Planet Debian

Matthew Palmer: Using Virgin Mobile Broadband with wvdial

Wed, 10 Feb 2010 04:17:24 +0000

File Under: Stuff I'm guaranteed to forget if I don't write it down

I just went a bit wild and decided to get myself some mobile broadband love -- I'm finding that I crave a bit of light 'net when I'm out and about, and an impending change in circumstances will mean that I'm out and about a lot more than I am currently.

I have:

Hardware: Huawei E160e USB dongle, USB ID 12d1:1003
Provider: Virgin Mobile Australia Prepaid
OS: Debian GNU/Linux 5.0 with an upgraded 2.6.32 kernel

My wvdial.conf stanza looks like:

[Dialer virgin]
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Init3 = AT+CGDCONT=1,"IP" "VirginBroadband"
Stupid Mode = 1
ISDN = 0
Phone = *99#
Modem = /dev/ttyUSB0
Modem Type = USB Modem
Username = irrelevant
Dial Command = ATDT
Password = irrelevant
Baud = 460800

I also had to disable CHAP (by putting -chap in /etc/ppp/options, although I suspect the same would have worked in /etc/ppp/peers/wvdial).

After that, a simple sudo wvdial virgin and I was away.

Scarily enough, there was actually some useful information on the Virgin support site regarding the settings, which helped me confirm that I was on the right track. I have no doubt that the universe will find some alternate means of punishing me down the line.

Martin F. Krafft: Baffling Exchange

Tue, 09 Feb 2010 21:10:19 +0000

I found out yesterday that my university’s Microsoft Exchange Server account stopped forwarding my mail on 8 December 2009. As a result, mail accumulated there and remained unseen.

Dear examiners, paper authors, supervisors, sponsors, participants, and peers who responded to my calls and cries related to my PhD thesis. I am terribly sorry that you were subjected to this. You replied usually within a few days, but I still sent you reminder after reminder in the weeks to follow. You must have thought that I was a real dork. Please forgive me. I really appreciate your patience!

I filed a ticket with my university’s IT service provider, which got closed the next day with “it should now work again”. That wasn’t going to cut it for me, so I reopened the ticket, asking for an explanation. Next, I received an apology with a bit of speculation.

After a bit of research, it seems that the reason was to be found in the “inconsistency” of being an external staff member (i.e. an e-mail address outside of the Active Directory domain), but still having an account on the server.

On 8 December 2009, the server was upgraded with a service pack. This caused Exchange to go a little manic on the housekeeping. After all, why would anyone ever want to forward their e-mail elsewhere, and still have an account?

Well, I certainly don’t want an account, and yet I have to have one: Microsoft has bought their ways into the university and spread their germs all across, I need credentials to be able to access shared files, print, browse the library, or search the phone book.

However, considering that UL’s Outlook Web Access instance does not let users of decent browsers search their mailboxes (a “premium feature” reserved for users of Internet Exploder), one cannot manipulate more than a page-full of e-mails at a time, bounce messages, or do many of the other operations that make dealing with large amounts of e-mail possible, and because Exchange mail — if it doesn’t get lost in the first place — sucks in so many other ways, I certainly prefer my mail to be handled by a real mail server with a proper mail filter (writeup in progress).

Maybe the Exchange service pack was simply designed to get rid of outcasts like me who don’t buy into the low-Microsoft-quality vendor lock-in? We’ll never know, thanks to the proprietarity of their software (and the fact that the university service provider apparently does not keep logs of changes).

NP: AC/DC: Back in Black

Christian Perrier: Family DebConf

Tue, 09 Feb 2010 20:07:00 +0000

This year, at DebConf 10, I'll very probably have the pride to attend the conference along with my 22 y.o. son, Jean-Baptiste.

JB began a 3 year cycle to graduate in electronics and industrial computing at Polytech'Paris-UPMC and is increasingly becoming more and more interested in Linux, programming and particularly low-level programming in embedded devices (as far as I can understand this stuff). As one can see, he's on his way to become a much clever geek than his dad.

It then became natural for him to consider attending Debconf even though he's not (yet) involved in Debian.

So, you folks will have to suffer having two bubulles instead of one. That should make a nice picture if Bdale and Elisabeth are there too..:-)

See you in NYC!

Kees Cook: easy example of filesystem capabilities

Tue, 09 Feb 2010 19:15:54 +0000

Instead of using setuid programs, the goal for the future is to use fine-grained capabilities. For example, here is /bin/ping:

$ ls -la /bin/ping
-rwsr-xr-x 1 root root 35680 2009-11-05 00:41 /bin/ping
$ ./ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.041 ms
…
$ sudo setcap CAP_NET_RAW=ep /bin/ping
$ getcap /bin/ping
/bin/ping = cap_net_raw+ep
$ ./ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.041 ms
…
$ dmesg | tail -n1
[212275.772124] warning: `/bin/ping’ has both setuid-root and effective capabilities. Therefore not raising all capabilities.

The best part is that the kernel will choose the set of least privileges when both setuid and capabilities exist. Easy way to transition!

Martin-Éric Racine: OpenOffice's style editing dialogs suck!

noreply@blogger.com (Martin-Éric) — Tue, 09 Feb 2010 18:57:04 +0000

Working on some document today, it occurred to me, once again, that OpenOffice's method for designing and applying documents styling totally sucks!

Granted, this was not the first time that I cam to this conclusion but, today, I've come to realize that OpenOffice's paradigms constantly make me waste time trying to form a mental image of how every style element is suppose to relate to the other one, yet without having the full picture available within a single, easy-to-read document. Also, there is a complete lack of consistency in how style elements work. Some want to be defined in millimeters, while others want to be defined in points, while other still in number of lines. What a mess!

In short: to become remotely usable, OpenOffice needs to approach document styling via the "HTML document with a separate CSS style sheet" paradigm. In other words, I need to be able to edit styles globally, as a group and separately from the document content itself, rather than having to click my way through a multitude of dialogs, for each and every type of text elements.

To compare this with web design, there, I can focus on the actual content, formatted around semantic text elements (headers, paragraphs, block quotes, etc.) and then decide on the presentation styling as a separate global process by attaching a CSS style sheet, in which the relation between each type of text element and how it will be displayed is crystal clear, because it's handled as a unified style editing process.

I think that this is one area in which Free Software could innovate in a positive way, by distancing itself from the Redmondesque practices of Microsoft Word, from which OpenOffice borrows too much. How about having a proper Style Editor application (similar to a CSS editor), within the OpenOffice suite, while Open Writer itself would only be allowed to load the style sheets produced by it and to apply them to semantic text text elements?

Lucas Nussbaum: Slides from my FOSDEM talk on Debian and Ubuntu

Tue, 09 Feb 2010 16:52:11 +0000

I’ve just put the slides of my talk on Debian and Ubuntu online.

Don’t hesitate to post comments to ask for clarifications where needed (it might be difficult to understand some parts of the slides without being in the room).

Clarifications:

In slide 15, I wrote that Ubuntu had a newer X. During the presentation, I think I said that I wasn’t sure if it was still the case. Indeed, it’s no longer the case (and hasn’t been for a long time ; Ubuntu has been mostly following Debian for X). I apparently remembered a change a long time ago that was picked by Ubuntu from the Debian X svn/git (xlibs-dev removal, I think), and that caused a number of FTBFS in Ubuntu. However, clearly, the best example of such changes made first in Ubuntu are newer GCC versions.

Aigars Mahinovs: Debug and optimization do NOT mix!

Tue, 09 Feb 2010 14:05:50 +0000

This has robbed me of several days of my life, so I want to bring Google juice this this problem.

IF you have a Pylons or TurboGears application or anything else that uses the fantastic EvalException WSGI middleware for web debugging of you web program and have the following symptom:

* on a crash the traceback page shows up, but it has no css style and no images
* http://127.0.0.1:5000/_debug/media/plus.jpg returns a 404 (where 127.0.0.1:5000 is the path of your application) with “Nothing could be found to match ‘_debug’”

The problem that you are facing in this case is the enviroment variable PYTHONOPTIMIZE or apache_wsgi option WSGIPythonOptimize. Unset them both or you debug environment will not work!

Holger Levsen: a PR desaster

Tue, 09 Feb 2010 13:30:01 +0000

I envisioned to write a happy blog post how we managed to finally release Debian Edu 5.0.4+edu0...

Something I was really proud about and which I will probably be proud again one day.

For now I can just say, that I now have learned that proper release management needs to include release announcement release management.

Oh well. Hope you enjoy Debian Edu 5.0.4+edu0!

Dirk Eddelbuettel: Rcpp 0.7.5

Tue, 09 Feb 2010 11:39:00 +0000

A new release of our Rcpp R / C++ interface classes is now out, the version number is 0.7.5. It comes on the heels of the release 0.7.4 and keeps with our semi-frantic schedule of releases every ten or so days going. The package is now on CRAN and Debian, and mirrors start to get the new versions. As before, my local page provides more details and Romain's blog is always worth watching too.

The changes are summarised below in the NEWS file snippet, more details are in the ChangeLog as well.

0.7.5	2010-02-08

    o 	wrap has been much improved. wrappable types now are :
    	- primitive types : int, double, Rbyte, Rcomplex, float, bool
    	- std::string
    	- STL containers which have iterators over wrappable types:
    	  (e.g. std::vector<t>, std::deque<t>, std::list<t>, etc ...). 
    	- STL maps keyed by std::string, e.g std::map<std::string>
    	- classes that have implicit conversion to SEXP
    	- classes for which the wrap template if fully or partly specialized
    	This allows composition, so for example this class is wrappable: 
    	std::vector< std::map<std::string> > (if T is wrappable)
    	
    o 	The range based version of wrap is now exposed at the Rcpp::
    	level with the following interface : 
    	Rcpp::wrap( InputIterator first, InputIterator last )
    	This is dispatched internally to the most appropriate implementation
    	using traits

    o	a new namespace Rcpp::traits has been added to host the various
    	type traits used by wrap

    o 	The doxygen documentation now shows the examples

    o 	A new file inst/THANKS acknowledges the kind help we got from others

    o	The RcppSexp has been removed from the library.
    
    o 	The methods RObject::asFoo are deprecated and will be removed
    	in the next version. The alternative is to use as<foo>.

    o	The method RObject::slot can now be used to get or set the 
    	associated slot. This is one more example of the proxy pattern
    	
    o	Rcpp::VectorBase gains a names() method that allows getting/setting
    	the names of a vector. This is yet another example of the 
    	proxy pattern.
    	
    o	Rcpp::DottedPair gains templated operator<< and operator>> that 
    	allow wrap and push_back or wrap and push_front of an object
    	
    o	Rcpp::DottedPair, Rcpp::Language, Rcpp::Pairlist are less
    	dependent on C++0x features. They gain constructors with up
    	to 5 templated arguments. 5 was choosed arbitrarily and might 
    	be updated upon request.
    	
    o	function calls by the Rcpp::Function class is less dependent
    	on C++0x. It is now possible to call a function with up to 
    	5 templated arguments (candidate for implicit wrap)
    	
    o	added support for 64-bit Windows (thanks to Brian Ripley and Uwe Ligges)

As always, even fuller details are in the ChangeLog on the Rcpp page which also leads to the downloads, the browseable doxygen docs and zip files of doxygen output for the standard formats. Questions, comments etc should go to the rcpp-devel mailing list off the R-Forge page

Russell Coker: Web Site Validation

Tue, 09 Feb 2010 11:13:07 +0000

Over the last few days I’ve got this blog and my documents blog to conform to valid XHTML according to the W3C validation service [1].

One significant change that I made was to use lower-case for HTML tags. For about 15 years I’ve been using capitals for tags to make them stand out from content and my blogs are the latest in a long line of web sites with that. Naturally I wasn’t going to correct 900 posts manually so I ran a series of SQL commands such as the following on my database server (where X is the Wordpress table prefix):

update X_wp_posts set post_content = replace(post_content,'<PRE>','<pre>');

But make sure you have a good backup of your database before running SQL search and replace commands on your blog data.

After running such commands about 90% of my blog posts conformed, so I only needed to edit about 90 posts to correct things. This process gave some real benefits. One issue is that an apostrophe in a URL must be quoted, otherwise some browsers will link to the desired URL and some will link to a truncated URL. Fixing a couple of variations of this problem resulted in some broken links being fixed. Another issue is that you can’t have paragraphs (<p> tags) within list items, fixing this made some of my posts align correctly – it was a tricky fix, in some cases I had to use <br/> to break up text in a list item and sometimes I replaced lists with different sections delimited by <h3> headings (which apparently is rumored to give better SEO).

It would make a really nice Wordpress feature to be able to do W3C validation as part of the publishing process, ideally an attempt to publish or schedule a post would result in a message saying “saved as a draft because it’s not valid XHTML” if the checks failed. The source to the W3C validation software is significantly larger than Wordpress [2], but it seems to me that there are two main types of Wordpress installations, small ones for personal use (which tend to be on fairly idle servers) and big ones that have so much traffic that the resource usage of validation would be nothing compared to the ongoing load.

As there seems to be no way of validating my posts before publication my best option is the W3C button I now have on my blog. This allows me to validate the page at a click so while I can’t entirely avoid the risk of publishing a post with invalid XHTML I can at least fix it rapidly enough that hardly anyone will notice.

It also seems like a useful feature to have aggregators like Venus [3] check for valid HTML and not display posts unless they are valid. It’s not a feature that could be enabled immediately (I’m sure that if you click on this link to the W3C validation service [1] from a Planet feed you will see lots of errors and warnings), but once bloggers have time to fix their installation it would allow preventing some of the common annoyances of Planet installations. It’s not uncommon on popular Planets to have unmatched tags in a post which results in significant amounts of the content being bold, underlined, in italics, or for the greatest annoyance struck-out. I know that this may be a controversial suggestion, but please consider why you are blogging – if you are blogging for the benefit of your readers (which seems to be the case for everyone other than sploggers) then it seems that the readers will benefit more by not having a broken post syndicated than they would benefit from having it syndicated and thus messing up the display of many following posts.

The next thing on my todo list in this regard is to do some tests of accessibility. The work that I have done to pass the XHTML validation tests has helped to some degree – if nothing else the images now all have alt= descriptions, but I expect that it will be a lot of work. The Wordpress Codex has a page about accessibility, I haven’t read all of it yet [4].

Does anyone have any recommendations for free automated systems that check web sites for accessibility? What would be ideal is a service that allows different levels of warnings, so instead of trying to fix all problems at once I could start by quickly fixing the most serious problems on the most popular posts and finish the job at some later date.

Stefano Zacchiroli: RC bugs of the week - issue 20

Tue, 09 Feb 2010 10:23:10 +0000

RCBW - #20

With a couple of days of delay, here are this last week squashes, by yours truly:

bug #567767 - nxml-mode - request removal, integrated into emacs23
bug #546764 - d-feet - add missing dep on hicolor-icon-theme
bug #566290 - php-wikidiff2 - add missing dep/substvar on phpapi-*
bug #567860 - php-net-ping - sponsored fix (+ upstream release) for DM maintainer
bug #248275 - anteater - proposed removal
bug #536285 - mirage - avoid tricking users to delete the wrong file (patch by Evgeni Golov)

The delay is due to FOSDEM, it's hard to squash bugs when you are: (1) having fun (best FOSDEM ever, if you ask me), (2) connected with very poor network connectivity (let's say: FOSDEM-quality network). Also, there are just 6 squashes, but last week there were 8, so ... (I know, I suck).

Among the main highlights of the week, I just want to cite Mehdi Dogguy: he was with me at JFLA 2010 last week and I've managed to grab him into the "RCBW tunnel". With a handful of well-targeted NMUs, he has fixed about 10 RC bugs in the few days of the conference. He is too shy to blog about that, but since I'm evil, I'm disclosing it here Welcome on board, Mehdi! (now you're doomed: you must continue doing that!)

Robert Collins: Is a code of silence evil?

Tue, 09 Feb 2010 09:07:27 +0000

Looking at using google apps for my home email, as I want to be able to have my home machines totally turned off from time to time.

Found this interesting gem in the sign up agreement (which I have not yet agreed to ):

11. PR. Customer agrees not to issue any public announcement regarding the existence or content of this Agreement without Google’s prior written approval. Google may (i) include Customer’s Brand Features in presentations, marketing materials, and customer lists (which includes, without limitation, customer lists posted on Google’s web sites and screen shots of Customer’s implementation of the Service) and (ii) issue a public announcement regarding the existence or content of this Agreement. Upon Customer’s request, Google will furnish Customer with a sample of such usage or announcement.

This is rather asymmetrical: If I agree to the sign up page, I cannot say ‘I am using google apps’, but google can say ‘Robert is using google apps’. While I can appreciate not wanting to be dissed on if something goes wrong, this is very much not open! A couple of implications: Everyone seeking support for google apps in the apps forums is probably in violation of the sign up agreement; we can assume that anyone having a terrible experience has been squelched under this agreement.

Le sigh.

Francois Marier: Excluding files from git archive exports using gitattributes

fmarier@gmail.com (François) — Tue, 09 Feb 2010 03:57:32 +0000

git archive provides an easy way of producing a tarball directly from a project's git branch.

For example, this is what we use to build the Mahara tarballs:

git archive --format=tar --prefix=mahara-${VERSION}/ ${RELEASETAG} | bzip2 -9 > ${CURRENTDIR}/mahara-${RELEASE}.tar.bz2

If you do this however, you end up with the entire contents of the git branch, including potentially undesirable files like .gitignore.

There is an easy, though not very well-documented, way of specifying files to exclude from such exports: gitattributes.

This is what the Mahara .gitattributes file looks like:

/test export-ignore .gitattributes export-ignore .gitignore export-ignore

With this file in the root directory of our repository, tarballs we generate using git archive no longer contain the selenium tests or the git config files.

If you start playing with this feature however, make sure you commit the .gitattributes file to your repository before running git archive. Otherwise the settings will not be picked up by git archive.

Kees Cook: rng-tools with TPM

Tue, 09 Feb 2010 03:32:59 +0000

In Ubuntu, I uploaded an rng-tools that supports the RNG in TPM devices (my patch is waiting in Debian). This hardware is available on a bunch of systems, including several Thinkpads and the Intel Q35, Q45 and newer main boards.

While most TPM RNGs aren’t really heavy-duty hardware RNGs, they are at least a mild source of randomness. I’ll be using an entropy key eventually, but for now, the TPM can supplement my collected entropy.

/etc/default/rng-tools:

HRNGDEVICE=/dev/null
RNGDOPTIONS=”–hrng=tpm –fill-watermark=90% –feed-interval=1″

After it’s been running a bit:

Feb 8 19:10:51 linux rngd[13143]: stats: bits received from HRNG source: 6180064
Feb 8 19:10:51 linux rngd[13143]: stats: bits sent to kernel pool: 6166144
Feb 8 19:10:51 linux rngd[13143]: stats: entropy added to kernel pool: 4624608
Feb 8 19:10:51 linux rngd[13143]: stats: FIPS 140-2 successes: 309
Feb 8 19:10:51 linux rngd[13143]: stats: FIPS 140-2 failures: 0
Feb 8 19:10:51 linux rngd[13143]: stats: FIPS 140-2(2001-10-10) Monobit: 0
Feb 8 19:10:51 linux rngd[13143]: stats: FIPS 140-2(2001-10-10) Poker: 0
Feb 8 19:10:51 linux rngd[13143]: stats: FIPS 140-2(2001-10-10) Runs: 0
Feb 8 19:10:51 linux rngd[13143]: stats: FIPS 140-2(2001-10-10) Long run: 0
Feb 8 19:10:51 linux rngd[13143]: stats: FIPS 140-2(2001-10-10) Continuous run: 0
Feb 8 19:10:51 linux rngd[13143]: stats: HRNG source speed: (min=5.207; avg=6.145; max=6.200)Kibits/s
Feb 8 19:10:51 linux rngd[13143]: stats: FIPS tests speed: (min=66.925; avg=75.789; max=112.861)Mibits/s
Feb 8 19:10:51 linux rngd[13143]: stats: Lowest ready-buffers level: 0
Feb 8 19:10:51 linux rngd[13143]: stats: Entropy starvations: 308
Feb 8 19:10:51 linux rngd[13143]: stats: Time spent starving for entropy: (min=3150263; avg=3178447.994; max=3750848)us

And now the kernel entropy pool is high:

$ echo $(cat /proc/sys/kernel/random/entropy_avail)/$(cat /proc/sys/kernel/random/poolsize)
3968/4096

Martin F. Krafft: Sign me up to social networking!

Tue, 09 Feb 2010 01:45:22 +0000

I do not like it when people tell Web 2.0 sites to send me invitation e-mail. I won’t enumerate the reasons here. But there is one reason for why I don’t like you passing on my address to those sites, which is subject of this article:

Unlike popular belief, the Web 2.0 is not a money-printing machine. It’s a long road until you can actually generate real money with user content. Therefore, some shadey sites are probably selling contact details to advertisers to make ends meet while hoping for the big cashflow.

I don’t have any data to back this up, and I want to change that:

Please tell all your Web 2.0 sites to send me an invitation! Please use an address in the signmeup.madduck.net domain for that, and make sure to include the domain name of the service to which you sign me up before the @ symbol. Also append a hyphen/dash and a random, short string. More on that in just a sec.

For instance, if you are one of those people that believes that letting people know where you are (and have been) at any point in time, tell Foursquare to send an invitation to:

foursquare.com-ponies@signmeup.madduck.net

The reason for the random, short string (“ponies”) is simply so that I can later cross-check that a message receiving spam actually went through a social networking site — I intend to catalog the invitation messages.

Thank you for your time. Keep in mind: the more, the merrier. I’ll make sure to report back on the outcome of this little experiment right here, so watch this space.

NP: Billy Joel: Cold Spring Harbor

Vincent Fourmond: The java packaging nightmare...

noreply@blogger.com (Vincent Fourmond) — Mon, 08 Feb 2010 19:18:13 +0000

... or why I mutilated your java package in Debian

This post is especially addressed to what we Debian Developers refer to as upstream maintainers, that is the people who write/maintain the software that we package for Debian. It is meant to explain why, in some cases, Debian Developers prefer to mutilate your work rather than upload it to Debian Archives in a state that gives it proper credit. And to apologize.

These opinions are my own, but I have a faint feeling that I'm not the only Debian Developer working like that, and that this few words could help soothe the relation betwenn Debian Developers and Upstream Maintainers, which can be quite tense some times...

It happens unfortunately quite often (too often!) that I disable (or don't enable) features in programs I package. Exact reasons vary, but they essentially fall into two categories:

A feature requires code that does not comply to Debian Free Software Guidelines, which Debian cannot distribute. This is a no-go.
A relatively minor feature depends on other software that are not packaged yet, and in which I don't have specific interest, which means I would not be able to maintain them properly (or it would require too much packaging work and so on...).

When a program has features which falls in one of these categories, I have two choices: either I give up packaging the software or I give up some of the features... For packages for which I care, obviously the second option looks better from my point of view as a Debian Developer.

Java packages are especially affected by this problem, for a very simple reason. Java is one of the few (I don't say only because I'll probably be flamed to death) programming languages which allows very easy distribution of binary platform-independent libraries, in the form of JAR files. Many projects simply reuse and embed JAR files published for other projects in their own JAR files, often without precise references to where the source code can be found. Packaging a moderately-sized Java application often rely on dozens of embedded JARs, which we need to remove from the packages we build (as Debian does not distribute binaries without sources for many reasons), and for which we need to hunt down the original source code and often packaging the original project, which might pull in yet other dependencies and so on... A true nightmare ! That's why it is so tempting some times to simply drop some of the code, possibly write patches to disable references to removed libraries, and be done with it.

Therefore, I would wish to publicly apologize to any upstream developer I've offended by stripping down apparently carelessly their beautiful software before uploading to the Debian Archives; I hope they now understand why I've done that.

Note to users: it is not because one of the features of your favorite software has been disabled by its (Debian) maintainer that you need to turn away from Debian ! Rather, file a bug report against the package. You'll get the reasons why the feature was disabled, and you have a chance to convince the maintainer to switch it back on.

Kartik Mistry: My Hero

Mon, 08 Feb 2010 18:39:15 +0000

* Cyril Brulebois (kibi) is my hero…

Jan Hauke Rahm: Running again

Mon, 08 Feb 2010 18:19:56 +0000

Finally, I got my notebook working again. It seems a full Gnome installation isn’t exactly what my old MacBook needed. So it lay around for weeks, or rather months now, not being used for anything remotely relevant to anything. After all I then decided to get rid of Gnome at least on the notebook and instead installed LXDE… what can I say? It’s amazing. Removing all the stuff I don’t need anyways on this system (even the pbuilder/cowbuilder stuff is gone) made it really fast again. I’m happy now and the vacation can come with my notebook at hand, since it’s running again.

Yet that’s actually not what I wanted to write about. After a three week break due to illness (and, I admit, bad weather — although it still is pretty snowy and icy outside) I’m back on the track. And it wasn’t even that bad. Of course I’m not back on the level I had before but at least it’s about 5.5 km in 35 minutes. For a beginner who just had a forced break from training, I’m quite satisfied with myself. So, I’m running again.

Yay!

Adrian von Bidder: Papillon

nospam@example.com (Adrian von Bidder) — Mon, 08 Feb 2010 15:41:53 +0000

Another attempt to shorten my list of movies where not having seen them makes me an absolute philistine, according to various friends: Papillon, with Steve McQueen and Dustin Hoffmann. Ignoring the tragic history behind it (the French penal system in French Guiana during the colonial era — I didn't know about this from school), it's great entertainment. There is a kind of happy end, but nowhere close to what Hollywood does to its stories these days...

Stefano Zacchiroli: integrating Mutt with Org-mode

Mon, 08 Feb 2010 14:09:41 +0000

remember Mutt's mail in Org-mode and jump back to them

As already anticipated, I've been implementing my own Getting Things Done work flow. This post documents one of its main bricks: the integration between Mutt and Org-mode.

As a geek, my main incoming stream of TODO items and information in general is email. As emails hit my INBOX, I either deal with them immediately (reply, archive, delete) or I need to store them elsewhere, possibly adding extra information such as a deadline, a personal note, the associated next action, the context in which it is actionable, etc. This need of adding extra information is what defeats the usage of my mail client (Mutt) as a list manager (in the GTD sense), and that's where I plugged Org-mode in. My main goals are:

create Org-mode notes from Mutt, referencing the current email, and possibly inlining some of its metadata (e.g. subject, sender)
quickly retrieve referenced emails from Org-mode notes; ideally that should happen in my usual email environment (i.e. Mutt), so that I can process the retrieved mail as usual (e.g. to inform the sender that I did something about it)

In fact, both would be straightforward to achieve if I were using some Emacs-based mail client such as Gnus, but I resist the Emacs operating system syndrome, and therefore I insist in using my beloved Mutt.

Let's see how the two parts of the interaction between Mutt and Org-mode work.

(1) Mutt → Org-mode (there ...)

The interaction from Mutt to Org-mode happens via org-protocol. Using it external applications can feed content to Org-mode note templates, which are then interactively edited (via emacsclient), and finally filed away.

The Mutt glue macro from my ~/.muttrc is as follow:

macro index \eR "|~/bin/remember-mail\n"

The remember-mail script is trivial: it parses the fed mail from STDIN (using a couple of legacy Perl modules) and then invokes org-protocol.

The relevant configuration from my ~/.emacs is reported below; the comments explain the various parts:

;; standard org <-> remember stuff, RTFM
(org-remember-insinuate)
(setq org-default-notes-file "~/org/gtd.org")
(setq org-remember-templates  ;; mail-specific note template, identified by "m"
      '(("Mail" ?m "* %?\n\n  Source: %u, %c\n  %i" nil)))

;; ensure that emacsclient will show just the note to be edited when invoked
;; from Mutt, and that it will shut down emacsclient once finished;
;; fallback to legacy behavior when not invoked via org-protocol.
(add-hook 'org-remember-mode-hook 'delete-other-windows)
(setq my-org-protocol-flag nil)
(defadvice org-remember-finalize (after delete-frame-at-end activate)
  "Delete frame at remember finalization"
  (progn (if my-org-protocol-flag (delete-frame))
     (setq my-org-protocol-flag nil)))
(defadvice org-remember-kill (after delete-frame-at-end activate)
  "Delete frame at remember abort"
  (progn (if my-org-protocol-flag (delete-frame))
     (setq my-org-protocol-flag nil)))
(defadvice org-protocol-remember (before set-org-protocol-flag activate)
  (setq my-org-protocol-flag t))

The result is that when you hit ESC-R in Mutt, emacsclient will be fired up in place presenting a note template that already contains relevant mail information (date, subject, from) and lets you add extra information before going away. Additionally, the email message-id will be hidden in the note as a mutt: hyperlink with anchor text "mail".

(2) Org-mode → Mutt (... and back again)

Going back means that clicking on a "mail" hyperlink within an Org-mode note should bring up a Mutt instance showing the original message, in its context (e.g. its own mailbox). Achieving that consists of 2 separate steps:

looking up a specific message by Message-ID
firing up Mutt on the looked up message

For the first part I use maildir-utils (AKA mu): a Xapian-based mail indexing tool, which nicely integrates with Mutt; check out my previous blog post on the subject for a sample setup. Using mu, Message-ID lookups are as simple as:

zack@usha:~$ mu find -f p m:E1NbJad-0007x9-B7@ries.debian.org
/home/zack/Maildir/Debian.project/cur/1264883664_0.9472.usha,U=6320,FMD5=2284e927bb93d8a2ec434f5614dc04ba:2,S

Note: I'm relying upon maildir-utils version 0.6 or greater, for all presented scripts.

For the second part I use the mutt-open script which fires upon a Mutt instance on the maildir containing a specific message, and then "hits" the appropriate keys to open the message and shutdown the sidebar (if desired). It is a nicely reusable script, which I've being using elsewhere too.

The needed glue on the emacs side is just a function to invoke mutt-open in a brand new terminal, and its declaration as the handler for mutt: URLs.

(defun open-mail-in-mutt (message)
  "Open a mail message in Mutt, using an external terminal.

Message can be specified either by a path pointing inside a
Maildir, or by Message-ID."
  (interactive "MPath or Message-ID: ")
  (shell-command
   (format "gnome-terminal -e \"%s %s\""
       (substitute-in-file-name "$HOME/bin/mutt-open") message)))

;; add support for "mutt:ID" links
(org-add-link-type "mutt" 'open-mail-in-mutt)

Voilà!

Download

Summary of scripts and configuration snippets discussed above:

remember-mail - store in Org-mode a note back-referencing an email
mutt-open - open Mutt on an email having a specific Message-ID
Emacs configuration
Mutt configuration

Biella Coleman: Hacker and Troller as Trickster

Mon, 08 Feb 2010 12:45:33 +0000

If you read the literature on tricksters, you will confront a string of words that capture the moral quality and sensibilities of these figures, figures scattered across time and place and largely enshrined in myths and stories:

Cunning, deceit, lying, provocateur, mischief, audacious, thief, play, shrewdness, audacity, grotesque, over the top, appetite, shocking, fun, delight, wit, trap, subversive, ability, wanderer.

These figures, which include Coyote, Loki, Hermes, and Eshu, among many more, push the envelope of what is morally acceptable and in so doing, argues Lewis Hyde (in his tome on the subject), renew and revitalize culture, especially the moral stuff of culture. They are not only boundary crossers, they are boundary makers. As the title of his book so succinctly and masterfully broadcasts “Trickster Makes this World.” Or as he suggests with a bit more elaboration:

“I want to argue a paradox that the myth asserts: that the origins, liveliness, and durability of cultures require that there be a space for figures whose function is to uncover and disrupt the very things that cultures are based on” p. 9

At the opening of the book, Hyde asks whether there are tricksters in modern industrial societies. His answer is a plain ‘no.’ The con man who might share some similarities does not qualify. For in fact what is needed is either a polytheistic system “or lacking that, he needs at least a relationship to other powers, to people, to instructions, and traditions that can manage the odd double attitude of both insisting that boundaries be respected and recognizing that in the long run their liveliness depends on having those boundaries regularly distributed” p.13 He does locate the spirit of the trickster in spirited individuals: in Picasso, in Frederick Douglass, in laudable figures who push certain boundaries and renew our world for the better but nonetheless fall short of the archetypal trickster.

I bet it is pretty obvious where I am going with all of this given my object of study: phreakers, hackers, and trollers. The trickster does exist across America, across Europe, really across the world and it is not in myth but in embodied in group and living practice: in that of the prankster, hacker, the phreaker, the troller (all of whom, have their own unique elements of course, but so does each trickster). Their relationship to other powers are many and can be located in terms of information, intellectual property, the government, language itself, institutions of power like the FBI and AT&T. The list is not short.

For a few years now I have been thinking about the linkages between the trickster and hackers as well as the troller but it was only in the fall when I found myself trapped in a hospital for a week that I finally cracked open the book by Hyde and devoured it. Within a the first few pages, it was undeniable: there are many links to be made between the trickster and hacking. Many of these figures, push boundaries of all sorts: they upset ideas of propriety and property; they use their sharpened wits sometimes for play, sometimes for political ends; they get trapped by their cunning (which happens ALL the time with tricksters! That is how they learn); and they remake the world, technically, socially, and legally and includes software, licensing and even forms of literature (think textfile, the Jargon File or most dramatically, ED).

But if the trickster generally resides in myth, and the trickster of the information age resides in practice, myth matters everywhere because there is a mythos created around these figures. Sometimes the mythos is propagated these groups (take a look of ED for example or Phrack in the past) and of course the media has played an undeniable role. And yet, unlike what is represented in the pages of Hyde, there are living, actual bodies in motion, in conversation, in transformation, a group that goes far beyond the other more controlled and bounded tricksters we might be able to locate in society, such as artistic/political groups like the Yes Men.

But the most shocking (or hard to think through) element lies less in the many associations one can make, but in the following curious fact. For the most part the trickster is enshrined in myth and stories but the tricksters I am referring to are in fact full-bodied, full-blooded groups of people who are actually engaging in all sorts of acts of trickery. This is culture not in the sense of art and myth but people and practice and this of course makes an (ethical) difference. What happens when you are the recipient not of a story offered an elder, but the recipient of trickery, an act of pranking or trolling, for example? What happens when you can trace all sorts of instances of boundary re-shifting and remaking, as with the GPL? I think this, even more than the linkages, is what makes this connection so remarkable and I trying to think through what it means to have a figure that we can find and talk to, as opposed to one embodied in myth and story.

For now I am going to leave this post short and in the next installment, will start raising some of the connections between trickery and variants of hacking and trolling.

Nico Golde: Two weeks with the n900

blog@ngolde.de (Nico Golde) — Mon, 08 Feb 2010 11:21:13 +0000

Two weeks ago I got myself a nokia n900 phone which is running maemo 5. So far I am quite happy with it, given that my previous phone was a sony erricsson p1i which is pretty crappy.
I've taken some notes about my experiences:

under normal use the battery lasts for ~ 2 days, if I'm using 3G the whole day I need to recharge it daily though

the terminal has a bug which results in the enter key not working under some conditions, ctrl-m works as a workaround though

playing normal dvdrips in mplayer is absolutely no problem without downscaling, 720p doesn't perform though

I somehow managed that my screen flipped and I wasn't able to flip it back, only a reboot solved that

It is not clear to me which tools you will find in the list of installable packages and which are only visible with apt-cache search. I also managed to end up with a doubled launch icon in my application list for some application

the termininal is not usable anymore after an ncurses program crashed, "reset" doesnt help either

wireless uses less battery than umts, way less

the back button in the browser is per default opening a fancy eyecandy browse history which is slow, so I mostly use backspace to browse back

there is lots of useful tools in the extras-devel repository, e.g. I can control my mpd via mmpc from the phone which is great

importing contacts works flawlessly, also merging existing contacts works as expected

jabber (including xmpp calls) are integrated in the contacts information (you can merge a jabber uid into an existing contact)

i've no idea yet what the internal video player is, but i wasn't able to play a non downscaled XviD file with it, mplayer does play it fine

freely placeable widgets are awesome

it's is really userfriendly and no geeky linux user phone

i would prefer not having busybox per default, i can install bash but the libc is still from busybox which implies world readable password hashes in /etc/passwd, so no other user accounts on my mobile

is there disk encryption available?

n900fly can't cause any good

gps with nokia maps is ok and I find it pretty usable even if a google maps client would be nice as well

the mp3 mplayer sucks unless you have tagged your music properly, you can't just play some folder without having a playlist for it

mplayer as an alternative from the console is no real alternative either, if you don't redirect its output to /dev/null it gets stuck in a loop when the display blanks,

app manager locks dpkg lock even if you just list available programs, no idea why this is needed and no idea how aptitude and synaptic are doing this

is there a good todo manager which comes with a widget listing todos?

is it possible to install armel debian packages without having a debian chroot?

sms are nicely organized per contact in an instant messaging fashion

the builtin accelerator works nice and you can automatically flip the screen when you want to dial a number, sometimes happens by accident though

the multiuser support works awesome and you get a nice overview of open applications in a composé fashion, it may be wise to have not 40 applications open though

the list of processes is already huge (like 160 processes running in the background)

i haven't checked out the sdk yet but I will do that soon as I need e.g. newsbeuter for RSS

hardware feels robust, arm cortex a8 is imho a very good processor, RAM could be more (the phone is heavily swapping)

you can not yet use the phone as a wireless access point without building your own kernel images, some people seem to be working on this

you can manipulate all kinds of stuff through the sysfs, including the phone led and the vibration

wireless certificates are sometimes shown to be invalid but there there is no details button, you can click only "done"

Those are the things I came up with while using the phone. The calling functionality and everything which is only phone related really works fine and the sound quality while talking to someone on the phone is also really good. So far I am really happy with the phone and I can only recommend it. I hope I'll have some time to port some applications to maemo soon.

Olivier Berger: New inter-forges discussion list on planetforge.org

Mon, 08 Feb 2010 11:07:12 +0000

You work on developing a software forge, you’re an admin for a software forge, or a project administrator.

Join us and discuss (in english) forge matters on discussions@planetforge.org, to try and improve communication, sharing, reuse and interoperability among various hosting platforms, and collaborative development tools.

You may prefer joining the PlanetForge RSS aggregator if you blog about forges (feel free to add it to your preferred RSS reader).

Olivier Berger: Working on standard forge exchange format

Mon, 08 Feb 2010 10:56:55 +0000

As part of COCLICO, we’re working on an exchange format for forges, that should help dump, restore, export and import from different software forges.

There are various use cases for this, like moving a project from one forge to another, but also as backup/restore feature for forge admins. More about the rationale here.

We’d like this format to be a standard some day, so it should have good properties so that it’s generic enough and at the same time easy to adopt. Thus it would be relatively easy to contribute new exporters or importers to an framework (for which we’ll implement basic core tools), while having a long-lasting format that can still be used in the future.

A lot of work ahead of us, and this is just a short notice in case you’re interested and you’d like to know more

Stay tuned, and if interested, join discussions@planetforge.org to discuss this topic.

P.S.: yes, it’s a rebirth of CoopX, somehow (see the coopx tag in my blog for more details)

David Paleino: New team member in bash-completion

Mon, 08 Feb 2010 10:19:35 +0000

I'm glad to announce that we accepted a new member in bash-completion's upstream team: Dan-Leonard Crestez. He's an active guy in the F/OSS world, and I'm glad he's now in our team.

Welcome on board!

Julian Andres Klode: N900 standby time

Mon, 08 Feb 2010 09:05:51 +0000

It seems that the N900 is able to run for > 3 days in standby, I unplugged it Friday on 7:00, and it lasted until Sunday 23:50. I used it for browsing the web a bit and to listen to music via FM transmitter.

Filed under: General

Russell Coker: Security and Hiring

Mon, 08 Feb 2010 00:08:51 +0000

The main sources of information used when hiring someone are their CV, the interview, and references.

CV

The CV is written by the applicant or sometimes for the applicant. Naturally it says only good things, if a CV notes no skill in a particular area then it may be used to exclude an employee from consideration. But the trend is towards including a reference to anything that you touch, so someone who lists DBA experience may merely have done a couple of CREATE TABLE operations.

Interview

The interview is a good test of people skills but is often of little value in assessing technical skills. The interviewer asks questions such as “do you know technology X” and the applicant says “I know that really well“. If the company is hiring another person with similar skills to current employees then they can have their current employees sit in on the interview and ask difficult technical questions, but for unknown reasons managers often don’t take that option and get no advice from their technical people. Also if the company is hiring someone with specialised skills (EG they are about to implement a new application and want to hire their first employee to work on it) then it may be impossible for them to assess the technical merit of answers. Probably the best use of the interview is to match answers with the CV, if the applicant doesn’t appear to know the contents of their own CV then they should be rejected.

The biggest problem with interviews is when the questions are all of the form “do you know X“. Someone who really knows it will say “yes” as will someone who doesn’t know enough to realise the limits of their knowledge – and such ignorant people vastly outnumber the skillful people. The real problem is that the people who are moderately skillful will lose out. If someone asks me about my MySQL skills I will tell them that I’m not really good at it. Sure I’ve run replicated servers with tens of thousands of users running 24*7, but that doesn’t mean I’m really good at it – probably most people who will claim to be great at MySQL without qualification would have less experience than me.

References

Reference checks rely on an unknown person saying good things about the applicant. For starters there is the issue of the number of references which may not be representative of their employment history – EG the applicant could use as a reference the one manager who didn’t sack them.

The next issue is that there is little incentive for the referee to be honest, most people are aware of instances where someone once worked for a friend and can rely on good references for the rest of their career. If a reference is inaccurate then there is no realistic opportunity for redress.

Finally every reference check that I am aware of (checks where I have been the referee or the applicant) has involved the applicant giving the phone number of the referee to the hiring manager! The phone could be owned by a friend or relative of the applicant, so logically a good reference that is based on trusting the applicant to supply the phone number only proves that the applicant is either good or really bad. To make a reference check prove something the recruiter would at a minimum have to phone the number listed in the white-pages for the corporation that used to employ the applicant, asks to speak to the manager of the relevant department, and then gets a reference. Calling a mobile phone number that is supplied by the applicant (which seems to be the standard practice) is essentially trusting the applicant – and trust is the root cause of most security problems!

Really most of this ends up as trusting the applicant to provide honest evidence that they are trustworthy and believing that the applicant’s technical knowledge is good enough to be correct when they say that their technical knowledge is good. It can fail spectacularly when someone isn’t trustworthy enough to provide honest evidence of their integrity or when someone doesn’t have the skills needed to know that their skills are lacking.

As an aside, even if the reference is given accurately and in good faith it may still be misinterpreted. The fact that telephone references are exclusively relied on exacerbates this problem. Ideally references would be in writing with some way of proving their authenticity (maybe using phone verification of the accuracy of the written document).

Solutions

So how can we solve this? Some people believe that career based social networking software will solve the problems, but as usual I think that software doesn’t magically solve human problems. The first challenge when trying to use social networking to solve the problem is to find someone on your friends list who has relevant knowledge, this may be viable in a small industry (EG when someone from bank A applies for work as bank B in the same city). The next issue is that of false “friends“. I’m sure that I’m not the only person who has been pressured to add people as friends on social networking sites, the non-computer social interactions really don’t prepare people for saying “no you are not my friend” (apart from high-school I guess). With professional social networking sites there are further issues, if you are working on a client site and a manager demands that they be listed as one of your friends then what are you going to do?

So it seems to me that the social networking sites are at best a helper for the gossip network. If you think that a friend of a friend from a social networking site might be able to help you then you first ask your friend if the person in question is really a friend, and if so are they one of the shifty pseudo-friends you only hang out with because their company pays good money. But the problem with the gossip network is that it’s mostly secret and is therefore subject to settling vendettas, I’ve heard of senior managers going out of their way to spread false stories about former employees to settle scores.

The best solution I can think of is for someone who has a reputation to publicly stake it on the accuracy of their references. If I’m going to give a reference then I would be happy to do so via a GPG signed email or a blog post. This doesn’t mean that my references will always be correct, but it would show that I try to give good references.

Julian Andres Klode: Just uninstalled hal

Sun, 07 Feb 2010 22:15:57 +0000

I have just uninstalled hal from my laptop running unstable, and everything still seems to work, including suspend & resume.

Filed under: Debian

Martin F. Krafft: Optimise Google

Sun, 07 Feb 2010 21:51:31 +0000

I had previously sought alternative, innovative search engines, but none of the proposed options made me particularly happy. About a year ago, I came across DuckDuckGo, and today, I’ve been using DDG as my primary search provider for exactly 10 months.

The reasons why I switched included

my dislike of the Google information monopoly and the potential that a single, corporate entity with financial interests, gets to censor the information I see. I am sceptical of their “Do-no-evil” promise because there’s nothing binding about it, and if it gets in the way of money-making, I am sure it’ll be discarded at a whim — if it even still exists.
the awareness that my usage augments their database (although I am probably too far away from mainstream to provide useful data), which translates into more funds available to them to further strengthen their market position.
my belief that the days of index-based searches are over, given how 95% (or more) of user-generated content is bogus. Google undoubtedly optimises the results with obscure, secret algorithms, but that’s just not enough for me.
Of course the name — DuckDuckGo — was perhaps the strongest reason to switch. :)

I am aware that DuckDuckGo is index-based itself, using the Yahoo API, which, in turns means that DuckDuckGo may already be using Bing data. Sounds a bit like out of the frying pan into the fire, unfortunately.

I am still investigating better search solutions, sticking with DuckDuckGo meanwhile.

Unfortunately, DuckDuckGo doesn’t quite cut the mustard at all times, forcing me to go to Google instead. For this reason I am glad to find that the CustomizeGoogle Firefox extension has not been discontinued, but simply renamed to OptimizeGoogle.

This extension allows me to anonymise my identity towards Google, remove click tracking (which Google doesn’t want you to know about and hence hide with JavaScript), hide ads, and customise a slew of other aspects of the giant’s search engine. It alleviates some of the aforementioned concerns, but not all.

Maybe it’s time to rethink the way I use the web and lower my search needs.

If you are using Firefox, try it out! If you’re still using Internet Exploder, you should not, and instead upgrade to Firefox. Users of other browsers might find similar functionality for their application, or might want to switch as well.

NP: Tunng: Comments from the Inner Chorus

Steinar H. Gunderson: IPv6, going forward

Sun, 07 Feb 2010 21:19:00 +0000

Two otherwise unrelated pieces of news:

At work, Lorenzo and I made the YouTube blog, with an entry about YouTube's newfound IPv6 support (for Google over IPv6 members). It's interesting to see how few original articles are actually being written; I've seen the same article from Network World referenced probably twenty different places now. And I keep being fascinated by this recurring expression that IPv6 has so many addresses that “only a mathematical expression” (gasp!) can express its size.
My IPv6 patch for rtorrent (not made at work) is making progress -- it seems the upstream review will take quite a while, but hopefully we can reach squeeze and finally seed a release on IPv6 using an efficient client...

(No, I won't make any predictions that 2010 will be the year of IPv6. But at least I can hope that other players will follow Google...)

Joachim Breitner: If I were a caricaturist

mail@joachim-breitner.de (nomeata) — Sun, 07 Feb 2010 20:33:45 +0000

I’d draw a caricature involving a Toyota car, representing capitalism, with a stuck gas petal and Barack Obama trying to fix it. But as I cannot draw very well, especially recognizable people, I created this collage:

The photo of Obama was created by Beth Rankin.

Marco d'Itri: Advances in networking for virtual machines

Sun, 07 Feb 2010 18:43:22 +0000

So far the networking of virtual machines has usually been managed by configuring a Virtual Ethernet Bridge (VEB) in the host, i.e. the good old implementation of 802.1D in the Linux Kernel:

A Virtual Ethernet Bridge (VEB) is a capability within a physical end station that supports local bridging between multiple virtual end stations and (optionally) the external bridging environment.

While this works well and in some cases is the best solution, in other setups performances or policy needs dictate that the traffic between virtual machines is forwarded to an external bridge (the Ethernet switch connected to the host) and back without having in the host a real bridge learning MAC addresses from its ports and implementing the STP. Enters the VEPA:

A Virtual Ethernet Port Aggregator (VEPA) is a capability within a physical end station that collaborates with an adjacent, external bridge to provide bridging support between multiple virtual end stations and external networks. The VEPA collaborates by forwarding all station-originated frames to the adjacent bridge for frame processing and frame relay (including "hairpin" forwarding) and by steering and replicating frames received from the VEPA uplink to the appropriate destinations.

Support for VEPAs has been added to Linux 2.6.33 with a simple change to the macvlan driver.

The next step will be to use the macvtap driver (available in 2.6.34), which exposes a tap character device usable by kvm-qemu and "connected" to a macvlan-like interface.

Ben Armstrong: Eee PC care at 2 years

Sun, 07 Feb 2010 16:16:45 +0000

In November 2007, we bought two of the first Eee PC netbooks available in North America: the model 4G in pearl white, one for me, and one for my wife. My plan was to start the Debian Eee PC project and get Debian working on them both which, thanks to the work of everyone on the team, has been a great success. Fast forward to February 2010, and they are still serving us well. Here is a list of hardware enhancements and issues over the past two years of continuous use:

Battery life

Asus claims 3.5hrs for the model 4G, though I don’t think we ever experienced anything better than 2.5 hrs with wifi in operation. Today, I’m down to something short of 2 hrs. If you consider the Lithium ion battery article on Wikipedia to be accurate, it is typical to permanently lose 20% capacity per year, so this sounds about right for the age of the battery.

Touchpad

The touchpad itself is fine. The buttons are not. They are hard to push and prone to become less responsive after a while, or to fail entirely. I now really have to bear down hard on my left button to make it work. Because the buttons are soldered to the motherboard, they would be hard to replace. Configuring the synaptics driver for tap-to-click is an acceptable workaround. Also, one of the first purchases we made was the Logitech VX Nano, one for each Eee, so most of the time now, we use our mice, falling back to the touchpad only when using a mouse is inconvenient due to space constraints (e.g. on the bus).

Keyboard

After two years of continuous use, both of our keyboards needed replacing. Some of the keys had been pounded flat and needed surgery (rubber springs sliced out of a scavenged Acer netbook keyboard and grafted on) to make them usable again. And aesthetically, the keyboards have really suffered, with a good percentage of the markings on the keycaps partially or completely eroded off.

Fortunately, for $3 plus $10 shipping each, new keyboards can be ordered from a Chinese e-Bay seller. But with the new keyboards, there is still the problem with excessive flex in the keyboard making some keys less responsive than others. I’m considering trying this hack to solve the problem.

Display

I have no complaints about the matte finish displays of either Eee. Both have stood up well. People tell me they don’t care for a 7″ display, but I find it bright, crisp and easy to get along with, so long as you maximize windows and increase font size as needed (e.g. for reading PDF books and magazines). When I really need the extra real estate, I just hook up an external monitor.

Fan

Some people complain about the noise of the fan, from the otherwise silent 4G (due to the lack of a hard drive) and seek ways to limit the amount of time the fan runs. We’ve never had that problem. However, if any plastic bits break off inside the Eee, they will eventually find their way to your fan and get wedged. This has happened twice: once in my wife’s Eee, and once in mine. Disassembly of the Eee to clear the blockage and get the fan running again was relatively painless both times.

Plastic bits

About those plastic bits: In my wife’s case, I think the bit was some extruded plastic from the molding that had broken off. In my case, it was a deteriorating plastic post which was holding the hinge in place. More about this later.

Sound

Unfortunately, the integrated sound seems to be particularly sensitive to heat. During both fan failures, sound cut out. On my wife’s system, it never fully recovered, and now only works on alternate Tuesdays, whereas on mine, after I unwedged the fan and brought the heat down, sound has functioned properly ever since. (Update: see my comments below on power adapters for an alternate theory about what killed sound.) We are waiting now for the delivery of a cheap ($1.42 including shipping, again from China) 3D Sound USB device which is reported to work on Linux. While some users complain about hum with this device, we’re cautiously optimistic that on the Eee it won’t be an issue. If it is, oh well, a buck and a half is a small gamble.

Display hinge

The plastic posts that hold the anchors for the machine screws for the hinge are fragile. Three out of four of these posts in my Eee have shattered, leaving the left hinge to float freely. For the past two days I was distressed about how I could fix this. Based on some helpful suggestions from #eeepc @ irc.freenode.net, I had worked out a plan to rebuild one of the posts with two-part epoxy, sand it and the fractured stub of the post, and use cyanoacrylate glue to affix it to the case. It sounded like fiddly work for which I didn’t hold much hope of success. But this morning, I realized that the plastic in the bottom of the case was still sound, and that I could drop a screw into that hole, and with pliers, line up the anchor on the other side. This appears to work! I’ll handle that hinge with care, but it should do me until I eventually repurpose the machine to some daily use that is less stressful on the hinge than daily travel on the bus.

SSD and SDHC

Some people were initially worried that the limited write life an SSD meant that you needed to take special measures to avoid its premature death, which I have always regarded as a myth. Our 4G SSDs each have no swap space, and ext3 filesystems. At the two year point, there are no problems. I expect our SSDs to outlast the other components.

We did, however, eventually find the 4G to be a bit on the small side. We now each have Kingston 4G micro-SDHC cards for a bit of extra capacity for large media files and for some extra space for the apt cache. I recently priced the Lexan version of this card at $19 for a two-pack at Wal-mart, and these seem to work in the model 4G just as well (which seems to be an issue with this model — not all SDHC cards work).

Memory

We found the 512M that came with the 4G somewhat constraining. Without any swap space (so we could maximize the space available on the small SSD) we decided our systems really needed a memory upgrade. At the time, 2G didn’t seem overly expensive (though I no longer remember the exact price) so we splurged on 2G for each system, even though that was probably more than we needed.

Power adapter

When I first wrote this article, I forgot to mention the power adapter. The model 4G uses an unusual 9.5V power adapter for which it is hard to find a generic replacement. This unit is prone to fail in two places: in rare cases, (one out of 6 units that I have in some way assisted with: 3 of them mine, 3 belonging to others,) it will break at the wall plug end. The plug swivels into the unit for easy storage, but this adds a point of failure. More commonly, (in 3 out of six of the units,) the wires at the netbook plug end will fray due to stress on the non-angled cord, leading either to no connect, or to a short. In fact, since in the case of my wife’s adapter, the netbook end of the cable shorted, making the cable heat up and the system spontaneously shut down after a little while, we can’t say for sure whether the overheating of the Eee took out integrated sound, or whether this short did. On the one hand, I know for certain my own system, which never suffered a short, has responded to overheating by making the sound flaky, but it has never taken out sound completely. On the other hand, shorting the power cable can’t be very good for the Eee, so who knows, maybe that’s what ultimately killed my wife’s Eee’s sound.

This is where it helps to have soldering skills, or a friend who can do the repair for you. In my case, it was the latter. While I was waiting for a replacement adapter I had ordered, we also found on eeeuser.com part#s for replacement plugs and sleeves from Digikey, total cost $20 including shipping, 10 pieces each. Cutting off the bad plugs on three units and attaching the new was a quick, straightforward operation, and succeeded in two out of three cases. Having carefully checked the failed repair, we deduced that the failure in that unit was at the wall end, and we judged there was nothing further we could do to try to save it. Even the unit that had previously shorted was returned to perfect health and has been in operation trouble-free ever since.

Conclusion

After over two years of continuous use, the model 4G has held up well for a $400 system. We definitely feel we have received our money’s worth of value over that time. All of the problems we’ve experienced so far have been fixable at very little expense, and we expect them to last at least another year before we seriously consider replacing them. In the next several months, I plan to order a high capacity 8-cell 10400mAh battery for my own system so that I can enjoy a 5-6 hr run time. The purchase will be roughly $55 including shipping, the most expensive purchase for my system to date, but still well worth it to extend the 4G’s lifespan for another year or more.

Michal Čihař: Big changes in phpMyAdmin future

Sun, 07 Feb 2010 09:19:06 +0000

The main reason for me to go to FOSDEM this year was to meet with other phpMyAdmin developers to be able to discuss some things personally rather than on mailing list or irc.

We had quite a big list of topics to discuss and besides discussed some other things which will be made public at some point later.

The good thing is that both my proposals were accepted, so we're about to migrate to Git, what will make our development less blocked by slow SourceForge.net VCS server (what mostly affected people sitting in Europe). The migration will happen shortly, I expect to provide testing repository during next few weeks and we will switch for real once all developers get used to it.

The other important change is to switch our translation system to Gettext. The primary motivation behind this is to allow translators to use wide range of standard tools available for po files and also to allow web based translation using Pootle server in similar way we currently handle documentation translation. I have already prepared the migration plan to Gettext, but it will not happen before migration to Git as I want to benefit integration of Pootle with Git, what makes translations directly commit to the local repository.

MJ Ray: The Phone Co-op 2010

Sun, 07 Feb 2010 07:06:49 +0000

Ed Mayo talking to the Phone Co-op meeting

Yesterday I had the pleasure to be at the Phone Co-ops annual meeting, as those of you who follow me on identi.ca or elsewhere will already know. The proceedings included a speech from Cooperatives-UK Chief Exec Ed Mayo that included the co-op pub in Salford, spurning David Beckham’s gift and this summer’s Co-operatives Fortnight.

As ever, the bits I liked best were the lively question-and-answer sessions, both on Ed’s speech and the annual report. I took notes and reproduce them below, but I didn’t capture every question, or every answer and none of this is verbatim. Questions to Ed about UK cooperation included:

Can people in the co-op pub smoke? – No, there’s a bit of drinking in meetings, but not smoking. Some heated debates in meetings are defused by a break to go refill the glasses.
Gordon Brown and Labour are starting to talk about cooperatives more. What should we do? – We need to stand on our own two feet, but expect to be treated equally. A “Mutuals Manifesto” will be out online next month. In regulation, having the telecoms networks opened up to co-ops and not be so limited would help. One interesting possibility is with football co-ops / supporters trusts: it’s been suggested that a fan co-op should have the right to buy a club if supported by 75% of season ticket holders.
With all the business collapses and Cadburys being bought, what is the temperature of interest in mutuals outside the movement? – Good. The only AAA-rated bank in the world is the Rabobank co-op, but remember that co-ops are not immune to failure. Cadburys is not a co-op and was always vulnerable to the current investor-led rules changing its ownership. People are not necessarily thinking of co-ops, so we need to reach out. It’s a cynical, apocalyptic age, so we need to prove what we’re doing. coops14 is an opportunity. The co-op bank saw a surge in new accounts after it was highlighted in one newspaper as an alternative to excessive banker bonuses. We need to encourage people to act. Reminded of a quote that “the trouble with the rat race is that even if you win, you’re still a rat”. Research shows that Britain today is a brutal and competitive place to grow up in, with only 45% of children trusting their friends. People have heard of cooperatives. We should try to build a more cooperative nation.
Comment from the floor that the private sector won’t take substantial cooperative competition lightly. We must look behind us and never give them a chance.
Could the BBC become a co-op? – Yes.

Questions about the annual report asked about:

What is our target profit %? – No hard target. This year’s reduction was planned and it is still a profit.
Why are we using UKMail instead of the Royal Mail? – £10k price difference. It was a hard choice, debated by the board, but there is no co-op option and no particular preference for state ownership.
Why are we considering energy supply? – Telecoms is a deflationary market, so diversification is a wise move and energy supply is a top customer request.
What is our churn rate? – 1.5%/year, which is unsatisfactory to us, but still low by industry standards.
Was the Avoco acquisition price too high? – a good price by usual industry measurement (multiple of sales)
Will we support coops14 Free and Open Source Software events, because there is an overlap? – (I didn’t catch the answer)
Can we put leaflets in the shops? – Matt Lane is working on this and other opportunities
Can we encrypt bills and emails if customers want it? – exec will take and deliberate on that
Can we get some sales materials to Scotland? – details taken to send them out next week

Asheesh Laroia: Cosmetic carbon copy: The opposite of blind carbon copy

Sun, 07 Feb 2010 05:40:16 +0000

I propose a new feature for email software: Cosmetic carbon copy. CCC works very similarly to today's carbon copy feature: If you put an address in the CCC: list, when the recipients open the message, they can see the address. The one difference is that with "cosmetic" carbon copy, the CCC:d address never recieves the message.

An example might illustrate the situation. Let's say someone (Alice) wants to invite Bob to a movie but doesn't want Charlie to come. She might send this email:

From: alice@example.com
To: bob@example.com
CCC: charlie@example.com
Subject: MOOOVIEEE!

Hey all my friends, join me for a movie tonight!

When Alice sends the email, Bob recives a copy. Bob thinks that Charlie received a copy, as he will be in the CC list. But Alice's mail software never sent Charlie a copy. So Alice can relax, knowing that Bob won't forward a copy to Charlie, since Bob thinks he already received it.

Alice and Bob will meet up without Charlie, and Alice will quietly sigh in relief.

How can this work?

Cosmetic carbon copy works on the same principle as blind carbon copy: the contents of the message are fundamentally independent from the recipients.

Saavy email users have used the "blind carbon copy" feature for years. When you place an address in the BCC list, that address will receive a copy of the email even though other recipients won't see the address listed. This allows for a form of privacy between the sender of the email and that hidden recipient.

This works because, like postal mail, email messages are delivered using an "envelope" that contains the actual recipients. When you compose a message in Alpine, Gmail, or Thunderbird, you are writing the contents of the envelope. When you hit send, the mail software looks for email addresses that should receive a copy. It creates one envelope per address, stuffs the letter inside, and sends the whole thing on its way through the Internet using a protocol called SMTP. When the recipient (Bob)'s email system receives it, the letter is pulled out of the envelope and placed in an inbox.

Which means the envelope is entirely invisible to Bob, the recipient. Most mail software puts information about the envelope in email headers. Since each email recipient gets a separate envelope, In the case of cosmetic carbon copy, Alice's letter claims that Charlie was on the CC: list. But Bob can never learn that Charlie's copy was never sent.

So to implement cosmetic carbon copy, Alice's mail program must understand this rule:

For each address in the CCC list, copy the message to the CC: list in the email message.
Create no new envelopes when sending the message.

Because of the last bullet point, this "carbon copying" is purely cosmetic rather than functional.

A possible privacy problem

You might wonder, what happens when Bob hits reply-all to say "Yes, I'm coming"? Then (oh no!) Charlie might see the invitation.

Not a problem: Most of my friends use Gmail, and Gmail users almost always hit Reply instead of Reply-All. Gmail used to have an experimental option called "Reply All by Default", but thankfully they removed that option.

A future version of this specification might suggest mangling the last "." in the BCC:d email addresses with the ONE DOT LEADER character, which looks like "." but isn't one. That way, even if Bob clicks "Reply all," Charlie's email address is subtly incorrect and will bounce.

Future work

The story I've told here is marginally simplified so it's understandable to a less-technical audience. Those who want a more technical version can request I submit an RFC. Perhaps in two months?

(File under "games to play with email.")

Holger Levsen: FOSDEM - video helpers needed and DPL election

Sun, 07 Feb 2010 01:21:41 +0000

FOSDEM is the usual awesomeness this year, I'm just too tired for too many words, so I'll keep this post very brief.

Once again, the videoteam needs your help. Please consider lending us your helping hands, so that we can record the room 1308 tomorrow/today (sunday) without burning out totally. From 10oo to 17oo there are seven talks scheduled with a total break time of 30min. And we are 3 or 4 people doing this, and have 4 jobs to fullfill: 2 camera operators, video and audio-mixer, not even mentioning handing microphones to the people in the audience. This obviously really cannot work.

So, if you can, please help us. Either just show up or even better, just show up and add yourself at the volunteer wiki page. Doing the latter will help us even more, as we can plan our ad-hoc work better.

Following an idea originated through contributions from Belgian beer, and to motivate zack a bit more to actually go for it, I've setup the alias leader@debian-community.org to point to his email address. Please send motivational emails ;-)

Steve Kemp: You seem uncomfortable.

Sat, 06 Feb 2010 21:13:45 +0000

I've been trying to remember to post the pictures I like online for the past few months. So this is a reminder to myself.

This image below didn't turn out quite how I wanted it to:

I was hoping for a nicer sihouet upon the lady's face.
The tree-branch on the left irritates me.

But that said I keep on coming back to look at it. I like the lighting, and I love the way that the brick wall on the right hand side angles towards the building on the horizon.

Enjoy. Or not.

A similarly "not perfect" image is this outdoor shot. I have only one irritation with this shot - and that is that the trees are clipped at the top. Meh, such is life.

(I have two styles of photography; semi-random where I snap what is in front of me, and staged where I try to construct a particular picture - the two images above? One of each.)

ObFilm: Bound

Biella Coleman: Hard to imagine but it is our history

Sat, 06 Feb 2010 17:12:57 +0000

Stowe v Thomas (1853) where the court argued that a German translation of Uncle’s Tom’s Cabins did not constitute copyright infringement (quoted from Meredith McGill’s excellent bookAmerican Literature and the Culture of Reprinting, 1834-1853:

“Before publication [the author] has the exclusive possession of his invention. His dominion is perfect. But when he has published his book and given his thoughts, sentiments, knowledge or discoveries to the world, he can have no longer an exclusive possession of them. Such an appropriation becomes impossible, and is inconsistent with the object of publication. The author’s conceptions have become common property of his readers, who cannot be deprived of the use of them, or their right to communicate them to others clothed in their own language, by lecture or by treatise”

Uwe Hermann: FOSDEM 2010: coreboot and flashrom devroom and talks

Sat, 06 Feb 2010 11:31:20 +0000

Quick public service announcement (which probably comes a bit too late, sorry):

There's a coreboot developer room at this year's FOSDEM (Free and Open-Source Software Developer's European Meeting), which starts roughly... um... today. In 20 minutes, actually. Unfortunately I cannot be there, hopefully there will be video archives of the talks. If you're at FOSDEM already, here's the list of talks:

Sat 13:00-14:00 coreboot introduction (Peter Stuge)
Sat 14:00-15:00 coreboot and PC technical details (Peter Stuge)
Sat 15:00-16:00 ACPI and Suspend/Resume under coreboot (Rudolf Marek)
Sat 16:00-17:00 coreboot board porting (Rudolf Marek)
Sat 17:00-18:00 Flashrom, the universal flash tool (Carl-Daniel Hailfinger)
Sat 18:00-19:00 Flash enable BIOS reverse engineering (Luc Verhaegen)

Highly recommended stuff if you're interested in an open-source BIOS and/or open-source, cross-platform flash EEPROM programmer software.

Christian Perrier: Unofficial samba 3.2.15 packages available

Sat, 06 Feb 2010 10:44:00 +0000

I recently upgraded a critical file server at work, from etch to lenny. With that upgrade, samba version was bumped from 3.0.24 to 3.2.5.

We were then hit by a quite severe bug where files ACLs are messed up on Excel files after saving the files (upstream #4308, fixed upstream in 3.2.8).

I will probably consider fixing the official Lenny packages (there is no bug reported about this in Debian, though) along with a few other quite severe ACL-related bugs (Mathieu Parent, who maintains ctdb, pointed me to a few such bugs).

However, I couldn't wait for such a long time and backporting the fix for #4308 isn't completely straightforward. So, I decided to upgrade our server to the latest Samba 3.2 version, namely 3.2.15 (upgrading to 3.4 series could bring other kind of regressions and we have no time to properly test everything...users already have their guns handy).

This is where the Debian Samba packaging team unofficial repository becomes handy. It is meant as as service to users who want to run the very latest samba code and have the same packaging choices we have in supported Debian releases. We already had 3.2.14 there but I never took time to update to 3.2.15. This is done now.

Moreover, as our production server uses the amd64 architecture, these unofficial backports are now available for both i386 (my usual build machine) and amd64.

Using this repository is as easy as:

deb http://pkg-samba.alioth.debian.org/packages lenny-backports/
deb-src http://pkg-samba.alioth.debian.org/packages lenny-backports/

Please note that this APT source does not use GPG signing of Packages files. When I am less lazy, I'll try to at least sign it with my GPG key.

Martin F. Krafft: Of waterfalls and communication culture

Sat, 06 Feb 2010 06:53:55 +0000

I got involved with open-source software before I learnt about software development in a university course. Naturally, when my profs tried to teach the waterfall model to me, I couldn’t take them too seriously back then. After all, requirements specification → design → implementation → verification → maintenance is not really in line with the principle to release early, release often. Furthermore, since water cannot flow uphill, the waterfall model fails to represent development cycles, as they naturally appear, even in behemoth, ancient software nightmares.

And yet, when embarking on a new project, I do tend to find myself first thinking about the big picture, instead of churning out the code. I am certainly not the best coder out there, and it might well be that I could benefit from learning to break down problems to get an earlier start on the implementation of components.

However, I maintain that avoiding the waterfalls and engaging directly in extreme programming, agile software development, or pair-based approaches right away is not the answer.

Rather, the best approach should probably involve a certain level of conceptualisation before code is produced. I am a big fan of test-driven development, and I like the scrum method for the very reason that it involves talking and challenging ideas (although I wouldn’t follow the method down to the book).

I like to think about trickles in the mountains where water droplets joyfully jump around.

* * *

When Glyn Moody spoke in his LCA2010 keynote about challenges we (as in society) face, and how open-source seems to have many answers, he dropped the following gem, which spoke right to my heart:

Twitter is the “release early, release often” principle applied to thinking.

By this simile, journal articles are produced according to the waterfall model. This may well be why they are usually outdated at the time of publication. Microblogging (like Twitter), on the other hand, is primarily used to publish stuff before it’s ready, and which would never be published otherwise.

With journals on one end, and microblogging on the other, I think the epiphany is found in between — as with software development: web logs — web applications that allow for easy publishing by anyone (which is a different problem not to be discussed here).

Since articles on those platforms usually have at least a title and a body, they require just a little bit more thought than 140 characters of contracted brain farts, spilled into the world faster than it takes one to stand up, stretch, and sit down again.

* * *

Microblogging seems to be in line with where we’re heading: more information, more self-promotion, more access to more people, and all that with lower barriers of entry. It’s hard to argue against a trend, but I think we’ve taken a wrong turn somewhere.

The one specific instance of content is no longer relevant, and there is no more time in the day to read elaborate treatments of subject matters. Instead, what seems to prevail is a constant flow. This flow threatens to replace actual thinking and discourse, both of which require reflection and time — a scarce resource used up by ever new, fast-flowing media.

It seems to me that those who immersed in this flow are unable to get out, as if sucked in by a maelstrom. I’ve seen people enter serious withdrawal within hours of not knowing what’s going on in the world. One could miss out on something.

If you’re “following” people on one of those microblogging platforms, I challenge you to spend the weekend offline and when the urge hits, ask yourself what you are actually missing. I mean what you are really missing, and by that I mean anything other than the cozy buzz and hum of entertainment washed upon you, preventing you from having to think about what you could be (actively) doing instead.

I hope it’s not a lot. For else, I fear that this means that future generations will be stuck with this communication culture, just like water droplets can’t ever play in the mountain trickle again.

NP: Sola Rosa: Get It Together

Cyril Brulebois: G-I, part 4

Sat, 06 Feb 2010 04:25:00 +0000

A picture is worth a thousand words:

A slightly longer story follows, resuming from the previous episode, where Gtk seemed to be working.

Making sure `Gtk` actually works

Since the udebs are quite fat already, I decided to put the contents of the gtk2.0-examples package into a new revision of the new libgtk-x11-udeb package. gtk-demo was running fine (if one forgets that this demo application is really easier to deal with if one uses a window manager), although image handling was broken. Julien and I spent quite some time double-checking that the libpixbufloader-png.so plugin was present; that both previous DirectFB-based udeb and new x11-based udeb were very similar; that configuration was generated properly; we went so far as to include strace in the netboot image, and to check the configuration file was open()’d, but the plugin was never to be even looked for. All this resulting in a Unrecognized file format message every time.

Josselin, our Messiah, enlightened us: although Gtk was previously using some configuration files to determine which pixbufloader plugin to use, it still continues to access those files… but relies on a MIME database in the end. Installing the host’s /usr/share/mime/mime.cache database did the trick (we have a proper fix pending), and all of a sudden, we got image support (which is needed for the logo_installer.png displayed on top of every screen, as well as for some icons during the installation, like the final one).

Tweaking d-i itself

Julien took care of rootskel-gtk. It was mostly about:

Dropping some DirectFB start-up scripts.
Dropping a related configuration file.
Adding a start-up script doing trivial things:
```
Xorg -retro -noreset &
export DISPLAY=:0
```

Another easy step was cdebconf. Mostly: search and destroy on the few bits using DirectFB. An interesting issue we had was that even though a proper cursor theme was installed and made the default, we only had a black cross as X pointer. That’s where we learnt it’s needed to manually set a cursor for the root window, which can be done this way:

GdkCursor *cursor = gdk_cursor_new(GDK_LEFT_PTR);
gdk_window_set_cursor(gdk_get_default_root_window(), cursor);
gdk_cursor_unref(cursor);

Tweaking gtk2-engines was trivial, just a matter of building against the x11 flavour of Gtk instead of the directfb one. Some substitutions in debian/control and debian/rules, and that was done.

Julien also took care of tweaking console-setup so that keyboard-configuration’s and console-setup-udeb’s postinst scripts call setxkbmap when $DISPLAY is set. Meaning we were able to replace kbd-chooser with console-setup-udeb, leading to a correct setting within X right after having selected the layout!

Reverting d-i’s r61645 (which disabled Gtk-based d-i images) was trivial (although while looking back, it was probably unnecessary), and after having messed around with the packages lists (there’s a lot of local udebs at this point), especially to add some fonts, we managed to get an image which seems to work fine (at least in my VirtualBox environment). I tried Chinese, Japanese, Arabic, and French installations, and all of them seem to work fine (installed systems were bootable after an installation in the selected language) while issues were limited to some rendering or translation glitches, which didn’t seem critical at all.

Next steps

Since there were some iterations, and since the “trial-and-error” approach was chosen, the first goal is to generate clean patches against all modified packages, and make sure a single walk through all packages in a clean chroot is sufficient to generate a working d-i image again.

Once that done, which should probably considered (at least, I hope!) quite a good base already, the idea is to look into the various udebs to see whether there are some parts that could be disabled (maybe introducing a trimmed-down flavour especially for the udeb in some non-flavoured-yet libraries), so as to reduce the size of the resulting image.

In the meanwhile, one can fetch the current hand-built netboot image by browsing http://people.debian.org/~kibi/di-x11/. It’s only available for amd64, and weights 23MB. There’s a sha256sum as well as a detached GPG signature in the same directory.

John Goerzen: The Big-Publisher Ebook Scam

Sat, 06 Feb 2010 04:07:32 +0000

There’s been a lot written about the Amazon vs. Macmillan dust-up. I’ve seen a lot of posts by people that work for publishers saying that there are costs to making a book, and that $9.99 just won’t cut it for an ebook. They say that publishers invest in typesetting, editing, selection, art, and various stages of quality control. All of that is true.

Too bad they aren’t doing it with ebooks.

I’ve had some books published, and while the process varies from publisher to publisher, the editing process usually involves technical editors (people that check my facts), copy editors (people that help the writing and grammar), cover designers, and QC staff. Often I will see PDFs or printed pages at the final stage, and at that point can catch things like bad table formatting or lines split at inopportune places. My point here is that there’s a lot of editing going on, and there are many pairs of eyeballs looking at the printed page before it goes to the presses.

In the year or so since I’ve owned my Kindle, I can absolutely guarantee you that this process is not happening with ebooks. Most of the time, it is quite obvious that nobody has even looked at the finished product. Some intern has whipped up a quick conversion from whatever typesetting software they use, give it a quick glance, and call it good. One of my own books, Real World Haskell, is available in Kindle form. O’Reilly took better than average care of that process, but even so, I certainly didn’t approve screenshots before it went out like I did for paper (not that I’d have had time after the paper project was done anyway.) From memory, some of the flaws I’m aware of:

Huston Smith’s Why Religion Matters included some illustrations, but they were scanned at such a low resolution that the text was completely unreadable, even at maximum zoom.
All electronic editions of Lord of the Rings, not just the Kindle version, suffered some serious issues including missing words and deleting 19 characters after each instance of a particular letter.
Shmoop converted Project Gutenberg versions of The Iliad and Odyssey, but converted each line of Gutenberg text to a Kindle paragraph, wrecking word wrapping.
Countless examples of hyphenated words in the middle of lines (probably from someone forcing a hyphenation point in a print edition), paragraphs that should have been block-indented but weren’t, etc.

In some of these cases, it is quite obvious that a human didn’t even bother to look at the result. Harper Collins got a huge black eye after their LOTR fiasco, and still took quite a long time to fix it.

Now, if the publishers were actually going to put as much care into the quality of their ebooks as they do into the quality of their paper books, then sure, I’d pay almost the cost of a paperback. But very few of them are doing that. It is quite obvious to me usually by the end of the first chapter of a book whether anybody even looked at the result of their conversion.

Bottom line: If they’re going to sell me an inferior product, don’t expect me to pay near full price. If they can get their act together on quality, only then would they have room to start arguing for higher prices. If all you’re going to do with the ebook is run the paper version through some buggy filter, you haven’t incurred much additional cost, and it is plainly visible to all.

Note: I would like to say that Lonely Planet and O’Reilly have done good jobs with the tools available, and while their results aren’t perfect, they have done a good job working with rendering their sometimes very complex print layouts for a Kindle.

C.J. Adams-Collier: PPA installation on karmic

Sat, 06 Feb 2010 03:20:03 +0000

I don’t know how long add-apt-repository has been around, but I’ve found it very useful for installing some of the bleeding edge stuff I want to test:

$ for ppa in do-core team-xbmc nvidia-vdpau chromium-daily directhex/monoxide
do
  sudo add-apt-repository ppa:$ppa
done
$ apt-get update
$ apt-get install chromium-browser nvidia-glx-195 gnome-do xbmc monodevelop

Is there anything like this for debian proper, I wonder?

Robert Collins: Adding new languages to Ubuntu

Sat, 06 Feb 2010 00:08:37 +0000

Scott recently noted that we don’t have Klingon available in Ubuntu. Klingon is available in ISO 639, so adding it should be straight forward.

Last time I blogged about this three packages needed changing, as well as Launchpad needing a translation team for the language. The situation is a little better now: only two packages need changing as gdm now dynamically looks for languages based on installed locales.

libx11 still needs changing – a minimal diff would be:

=== modified file 'nls/compose.dir.pre'
--- libx11-1.2.1/nls/compose.dir.pre
+++ libx11-1.2.1/nls/compose.dir.pre
@@ -406,0 +406,1 @@
+en_US.UTF-8/Compose:        tlh_GB.UTF-8
=== modified file 'nls/locale.alias.pre'
--- libx11-1.2.1/nls/locale.alias.pre
+++ libx11-1.2.1/nls/locale.alias.pre
@@ -1083,0 +1083,1 @@
+tlh_GB.utf8:                    tlh_GB.UTF-8
 === modified file 'nls/locale.dir.pre'
--- libx11-1.2.1/nls/locale.dir.pre
+++ libx11-1.2.1/nls/locale.dir.pre
@@ -429,0 +429,1 @@
+en_US.UTF-8/XLC_LOCALE:            tlh_GB.UTF-8

Secondly, langpack-locales has to change for two reasons. Firstly a locale definition has to be added (and locales define a place – a language and locale information like days of the week, phone number formatting etc. Secondly the language needs to be added to the SUPPORTED list in that package, so that language packs are generated from Launchpad translations.

Now, gdm autodetects, but it turns out that only ‘complete’ locales were being shown. And that on Ubuntu, this was not looking at language pack directories, rather at

/usr/share/locale

which langpack-built packages do not install translations into. So it could be a bit random about whether a language shows up in gdm. Martin Pitt has kindly turned on the ‘with-incomplete-locales’ configure flag to gdm, and this will permit less completely translated locales to show up (when their langpack is installed – without the langpack nothing will show up).

Carl Chenet: python-memcache 1.45 in unstable

Fri, 05 Feb 2010 23:54:56 +0000

The new upstream version of python-memcache was uploaded yesterday in unstable (thanks Piotr!). Python-memcache is a 100% Python library to interact with your memcached server, typically to store and retrieve data. But you can think of a wide range of uses, e.g writing a plugin to monitor your memcached server.

Hmm tomorrow I’ll need a 3-hour road trip to reach the Fosdem and it’s late already. See you there!

Dirk Eddelbuettel: R / Finance 2010 Open for Registration

Fri, 05 Feb 2010 22:25:00 +0000

The annoucement below went out to R-SIG-Finance earlier today. For information is as usual the the R / Finance 2010 page:

Now open for registrations:

R / Finance 2010: Applied Finance with R
April 16 and 17, 2010
Chicago, IL, USA

The second annual R / Finance conference for applied finance using R, the premier free software system for statistical computation and graphics, will be held this spring in Chicago, IL, USA on Friday April 16 and Saturday April 17.
Building on the success of the inaugural R / Finance 2009 event, this two-day conference will cover topics as diverse as portfolio theory, time-series analysis, as well as advanced risk tools, high-performance computing, and econometrics. All will be discussed within the context of using R as a primary tool for financial risk management and trading.
Invited keynote presentations by Bernhard Pfaff, Ralph Vince, Mark Wildi and Achim Zeileis are complemented by over twenty talks (both full-length and 'lightning') selected from the submissions. Four optional tutorials are also offered on Friday April 16.
R / Finance 2010 is organized by a local group of R package authors and community contributors, and hosted by the International Center for Futures and Derivatives (ICFD) at the University of Illinois at Chicago.
Conference registration is now open. Special advanced registration pricing is available, as well as discounted pricing for academic and student registrations.
More details and registration information can be found at the website at
http://www.RinFinance.com

For the program committee:
Gib Bassett, Peter Carl, Dirk Eddelbuettel, John Miller,
Brian Peterson, Dale Rosenthal, Jeffrey Ryan

See you in Chicago in April!

Clint Adams: Who needs free firmware?

Fri, 05 Feb 2010 21:42:53 +0000

http://bugzilla.intellinuxwireless.org/show_bug.cgi?id=1585

Matthew Garrett: Shaping young minds

Fri, 05 Feb 2010 18:54:34 +0000

I'm off to CMU at the weekend, in order to do a couple of talks on Monday (the 8th). I'll be giving an introduction to ACPI to the operating systems class in the morning, and an open presentation on Fedora, some of the challenges we face and how to get involved in Linux in the afternoon. This is as a result of our cooperation with CMU, which has led to things like the request on the right. How could we refuse?

Mike Hommey: broken_arch -= 2

Fri, 05 Feb 2010 18:40:25 +0000

The xulrunner test suite now passes on sparc, involving a fix for an existing bug, and a new bug report.

Next target is powerpc, where, interestingly, the test suite only failed 3 tests on the porterbox, where the buildd failed 58… And contrary to sparc, the failures don’t involve crashes.

Update: powerpc is now fixed, too, with a little help from luck and good timing: the 3 failing tests had all the same origin, and it was fixed a few months ago in upstream trunk.

Marco Túlio Gontijo e Silva: More on sup

Fri, 05 Feb 2010 15:19:55 +0000

Going on with this post.

I noticed, again with the help of hyperbolist@#sup@irc.freenode.net, that the startup.rb file can be more simple. I also noticed that the comment I’ve made in the original code was making the thread not going away from the thread list in inbox. So, this one works:

class Redwood::ThreadViewMode
  @@keymaps[self].add :kill_and_next,
  "Kill this thread, kill buffer, and view next", '&'
  def kill_and_next; kill_and_then :next end
  def kill_and_then op
    dispatch op do
      @index_mode.multi_kill [@thread]
    end
  end
end

Also, I used the suggestion of the New User Guide to Sup, and installed rss2email to read also blogs from sup. The r2e manpage has the indications to setup it.

Cyril Brulebois: G-I, part 3

Fri, 05 Feb 2010 14:50:00 +0000

Last night was the third one spent on playing around with X in a d-i environment.

Making sure `X` actually works

So far, running X was nice already, but is it really possible to run some applications inside? Bad news is that many trivial applications (xeyes, xclock, …) pull more dependencies than previously packaged.

Finally, xev was chosen, and it indeed works fine (provided one makes sure it gets the focus).

X was crashing when the (only|last) client was exiting, and that wasn’t normal. Thankfully the bug was reproducible outside d-i and Julien sent a patch a few minutes later.

In the meanwhile, using -noreset did the trick to keep X running.

Another way to run X applications there, is to point the host environment to the guest environment using DISPLAY=$GUEST:0 xterm. With VirtualBox, I followed those steps:

Forward the host’s 6000/tcp to the guest’s 6000/tcp.
Answer the language-related questions in debconf so that network configuration happens, which is needed for the next steps to work (just getting localhost set up is probably sufficient, but let’s be lazy and let the installer take care of it for now).
Run X in the guest, disabling access control, with:
```
X -retro -noreset -ac
```
Start xterm from the host with:
```
DISPLAY=localhost:0 xterm
```

Moving forward: cairo, pango, gtk

The next step was to rework some udebs. Legend:

Red box: udeb we no longer want to depend on.
Blue boxes: udebs to be tweaked first.
Green boxes: udebs to be tweaked afterwards.
Ellipse: udeb provided by the one pointed to (magenta edge).

Current situation, keeping only the relationships between udebs of interest:

I took care of gtk+2.0 while Julien hacked pango1.0 and cairo. Some more libraries were needed, but being X libraries, tweaking the packaging was as trivial as for the first X libraries, and it only took a couple of minutes: libxcomposite, libxdamage, and libxinerama.

Once those added to localudebs/ and to pkg-lists/local, and once the image rebuilt, I prepared a tiny “Hello world”-style application:

Grab the source code from the GTK+ 2.0 Tutorial.

Built it against the x11 flavour:

gcc -o hello $(pkg-config --cflags gtk+-2.0) hello.c -lgtk-x11-2.0

Grab it from within d-i, and make it executable.
Start X as previously explained, then:
```
DISPLAY=:0 ./hello
```

Pango wasn’t quite happy at first (message wrapped):

(hello:1991): Pango-WARNING **: failed to choose a font, expect
              ugly output. engine-type='PangoRenderFc', script='latin'

Indeed, since no fonts were included, there was a tiny issue. No big deal, adding ttf-dejavu-udeb did the trick. I wanted to play around with a non-Latin language, so I asked for an example (thanks, Theppitak!), and once ttf-thai-tlwg-udeb added as well, one gets:

Of course, there are many more features to test, but that sounds like we’re going in the right direction (and this is not a joke about RTL).

Next step

Have a look at the green boxes, which may require to have a closer look at g-i’s integration within d-i (it might be needed to see how it’s supposed to be started, that might help testing the tweaked packages).

Marco Túlio Gontijo e Silva: Using sup-mail

Fri, 05 Feb 2010 14:49:48 +0000

Some time ago I wanted some features that evolution wouldn’t give to me, such as a good user experience without using the mouse, and the possibility to use an external editor for writing e-mails. I always liked gmail web interface, but I don’t like using software that I can’t change or see the code, so I wanted threaded view, but I was not with a very high expectative of finding it, since I’ve never seen it anywhere else. I tried icedove, sylpheed, claws and mutt, but none of them was good enough for me. I couldn’t use very well icedove, sylpheed and claws only with the keyboard, and mutt wouldn’t show me a list of folders with how many unread messages there was in each of them. mutt-patched tries to do this, but the number of messages aren’t updated automatically. So I kept with evolution.

At that time, I even tried evolution from experimental, which contained a plugin to use an external editor. The result was that I got even more crashes, and the external editor was not very nice. I gave up about it when I had to remove totem because of broken dependencies with the evolution from experimental.

Some days ago Rafael (Preá) Cunha de Almeida told me that he heard of this sup, and tried using it, but didn’t like very much, because it was not good for accessing the mail from two different machines. As I use only my notebook most of the time, I decided to try it out. And i’m liking it: it’s mostly like gmail, but with a very good feature I don’t remember seeing in gmail: you can kill a thread, and even if more mail arrives from that thread, it’ll not be shown in your inbox. Other thing I liked about it is that it’s highly customizable in Ruby, which made me feel a little bit like in XMonad.

The first problem I found on it was the handling of UTF-8. I found this bug about it, and installed the recommended package, so it worked. I hope this correction, or the better one suggested here, get to Debian.

I took a look at the Hooks page on the sup wiki, and used the fetchmail suggestion. I noticed that the code that was there in the time didn’t worked here (maybe a bashism?):

fetchmail >& /dev/null

So I replaced it in the wiki with:

fetchmail 2>&1 > /dev/null

which worked here.

I wanted to create a new binding, to kill the thread, kill the buffer, and move to the next message in thread-view-mode, so I tried some possibilities without success, until I got to this, with the help of hyperbolis@#sup@irc.freenode.net:

class Redwood::ThreadViewMode @@keymaps[self].add :kill_and_next, "Kill this thread, kill buffer, and view next", '&' def kill_and_next; kill_and_then :next end def kill_and_then op dispatch op do multi_kill [@thread] end end

# From lib/modes/thread-index-mode.rb
## m-m-m-m-MULTI-KILL
def multi_kill threads
UndoManager.register “killing #{threads.size.pluralize ‘thread’}” do
threads.each do |t|
t.remove_label :killed
add_or_unhide t.first
Index.save_thread t
end
regen_text
end

threads.each do |t|
t.apply_label :killed
# hide_thread t
end

regen_text
BufferManager.flash “#{threads.size.pluralize ‘thread’} killed.”
threads.each { |t| Index.save_thread t }
end
end

This is the content of the file ~/.sup/hooks/startup.rb. I copied a function from the source code of sup, commenting one line that was relative to that context.

Thorsten Glaser: FOSDEM 2010, day #0

tg@mirbsd.org (MirOS Developer tg) — Fri, 05 Feb 2010 13:37:00 +0000

Yesterday, I arrived in Bruxelles, coming from the Issy/Paris FusionForge meeting which will be described more later by Roland on Plänet Forge. Please tell Ohlol if you use it, for more visibility. My employer will also provide hosting for FOSS projects, but we'll need to formalise the hosting conditions first, plus Evolvis currently runs FusionForge 4.5 (aka "Debian GForge") but we're in the process of upgrading to a 4.8-plus-backports-and-patches, then 5.0 soon.

There is a new inter-forge mailing list as well, see the info page. People from Coclico and the various *forges may want to subscribe there (forge developers, not so much users (hosters) or end-users (hosted project developers/users) though).

At FOSDEM, Benny and I (and maybe gecko2) will be running the MirBSD booth, so no Debian staffing for me, sorry. But I will be there. Also please do ask me about mksh – the MirBSD Korn Shell etc.

There are flyers in German (not updated), English and French too! (One of the *forge guys did install mksh(1) after reading it, in fact.)

Don't you people dare miss the two talks: from Benny about how to package with autotools and libtool correctly and from XTaran explaining Debian GNU/kFreeBSD. Benny's also famous for his talk about Painless Perl Ports with cpan2port; XTaran's famous for a whole bunch of other things.

I still have some catching up (wlog entries, keysigning, webpages, etc.) to do, please bear with me. I don't really have a proper work environment with me.

There's a chance I will not be attending the Beer Event in the Delirium Tremens café (last year's still remembered). Benny will certainly be there, though.

Could someone please order nice weather? I still need to eat some lunch and find a supermarket to shop for the weekend!

Lucas Nussbaum: Going to FOSDEM

Fri, 05 Feb 2010 12:49:09 +0000

Yes, I’m going to FOSDEM. And this year, I decided to innovate by starting the obligatory FOSDEM flu before leaving to FOSDEM.

I’m doing a talk on Sunday, on Debian and Ubuntu (Distributions room, H.1308, 13:45). It might not be on your schedule (but is on the printable schedule) since it was decided quite late.

Adrian von Bidder: Multiple Interfaces, Same IP

nospam@example.com (Adrian von Bidder) — Fri, 05 Feb 2010 11:47:19 +0000

Playing around a bit with ssh tunneling right now. When I create a kind of VPN concentrator with a few tun interfaces: is there any reason why I can't just assign the same IP on all these tun interfaces? A quick test shows this set up working nicely, with ifconfig tunX localip pointopoint remoteip (the localip part being the same) setting up the routes to chose the right tun device for all remote IP addresses, and ping worked just fine for me. Firewall rules will always have the remote IP and/or the interface name to decide when a packet applies.

Obviously setting up a listening socket at only one of these interfaces is not so trivial now since I can't just listen to the IP, but that's a restriction I'm happy with. Anything else I'm not thinking of right now?

Julien Blache: Ten years

Fri, 05 Feb 2010 07:27:13 +0000

Ten years ago, pretty much to the day, I was installing my first Debian system, a frozen Potato, using a release-candidate version of the boot-floppies. A few days later, I was reading the Policy, New Maintainer’s Guide and Developer’s Reference while building my first package.

It’s been a fun ten years, with ups and downs, and I’m looking forward to what’s coming next.

Andrew Pollock: [life] Dean's Award for Sarah

Fri, 05 Feb 2010 05:32:00 +0000

Sarah got a piece of mail today from USQ, with a very ominous "Do Not Bend" on it.

It turns out because she averaged a 6.5 GPA in semester 2, she'd qualified for a special Dean's Award for Outstanding Academic Achievement, and will get a mention on the University's website and in a bunch of newspapers.

I'm really proud of her.

Unfortunately, she had to withdraw from semester 3 (the Summer semester) study because all of the baby's brain stuff came up right towards the end of semester, and that on top of moving and trying to renovate was just too much for her.

She's intending to take Semester 1 off, because the baby's due right around exam time, and then resuming study in Semester 2.

Michael Casadevall: 1984

sonicmctails@gmail.com (NCommander) — Fri, 05 Feb 2010 04:17:21 +0000

It's been awhile since I last posted, but I felt the need to do so after my recent flight through ATL. While I was waiting for my connection the loudspeakers announced that we were at threat level "Orange" and that we, the people, had to be on guard for threats to our country.

Does this remind anyone of anything? If your answer is 1984, then you win. When did we get to this point that our government is feeling more and more like the Party; I am just waiting for the day when we have telescreens constantly watching for terrorism and other threats ...

I hope this day never comes but given the path we have been on since 9/11, I fear for the future ...