May 21, 2015

hackergotchi for Ubuntu developers

Ubuntu developers

José Antonio Rey: UbuConLA 2015: Call for Papers // UbuConLA 2015: Llamado a Charlas

[ES]

¡Y llega la hora del año en la que abrimos el llamado a charlas para la UbuConLA 2015!

La conferencia se va a realizar en Lima, Perú el 7 y 8 de agosto. Tendremos slots para ponentes en Inglés y Español, con charlas en formato Plenario y Workshop.

El día miércoles se va a abrir el registro de asistentes, donde se publicará más información sobre la conferencia.

Si deseas proponer una charla, por favor rellena el siguiente formulario.

[EN]

And it’s this time of the year when we open the UbuConLA 2015 CFP!

The conference will take place in Lima, Peru, the 7th and 8th of August. We’ll have slots for speakers in both English and Spanish, with Plenary and Workshop talks.

The attendee registration will open on Wednesday, where more information about the conference will be published.

If you want to propose a talk, please fill out the following form.


21 May, 2015 04:26PM

hackergotchi for Xanadu developers

Xanadu developers

¡¡¡Feliz cumpleaños PAC-MAN!!!

Este día se celebra el lanzamiento de PAC-MAN, desde este momento (en el año 1980) se convirtió en un fenómeno mundial en la industria de los videojuegos, llegó a tener el Récord Guiness del videojuego de arcade más exitoso de todos los tiempos.


Archivado en: Geekstuff Tagged: aniversario, festividades, pacman

21 May, 2015 01:30PM by sinfallas

hackergotchi for Ubuntu developers

Ubuntu developers

Scott Kitterman: Working Together

At the time of Mark’s last UOS keynote (see starting about 8:19),I recall wondering what Canonical was going to do to reach out as he was suggesting.  I got distracted and forgot about it until I ran across this article.  So now that I’m reminded, I am curious what Canonical is doing to reach out and bridge the existing gaps?  Dear lazweb, does anyone have information on this?

21 May, 2015 12:09PM

hackergotchi for Blankon developers

Blankon developers

Sokhibi: Menggambar Pemandangan Menggunakan Inkscape

Tutorial saya kali ini isinya merupakan salah satu praktek dari buku Desain Grafis dengan Inkscape yang sudah saya tulis, tutorial ini lebih nyaman dan mudah dipraktekkan bagi orang yang sudah memiliki dan membaca buku tersebut, atau minimal sudah menguasai dasar-dasar Inkscape. Buka aplikasi Inkscape sesuai cara yang berlaku pada Sistem Operasi yang Anda gunakan Atur Halaman Atur

21 May, 2015 10:12AM by Istana Media (noreply@blogger.com)

hackergotchi for HandyLinux

HandyLinux

Retour vers le passé...

Bonjour

Le passé
En ces temps de festival de Cannes, j'ai choisi un titre qui rappellera certainement des souvenirs à certains/certaines. Mais c'est aussi (surtout) parce que j'ai retrouvé quelques photos des débuts de l'aventure HandyLinux et je n'ai pas pu résister.





Toute ressemblance avec un environnement bien connu n'est pas que fortuite...

Le présent
HandyLinux V2 est sortie depuis quelques jours et déjà plus de 3000 téléchargements. C'est une belle récompense pour le travail effectué (ça ne fait pas de mal de se féliciter hein!).
Un petit rappel: Il y avait 3 bugs connus (en partie résolus) :
Je reviendrai bientôt sur le blog pour détailler les nouveautés de cette V2 qui tourne nickel!

Le futur
  • Correction des bugs et des dépôts pour la HL-2.1 
  • Début du dev de handylinuxlight en intégrant les corrections destinées à la 2.1 
  • Mise en place d'un anti-spam simple pour les inscriptions du forum 

Donc HandyLinuxlight V2 va bientôt sortir et arpinux mettra une news sur le blog pour l'annoncer. (Détail exotique: cette semaine c'est l'Inde qui a le plus téléchargé la version actuelle de HLlight)

A bientôt


HandyLinux - la distribution Debian sans se prendre la tête...

21 May, 2015 09:41AM by fibi

hackergotchi for Ubuntu developers

Ubuntu developers

Sean Davis: LightDM GTK+ Greeter 2.0.1 and Settings 1.2.0 Releases

LightDM GTK+ Greeter and it’s accompanying configuration application have been updated!  A number of bugs have been fixed in the greeter, and a new multihead configuration dialog has been added to LightDM GTK+ Greeter Settings.

New in LightDM GTK+ Greeter 2.0.1

  • New Features
    • Support for multiple configuration files (LP: #1421587)
  • Bugs Fixed
    • Multihead setup: black/white/grey screen at startup (LP: #1410406, #1426664, #1449567, #1448761)
    • Switching active monitors with Onboard on-screen can leave it’s window in an invalid state
    • Onboard does not react to mouse clicks
    • Window focus is lost after changing monitor configuration
    • Every lock activates a new virtual terminal with GTK 3.16 (LP: #1445461)
    • Broken delayed autologin (LP: #854261)
    • Message label can remain hidden when it must be visible (GTK: #710888)

New in Greeter Settings 1.2.0

  • Support for LightDM GTK+ Greeter 2.0.1
  • New Features
    • xembed mode: Run app without privileges if pkexec fails
    • New multihead setup dialog
    • Support for multiple configuration files (see above)
  • Bugs Fixed
    • Infinite loop in IndicatorsEntry (LP: #1435635)
    • Table column title hard to understand (LP: #1428224)
  • New and Updated Translations
    • Arabic, Brazilian Portuguese, Catalan, Croatian, Finnish, French, German, Japanese, Lithuanian, Polish, Portuguese, Russian, Serbian, Spanish

Screenshots

Xfce Settings Manager Integration GTK Headerbar Integration Greeter Settings without CSD Multihead Setup LightDM Gtk Greeter 2.0 LightDM Gtk Greeter with Numix (1.8.x)

Downloads

The latest versions of LightDM GTK+ Greeter and Settings can be downloaded from Launchpad:

Both applications will be updated for supported Ubuntu releases at the Stable PPA this week, and will make their way into Ubuntu 15.10 as regular updates.

Thanks

Thanks to all the translators who have worked diligently to translate these projects into their native languages.  Also, a huge thanks to Andrew P., who has largely taken over maintenance of the greeter and is solely responsible for the existence of the settings application.

If you want to contribute to these projects, head over to each project page on Launchpad:

21 May, 2015 03:00AM

May 20, 2015

Laura Czajkowski: What I’ve learned from working from home in a distributed team and organisation

Working from home in a distributed team within and organisation can definitely be a plus but with it comes some hurdles to get used to. This is my 3rd role in which I’ve been fortunate to have the ability to work from home (WFH) and I personally love it. No more dealing with crazy morning starts fighting to get on the train and then battling to get a seat. Instead each morning I go into my home office and start work.

For me it’s ideal and I still have the option of going to London when needed to the office to meet people. Best of both worlds really. It does take some getting used to and for some it’s not suitable as they need the office style environment. The benefit of being able to work from my garden during the summer when it’s hot is an added bonus of not having to deal with working indoors!

Things I’ve found that work

Creating an office space – carving out something that I consider my work place. Where I can do my job and close the door away from distractions has been very good especially when there are others in the house.

Daily conversations with your team – have one central place that you join daily and say hi. Hang out there and ask questions. You’d do this in real life in the canteen or going for lunch so you need to try and find in your virtual world. The best example of this was when I worked on Canonical. Everyone from HR to Payrole, Engineers to CEO were on IRC so you could ping them and ask them questions. It was really great to see people with various technical abilities all in one place. It was the online office!

Be professional! Don’t work from home in your Pjs! Get up and get to your desk. One tip I was told years ago when I worked for GE was have a mirror on your desk that way when you talk to someone you don’t see you are can see the faces you make and this is conveyed over the phone by your tone.

Obstacles to over come

The biggest thing I’ve found hard to wrap my head around is the amount of tools each team or person uses. Nobody seems to want to standardise the tools!

One day you are having meetings using one tool and the next day you have to download another tool and get it to work. On a given day I use hip chat for my team conversations, Skype for calls, Bluejeans for group calls or GoTo meeting and then there are the conversations I have on hangouts. Each are interchangeable depending on which team you work with. I have found more engineering types of people use one tool over another compared to Sales and Marketing but perhaps this is just because people work a certain way.

Frustrations of communicating and following up on items! In organisations that are spread out you need to track what’s being done where and when, and any activity linked to it. This can be done via RT, Jira, burn down charts, khanban boards. What ever it is again it should be set in stone in a company this is the tool we use. All teams no matter their discipline should use them. Asking people to send requests via email is not scalable, it leads to items not being done and it’s not possible to get an overview on how progress is being made.

People assume when you work from home it’s ok to pop over. It’s not and that’s often hard for them to understand. You have a working day and when you have guests they assumed you can just down tools. It’s not as easy as that and best to just close the door however rude it may seem, you wouldn’t do this to someone who was in an office.

Downside to timezones and people being in various locations and needing to talk to people in different teams means you often have early morning or late night calls. Avoid being on late always try and alternate with people so the onus doesn’t always fall to the same people to stay back late. They have a life also. If you do have to ask someone to stay back for a meeting in their timeszone even if it’s for lunch, make sure you say Thank you, show some appreciation. It makes a difference.

Things that are hard!

I struggle daily to take a break or get up and stretch things you’d take for granted when working in an office environment. Take that lunch break, I’ve started to walk Bash in this time as has become useful to getting me to leave my desk!

Closing the lid and logging off. I think this is next to impossible. All Geeks are connected now more so than ever before, twitter, facebook, skype email notifications it’s harder to separate work from non work so you remain connected. Try and avoid to replying to mails late at night it means you’re always on and always reachable and people get used to that.

Being visible – This is tricky how do you let the powers that be know that you’re working and accomplishing a lot. If you go for that promotion you want to be in with a fair chance and not have the fact you WFH and not based in HQ held against you. I think this is the hardest bit for a person who works from home is up against. It’s great to get the job but for many organisations the ability to change to other roles is dependent on your location.

The list isn’t exhaustive it’s based on my experience over the last 5 years. I do love working from home with my snoring little pug Bash and wouldn’t change it for anything. I’m sure over time I’ll come across obstacles or find other things that work well. Many organisations are moving towards WHF and it does work – but it’s also dependent on the person. It’s not for everyone. 

20 May, 2015 09:24PM

Randall Ross: We're Going to Party in a Charming Way!

Folks, I've noticed many of you are either in Vancouver or on your way to party with us. That's a good thing!


Our party is tomorrow (Thursday May 21st). You've made the right decision to join us.

Tickets are going fast. I recommend that you grab some while you can.

Remember the Ubuntini? On Thursday, we'll be unveiling something the world has not seen (or tasted) yet; the perfect encore to our now globally famous Ubuntini.

Be there for the world premiere of our latest ubuntu-themed cocktail!

Wear orange, dress as a cosmonaut, or simply come as you are. We're going to dance, socialize and celebrate the community that is ubuntu.

See you soon.

20 May, 2015 06:58PM

Jonathan Riddell: Protocols Plugfest Europe 2015

Last week I had the pleasure of speaking at Protocols Plugfest Europe 2015.  It was really good to get out of the bubble of free software desktops where the community love makes it tempting to think we’re the most important thing in the world and experience the wider industry where of course we are only a small player.

This conferences, and its namesakes in the US, are sponsored by Microsoft among others and there’s obviously a decent amount of money in it, the venue is a professional conference venue and there’s a team of people making sure small but important details are taken care of like printed signposts to the venue.

What’s it all About?

In 2008 Microsoft lost an EU antitrust case because they had abused their monopoly position in operating systems.  This required them to document their file formats such as MS Office and protocols such as SMB.  This conference is part of that EU requirement meaning they have to work with anyone who wants to use their formats and protocols.  They have a website where you can file a request for information on any of their documents and protocols and everyone said they were very responsive in assigning engineers getting answers.

Since 2008 Microsoft have lost a lot of ground in new areas in the industry such as mobile and cloud.  Because they’re not the dominant player here they realise they have to use formats and protocols others can use too otherwise they lock themselves out.

The Talks

I spoke about Interoperability on the Linux Desktop which seemed well received, the reason Linux desktop hasn’t taken off is there are many other systems we need to interoperate with and many of them don’t want to interoperate with us. (Of course there are financial reasons too.) It was well received with many people thanking me for a good talk.

I went to talks by people working on Samba, LibreOffice and Kolab which all gave pleasing insight into how these project work and what they have to do to workaround complex proprietary protocols and formats.  LibreOffice explained how they work with OpenDocument, they add feature and for any feature added they submit a request for it to be added to the standard.  It’s a realistic best practice alternative.

I went to a bunch of Microsoft talks too about changes in their file formats, protocols and use of their cloud service Azure.

The inter-talks

It was great meeting some people from the free software and MS worlds at the conference.  I spoke to Christopher about how he had been hired to document SMB for MS, to Dan about taking over the world, to Miklos about LibreOffice and many others.  On the MS side I spoke to Tom about file formats, Darryl about working with Linux, to Jingyu about developing in MS.

I hope I won’t offend anyone to say that there’s a notable culture difference between the open source and the MS sides.  Open Source people really do dress scruffy and act socially awkward.  MS people reminded me of the bosses in Walter Mitty, strong handshakes, strong smiles and neat dress.

culture difference

One part of the culture that depressingly wasn’t difference was the gender ratio, there was only half a dozen women there and half of those were organising staff.

The Microsoft people seemed pretty pleased at how they were open and documented their protocols and formats, but it never occurred to them to use existing standards.  When I asked why they invented OOXML instread of using OpenDocument I was told it was “MS Office’s standard”.  When I asked if Skype protocols were open they seemed not to know.  It probably doesn’t come under the EU court requirements so it doesn’t interest them, but then all their talk of openness is for nothing.  When I suggested Skype should talk XMPP so we can use it with Telepathy I was given largely blank faces in return.

Talking to Samba people and OpenChange people about my opinion that their products should be stop gaps until a better open protocol can be used was met with the reasonable argument that in many cases there are no better open protocols.  Which is a shame.

I went into the MS testing lab to test some basic file sharing with Samba and reminded myself about the problems in Kubuntu and discovered some problems in Windows.  They had to turn off firewalls and twiddle permissions just to be able to share files, which was something I always thought Windows was very good at.  Even then it only worked with IP address and not browsing.  They had no idea why but the Samba dudes knew straight away that name browsing had been disabled a while ago and a DNS server was needed for that.  Interesting the MS interoperability staff aren’t great at their own protocols.

Zaragoza

I had a great time in Zaragoza, only spoiled by travellers flu on the last day meaning I couldn’t go to the closing drinks.  It’s on the site of a 2008 world fair expo which feels like one of those legacy projects that get left to rot, 2008 wasn’t a great year to be trying to initiate legacy I think.  But the tapas was special and the vermut sweet.  The conference timetable was genius, first day starts at 9:00 next at 10:00 and final at 11:00.  The Zentyal staff who organised it was very friendly and they are doing incredible stuff reimplementing exchange.  It’s lovely to see MS want to talk to all of us but they’ve a way to go yet before they learn that interoperability should be about an even playing field not only on their terms.

 

facebooktwittergoogle_pluslinkedinby feather

20 May, 2015 04:06PM

hackergotchi for Xanadu developers

Xanadu developers

hackergotchi for SparkyLinux

SparkyLinux

Sparky APTus 0.2.10-1

 

There is a new version of Sparky APTus 0.2.10-1 available in our repos.

Changelog:
– added ‘Remove VirtualBox Guest Utils’ option – Sparky 4.0 will be shipped with VBox Guest Utils package preinstaled, so this new script lets you quick uninstall the VBox Guest Utils package. Do not uninstall it if Sparky will be installed inside the VirtualBox
– added ‘Install Liquorix Kernel’ – lets you install the latest Linux Kernel from the Liquorix repository
– added ‘Install Office Suite’ – lets you quick install one of the office packages:
* AbiWord & Gnumeric
* Calligra
* LibreOffice
* OpenOffice
* Kingsoft WPS Office + WPS fonts

Report on our forums any abnormal work of the new scripts.

 

20 May, 2015 12:11PM by pavroo

hackergotchi for Ubuntu developers

Ubuntu developers

Rhonda D'Vine: Berge

I wrote well over one year ago about Earthlings. It really did have some impact on my life. Nowadays I try to avoid animal products where possible, especially for my food. And in the context of vegan information that I tracked I stumbled upon a great band from Germany: Berge. They recently started a deal with their record label which says that if they receive one million clicks within the next two weeks on their song 10.000 Tränen their record label is going to donate 10.000,- euros to a German animal rights organization. Reason enough for me to share this band with you! :)
(For those who are puzzled by the original upload date of the video: Don't let yourself get confused, the call for it is from this monday)

  • 10.000 Tränen: This is the song that needs the views. It's a nice tune and great lyrics to think about. Even though its in German it got English subtitles. :)
  • Schauen was passiert: In the light of 10.000 Tränen it was hard for me to select other songs, but this one sounds nice. "Let's see what happens". :)
  • Meer aus Farben: I love colors. And I hate the fact that most conference shirts are black only. Or that it seems to be impossible to find colorful clothes and shoes for tall women.

Like always, enjoy!

/music | permanent link | Comments: 3 | Flattr this

20 May, 2015 09:21AM

Daniel Holbach: More Help App design ponderings

Daniel McGuire is unstoppable. The work I mentioned yesterday was great, here’s some more, showing what would happen when the user selects “Playing Music”.

help app - playing music

 

More feedback we received so far:

  • Kevin Feyder suggested using a different icon for the app.
  • Michał Prędotka asked if we were planning to add more icons/pictures and the answer is “yes, we’d love to if it doesn’t clutter up the interface too much”. We are going to start a call for help with the content soon.
  • Robin of ubuntufun.de asked the same thing as Michał and wondered where the translations were. We are going to look into that. He generally like the Ubuntu-like style.

Do you have any more feedback? Anything you’d like to look or work differently? Anything you’d like to help with?

20 May, 2015 06:53AM

May 19, 2015

Stuart Langridge: Burning trees

Today I made a little thing, which I find rather more fascinating than I probably should. You see, Joey said, “I wonder if this still works?”

'The Sands of Time' Linux Desktop

That’s quite cool — sand dunes in front of a clock — and it made me remember that years and years ago you used to get these programs where you could click and it would create sand which accumulated at the bottom of the window. The very first one I saw was on the Archimedes. But what came along a little later was one where you could click to produce various different substances — sand, oil, water, fire — and oil floated on water, fire set the oil alight, and so on. It was all rather amazing back when the phrase “particle system” hadn’t been invented. Anyway, I thought: hey, what’d be cool is if the clock in that picture was obscured by actual moving sand, rather than just a static picture of sand dunes. A tiny bit of poking around brought me to Dust, an implementation of precisely the sand/oil/water thing with WebGL in the browser. So I completely forgot about the clock thing and just played with Dust. Which is rather fun.

After some faffing around I discovered that it had two things I liked: “lava”, which is like a static piece of fire in that it ignites things that touch it but is not itself consumed, and “Life Itself” which is stuff that grows, like bacteria in a petri dish. But the life stuff is ignited by lava. so if you drop a couple of tiny bits of lava into the world, and then some green fungus life stuff, the fungus grows and takes over the whole window until it touches the lava, and then it gets burned up and vanishes… but, critically for this, it isn’t entirely consumed. A few specks remain, and those specks start growing again. Very cool. I spent ages just watching it!

Then I thought, well, this is nice and all, but this Dust thing uses WebGL, which is hassle, and it can’t actually cope with filling its whole window up with particles because it runs out of memory or space or shaders or something. So I figured I’d lash together a quick version myself.

Burning Trees on jsbin.com

And lo, it is so: a noddy version in JavaScript. This is superbly inefficient; it regenerates the whole grid and then innerHTMLs it into the page at every clock tick, and it’s completely character-based, like some sort of BBC Micro program. (At least it’s using requestAnimationFrame so it doesn’t hammer the CPU in a background tab!) But I could still sit there and watch it for ages. I really like it; the sense of watching the green take over and then get burned back.

I think what I’d like to do with it is make it considerably more efficient and then try to make it a sort of “live wallpaper” for my Ubuntu desktop. For that, I need to read about Life rendering algorithms; this Life implementation at pmav.eu uses a JS port of Tony Finch’s List Life algorithm to do the calculations. There’s also Golly, the Life simulator, which can do things ridiculously fast, and it’s possible to program your own ruleset (rather than just follow John Conway’s original rules), and if I understood how to do this (I do not) then I could probably turn my little Burning Trees thing into something that’s renderable by Golly at a much bigger size than my inefficient JavaScript can manage. There seems to be a quite large community of people working on Life, still, to my amazement. Where do these people hang out, I wonder? So I can ask them how to write a Golly ruleset. And then see if I can make Golly run fullscreen and render to the root window and have the coolest desktop background imaginable, especially once it’s graphics rather than block characters, and maybe the green is different colours depending on how old it is, and the fire has a slightly cooler effect, and… well, you can see, I like this idea, so making it look pretty would be wonderful. Maybe I’ll even put a clock behind it. But if I did it’d either be this one which I pinched from an imgur idea or my favourite clock that I wrote, which is this:

Stuart’s cool clock on jsbin.com

Anyway, none of this is what Joey wanted. Sorry, Joey. I hope the thing you wanted still works, even if it is waaaay complex to set up. Someone should step up and make that easier for you, because I like it when we have pretty things, and there aren’t enough of them on our desktop.

19 May, 2015 11:58PM

hackergotchi for Ubuntu

Ubuntu

Call for UbuCon Speakers at SELF

Ubuntu is sponsoring the South East Linux Fest this year in Charlotte North Carolina, and as part of that event we will have a room to use all day Friday, June 12, for an UbuCon. UbuCon is a mini-conference with presentations centered around Ubuntu the project and it’s community.

I’m recruiting speakers to fill the last three hour-long slots, if anybody is willing and able to attend the conference and wants to give a presentation to a room full of enthusiastic Ubuntu users, please email me at mhall119@ubuntu.com. Topic can be anything Ubuntu related, design, development, client, cloud, using it, community, etc.

Originally posted by here by Michael Hall on May 19, 2015

19 May, 2015 06:31PM by lyz

hackergotchi for Ubuntu developers

Ubuntu developers

Gustavo Silva: Slow week – Preparation for Wiki new structure

Hello readers, I have not been posting much in here, specially since I decided to dedicate some time to my thesis. I’m on the final stages of it and I really need to deliver it well. Nevertheless, after release times, it is usually something much slower. However, I have got two news for you: 1.&ellipsisRead the full post »

19 May, 2015 06:12PM

Ubuntu Kernel Team: Kernel Team Meeting Minutes – May 19, 2015

Meeting Minutes

IRC Log of the meeting.

Meeting minutes.

Agenda

20150519 Meeting Agenda


Release Metrics and Incoming Bugs

Release metrics and incoming bug data can be reviewed at the following link:

  • http://kernel.ubuntu.com/reports/kt-meeting.txt


Status: Wily Development Kernel

The master-next branch of our wily kernel has recently been rebased to
the 4.0.4 stable kernel. We’re in the processing of parsing results of
initial DKMS testing against wily. We’ll upload to the archive once we
have this sorted.
—–
Important upcoming dates:


Status: CVE’s

The current CVE status can be reviewed at the following link:

  • http://kernel.ubuntu.com/reports/kernel-cves.html


Status: Stable, Security, and Bugfix Kernel Updates – Precise/Trusty/Utopic/Vivid

Status for the main kernels, until today:

  • Precise – Testing & Verification
  • Trusty – Testing & Verification
  • Utopic – Testing & Verification
  • Vivid – Testing & Verification

    Current opened tracking bugs details:

  • http://kernel.ubuntu.com/sru/kernel-sru-workflow.html
    For SRUs, SRU report is a good source of information:
  • http://kernel.ubuntu.com/sru/sru-report.html

    Schedule:

    cycle: 02-May through 23-May
    ====================================================================
    01-May Last day for kernel commits for this cycle
    03-May – 09-May Kernel prep week.
    10-May – 23-May Bug verification; Regression testing; Release


Open Discussion or Questions? Raise your hand to be recognized

No open discussion.

19 May, 2015 05:14PM

Daniel Holbach: RFC: Help app design

Some of you might have noticed the Help app in the store, which has been around for a couple of weeks now. We are trying to make it friendlier and easier to use. Maybe you can comment and share your ideas/thoughts.

Apart from actual bugs and adding more and more useful content, we also wanted the app to look friendlier and be more intuitive and useful.

The latest trunk lp:help-app can be seen as version 0.3 in the store or if you run

bzr branch lp:help-app
less help-app/HACKING

you can run and check it out locally.

Here’s the design Daniel McGuire suggested going forward.

help-mockup

What are your thoughts? If you look at the content we currently have, how else would you expect the app to look like or work?

Thanks a lot Daniel for your work on this! :-)

19 May, 2015 03:16PM

Michael Hall: Call for UbuCon Speakers at SELF

Ubuntu is sponsoring the South East Linux Fest this year in Charlotte North Carolina, and as part of that event we will have a room to use all day Friday, June 12, for an UbuCon. UbuCon is a mini-conference with presentations centered around Ubuntu the project and it’s community.

I’m recruiting speakers to fill the last three hour-long slots, if anybody is willing and able to attend the conference and wants to give a presentation to a room full of enthusiastic Ubuntu users, please email me at mhall119@ubuntu.com. Topic can be anything Ubuntu related, design, development, client, cloud, using it, community, etc.

19 May, 2015 12:45PM

hackergotchi for Maemo developers

Maemo developers

2015-05-12 Meeting Minutes

Meeting held 2015-05-12 on FreeNode, channel #maemo-meeting (logs)

Attending:
Jussi Ohenoja (juiceme), Peter Leinchen (peterleinchen),

Ivaylo Dimitrov (freemangordon),

Partial: Oksana Tkachenko (Oksana/Wikiwide),
Falk Stern (warfare/fstern),

Absent: William McBee (gerbick), Alexander Kozhevnikov (MentalistTraceur),

Summary of topics (ordered by discussion):

  • HiFo and MCeV: transfer
  • Referendum
  • Facebook API changes

Topic (HiFo and MCeV: transfer):

  • woody has now made the transfer from HiFo account to MCeV account; it should be visible there in couple of days. Next steps are dissolving the Hildon Foundation and making final transfer of all intangibles to MCeV. That's in the works, too.
  • The agreement between HiFo and Nokia states that in situation like the current one, Nokia is to be notified by proceedings, That's being taken care of, too. In theory, they could decline the transfer. But it is not seen as likely.

Topic (Referendum):

  • peterleinchen is going to check the bylaws to make up his mind about need of referendum. .

Topic (Facebook API changes):

  • Daphne Won does not reply to the latest Facebook messages; probably need to ask somebody from usoft/nokia for help.

Action Items:
  • -- old items:
    • The selected Code of Conduct (KDE) still needs to be published on (T)MO.
    • Looking into automatic calculation of election results ...
    • Contacting freemangordon and merlin1991 about auto-builder: CSSU-thumb target, GCC versions?
    • Getting maemo trademark registration (everywhere?) renewed (and transferred to MCeV) by the end of February (or within six months since expiry date).
    • archiving Ovi/Nokia store, especially for Harmattan.
    • Contacting Daphne Won on Facebook and LinkedIn to get administrator rights on Facebook for a Maemo member to migrate the plugin to v2.0 API and maintain it in the future.
  • -- new items:
0 Add to favourites0 Bury

19 May, 2015 06:12AM by Oksana Tkachenko (oksana.a.tkachenko@gmail.com)

hackergotchi for Ubuntu developers

Ubuntu developers

The Fridge: Ubuntu Weekly Newsletter Issue 417

19 May, 2015 04:28AM

May 18, 2015

Randall Ross: Be Charmed, In Vancouver

Something is coming... this Thursday night.

Will you be there to witness history?

Not in Vancouver? Book your flights!

18 May, 2015 10:19PM

hackergotchi for Cumulus Linux

Cumulus Linux

What Do Spinal Tap and OpenStack Have in Common?

They both go to 11!

 

11-Video-Thumbnail

Kilo is the eleventh major OpenStack release, with enhancements across the board and new features like Ironic for bare metal service provisioning. SMB to large-scale clouds with OpenStack are being deployed in droves with a self-service portal to spin up virtual and now bare metal workloads while automatically provisioning all the requisite compute, storage and networking resources.  Yet, network service provisioning remains to be cumbersome, brittle and closed.

OpenStack and Cumulus Linux share a common philosophy, design and operational framework. Compute and storage (with Cinder and Swift) leverage standard infrastructure, so why use black boxes from Cisco and Arista, especially when the systems are merchant silicon reference designs. Cumulus Linux is unencumbered Linux without proprietary APIs and protocols, with the flexibility to run on your platform of choice.  Build and runtime operations are identical from bootstrapping infrastructure with PXE or ONIE to lifecycle management with config management and patching. Clouds have become the new frontier not only for orchestration platforms like OpenStack but for tools, processes and organizations. Converged administration with battle-tested automation platforms (such as Puppet, Chef or Ansible) or monitoring (with Nagios or collectd) enable admins to rise to critical tasks such as workload automation and simplified policy while delivering strategic business value vs being a cost center.

Is COCO the New LAMP?

In the late 90s the Web was exploding, and so LAMP (Linux, Apache, MySQL, PHP) rapidly became the go-to solution stack offering an extensible and open architecture. Today, COCO (Cumulus Linux, OpenStack, Ceph and Overlay) represents a commonly deployed architecture. Cumulus Linux for bare metal switches (see Dell, HP and Quanta at the OpenStack Summit) plus other Linux distributions for compute and storage enable low-level resource management and control. Overlay network solutions provide hyperscale multi-tenancy with VXLAN and an OVSDB schema as well as other sophisticated network services with a centralized management/policy platform offered by Akanda, Midokura, OpenContrail, PLUMgrid and VMware NSX. Ceph has enabled a scalable and fault tolerant object, block and file storage solution from a distributed, commodity compute cluster.  OpenStack brings it all together with a centralized cloud orchestration platform, with proven distributions and services partners: Cloudbase with Microsoft, HP Helion, Mirantis, Red Hat and VMware VIO. Learn how Dreamhost operationalized the COCO stack at OpenStack Vancouver.

Ultimately, there are a many ways to experience the COCO stack. Join us for the Open Networking for your OpenStack webinar on June 3rd. Get hands-on time evaluating Cumulus Linux with OpenStack at no risk or investment with our Cumulus Workbench. When you are ready for a proof of concept or production, the Cumulus Linux OpenStack validated design guide will show you how to build OpenStack clouds ranging from a simple, single rack proof of concept to a full, scalable data center cloud environment. Installing and configuring both the network and the servers is fully automated by simply inserting a USB drive with the Cumulus Linux installer into one of the switches. In mere minutes after powering on the cluster, you’ll be starting VMs in your new OpenStack cloud!

The post What Do Spinal Tap and OpenStack Have in Common? appeared first on Cumulus Networks Blog.

18 May, 2015 06:00PM by William Choe

hackergotchi for Ubuntu developers

Ubuntu developers

Daniel Pocock: Free and open WebRTC for the Fedora Community

In January 2014, we launched the rtc.debian.org service for the Debian community. An equivalent service has been in testing for the Fedora community at FedRTC.org.

Some key points about the Fedora service:

  • The web front-end is just HTML, CSS and JavaScript. PHP is only used for account creation, the actual WebRTC experience requires no server-side web framework, just a SIP proxy.
  • The web code is all available in a Github repository so people can extend it.
  • Anybody who can authenticate against the FedOAuth OpenID is able to get a fedrtc.org test account immediately.
  • The server is built entirely with packages from CentOS 7 + EPEL 7, except for the SIP proxy itself. The SIP proxy is reSIProcate, which is available as a Fedora package and builds easily on RHEL / CentOS.

Testing it with WebRTC

Create an RTC password and then log in. Other users can call you. It is federated, so people can also call from rtc.debian.org or from freephonebox.net.

Testing it with other SIP softphones

You can use the RTC password to connect to the SIP proxy from many softphones, including Jitsi or Lumicall on Android.

Copy it

The process to replicate the server for another domain is entirely described in the Real-Time Communications Quick Start Guide.

Discuss it

The FreeRTC mailing list is a great place to discuss any issues involving this site or free RTC in general.

WebRTC opportunities expanding

Just this week, the first batch of Firefox OS televisions are hitting the market. Every one of these is a potential WebRTC client that can interact with free communications platforms.

18 May, 2015 05:48PM

hackergotchi for Xanadu developers

Xanadu developers

¿Qué es el Memristor?

En teoría de circuitos eléctricos, el memristor es un elemento de circuito pasivo que ha sido descrito como el cuarto elemento de los circuitos pasivos, junto con los tres mejor conocidos: el condensador, la resistencia y el inductor. El nombre es una palabra compuesta de memory resistor (resistencia-memoria).

El memristor fue predicho y descrito en 1971 por Leon Chua, de la Universidad de California, Berkeley, en un artículo que apareció en IEEE Transactions on Circuit Theory.

Durante 37 años, el memristor fue un dispositivo hipotético, sin ejemplos físicos. En abril de 2008, una implementación física del memristor fue divulgada en Nature por un equipo de investigadores de HP Labs de la multinacional Hewlett Packard.

Un memristor efectivamente almacenaría información porque el nivel de su resistencia eléctrica cambia cuando es aplicada la corriente. Donde una resistencia típica proporciona un nivel estable de resistencia, un memristor puede tener un alto nivel de resistencia que puede ser interpretado en una computadora en términos de datos como un “1”, y un bajo nivel que puede ser interpretado como un “0”. Así, controlando la corriente, los datos pueden ser guardados y reescritos. En un sentido, un memristor es una resistencia variable que, con su resistencia, refleja su propia historia.

El memresistor es un elemento en el que el flujo magnético es una función de la carga eléctrica q que fluye a través del dispositivo. Es decir, La tasa de cambio del flujo con carga es conocido como memristancia. Esto es comparable a los otros tres elementos de circuito fundamentales:

Donde q es la carga eléctrica, I es la corriente eléctrica, V es el potencial eléctrico y \Phi_\mathrm B es el flujo magnético.

El voltaje V a través de un memristor está relacionado con la corriente I por el valor instantáneo de la memristencia:

V(t) = M(q(t)) I(t) \,

Así, en cualquier instante dado, un memristor se comporta como una resistencia ordinaria. Sin embargo, su “resistencia” M(q) depende de la historia de la corriente. Un memristor lineal (uno para el cual M es constante) es indistinguible de una resistencia lineal, con M = R


Archivado en: General Tagged: electronica, memristor

18 May, 2015 02:30PM by sinfallas

hackergotchi for Ubuntu developers

Ubuntu developers

Raphaël Hertzog: Freexian’s report about Debian Long Term Support, April 2015

A Debian LTS logoLike each month, here comes a report about the work of paid contributors to Debian LTS.

Individual reports

In April, 81.75 work hours have been dispatched among 5 paid contributors (20.75 hours where unused hours of Ben and Holger that were re-dispatched to other contributors). Their reports are available:

Evolution of the situation

May has seen a small increase in terms of sponsored hours (66.25 hours per month) and June is going to do even better with at least a new gold sponsor. We will have no problems sustaining the increased workload it implies since three Debian developers joined the team of contributors paid by Freexian (Antoine Beaupré, Santiago Ruano Rincón, Scott Kitterman).

The Jessie release probably shed some light on the Debian LTS project since we announced that Jessie will benefit from 5 years of support. Let’s hope that the trend will continue in the following months and that we reach our first milestone of funding the equivalent of a half-time position.

In terms of security updates waiting to be handled, the situation is a bit contrasted: the dla-needed.txt file lists 28 packages awaiting an update (12 less than last month), the list of open vulnerabilities in Squeeze shows about 60 affected packages in total (4 more than last month). The extra hours helped to make a good stride in the packages awaiting an update but there are many new vulnerabilities waiting to be triaged.

Thanks to our sponsors

The new sponsors of the month are in bold.

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

18 May, 2015 09:58AM

hackergotchi for ArcheOS

ArcheOS

Turning GeoTIFF into TIFF + worldfile (QGIS)

hi all,
after some weeks I go on with the videotutorial from the Project Tovel. Until now we saw how to download some Open Data for our GIS, how to load georeferenced raster level in QGIS, how to georeference historical maps.
Today I will show something particular, that probably many of you will not need very often working on landscape archaeological project, but that will be more important to manage excavation GIS: how to turn a GeoTIFF picture into a TIFF + worldfile image.
As some of you will know a GeoTIFF is a particular kind of raster data in which the georeferencing values are embedded within the TIFF itself. This option can be a nice solution for a topographer but it is extremely annoying for archaeologists. The reason is simple: topographers often work on pictures or maps that are ready to be used, without the necessity of any photo-editing, which (on the contrary) is an important phase in archaeological photo-mapping process (e.g. for the "Aramus method"). The primary difference between a GeoTIFF and a TIFF + worldfile image is that it is not possible to modify the first one without loosing the georeferencing values (which are integrated in the picture), while it is possible to perform some photo-editing operations (change the colors, balance the brightness and contrast, etc...) in the second one, without problems, being the geolocalization data stored in a separate file (the worldfile).
For this reason working with raster images and worldfile is often the best choice for archaeological GIS (especially for excavation), where it can be useful to "erase" all the part of the photo which are outside the area of interest (e.g. outside the rectification region) and to take advantage of transparency in overlapping different raster levels (which can correspond to different stratigraphic levels).
As I wrote previously, the videotutorial I prepared using the data of Project Tovel simply shows how to turn a GeoTIFF, currently the unique option for QGIS georeferencing module) into a TIFF and a worldfile, a more useful format, without exiting the software.


Have a nice day!

18 May, 2015 07:31AM by Luca Bezzi (noreply@blogger.com)

hackergotchi for Ubuntu developers

Ubuntu developers

Ali Jawad: Weekly Schedule

Hi everyone,

Very very long time, no writing. I have my own reasons of course but no need to make this a boring post 😉

After the big failure of my first plan which I called Triple 8, I am trying now to come up with a better plan.

The 888 plan failed for some reasons:

  1. It was very strict, tough and very very hard to follow.
  2. Instead of helping me to organize my time or do any better to my life, it did quite the opposite.
  3. And because of that, things got even worse than before.

That said, and to keep it simple and short, I think it is time to come up with a better plan.

Back in January, I wrote about Self Development and how is it better to hold few eggs than dozen of them.

Today, I’m trying yet again to fix ad correct things so hopefully it will be better this time.

 
Day Task 1 Task 2 Task 3
Monday Kibo Ubuntu GNOME Other
Tuesday Kibo Ubuntu GNOME ditto
Wednesday Kibo Ubuntu GNOME ditto
Thursday Kibo Other Projects ditto
Friday Kibo Other Projects ditto
Saturday Kibo ToriOS ditto
Sunday Kibo ToriOS ditto

 

And, by “Other” here I mean anything else or could be nothing.

 

So, each day will be dedicated to Kibo, my business project. While the rest of the day is dedicated to other projects I am involved with. If and only if there will be some time left, I will try to invest that in something useful.

 

Just like with Triple 8, I can’t know/tell whether this is good or bad unless I try it. So, only time will tell how this new plan will work. Hopefully everything will be better this time.

 

Thank you!

 

18 May, 2015 06:19AM

hackergotchi for TurnKey Linux

TurnKey Linux

Securing Firefox, Chrome and Thunderbird against client-side attacks

Imagine someone half-competent wants to hack into your computer. They want to read your e-mail, steal your bitcoins, transfer funds via your PayPal account, etc.

You're behind a firewall (or more commonly a NAT router) and you don't have any open ports / servers running. So you're safe right?

Unfortunately, probably not. Because you're probably running a browser, or a native mail client and those tend to expose a huge volume of complex software to your evil adversary. Software has bugs. Some bugs are security vulnerabilities. Vulnerabilities can be exploited to subvert your computer into giving the bad guys access.

For example, to exploit your browser an attacker might social engineer you into clicking a link (e.g., in a forum post, or from an e-mail). This would expose your browser to a web application which abuses the wealth of information your browser broadcasts about itself to the world to identify the exact browser / operating system combo you are running and serve a targeted exploit which lets the attacker perform any operation at the operating system level that your browser process has permissions for (e.g., usually anything your user can do). Once the attacker has user level access, privilege escalation techniques (e.g., a kernel exploit) may be used to get full root access.

So let's say you're paranoid and you trust yourself never to click on a bad link (Ha!). Plus you run a native mail client because you don't trust cloud webmail providers such as Gmail with all of your e-mail.

Little do you realize that you are only one e-mail away from a security compromise. To exploit your native mail client the attacker will send you a specially formatted e-mail that targets an unpatched security vulnerability.

Obviously, these attack scenarios are much easier to carry out if you don't regularly install security updates or if a bad guy knows any non-public (AKA 0-day) security vulnerabilities such as the kind exploited in the Pwn2Own contest:

http://en.wikipedia.org/wiki/Pwn2Own

When confronted with this possibility, a common reaction is to dismiss it as impractical. I mean come on, how many people who have the capability to put together a "sophisticated" computer attack would waste their time on poor little me?

Unfortunately, there are ample ready-to-use security exploitation frameworks (e.g., metasploit) that it doesn't take much of a genius to learn to operate. To lower the bar further there are even Linux distributions dedicated to compiling all the popular attack tools into a nice little ready to use bundles.

It's very difficult to prevent attacks from competent experts, but with a little effort you can block most attacks from the vast leagues of amateur penetration testing hobbyists (AKA script kiddies).

Securing Thunderbird

Thunderbird is the most popular open source mail client. Few people realize it but Thunderbird has a less than stellar track record with regards to security. Since 2007 it has received 28 Ubuntu security updates, most including patches for multiple vulnerabilities. The good news is that this indicates an active effort to find and plug security issues. The bad news is that it also proves lax security standards to begin with and hints at an internal implementation complexity / attack surface that promises that many additional as-yet undetected security vulnerabilities are lurking in the code.

Countermeasures:

  • At minimum you'll want to keep Thunderbird up to date with the latest security updates.

  • Disable Javascript if you've enabled it (Javascript is disabled by default)

  • Stop broadcasting to the world exactly which version of Thunderbird you are running as that is going to make attacks easier to target.

    Edit -> Preferences -> Advanced -> Config Editor

    Right click, select "New -> String"

    Enter "general.useragent.override", and leave the string blank.

    Set extensions.enigmail.addHeaders to false.

Filtering identifying headers at the mail server level

With Postfix it's pretty easy to configure the server to filter out version leaking headers, like this:

$ grep header_checks /etc/postfix/main.cf
header_checks = regexp:/etc/postfix/header_checks

$ cat /etc/postfix/header_checks
/^User-Agent:/ IGNORE
/^X-Enigmail-Version:/ IGNORE

$ postmap /etc/postfix/header_checks

Securing Firefox

The bad news is there have been many public remote exploitation vulnerabilities against FireFox. The good news is that FireFox's extendibility has allowed the community to develop a rich variety of countermeasures.

Countermeasures:

  • Keep up to date with latest security updates

  • FlashBlock module: Flash has an insane attack surface and historically more remotely exploitable holes than swiss cheese. This module replaces flash with a little icon you have to click on in order for the Flash code to run. Of course, this doesn't prevent attacks, but it does make unsophisticated attacks less likely to succeed.

  • User agent switcher module:

    I recommend selecting Internet Explorer 8. It's a very common, highly exploitable browser that will tie up attackers with a nice big juicy diversion.

    To prevent the User Agent from reseting when you close the browser you'll need to create a useragentswitcher.reset.onclose property and set its value to false:

    • In the address bar go to "about:config"

    • Right click -> New -> Boolean

      Preference name: useragentswitcher.reset.onclose

      Value: False

    To install extended list of User Agents:

    http://techpatterns.com/forums/about304.html

    • save the XML file
    • edit user agents -> import -> select XML file
  • no script module (run Javascript only on trusted sites)

Implementing these countermeasures also has a nice privacy boosting effect. It reduced my Panopticlick score from 1 in 1.6M (20 bits of unique information) to 1 in 1500 (just 10 bits of unique information).

Securing Google Chrome

The good news is that Google Chrome has a pretty good security record. It's the only browser that hasn't been exploited in the Pwn2Own contests.

The bad news is that there are probably many unknown security vulnerabilities lurking inside Chrome which due to its complexity has a significant attack surface. In fact, there have already been reports of successful 0-day attacks against Chrome that bypass all security mechanisms including the Sandbox.

Also note that in Linux the sandbox relies on operating system level mechanisms such as AppArmor which may not be setup on your system (as they are in Chromium).

Countermeasures:

  • keep up to date with latest security updates.

  • User-Agent Switcher extension: equivalent to the FireFox module, but doesn't seem to work, at least on newer Chrome versions (I tested on 12).

    The alternative is to run google-chrome with the user-agent option:

    cat > /usr/local/bin/google-chrome << 'EOF'
    #!/bin/sh
    
    /usr/bin/google-chrome --user-agent="Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)"
    EOF
    
    chmod +x /usr/local/bin/google-chrome
    
  • NotScript extension: Chrome's NoScript equivalent with a somewhat better UI.

  • FlashBlock extension: Chrome equivalent of FireFox's FlashBlock.

Unfortunately, implementing all of these security measures still doesn't reduce my Panopticlick score, thanks in part to a particularly unique HTTP_ACCEPT headers (one in 63,781).

GOTCHA: Incognito mode doesn't make your browser any more difficult to identify or exploit.

Don't get smug: you're not invulnerable

Implementing these security countermeasures raises the cost of attack, making successful attacks less probable. But harder or less probable isn't impossible, or even very difficult.

In particular you shouldn't depend on anti-fingerprinting techniques to obfuscate browser vulnerabilities, though NoScript and equivalents can actually reduce the attack surface of your browser when you don't disable them to get extra functionality.

Sophisticated attackers may anticipate anti-fingerprinting countermeasures and either try to bruteforce around them (e.g., try non-Javascript exploits for all browsers), or develop improved fingerprinting techniques (e.g., identify browser by order of headers, etc.)

Sophisticated attackers may also be capable of running man in the middle attacks to exploit your browser's trusted relationship with existing sites (e.g., Google, YouTube).

For extra security, it would be best to implement additional countermeasures (e.g., run lower level security systems inside a VM, run public facing processes as a separate user in a jail, ASLR, etc.)

18 May, 2015 05:45AM by Liraz Siri

May 17, 2015

hackergotchi for Ubuntu developers

Ubuntu developers

hackergotchi for Whonix

Whonix

AppArmor and Whonix

AppArmor (“Application Armor”) for better security.

Current status of AppArmor and Whonix:

– We do enable apparmor by default for a while now. (https://github.com/Whonix/grub-enable-apparmor)
– Therefore The Tor Project’s apparmor profile for Tor is in use on Whonix-Gateway.
– We tweak that one a bit to make it work with Whonix and obfsproxy. (https://github.com/Whonix/anon-gw-anonymizer-config/blob/master/etc/apparmor.d/local/system_tor.anondist)
– We don’t install any apparmor profiles by default as of Whonix 10.
– We do not install any longer the profiles from Debian (packages apparmor-profiles, apparmor-profiles-extra) since Whonix 10 because of the noise they generate in the forums.
– We do not plan on installing apparmor profiles by default for packages that are not developed under the Whonix umbrella such as for Tor Browser, pidgin, xchat, etc. (list: https://github.com/Whonix?utf8=%E2%9C%93&query=apparmor) – Package upgrades that we don’t control by upstream could make it impossible to start the application, lead to eventual fingerprinting issues, therefore installation of such apparmor profiles is manual for testers and advanced users.
– Upstreaming such profiles is a very time consuming process, also a slow process (requires a new stable debian release). Help welcome.
– For apparmor profiles developed under the Whonix such as sdwdate, whonixcheck, we plan in future for Whonix 12 or so on deprecating the separate apparmor profiles and installing those profiles by default, that is doable, because we control package upgrades.

The Whonix profiles can be installed with:

sudo apt-get install apparmor-profiles-whonix

AppArmor Whonix Wiki Page:
https://www.whonix.org/wiki/AppArmor

AppArmor Whonix Forum:
https://www.whonix.org/forum/index.php/board,18.0.html

Apparmor Whonix Phabricator TODO List:
https://phabricator.whonix.org/maniphest/?statuses=open%2Creview&allProjects=PHID-PROJ-q6t3ulhtja6xyqgs7l5z#R

Comments / Forum Discussion:
https://www.whonix.org/forum/index.php/topic,1237.0.html

The post AppArmor and Whonix appeared first on Whonix.

17 May, 2015 08:38PM by Patrick Schleizer

If-by-Surveillance

My friends, I had not intended to discuss this controversial subject at this particular time. However, I want you to know that I do not shun controversy. On the contrary, I will take a stand on any issue at any time, regardless of how fraught with controversy it might be. You have asked me how I feel about surveillance. All right, here is how I feel about surveillance:

If when you say surveillance you mean enabling the privileged to commit unchecked nepotism and corruption, choking out dissent, the overriding of Constitutional checks and balances, manufacturing threats to control the populace with fear, the five-eyed monster, that attacks innocents, aiding destruction of homes, creation of misery and poverty, yea, literally taking the bread from the mouths of little children; if you mean the agencies that topple third world nations and drive their peoples into the bottomless pit of degradation, and despair, and shame and helplessness, and hopelessness, then certainly I am against it.

But, if when you say surveillance you mean the sabotage of global internet infrastructure, subversion of crypto standards, spying on human rights groups lawyers and journalists, attacks on freedom of speech, manipulation of public opinion and media polls, political blackmail, interference with domestic criminal court procedures and evidence gathering, sitting on 0days while leaving national infrasructure wide open to attack, magnification of totalitarianism, destruction of happiness and our right to be forgotten if only for a little while; if you mean the agencies whose bills rob our treasuries of untold billions of dollars, which could otherwise by used to provide tender care for our little crippled children, our blind, our deaf, our dumb, our pitiful aged and infirm; to build highways and hospitals and schools, then certainly I am still very much against it.

This is my stand. I will not retreat from it. I will not compromise.

The above was a parody of a political speech by a lawmaker from Mississippi about prohibition, originally called if-by-whiskey. But unlike the original there’s no double-speak. When I saw it I thought its a good opportunity to take a 10000 foot bird’s eye view of what has been making headlines.

With that said, I’m not sure that every IC employee was aware of the total scope of surveillance and abuses before the Snowden cache was published. The majority of NSA employees probably don’t agree with what’s happening. This sad direction is the result of the leaders who direct the efforts of well-meaning people into self-serving ways. People who are smart enough to figure out that they are being used to build the surveillance systems that are intended for their children and grandchildren, their families and friends, their neighbors and fellow citizens. All whom they wanted to serve and protect by joining the agency in the first place.

In reality, corporate surveillance poses a bigger danger than state surveillance for the average internet user. Its the former that enables the latter in large part. The fact that they are willing to dish out information about your life to anyone willing to pay their advertising networks should worry you even more than a government employee with top-secret clearance taking a peak. That’s not to say anyone is entitled to your data, thoughts or information about who you talk with. Its a choice that comes down to you choosing to change your perception about the value of yourself and refusing to use systems that betray you.

The post If-by-Surveillance appeared first on Whonix.

17 May, 2015 06:06PM by HulaHoop

hackergotchi for Ubuntu developers

Ubuntu developers

Andrew Pollock: [debian] Fixing some issues with changelogs.debian.net

I got an email last year pointing out a cosmetic issue with changelogs.debian.net. I think at the time of the email, the only problem was some bitrot in PHP's built-in server variables making some text appear incorrectly.

I duly added something to my TODO list to fix it, and it subsequently sat there for like 13 months. In the ensuing time, Debian changed some stuff, and my code started incorrectly handling a 302 as well, which actually broke it good and proper.

I finally got around to fixing it.

I also fixed a problem where sometimes there can be multiple entries in the Sources file for a package (switching to using api.ftp-master.debian.org would also address this), which caused sometimes caused an incorrect version of the changelog to be returned.

In the resulting tinkering, I learned about api.ftp-master.debian.org, which is totally awesome. I could stop maintaining and parsing a local copy of sid's Sources file, and just make a call to this instead.

Finally, I added linking to CVEs, because it was a quick thing to do, and adds value.

In light of api.ftp-master.debian.org, I'm very tempted to rewrite the redirector. The code is very old and hard for present-day Andrew to maintain, and I despise PHP. I'd rather write it in Python today, with some proper test coverage. I could also potentially host it on AppEngine instead of locally, just so I get some experience with AppEngine

It's also been suggested that I fold the changes into the changelog hosting on ftp-master.debian.org. I'm hesitant to do this, as it would require changing the output from plain text to HTML, which would mess up consumers of the plain text (like the current implementation of changelogs.debian.net)

17 May, 2015 02:42PM

Andrea Corbellini: Elliptic Curve Cryptography: a gentle introduction

Those of you who know what public-key cryptography is may have already heard of ECC, ECDH or ECDSA. The first is an acronym for Elliptic Curve Cryptography, the others are names for algorithms based on it.

Today, we can find elliptic curves cryptosystems in TLS, PGP and SSH, which are just three of the main technologies on which the modern web and IT world are based. Not to mention Bitcoin and other cryptocurrencies.

Before ECC become popular, almost all public-key algorithms were based on RSA and DSA, alternative cryptosystems based on prime number factorization. RSA and friends are still very important today, and often are used alongside ECC. However, while the magic behind RSA and friends can be easily explained, is widely understood, and rough implementations can be written quite easily, the foundations of ECC are still a mystery to most.

With a series of blog posts I’m going to give you a gentle introduction to the world of elliptic curve cryptography. My aim is not to provide a complete and detailed guide to ECC (the web is full of information on the subject), but to provide a simple overview of what ECC is and why it is considered secure, without losing time on long mathematical proofs or boring implementation details. I will also give helpful examples together with visual interactive tools and scripts to play with.

Specifically, here are the topics I’ll touch:

  1. Elliptic curves over real numbers and the group law (covered in this blog post)
  2. Elliptic curves over finite fields and the discrete logarithm problem
  3. Key pair generation and two ECC algorithms: ECDH and ECDSA
  4. Algorithms for breaking ECC security, and a comparison with RSA

In order to understand what’s written here, you’ll need to know some basic stuff of set theory, geometry and modular arithmetic, and have familiarity with symmetric and asymmetric cryptography. Lastly, you need to have a clear idea of what an “easy” problem is, what a “hard” problem is, and their roles in cryptography.

Ready? Let’s start!

Elliptic Curves

First of all: what is an elliptic curve? Wolfram MathWorld gives an excellent and complete definition. But for our aims, an elliptic curve will simply be the set of points described by the equation:

y^2 = x^3 + ax + b

where 4a3 + 27b2 ≠ 0 (this is required to exclude singular curves). The equation above is what is called Weierstrass normal form for elliptic curves.

Different shapes for different elliptic curvesDifferent shapes for different elliptic curves (b = 1, a varying from 2 to -3).
Types of singularitiesTypes of singularities: on the left, a curve with a cusp (y2 = x3). On the right, a curve with a self-intersection (y2 = x3 – 3x + 2). None of them is a valid elliptic curve.

Depending on the value of a and b, elliptic curves may assume different shapes on the plane. As it can be easily seen and verified, elliptic curves are symmetric about the x-axis.

For our aims, we will also need a point at infinity (also known as ideal point) to be part of our curve. From now on, we will denote our point at infinity with the symbol 0 (zero).

If we want to explicitly take into account the point at infinity, we can refine our definition of elliptic curve as follows:

\left\{ (x, y) \in \mathbb{R}^2\ |\ y^2 = x^3 + ax + b,\ 4 a^3 + 27 b^2 \ne 0 \right\}\ \cup\ \left\{ 0 \right\}

Groups

A group in mathematics is a set for which we have defined a binary operation that we call “addition” and indicate with the symbol +. In order for the set 𝔾 to be a group, addition must defined so that it respects the following four properties:

  1. closure: if a and b are members of 𝔾, then a + b is a member of 𝔾;
  2. associativity: (a + b) + c = a + (b + c);
  3. there exists an identity element 0 such that a + 0 = 0 + a = a;
  4. every element has an inverse, that is: for every a there exists b such that a + b = 0.

If we add a fifth requirement:

  1. commutativity: a + b = b + a,

then the group is called abelian group.

With the usual notion of addition, the set of integer numbers is a group (moreover, it’s an abelian group). The set of natural numbers however is not a group, as the fourth property can’t be satisfied.

Groups are nice because, if we can demonstrate that those four properties hold, we get some other properties for free. For example: the identity element is unique; also the inverses are unique, that is: for every a there exists only one b such that a + b = 0 (and we can write b as a). Either directly or indirectly, these and other facts about groups will be very important for us later.

The group law for elliptic curves

We can define a group over elliptic curves. Specifically:

  • the elements of the group are the points of an elliptic curve;
  • the identity element is the point at infinity 0;
  • the inverse of a point P is the one symmetric about the x-axis;
  • addition is given by the following rule: given three aligned, non-zero points P, Q and R, their sum is P + Q + R = 0.
Three aligned pointsThe sum of three aligned point is 0.

Note that with the last rule, we only require three aligned points, and three points are aligned without respect to order. This means that, if P, Q and R are aligned, then P + (Q + R) = Q + (P + R) = R + (P + Q) = · · · = 0. This way, we have intuitively proved that our + operator is both associative and commutative: we are in an abelian group.

So far, so great. But how do we actually compute the sum of two arbitrary points?

Geometric addition

Thanks to the fact that we are in an abelian group, we can write P + Q + R = 0 as P + Q = –R. This equation, in this form, lets us derive a geometric method to compute the sum between two points P and Q: if we draw a line passing through P and Q, this line will intersect a third point on the curve, R (this is implied by the fact that P, Q and R are aligned). If we take the inverse of this point, R, we have found the result of P + Q.

Point additionDraw the line through P and Q. The line intersects a third point R. The point symmetric to it, R, is the result of P + Q.

This geometric method works but needs some refinement. Particularly, we need to answer a few questions:

  • What if P = 0 or Q = 0? Certainly, we can’t draw any line (0 is not on the xy-plane). But given that we have defined 0 as the identity element, P + 0 = P and 0 + Q = Q, for any P and for any Q.
  • What if P = –Q? In this case, the line going through the two points is vertical, and does not intersect any third point. But if P is the inverse of Q, then we have P + Q = P + (-P) = 0 from the definition of inverse.
  • What if P = Q? In this case, there are infinitely many lines passing through the point. Here things start getting a bit more complicated. But consider a point Q’P. What happens if we make Q’ approach P, getting closer and closer to it?
    The result of P + Q as Q is approaching PAs the two points become closer together, the line passing through them becomes tangent to the curve.

    As Q’ tends towards P, the line passing through P and Q’ becomes tangent to the curve. In the light of this we can say that P + P = –R, where R is the point of intersection between the curve and the line tangent to the curve in P.
  • What if PQ, but there is no third point R? We are in a case very similar to the previous one. In fact, we are in the case where the line passing through P and Q is tangent to the curve.
    The result of P + Q as Q is approaching PIf our line intersects just two points, then it means that it’s tangent to the curve. It’s easy to see how the result of the sum becomes symmetric to one of the two points.

    Let’s assume that P is the tangency point. In the previous case, we would have written P + P = –Q. That equation now becomes P + Q = –P. If, on the other hand, Q were the tangency point, the correct equation would have been P + Q = –Q.

The geometric method is now complete and covers all cases. With a pencil and a ruler we are able to perform addition involving every point of any elliptic curve. If you want to try, take a look at the HTML5/JavaScript visual tool I’ve built for computing sums on elliptic curves!

Algebraic addition

If we want a computer to perform point addition, we need to turn the geometric method into an algebraic method. Transforming the rules described above into a set of equations may seem straightforward, but actually it can be really tedious because it requires solving cubic equations. For this reason, here I will report only the results.

First, let’s get get rid of the most annoying corner cases. We already know that P + (-P) = 0, and we also know that P + 0 = 0 + P = P. So, in our equations, we will avoid these two cases and we will only consider two non-zero, non-symmetric points P = (xP, yP) and Q = (xQ, yQ).

If P and Q are distinct (xPxQ), the line through them has slope:

m = \frac{y_P - y_Q}{x_P - x_Q}

The intersection of this line with the elliptic curve is a third point R = (xR, yR):

\begin{array}{rcl} x_R & = & m^2 - x_P - x_Q \\ y_R & = & y_P + m(x_R - x_P) \end{array}

or, equivalently:

y_R = y_Q + m(x_R - x_Q)

Hence (xP, yP) + (xQ, yQ) = (xR, –yR) (pay attention at the signs and remember that P + Q = –R).

If we wanted to check whether this result is right, we would have had to check whether R belongs to the curve and whether P, Q and R are aligned. Checking whether the points are aligned is trivial, checking that R belongs to the curve is not, as we would need to solve a cubic equation, which is not fun at all.

Instead, let’s play with an example: according to our visual tool, given P = (1, 2) and Q = (3, 4) over the curve y2 = x3 – 7x + 10, their sum is P + Q = –R = (-3, 2). Let’s see if our equations agree:

\begin{array}{rcl} m & = & \frac{y_P - y_Q}{x_P - x_Q} = \frac{2 - 4}{1 - 3} = 1 \\ x_R & = & m^2 - x_P - x_Q = 1^2 - 1 - 3 = -3 \\ y_R & = & y_P + m(x_R - x_P) = 2 + 1 \cdot (-3 - 1) = -2 \\ & = & y_Q + m(x_R - x_Q) = 4 + 1 \cdot (-3 - 3) = -2 \end{array}

Yes, this is correct!

Note that these equations works even if one of P or Q is a tangency point. Let’s try with P = (-1, 4) and Q = (1, 2).

\begin{array}{rcl} m & = & \frac{y_P - y_Q}{x_P - x_Q} = \frac{4 - 2}{-1 - 1} = -1 \\ x_R & = & m^2 - x_P - x_Q = (-1)^2 - (-1) - 1 = 1 \\ y_R & = & y_P + m(x_R - x_P) = 4 + -1 \cdot (1 - (-1)) = 2 \end{array}

We get the result P + Q = (1, -2), which is the same result given by the visual tool.

The case P = Q needs to be treated a bit differently: the equations for xR and yR are the same, but given that xP = xQ, we must use a different equation for the slope:

m = \frac{3 x_P^2 + a}{2 y_P}

Note that, as we would expect, this expression for m is the first derivative of:

y_P = \pm \sqrt{x_P^3 + ax_P + b}

To prove the validity of this result it is enough to check that R belongs to the curve and that the line passing through P and R has only two intersections with the curve. But again, we don’t prove this fact, but instead try with an example: P = Q = (1, 2).

\begin{array}{rcl} m & = & \frac{3x_P^2 + a}{2 y_P} = \frac{3 \cdot 1^2 - 7}{2 \cdot 2} = -1 \\ x_R & = & m^2 - x_P - x_Q = (-1)^2 - 1 - 1 = -1 \\ y_R & = & y_P + m(x_R - x_P) = 2 + (-1) \cdot (-1 - 1) = 4 \end{array}

Which gives us P + P = –R = (-1, -4). Correct!

Although the procedure to derive them can be really tedious, our equations are pretty compact. This is thanks to Weierstrass normal form: without it, these equations could have been really long and complicated!

Scalar multiplication

Other than addition, we can define another operation: scalar multiplication, that is:

n P = \underbrace{P + P + \dots + P}_{n\ \text{times}}

where n is a natural number. I’ve written a visual tool for scalar multiplication too, if you want to play with that.

Written in that form, it may seem that computing nP requires n additions. If n has k binary digits, then our algorithm would be O(2k), which is not really good. But there exist faster algorithms.

One of them is the double and add algorithm. Its principle of operation can be better explained with an example. Take n = 151. Its binary representation is 100101112. This binary representation can be turned into a sum powers of two:

151 = 1 \cdot 2^7 + 0 \cdot 2^6 + 0 \cdot 2^5 + 1 \cdot 2^4 + 0 \cdot 2^3 + 1 \cdot 2^2 + 1 \cdot 2^1 + 1 \cdot 2^0

(We have taken each binary digit of n and multiplied it by a power of two.)

In view of this, we can write:

151 \cdot P = 2^7 P + 2^4 P + 2^2 P + 2^1 P + 2^0 P

What the double and add algorithm tells us to do is:

  • Take P.
  • Double it, so that we get 2P.
  • Add 2P to P (in order to get the result of 21P + 20P).
  • Double 2P, so that we get 22P.
  • Add it to our result (so that we get 22P + 21P + 20P).
  • Double 22P to get 23P.
  • Don’t perform any addition involving 23P.
  • Double 23P to get 24P.
  • Add it to our result (so that we get 24P + 22P + 21P + 20P).

In the end, we can compute 151 · P performing just seven doublings and four additions.

If this is not clear enough, here’s a Python snippet that implements the algorithm:

def bits(n):
    """
    Generates the binary digits of n, starting
    from the least significant bit.

    bits(151) -> 1, 1, 1, 0, 1, 0, 0, 1
    """
    while n:
        yield n & 1
        n >>= 1

def double_and_add(n, x):
    """
    Returns the result of n * x, computed using
    the double and add algorithm.
    """
    result = 0
    addend = x

    for bit in bits(n):
        if bit == 1:
            result += addend
        addend *= 2

    return result

If doubling and adding are both O(1) operations, then this algorithm is O(log n) (or O(k) if we consider the bit length), which is pretty good. Surely much better than the initial O(n) algorithm!

Logarithm

Given n and P, we now have at least one polynomial time algorithm for computing Q = nP. But what about the other way round? What if we know Q and P and need to find out n? This problem is known as the logarithm problem. We call it “logarithm” instead of “division” for conformity with RSA (where instead of multiplication we have exponentiation).

I don’t know of any “easy” algorithm for the logarithm problem, however playing with multiplication it’s easy to see some patterns. For example, take the curve y2 = x3 – 3x + 1 and the point P = (0, 1). We can immediately verify that, if n is odd, nP is on the curve on the left semiplane; if n is even, nP is on the curve on the right semiplane. If we experimented more, we could probably find more patterns that eventually could lead us to write an algorithm for computing the logarithm on that curve efficiently.

But there’s a variant of the logarithm problem: the discrete logarithm problem. As we will see in the next post, if we reduce the domain of our elliptic curves, scalar multiplication remains “easy”, while the discrete logarithm becomes a “hard” problem. This duality is the key brick of elliptic curve cryptography.

See you next week

That’s all for today, I hope you enjoyed this post! Next week we will discover finite fields and the discrete logarithm problem, along with examples and tools to play with. If this stuff sounds interesting to you, then stay tuned!

17 May, 2015 11:24AM

LMDE

Upgrading LMDE (from UP8 to “Betsy”)

The upgrade path is now open. LMDE 1 “Debian” users can upgrade to LMDE 2 “Betsy” by following this tutorial:

http://community.linuxmint.com/tutorial/view/2013

As always, make sure to read everything and don’t hesitate to connect to the IRC while performing the upgrade.

One important note among the warnings: Make sure to disable Romeo prior to upgrading. Cinnamon 2.6 and MATE 1.10 will hit it very soon, they’re not fully stable yet. If you want to test them, it’s better to enable Romeo post-upgrade so they don’t interfere with the upgrade.

17 May, 2015 08:33AM by Clem

hackergotchi for Parsix developers

Parsix developers

Iceweasel (Firefox) 38.0 is now available for Nestor (7.0) and Rinaldo (7.5). Up...

Iceweasel (Firefox) 38.0 is now available for Nestor (7.0) and Rinaldo (7.5). Update your systems to install it.

17 May, 2015 07:17AM by Parsix GNU/Linux

Happy Release! Parsix GNU/Linux 7.5r0 (Rinaldo) ISO images are available now! Se...

Happy Release! Parsix GNU/Linux 7.5r0 (Rinaldo) ISO images are available now! See http://www.parsix.org/wiki/News for details and download.

17 May, 2015 07:16AM by Parsix GNU/Linux

May 16, 2015

hackergotchi for Ubuntu developers

Ubuntu developers

Elizabeth K. Joseph: Xubuntu sweatshirt, Wily, & Debian Jessie Release

People like shirts, stickers and goodies to show support of their favorite operation system, and though the Xubuntu project has been slower than our friends over at Kubuntu at offering them, we now have a decent line-up offered by companies we’re friendly with. Several months ago the Xubuntu team was contacted by Gabor Kum of HELLOTUX to see if we’d be interested in offering shirts through their site. We were indeed interested! So after he graciously sent our project lead a polo shirt to evaluate, we agreed to start offering his products on our site, alongside the others. See all products here.

Polos aren’t really my thing, so when the Xubuntu shirts went live I ordered the Xubuntu sweater. Now a language difference may be in play here, since I’d call it a sweatshirt with a zipper, or a light jacket, or a hoodie without a hood. But it’s a great shirt, I’ve been wearing it regularly since I got it in my often-chilly city of San Francisco. It fits wonderfully and the embroidery is top notch.

Xubuntu sweatshirt
Close-up of HELLOTUX Xubuntu embroidery

In other Ubuntu things, given my travel schedule Peter Ganthavorn has started hosting some of the San Francisco Ubuntu Hours. He hosted one last month that I wasn’t available for, and then another this week which I did attend. Wearing my trusty new Xubuntu sweatshirt, I also brought along my Wily Werewolf to his first Ubuntu Hour! I picked up this fluffy-yet-fearsome werewolf from Squishable.com, which is also where I found my Natty Narwhal.

When we wrapped up the Ubuntu Hour, we headed down the street to our favorite Chinese place for Linux meetings where I was hosting a Bay Area Debian Meeting and Jessie Release Party! I was pretty excited about doing this, since the Toy Story character Jessie is a popular one, I jumped at the opportunity to pick up some party supplies to mark the occasion, and ended up with a collection of party hats and notepads:

There were a total of 5 of us there, long time BAD member Michael Paoli being particularly generous with his support of my ridiculous hats:

We had a fun time, welcoming a couple of new folks to our meeting as well. A few more photos from the evening here: https://www.flickr.com/photos/pleia2/sets/72157650542082473

Now I just need to actually upgrade my servers to Jessie!

16 May, 2015 03:09AM

hackergotchi for Maemo developers

Maemo developers

2015-05-05 Meeting Minutes

Meeting held 2015-05-05 on FreeNode, channel #maemo-meeting (logs)

Attending:
Jussi Ohenoja (juiceme), Peter Leinchen (peterleinchen),

Ivaylo Dimitrov (freemangordon),

Partial: Oksana Tkachenko (Oksana/Wikiwide),
Gido Griese (Win7Mac),

Absent: William McBee (gerbick), Alexander Kozhevnikov (MentalistTraceur),

Summary of topics (ordered by discussion):

  • Facebook API changes
  • Referendum, repositories being down and the letter to HiFo

Topic (Facebook API changes):

  • Recently, FB migrated all API v1.0 applications (like the one in N900, dunno about N9/50) to v2.0. As a result, FB sharing plugin stopped working, again. Could someone contact Daphne Won and request for the community to take ownership of N900 facebook application, so we can go through FB review process and make photo/video sharing plugin working anew?
  • The FB application was registered on FB back in 2009 (afaik) by Nokia. Every FB application has administrators, that lady being one of them. She has the rights to add other people as administrators. We need such an administrator account in order to request FB to review the application according to those new rules.

Topic (Referendum, repositories being down and the letter to HiFo):

  • Lost with that RFC thread now; lots of heated discussion; no checks for the type of ruling which can be created by GA or Council and executed by board.
  • Current mirrors of repositories are working, and staff is backed up, but it would be better to have an official repository, with permission of Nokia or Microsoft.
  • Mail template to Jaffa needed

Action Items:
  • -- old items:
    • The selected Code of Conduct (KDE) still needs to be published on (T)MO.
    • Looking into automatic calculation of election results ...
    • Contacting freemangordon and merlin1991 about auto-builder: CSSU-thumb target, GCC versions?
    • Getting maemo trademark registration (everywhere?) renewed (and transferred to MCeV) by the end of February (or within six months since expiry date).
    • archiving Ovi/Nokia store, especially for Harmattan.
  • -- new items:
    • Contacting Daphne Won to get administrator rights for a Maemo member to migrate the plugin to v2.0 API and maintain it in the future.
0 Add to favourites0 Bury

16 May, 2015 12:57AM by Oksana Tkachenko (oksana.a.tkachenko@gmail.com)

hackergotchi for HandyLinux

HandyLinux

HandyLinux-2.0 est disponible au téléchargement

bonjour

J'ai le plaisir de vous annoncer la sortie de HandyLinux-2.0 basée sur Debian-8 


merci à Péhä pour son dessin


Cette version est la première basée sur Debian Jessie et sera supportée aussi longtemps que sa base (5ans minimum).
HandyLinux-2.0 renoue avec ses ambitions d'accessibilité en intégrant le lecteur d'écran ORCA grâce aux tests de totophe56.
Cette version se veut aussi encore plus orientée vers les grands débutants avec une mise à jour complète de la documentation , l'apparition d'une FAQ et une série de tutoriels vidéos passant en revue l'essentiel des fonctions de votre distribution (encore en cours de tournage, mais la plupart sont déjà disponibles).
HandyLinux-2.0, c'est aussi la fusion des versions ancien PC / PC modernes (noyaux 586 et 686-pae) en une seule image ISO avec un outil de suppression semi-automatique du noyau inutile.
Pour cette nouvelle version, Tibérias nous a offert un nouveau thème avec sa page de démarrage internet. Je m'en suis inspiré pour la refonte complète des sites handylinux* ainsi que pour le thème utilisé par défaut dans la distribution, HandyLinuxClear.
Starsheep nous offre les fonds d'écran par défaut ainsi qu'un outil de changement rapide d'interface, le HandyTheme.
Thuban, quant à lui, en nous rejoignant, amène BTshare, un outil de partage de données via BitTorrent, ultra simple d'utilisation, pour partager en "torrent" P2P des données présentes sur votre ordinateur personnel.

Vidéo Officielle

musique : "lil-mel" par Herrera

quelques shots ... ?


Liens de téléchargements :

HandyLinux-2.0 est disponible sur les serveurs SourceForge.net ou sur LinuxTracker pour les utilisateurs du protocole BitTorrent. Tous les liens depuis la page de téléchargement officielle :

=> Téléchargez HandyLinux-2.0 <=


Mise à jour depuis HandyLinux-1.x :

Comment passer de HandyLinux-1.x à HandyLinux-2.x. ?

La méthode la plus sûre est la ré-installation du système . Mais si ce n'est pas possible (pas de disque dur pour la sauvegarde), vous pouvez tenter la mise à jour classique en suivant bien la procédure.


Bugs ?

3 bugs connus  :

  • trop de mises à jour après l'installation ? Ne les acceptez pas ! C'est parce que vous avez refusé les mises à jour lors de l'écran de post-installation ou que votre réseau n'était pas configuré. Bref, la solution est simple et tout est expliqué sur le forum .
  • l'intégration de gnome-orca, le lecteur d'écran, oblige à inclure le serveur "pulseaudio" pour certaines machines. XFCE4-Mixer n'apprécie pas le serveur pulseaudio et si vous diminuez au maximum le volume du canal PCM, ça met le volume général en sourdine. Il faut alors ouvrir XFCE4-Mixer afin de rétablir le volume. Solution ? ne jamais diminuer le son au minimum avec la molette ;)
  • Iceweasel est en version ESR ( 31 lorsque j'écris ces lignes ), aucun soucis de sécurité ou de fonctionnement, mais le plugin "hello" n'est pas disponible. Si vous désirez obtenir la version "release" (38) d'Iceweasel, rendez-vous sur le post dédié (merci à fredbezies pour le retour) ... notez que ce bug est résolu par le point n°1


le changelog complet :

  • mise à jour de la base : passage à Debian-8 "Jessie" (merci Debian)
  • mise à jour du handymenu et des outils *handylinux*
  • refonte admin du site 'handylinux.org' et mise en place des sous-domaines
  • ajout de BTshare, un outil de partage P2P simplifié (merci thuban)
  • ajout des actions personnalisées pour Thunar (merci coyotus & thuban)
  • passage de Skype en option (merci coyotus)
  • intégration de gnome-orca (merci totophe56)
  • ajout des lanceurs outils/sociaux/galerie...
  • ajout du témoin de mot de passe (merci coyotus)
  • définition de "handylinux" comme hostname par défaut (merci fredbezies)
  • ajout des Modèles dans le dossier utilisateur (merci dyp)
  • ajout de menulibre pour l'édition des menus XFCE
  •  ajout de bash-completion (merci torxxl)
  • ajout de cups-pdf (merci rb)
  • ajout de transmission pour la gestion du partage P2P
  • ajout de thèmes pour Iceweasel
  • ajout des fonts carlito & caladea (eq. Calibri & Cambria) (merci thuban)
  • ajout des modèles et config pour LibreOffice (merci thuban)
  • ajout de unoconv pour l'exportation rapide en PDF (merci thuban)
  • ajout de anacron et de la configuration apt (merci base10)
  • ajout de command-not-found + fix bashrc (merci base10)
  • ajout de la notification de mise à jour (merci coyotus)
  • kernel :
    • passage de 486 à 586 pour les vieux PCs
    • fusion des version 586 et 686-pae
    • ajout du script de détection/suppression du kernel inutile
  • theming/graphics :
    • refonte graphique du site/forum/wiki/blog
    • ajout du handylinuxlook
    • ajout du HandyTheme pour le changement rapide d'interface (merci Starsheep & thuban)
    • nouveau thème Slim "flat" par Starsheep
    • nouveaux walls par Starsheep
    • ajout de qt4-qtconfig pour vlc
    • ajout thèmes d'icônes additionnels (tango, gnome-colors, gilouche)
    • modification de l'îcone whiskermenu (merci julien)
  • switch :
    • remplacement du software-center par gnome-packagekit
    • remplacement de file-roller par xarchiver
    • remplacement de gnome-searchtool par catfish et mlocate (merci Elm et thuban)
    • remplacement de quodlibet par clementine
    • remplacement de shotwell par ristretto
    • remplacement de leafpad par mousepad comme éditeur de texte par défaut (merci coyotus)
    • remplacement de xpad par xfce4-notes-plugin pour une meilleure intégration au panel
  • nettoyage :
    • suppression de l'option de placement du HandyMenu en conflit avec XFCE (merci Caribou22)
    • suppression des préférences apt obsolètes pour LibreOffice
    • suppression des paquets obsolètes ntfsprogs/netatalk/fuse-utils/dfc/xfprint4/gtk3-engines-unico
    • suppression de xl-wallpaper : xfce gère maintenant les changement de fonds
    • suppression des dépôts compiz-handylinux
    • suppression de slingscold-launcher
    • suppression de bleachbit
    • suppression de zram
    • suppression de Minitube
    • suppression de phonon
    • suppression d'oggconvert
    • suppression du win32-loader
    • nettoyage des addons Iceweasel
    • nettoyage des walls
    • suppression des thèmes d'icônes Nitrux/NitruxButtons


Un grand merci à toutes celles et tous ceux qui ont participé à l'élaboration de cette distribution collégiale. Les discussions furent parfois animées, mais ça fait du bien de confronter ses idées et trouver des solutions ensemble.

Je vous laisse maintenant tester HandyLinux-2.0. N'hésitez pas à venir sur notre nouveau forum (le désormais célèbre dyp vous y attend ) afin de profiter du support de la communauté et participer à l'avenir d'HandyLinux au travers de sa collégialité.


... et HandyLinuxLight ?? HandyLinuxLight-2.0 sortira dans le courant de la semaine, il me reste quelques détails à régler pour la post-installation



épilogue ... bye bye le serveur v1 ...

Aujourd'hui, c'est la sortie d'HandyLinux-2.0 et aussi la fin du serveur v1. La redirection est déjà effective... vous n'avez plus accès à l'ancien serveur.

Alors je voulais tout de même dire un grand MERCI à wiscot, Goodbox et Aphelion pour avoir offert, mis en place et maintenu notre serveur dédié .

HandyLinux et toute sa famille sont maintenant réunies sur un seul serveur hébergé en mutualisé chez OVH, ce qui me permet de me concentrer sur la distribution uniquement, et pas sur la surveillance du serveur.

++
arp

HandyLinux - la distribution Debian sans se prendre la tête...

16 May, 2015 12:12AM by arpinux

May 15, 2015

hackergotchi for Cumulus Linux

Cumulus Linux

vSphere with Cumulus Linux

I presented my first webinar on VMware vSphere with Cumulus® Linux® last week, which was really exciting for me. VMware has been around for 17 years and counting while Cumulus® Networks® came out of stealth mode only in June 2013. We all know that VMware vSphere works with a variety of network architectures, so I wanted to take a slightly different approach while presenting the webinar and writing this blog:

  •  What does Cumulus Networks bring to vSphere that others don’t?
  •  Does Cumulus Linux work well with vSphere?  How can we test it?

VMware vSphere and Cumulus Linux

4BC510F5-6A92-4F8D-9F23-B1ABE651AD44-360-00005FF4489C1742

Cumulus Linux and VMware vSphere are both software solutions that run on a variety of hardware platforms. This allows customers to build and use platforms from a range of suppliers for compute, storage and networking. The software defines the performance and behavior of the environment, which allows the administrator to exercise version control and programmatic approaches that are already in use by DevOps teams. Today, switches with Cumulus Linux can be treated as servers.

Cumulus Linux with ONIE, ZTP and Automation

How does Cumulus Linux just work on top of bare metal switches? What is so different? Why can’t we do this with any switch out there in the market? And the answer is, ONIE!

ONIE stands for Open Network Install Environment. Previously, you couldn’t load any operating system onto a switch. Hardware that comes with ONIE allows you to do just that. It can be thought of as a pre-installed BIOS, PXE and kickstarter in one.

Ahmed Blog Image

*We are also proud to say that one of our engineers at Cumulus Networks was the lead and started the ONIE project, which eventually got pushed upstream to the community for other network operating systems to use as well. ONIE has been accepted as a contribution from Cumulus Networks to the Open Compute Project (OCP) and is now an official part of OCP.

Zero touch provisioning  (ZTP) picks up where ONIE leaves off. ZTP scripts check two sources for an OS image:

  1. First, USB.
  2. If there is no USB, then DHCP.

Centralized Management via Automation

Although going from switch to switch, digging deep into the CLI has been the traditional way to manage switches, today there are ways around that. But some people might ask, “why change?”

Before we answer that, consider the following:

  • If you’re configuring one or two switches, using the CLI might not be that big of deal, but what if you have to configure 3, 4 or 100 TORs? Isn’t there an easier way to do it other than to log into each switch and configure individually?
  • Can you back up the configuration on a daily basis?
  • What if the configuration being backed up is incorrect?
  • What if someone changes the configuration via direct SSH or console access?
  • What happens when there is a switch that needs to be replaced?
  • Wouldn’t it be better to have a centralized management tool where people can submit their changes, which can be tracked easily on an individual basis?

Automation is the answer to all these questions, including why you should change. Some of the automation tools used today with Cumulus Linux are Ansible, CFEngine, Chef, Puppet and Salt. The choice is all yours! But, how can I test some of this?

VMware vSphere Demo in Cumulus Workbench

If you want to personally experience and test some of these concepts and fully implement an automated Cumulus Linux and vSphere solution using our VMware vSphere demo with Cumulus Linux, reserve a Cumulus Workbench today.

In addition, please check out the validated design guide for an example of deploying vSphere in a traditional layer 2 environment, which discusses:

  • Network architecture and design considerations
    • Architecture
    • CLAG/MLAG
    • vSphere Distributed Switch (vDS)
    • VLANs
  • Management & OOB networking considerations
  • Storage considerations
    • NFS NAS configuration considerations
    • Hyper-converged storage
    • iSCSI SAN configuration considerations
  • Scaling
  • External connectivity (layer 2 and layer 3)
  • and more…

To Recap…

  • What does Cumulus Networks bring to vSphere that others don’t?

Cumulus Linux is a networking OS with hardware acceleration of switching and routing functions, and it runs on an extensive list of cost-effective 1, 10 and 40G platforms (see our HCL). Because it’s a true Linux distribution, it enables switches to be automated, monitored and managed using the same tools already employed on servers.

  • Does Cumulus Linux work well with vSphere?  How can we test it?

Yes, Cumulus Linux has been tested and validated with VMware vSphere. You can test it yourself following our validated design guide or through the VMware vSphere demo in the Cumulus Workbench. If you have any questions, please feel free to reach out to info@cumulusnetworks.com and we’d be happy to put you in contact with our technical resources.

The post vSphere with Cumulus Linux appeared first on Cumulus Networks Blog.

15 May, 2015 05:23PM by Ahmed Dessouki

hackergotchi for Xanadu developers

Xanadu developers

hackergotchi for Grml developers

Grml developers

Michael Prokop: fork(), once again

On 10th of May 2015 my lovely wife has made me a lovely present again: welcome to our family, Johanna.

15 May, 2015 02:20PM

hackergotchi for Ubuntu developers

Ubuntu developers

Dustin Kirkland: Ubuntu: Make Wonderful Things Possible!


In November of 2006, Canonical held an "all hands" event, which included a team building exercise.  Several teams recorded "Ubuntu commercials".

On one of the teams, Mark "Borat" Shuttleworth amusingly proffered,
"Ubuntu make wonderful things possible, for example, Linux appliance, with Ubuntu preinstalled, we call this -- the fridge!"


Nine years later, that tongue-in-cheek parody is no longer a joke.  It's a "cold" hard reality!

GE Appliances, FirstBuild, and Ubuntu announced a collaboration around a smart refrigerator, available today for $749, running Snappy Ubuntu Core on a Raspberry Pi 2, with multiple USB ports and available in-fridge accessories.  We had one in our booth at IoT World in San Francisco this week!










While the fridge prediction is indeed pretty amazing, the line that strikes me most is actually "Ubuntu make(s) wonderful things possible!"

With emphasis on "things".  As in, "Internet of Things."  The possibilities are absolutely endless in this brave new world of Snappy Ubuntu.  And that is indeed wonderful.

So what are you making with Ubuntu?!?

:-Dustin

15 May, 2015 04:38AM by Dustin Kirkland (noreply@blogger.com)

May 14, 2015

Ubuntu Podcast from the UK LoCo: S08E10 – The Beast of Yucca Flats - Ubuntu Podcast

It’s Episode Ten of Season Eight of the Ubuntu Podcast! Alan Pope, Laura Cowen, Mark Johnson, and Martin Wimpress are connected and speaking to your brain.

In this week’s show:

  • We discuss Mark Shuttleworth’s Ubuntu Online Summit keynote…

  • We share some Command Line Lurve which is the super useful listadmin, which does stuff. Listen to find out what…

  • And we also chat about taking a whole 3 minutes (that’s right!) off a PB (personal best time) at Parkrun, playing Windows games on Linux, getting Cyanogen OS 12 on to a OnePlus One phone, going to the Egham Raspberry Jam, and making Ubuntu MATE a download for the Raspberry Pi 2.

That’s all for this week, please send your comments and suggestions to: show@ubuntupodcast.org
Join us on IRC in #ubuntu-podcast on Freenode
Follow us on Twitter
Find our Facebook Fan Page
Follow us on Google+

14 May, 2015 06:43PM

Sebastian Dröge: PTP network clock support in GStreamer

In the last days I was working at Centricular on adding PTP clock support to GStreamer. This is now mostly done, and the results of this work are public but not yet merged into the GStreamer code base. This will need some further testing and code review, see the related bug report here.

You can find the current version of the code here in my freedesktop.org GIT repository. See at the very bottom for some further hints at how you can run it.

So what does that mean, how does it relate to GStreamer?

Precision Time Protocol

PTP is the Precision Time Protocol, which is a network protocol standardized by the IEEE (IEEE1588:2008) to synchronize the clocks between different devices in a network. It’s similar to the better-known Network Time Protocol (NTP, IETF RFC 5905), which is probably used by millions of computers down there to automatically set the local clock. Different to NTP, PTP promises to give much more accurate results, up to microsecond (or even nanosecond with PTP-aware network hardware) precision inside appropriate networks. PTP is part of a few broadcasting and professional media standards, like AES67, RAVENNA, AVB, SMPTE ST 2059-2 and others for inter-device synchronization.

PTP comes in 3 different versions, the old PTPv1 (IEEE1588-2002), PTPv2 (IEEE1588-2008) and IEEE 802.1AS-2011. I’ve implemented PTPv2 via UDPv4 for now, but this work can be extended to other variants later.

GStreamer network synchronization support

So what does that mean for GStreamer? We are now able to synchronize to a PTP clock in the network, which allows multiple devices to accurately synchronize media to the same clock. This is useful in all scenarios where you want to play the same media on different devices, and want them all to be completely synchronized. You can probably imagine quite a few use cases for this yourself now, especially in the context of the “Internet of Things” but also for more normal things like video walls or just having multiple screens display the same thing in the same room.

This was already possible previously with the GStreamer network clock, but that clock implements a custom protocol that only other GStreamer applications can understand currently. See for example here, here or here. With the PTP clock we now get another network clock that speaks a standardized protocol and can interoperate with other software and hardware.

Performance, WiFi and other unreliable networks

When running the code, you will probably notice that PTP works very well in controlled and reliable networks (2-20 microseconds accuracy is what I got here). But it’s not that accurate in wireless networks or in general unreliable networks. It seems like in those networks the custom GStreamer network clock protocol works more reliable currently, partially by design.

Future

As a next step, at Centricular we’re going to look at implementing support for RFC7273 in GStreamer, which allows to signal media clocks for RTP. This is part of e.g. AES67 and RAVENNA and would allow multiple RTP receivers to be perfectly synchronized against a PTP clock without any further configuration. And just for completeness, we’re probably going to release a NTP based GStreamer clock in the near future too.

Running the code

If you want to test my code, you can run it for example against PTPd. And if you want to test the accuracy of the clock, you can measure it with the ptp-clock-reflector (or here, instructions in the README) that I wrote for testing. The latter allows you to measure the accuracy, and in a local wired network I got around 2-20 microseconds accuracy. A GStreamer example application can be found here, which just prints the local and remote PTP clock times. Other than that you can use it just like any other clock on any GStreamer pipeline you can imagine.

14 May, 2015 05:44PM

Stuart Langridge: Your periodic reminder that

Here are things, according to Twitter people, of which you need to be periodically reminded.

  • unless you have gender specific bathrooms in your home, you use gender neutral bathrooms on the reg
  • one can both disagree with an act but also understand the impulse behind it
  • George Osborne promised new powers to English cities don’t even roll back the 1983 Local Govt dissolution
  • I still think Manitoba might be fictitious
  • this is Photoshop’s default pattern
  • the best facial exfoliant is still that baking powder sitting on your pantry shelf
  • you’re not being censored when people tell you a conversation is over
  • data binding is much faster than virtual DOM diffing
  • Douglas Alexander got to be an elder statesman in his 40s by being elected in his 20s
  • Sequel is awesome
  • classical logic is constructivist logic plus lies
  • Roseanne Barr is a transphobic garbage person; sorry about your childhood memories
  • finding two things are correlated tells you ABSOLUTELY ZERO about what CAUSES EITHER
  • sage grouse exist and look like this
  • Zimbardo is a hack
  • Bring! rocks

I don’t think any of those needed any reminder at all, let alone a periodic one.

14 May, 2015 05:37PM

James Page: OpenStack 2015.1.0 for Ubuntu 14.04 LTS and Ubuntu 15.04

The Ubuntu OpenStack team is pleased to announce the general availability of OpenStack 2015.1.0 (Kilo) release in Ubuntu 15.04 and for Ubuntu 14.04 LTS via the Ubuntu Cloud Archive.

Ubuntu 14.04 LTS

You can enable the Ubuntu Cloud Archive for OpenStack Kilo on Ubuntu 14.04 installations by running the following commands:

 sudo add-apt-repository cloud-archive:kilo
 sudo apt-get update

The Ubuntu Cloud Archive for Kilo includes updates for Nova, Glance, Keystone, Neutron, Cinder, Horizon, Swift, Ceilometer and Heat; Ceph (0.94.1), RabbitMQ (3.4.2), QEMU (2.2), libvirt (1.2.12) and Open vSwitch (2.3.1) back-ports from 15.04 have also been provided.

Additionally Trove, Sahara, Ironic, Designate and Manila are also provided in the Ubuntu Cloud Archive for Kilo.  Note that Canonical are not providing support for these packages as they are not in Ubuntu main – these packages are community supported inline with other Ubuntu universe packages.

You can checkout the full list of packages and versions here.

NOTE: We’re shipping Swift 2.2.2 for release – due to the relatively late inclusion of new dependencies to support erasure coding in Swift, we’ve opted not to update to 2.3.0 this cycle in Ubuntu.

NOTE: Designate and Trove are still working through the Stable Release Update process, due to some unit testing and packaging issues,  so are lagging behind the rest of the release.

Ubuntu 15.04

No extra steps required; just start installing OpenStack!

Neutron Driver Decomposition

Ubuntu are only tracking the decomposition of Neutron FWaaS, LBaaS and VPNaaS from Neutron core in the Ubuntu archive; we expect to add additional packages for other Neutron ML2 mechanism drivers and plugins early during the Liberty/15.10 development cycle – we’ll provide these as backports to OpenStack Kilo users as and when they become available.

Reporting bugs

Any issues please report bugs using the ‘ubuntu-bug’ tool:

 sudo ubuntu-bug nova-conductor

this will ensure that bugs get logged in the right place in Launchpad.

Thanks and have fun!


14 May, 2015 03:57PM

Stuart Langridge: Things that are perfect

Dan Bull asked on twitter: Link me something you consider to be perfect. And I had a few things, which I felt should be recorded for posterity. There’s a lot of stuff I don’t like. But equally there’s quite a bit of stuff which I feel is a perfect shining jewel of the moment it was created; that it could not be improved; that I love it; that it’s perfect.

A Doctor Who minimalist poster

Allons-y

I loved this whole series of posters, which seem to have been originally done by Karma Orange although their link has died1. But this is properly fabulous. It makes me smile, just to know it exists.

Roads

I love this song. People who have known me since university will be aware of this. Dummy by Portishead is the finest album ever, and Roads is the best song on it. Unusually, the above link is to a live version, because I actually think the live version is even better. Beth’s voice is perfection. Heartbreak. This song is the most wonderful thing.

Hell’s Bells, live

This is Hell’s Bells, by AC/DC, played live at River Plate2. If you gave me a choice of any person, anywhere, that I could be, and I didn’t have to go back and kill Hitler or anything like that, I’d be Brian Johnson, swinging on the rope at River Plate. I’ve never seen AC/DC live, and now I likely never will, but this is the finest gig there’s ever been. Look at the people. Hundreds of thousands of them. That must be something, feeling that wave.

The Secret History

A book by Donna Tartt. The Secret History was a story I first read — was first published — while I was at university. I’ve read much, both before and after it. I can name individual paragraphs from other books that I prefer. But TSH is still, after all these years, my favourite book. That I can’t help but construe certain tragic similarities between Richard Papen and myself, to quote Francis, is where some of its appeal lies. And a day when I don’t quote the book or be influenced by it in some context is unusual, not that anyone else knows that.

The Assassin’s Creed Revelations E3 trailer

I’ve never seen anything like this. When it was released I watched it over and over and over again. The soundtrack (Iron by Woodkid) is marvellous, and the video meshes with it ideally; this is not just some song they dropped into the trailer because they couldn’t find anything better. But it’s looking at it that I can hardly believe. It’s jaw-dropping. Look at Ezio’s hood when he’s pushed out onto the balcony, or Leandros’s skin. The trip across the desert, and perching on top of a mountain like Batman. Watch Ezio duck under a swung spear and then nut a guy with a metal helmet on. Better, watch him get shot in the shoulder, look around him like a hunted wolf, and then snap the arrow off. It is unbelieveable. The story, the characterisation, the graphics3, the music. Sure, the game wasn’t perfect, but the trailer is.

Golden Leaves by Passenger

I’ve listened to a lot of music. Hell’s Bells makes me feel happy. Roads is like being stroked with fur gloves. But Golden Leaves, and specifically this recording, done in Cambridge with an orchestra, is the concept of melancholy made material, for me. There’s something compelling about melancholy, a sweet langorous sense of feeling sorry for yourself or for everything and yet being touched by it. There’s not a note wrong, not a lyric misplaced, in this recording of this song. It is wonderful.

Preliator by Globus

And this, this is what I listen to when I want to feel heroic. I’ve never known a song like this. Listening to it makes me feel six inches taller. Like I could stand in the fire and be unharmed. Globus have taken the idea of huge, orchestral, imposing, world-shaking music which Wagner and Verdi had and redone it for modern times.4 This is hero music for everyone. I defy you to listen to it and not imagine yourself at the point of the lightning bolt, marching through the fields of enemy slain and laying all waste before you. What is good in life? This is.

Zero Punctuation: Assassin’s Creed Unity

I like well-written comedy which also manages to be relevant to stuff I care about. We do that5 on Bad Voltage. The review sections are, at least to me, things that ought to be Zero Punctuation; Yahtzee fires a whole bunch of blanks at times, but when he gets it right he really really gets it right, and this particular review of a not-very-good game doesn’t put a single foot wrong. Describing the Assassin’s Creed backstory as the “yay downtrodden, boo aristos dynamic” is all of incisive, accurate, and terribly amusing. Arno just being Ezio 2.0 because he has a four-letter-name with an “O” on the end fits ideally into the rhythm. Inspired, every time I watch it.

Ants Go Marching In, hero version

You may know this tune as When Johnny Comes Marching Home. I’d call it The Animals Went In Two By Two. When Michael Kamen took it for Die Hard With A Vengeance and made it into hero music, I could hardly believe it. Preliator is hero music for sweeping the battlefield with power. This, this is about being heroic in your actual life. It’s a kid’s song, made epic — made into the definition of the word epic — just by being well orchestrated. Think of the circularly marching students in Dead Poets Society crossed with Scar’s Be Prepared6. It is inspirational to a degree I can barely express in words. Six inches taller, again.

Lumps

Perfection is finality. Finality is death. Nothing is perfect. There are lumps in it.

So, what’s perfect? Go tell Dan Bull, and tell me. Link me what you think is perfect. Not just good, but perfect. Post it. We need more perfection in the world.

  1. Regret that I never bought one of these as an actual poster. Although I might get the Matt Smith one. Geronimo.
  2. Yes I know I said that me liking live versions is unusual. You wouldn’t know it from this post, though.
  3. honest word? the bit where Ezio gets his head pulled off is the first part where he looks like a computer character. Uncanny Valley. Right up until then, he looks totally completely realistic. That tiny bit I find disappointing. But I pretend it isn’t there.
  4. fine, for film soundtracks, but you find your patrons where you can
  5. or at least try
  6. which very, very nearly made it onto this list itself, but it’s a villain song. It is perfect; Scar is not.

14 May, 2015 12:40AM

May 13, 2015

Andrew Pollock: [tech] LWN Chrome extension published

I finally got around to finishing off and publishing the LWN Chrome extension that I wrote a couple of months ago.

I received one piece of feedback from someone who read my blog via Planet Debian, but didn't appear to email me from a usable email address, so I'll respond to the criticisms here.

I wrote a Chrome extension because I use Google Chrome. To the best of my knowledge, it will work with Chromium as well, but as I've never used it, I can't really say for sure. I've chosen to licence the source under the Apache Licence, and make it freely available. So the extension is available to anyone who cares to download the source and "side load" it, if they don't want to use the Chrome Web Store.

As for whether a userscript would have done the job, maybe, but I have no experience with them.

Basically, I had an itch, and I scratched it, for the browser I choose to use, and I also chose to share it freely.

13 May, 2015 10:03PM

hackergotchi for Blankon developers

Blankon developers

Rahman Yusri Aftian: Gnome Asia yang tidak hanya Asia.

gnomeasia

Ya, itulah logo Gnome Asia Summit 2015, keren kan Gunungan Wayang Cap Kaki, entah apa maknanya? Yang jelas acara keren oleh Glib Untuk Gnome Mania, meski yang ngadain Glib tetapi acara diadakan di Universitas UI depok,  7-9 Mei 2015.

Acara yang diikuti tidak hanya dari benua Asia, tapi Eropa dan Amerika, yang jelas acara ini sukses karena ada orang keren dibelakangnya:

utian

Ini lah mentor orang-orang keren itu yang jadi super keren. Utian Ayuba. saya salut sama ini teman, yang keren plus banyak pengorbanannya.

Yang jelas di acara ini saya ketemu orang-orang keren diantaranya adalah mentor saya dalam penerjemahan. Andika Triwidada, yang sekaligus penasehat infrastruktur BlankOn.

andikaIni dia, super multi talenta dan Drektur Executif BlankOn MDAMT

mdam

Dan masih banyak lagi, disamping itu acara ini memang keren dan yang terkerSen adalah Pak Dwi

dwiTerus terang saya penggemar gambarnya pak dwi, sayang saya belum sempat digambar oleh beliau :D. dan yang jelas multi talentanya itu yang bikin ngiri sama beliau.

Dan karena Acara ini keren ada lagi yang tidak bisa terlupakan, pecel di belakang masjid UI. eh kok yang jualan pak Anwari sih? 10662105_10152880970892849_3994983426739524633_oHahahaham itulah beliau yang mengaku sebagai penjual pecel, ini aslinya ibu penjual pecel. ibu-pecelSayang sekali pak Astrojim yang semula ikut tetapi batal gara-gara pengamdian kepada negara, tapi rasa itu cukup terobati oleh session Princeofgiri

haris
Dan akhirnya terima kasih semuanya, inilah presentasi saya di Gnome Asia Summit 2015 yang tidak saya kerjakan sendir dan dicplik dari beberapa slide pak mdamt, pak fajran. dan terima kasih pak estu yang telah mendaftarkan saya, dan pak azis, pak MHY, pak Shokhibi, cho2, priyess, yang telah membuatkan saya presentasi.

Selamat berjuang kawan
1stdaysummit

 

Dan yang jelas keren, keren, dan Linux Perlu IDOL.

sponsored-badge-shadow

Catatan: Foto diambil dari foto jepretan panitia, Foto Pribadi Pak Mdamt, dll.


13 May, 2015 03:14PM

hackergotchi for Xanadu developers

Xanadu developers

hackergotchi for Blankon developers

Blankon developers

Ahmad Haris: GNOME Asia Summit 2015 – English

I write this post on personal point of view. I already write similar post in Indonesia Language in here. I’m not only translating, but change little bit of sentence.

Backgrounds

Last year, when I’m attending GNOME Asia Summit 2014 in Beijing, Utian (since two years ago) wanna bring GNOME Asia Summit to Indonesia. I try to help as much as I can to chat with GNOME friends and the GNOME Board. Utian him self has Lightning Talk to explain his idea.

IMG_8925

Utian at GNOME Asia Summit 2014 – Beijing

In last two years, here are no activities related to FOSS that large enough in Indonesia. FOSS feels sluggish. Only a few communities that were active but nothing big happens. So it felt just so-so alone and boring.

We need to pull the trigger for local FOSS community with big event, cool and international class. It can rise their will to contribute again. After that, there will be a lot of event that have purpose to improve FOSS movement in this country.

Where am I?

It’s complicated actually. Daily, I’m BlankOn Developer. BlankOn is Indonesia linux distribution based on Debian and GNOME. I’m also fan of OpenSUSE, so I helped OpenSUSE community in Indonesia. I’m also Local Committee of GNOME Asia Summit 2015. And I’m also one of two GNOME Members in Indonesia.

re_workshop_DSC_5132

I’m one of GNOME Members

In this post, I will play as GNOME Members and Local Committee.

What I’m doing?

As local committee, my role job is sponsor finder and supervisor. I did not want to be a leader because I want to train younger friends to create events. To make them more experience. Generally, friends that live as IT person, was a bit difficult to manage some events. And local committee this time are younger than me and deserve to have a chance to manage it.

Being a developer of BlankOn in a long time (seven years), it is very much helpful in getting sponsors. Because I was already known as activist of FOSS in Indonesia.

re_workshop_DSC_0063

Special Shoes & Limited Edition from Sponsor

Me and Utian, being supervisor in some activity in local committee such as accounting, agenda, workshop, toolkit, documentation and consumption. I do not get involved too much and detailed, but always ready and willing to be asked for suggestions / advice and, if necessary, be a problem solver.

An example, I always be around the current location of the speakers until 11:00 pm. I assume that the speaker come from Indonesia or another country need some guide or help, while other friends already rest or sleep after being busy organizing the event whole day.

One of the undesirable things happen, Kate, David and Alexandre, failed to get the hotel. The place that already booked, given to others. It was after 10:00 pm. Fortunately, I’m still hanging out with my friends who came from Taiwan. I help them to get another hotel, I also guide them to get local food. It’s not easy to get local food at that time for foreigner. Mostly, only street food and the seller can’t speak English.

resized_IMG_4875

That’s David, Alexandre and Kate. :)

My point is, I want the event going well. Nothing happen that can break the event. I must make sure all runs smoothly. So, yes, I’m very busy that time.

What I expect and get from this event?

One of the speakers in GNOME Asia Summit 2015, Eric Sun (he is my first foreigner friend), is an old friend of mine. A friend who I know since 2008 when I was working in Banda Aceh. We met again when GNOME Asia Summit 2014 in Beijing with Franklin Weng and planned to meet again in GNOME Asia Summit 2015. Eric Sun and Franklin Weng, are developer of Ezgo Linux (distributions based on education and funded by the Ministry of Education of Taiwan). They held a special discussion related to cooperation with BlankOn. BlankOn will help EzGo to manage their distribution. It’s possible that EzGo based on BlankOn. I’m really happy because of that.

resized_IMG_5038

My Taiwanese Brothers

When I was attending GNOME Asia Summit 2014 in Beijing, I meet lot of GNOME Members. Mostly they’re attend this event. We have a lot of discussions. Not only talk about GNOME, but talking about food, place, and culture. And also meet new friends. Amazing.

DSC00282w

Eat Sate

GNOME Asia Summit 2015 is also a event for a reunion of few friends, like the BlankOn developers, community OpenSUSE-id, FreeBSD community, SLiMS, KLAS and several other communities that I do not know. : D

BIN_2755w

OpenSUSE from Indonesia and Other Country

Actually there are interesting things related to sponsors. Mostly their world are not directly related to information technology or FOSS. Such as the shoes industry, tile industry and stock trading. Yet, many of them exactly know what that means of FOSS and how to contribute, not only with code but also supporting FOSS event. Big appreciate for them, without them, this event would not happen.

In the end, me and several other communities are already planning movement. Such as GNOME Translation Workshop with the KLAS, GNOME Release Party in Jogjakarta, Indonesia Linux Conference in Tegal, EzGo Collaboration with BlankOn, SLiMS Debian Packaging Workshop, and  possibility of OpenSUSE Asia Summit 2016 in Indonesia.

Finale

In terms of contribution, the Asia, Indonesia in particular, has a different style between Europe or America. Indonesian people is not easy to start to contribute. They should be introduced first, approached until they know that the contribution was very pleasant and bring benefits both for himself and others. Perhaps Social Engineering is greatly needed in this section.

It is certainly very different from those in Europe or America. If they want to contribute, so just follow-up activities and contribute.

It is very grateful that Indonesia have lot of communities. Such as local linux distribution communities, both developers and users. They can learn to contribute locally if they not feel confident to contribute at the international level.

And, Keep Moving Forward. ^_*

team_in_house2

Notes:

Pictures taken from: https://www.flickr.com/groups/gnomeasia2014 and https://www.flickr.com/groups/gnomeasia2015


13 May, 2015 12:53PM

hackergotchi for Ubuntu developers

Ubuntu developers

Lucas Nussbaum: systemd: Type=simple and avoiding forking considered harmful?

(This came up in a discussion on debian-user-french@l.d.o)

When converting from sysvinit scripts to systemd init files, the default practice seems to be to start services without forking, and to use Type=simple in the service description.

What Type=simple does is, well, simple. from systemd.service(5):

If set to simple (the default value if neither Type= nor BusName= are specified), it is expected that the process configured with ExecStart= is the main process of the service. In this mode, if the process offers functionality to other processes on the system, its communication channels should be installed before the daemon is started up (e.g. sockets set up by systemd, via socket activation), as systemd will immediately proceed starting follow-up units.

In other words, systemd just runs the command described in ExecStart=, and it’s done: it considers the service is started.

Unfortunately, this causes a regression compared to the sysvinit behaviour, as described in #778913: if there’s a configuration error, the process will start and exit almost immediately. But from systemd’s point-of-view, the service will have been started successfully, and the error only shows in the logs:

root@debian:~# systemctl start ssh
root@debian:~# echo $?
0
root@debian:~# systemctl status ssh
● ssh.service - OpenBSD Secure Shell server
 Loaded: loaded (/lib/systemd/system/ssh.service; enabled)
 Active: failed (Result: start-limit) since mer. 2015-05-13 09:32:16 CEST; 7s ago
 Process: 2522 ExecStart=/usr/sbin/sshd -D $SSHD_OPTS (code=exited, status=255)
 Main PID: 2522 (code=exited, status=255)
mai 13 09:32:16 debian systemd[1]: ssh.service: main process exited, code=exited, status=255/n/a
mai 13 09:32:16 debian systemd[1]: Unit ssh.service entered failed state.
mai 13 09:32:16 debian systemd[1]: ssh.service start request repeated too quickly, refusing to start.
mai 13 09:32:16 debian systemd[1]: Failed to start OpenBSD Secure Shell server.
mai 13 09:32:16 debian systemd[1]: Unit ssh.service entered failed state.

With sysvinit, this error is detected before the fork(), so it shows during startup:

root@debian:~# service ssh start
 [....] Starting OpenBSD Secure Shell server: sshd/etc/ssh/sshd_config: line 4: Bad configuration option: blah
 /etc/ssh/sshd_config: terminating, 1 bad configuration options
 failed!
 root@debian:~#

It’s not trivial to fix that. The implicit behaviour of sysvinit is that fork() sort-of signals the end of service initialization. The systemd way to do that would be to use Type=notify, and have the service signals that it’s ready using systemd-notify(1) or sd_notify(3) (or to use socket activation, but that’s another story). However that requires changes to the service. Returning to the sysvinit behaviour by using Type=forking would help, but is not really a solution: but what if some of the initialization happens *after* the fork? This is actually the case for sshd, where the socket is bound after the fork (see strace -f -e trace=process,network /usr/sbin/sshd), so if another process is listening on port 22 and preventing sshd to successfully start, it would not be detected.

I wonder if systemd shouldn’t do more to detect problems during services initialization, as the transition to proper notification using sd_notify will likely take some time. A possibility would be to wait 100 or 200ms after the start to ensure that the service doesn’t exit almost immediately. But that’s not really a solution for several obvious reasons. A more hackish, but still less dirty solution could be to poll the state of processes inside the cgroup, and assume that the service is started only when all processes are sleeping. Still, that wouldn’t be entirely satisfying…

13 May, 2015 08:29AM

hackergotchi for Blankon developers

Blankon developers

Ahmad Haris: GNOME Asia Summit 2015 – Indonesia

Saya kali ini akan menulisnya dari sudut pandang pribadi, karena ini blog pribadi. :)

Latar belakang

Tahun lalu, saat mengikuti GNOME Asia Summit 2014 di Beijing, Pak Utian (yang sedari dulu) berkeinginan untuk membawa GNOME Asia Summit ke Indonesia. Saya berusaha membantunya sebisa mungkin dengan ngobrol-ngobrol bareng teman-teman GNOME dan GNOME Board. Pak Utian sendiri waktu itu dapat jatah Lightning Talk untuk memaparkan idenya.

IMG_8925

Pak Utian di GNOME Asia Summit 2014 – Beijing

Indonesia dalam 2 tahun terakhir, menurut saya tidak ada kegiatan-kegiatan terkait FOSS yang cukup besar. FOSS terasa lesu. Hanya beberapa komunitas-komunitas yang terlihat aktif namun gaungnya kurang menggelegar. Jadi kesannya hanya begitu-begitu saja.

Komunitas FOSS yang ada, perlu dipancing dengan sebuah kegiatan yang besar, keren, internasional, agar semangat kontribusi kembali timbul. Sehingga memicu keberagaman kegiatan lain demi kemajuan FOSS di negeri ini.

Saya berada di mana?

Sebetulnya saya berada di lingkaran yang rumit. Sehari-hari saya adalah Pengembang BlankOn, tim hura-hura OpenSUSE-id, Panitia Lokal GNOME Asia Summit 2015 dan GNOME Member.

re_workshop_DSC_5132

GNOME Member Cuiy

Tapi, kali ini saya akan berlaku sebagai GNOME Member dan Panitia Lokal.

Apa saja yang saya kerjakan?

Di kepanitiaan, saya bertugas sebagai pencari sponsor dan supervisi. Saya sengaja tidak mau jadi ketua karena ingin melatih teman-teman yang lebih muda untuk membuat kegiatan. Umumnya, teman-teman IT itu agak susah dalam mengelola sebuah kegiatan. Dan teman-teman panitia lokal kali ini masih muda-muda dan sangat layak untuk diberikan kesempatan.

Menjadi seorang pengembang BlankOn dalam waktu yang cukup lama (7 tahun), sangat banyak membantu dalam mendapatkan sponsor. Karena sudah terlanjur dikenal khalayak umum dalam dunia FOSS di Indonesia.

re_workshop_DSC_0063

Sepatu Spesial

Saya bersama Pak Utian, menjadi supervisi di beberapa kegiatan kepanitiaan lokal GNOME Asia Summit 2015. Mulai dari keuangan, acara, workshop, peralatan, dokumentasi serta konsumsi. Saya tidak terlibat terlalu jauh dan mendetail, namun selalu siap bersedia untuk dimintai saran/nasehat dan kalau diperlukan, menjadi pemecah masalah yang ada.

Salah satu contohnya, saya memposisikan untuk selalu berada di sekitaran lokasi saat para pembicara mulai berdatangan sampai batas jam 11:00 malam. Saya berasumsi bahwa teman-teman pembicara yang datang, pasti suatu waktu butuh bantuan sedangkan teman-teman yang lain sudah istirahat karena seharian sudah kelewat sibuk mengatur acara.

Salah satu hal yang tidak diinginkan terjadi, rombongan Kate, David dan Alexandre, gagal mendapatkan penginapan. Tempat yang sudah dibooking diberikan orang lain. Saat itu sudah lewat jam 10:00 malam. Yang kebetulan, saya sedang nongkrong bareng teman-teman yang datang dari Taiwan. Saya bantu carikan penginapan, juga saya antar cari makan.

resized_IMG_4875

Trio Keren

Intinya, saya mau acaranya lancar jaya. Tidak ada kendala yang terlalu berarti. Makanya saat acara, saya sibuk memastikan semua berjalan dengan lancar. Jadi ya sok sibuk banget.

Apa yang saya harapkan dan dapatkan dari acara ini?

Salah satu dari pembicara GNOME Asia Summit 2015 adalah teman lama saya. Teman yang saya kenal sejak 2008 saat saya bekerja di Banda Aceh. Kami bertemu lagi saat GNOME Asia Summit 2014 di Beijing dan merencanakan untuk bertemu lagi di GNOME Asia Summit 2015. Teman tersebut, Eric Sun dan Franklin Weng, adalah developer Ezgo Linux (Distro berbasis pendidikan yang didanai oleh Kementerian Pendidikan Taiwan). Mereka mengadakan diskusi khusus terkait kerjasama dengan BlankOn Linux. Ezgo akan menginduk ke BlankOn Linux.

resized_IMG_5038

Teman Lama

Saat GNOME Asia Summit 2014 di Beijing, saya mengenal banyak GNOME Member. Mayoritas mereka datang ke acara ini dan kami semua ngobrol-ngobrol lagi. Selain bertemu dengan teman-teman lama, saya juga jadi berkenalan dengan banyak teman-teman baru yang cukup beragam. Benar-benar menyenangkan.

DSC00282w

Makan Sate

Acara GNOME Asia Summit 2015 ini juga jadi bahan reuni beberapa teman-teman, seperti para Pengembang BlankOn, Komunitas OpenSUSE-id, Komunitas FreeBSD, SLiMS, KLAS dan beberapa komunitas lain yang saya sendiri tidak tahu. :D

BIN_2755w

Yang paling kanan itu dari Indonesia lho!

Sebenarnya ada hal yang menarik terkait para pihak yang jadi sponsor. Mayoritas mereka bukan dari dunia yang terkait langsung dengan Teknologi Informasi ataupun FOSS. Seperti dari industri sepatu, industri genteng dan perdagangan saham. Namun banyak dari mereka paham betul apa artinya itu FOSS dan bagaimana bentuk-bentuk kontribusinya. Terima kasih banget buat mereka, tanpa mereka, acara ini tidak akan terwujud.

Di akhir acara, saya dan beberapa komunitas lain sudah merencanakan pergerakan. Seperti Lokakarya Penerjemahan GNOME dengan pihak KLAS, Pesta Rilis GNOME di Jogjakarta, Indonesia Linux Conference di Tegal, Kolaborasi EzGo dengan BlankOn, Pelatihan Pemaketan SLiMS oleh Pengembang BlankOn dengan Pengembang SLiMS serta kemungkinan OpenSUSE Asia Summit 2016 di Indonesia.

Penutup

Dalam hal kontribusi, orang Asia, Indonesia pada khususnya, memiliki gaya yang berbeda dengan orang-orang Eropa ataupun Amerika. Orang Indonesia tidak mudah memulai untuk kontribusi. Mereka harus diperkenalkan terlebih dahulu, didekati sampai mereka tahu bahwa kontribusi itu sangat menyenangkan dan membawa manfaat baik bagi dirinya sendiri maupun orang lain. Mungkin Social Engineering memang sangat dibutuhkan dalam hal ini.

Hal tersebut tentunya sangat berbeda dengan orang di Eropa atau Amerika. Mereka jika ingin berkontribusi, ya langsung saja ikutan kegiatannya dan berkontribusi.

Bersukur bahwa di Indonesia banyak komunitas-komunitas lokal, baik komunitas pengembang distro linux maupun komunitas pengguna distro linux. Mereka bisa belajar berkontribusi secara lokal terlebih dahulu jika belum merasa percaya diri untuk kontribusi di tingkat internasional.

Dan, Teruslah Melangkah Ke Depan. ^_*

resized_IMG_5762

Catatan:

Foto-foto diambil dari https://www.flickr.com/groups/gnomeasia2014 dan https://www.flickr.com/groups/gnomeasia2015


13 May, 2015 06:46AM

Syai Mif: Memonitor atau Mengatur Service Linux di systemd

Setalah acara gnome.asia kemarin, ada aura tambahan untuk oprek dan mengupgrade mesin saya yang sebelumnya masih BlankOn 9 Suroboyo yang menganut paham sysvinit, mau saya upgrade ke BlankOn X Tambora yang menganut paham systemd. Proses upgrade tersebut tidaklah berjalan mulus, masih ada beberapa paket yang konflik, semua jurus (ajaran bapak Azis dan teman2 pengembang BlankOn) … Continue reading Memonitor atau Mengatur Service Linux di systemd

13 May, 2015 02:49AM

hackergotchi for Ubuntu developers

Ubuntu developers

Charles Profitt: Ubuntu Trash Bug

Ubuntu has always had bugs. All software does. Ubuntu 15.04 is the first version of Ubuntu that I will not upgrade too because of a bug. The bug that annoys so much is a minor one, but it impacts me multiple times a day. When using the launcher trash icon and selecting ’empty trash’ a new file manager window opens. This was not the case with Ubuntu 14.10 or any previous version. I understand that there are multiple ways to empty the trash and not have this behavior, but I am used to using the launcher option. While this is a relatively minor bug it bothers me to the point that I will not upgrade to 15.04.


13 May, 2015 01:50AM

May 12, 2015

Gustavo Silva: E-mails… E-mails everywhere

So, after the Summit, a great idea has come up with the Lubuntu fellows. Now it is time to spread the word! My first move was to mail every “devel” list, so that the main contributors of the flavors could read about the idea and, if they are interested, get in touch with me to&ellipsisRead the full post »

12 May, 2015 11:26PM

Matthew Helmke: Teach Your Kids to Code

Teach Your Kids to Code: A Parent-Friendly Guide to Python Programming is a unique and welcome addition to the recent trend of programming books with a focus on teaching children. Unlike books that are designed for self-study, Teach Your Kids to Code is intended to be used in a collaboration between an adult and a child. This could be a parent working with a daughter or son or a teacher working with one or more students. It certainly could be used for self-study, but I like how the intent and focus is to provide something to do together.

The book covers all the important topics from installing and setting up Python on your platform to creating a game. In between, we are treated to coverage of drawing graphics, first simply using Turtle in Python, and later with animated effects using Pygame. Concepts like math, numbers, and variables; loops; conditions; functions; and user interaction are covered clearly and in a logical order within an interesting and enjoyable context.

Each chapter ends with a set of programming challenges to give the readers a way to practice what was learned in the chapter. Sample answers are made available on the publisher’s website. These are interesting and valuable.

I really like this book. If you are an adult looking for a fun project to do with a child in your life, or a kid looking for a way to interest an adult in learning how to use Python, Teach Your Kids to Code is worth a close look.

Disclosure: I was given my copy of this book by the publisher as a review copy. See also: Are All Book Reviews Positive?

12 May, 2015 11:15PM