an handler to open claws mail links. After you added this action to your ~/.todo.action.d you can start Claws-Mail and jump directly to the referred mail by typing:


t open <task_number_which_referes_to_a_mail>

The original version of the “open” action can be found at Gitorious. The modified version you need to open the Claws-Mail links can be found here.

Who's Online

We have 101 guests online
Digital Freedom International (Aka SFI) is the non-profit organization at the origin of SFD and CFD. DFI handles sponsorship contracts, official team registrations, sending out schwags to teams, the annual Best Event Competition and many other things. Hundreds of teams around the world manage the local celebration and help to send out a global message. So do drop by and attend an SFD and CFD event nearby!

Login Form