Search Results: "awm"

20 June 2017

Norbert Preining: TeX Live 2017 hits Debian/unstable

Yesterday I uploaded the first packages of TeX Live 2017 to Debian/unstable, meaning that the new release cycle has started. Debian/stretch was released over the weekend, and this opened up unstable for new developments. The upload comprised the following packages: asymptote, cm-super, context, context-modules, texlive-base, texlive-bin, texlive-extra, texlive-extra, texlive-lang, texworks, xindy.
I mentioned already in a previous post the following changes: The last two changes are described together with other news (easy TEXMF tree management) in the TeX Live release post. These changes more or less sum up the new infra structure developments in TeX Live 2017. Since the last release to unstable (which happened in 2017-01-23) about half a year of package updates have accumulated, below is an approximate list of updates (not split into new/updated, though). Enjoy the brave new world of TeX Live 2017, and please report bugs to the BTS! Updated/new packages:
academicons, achemso, acmart, acro, actuarialangle, actuarialsymbol, adobemapping, alkalami, amiri, animate, aomart, apa6, apxproof, arabluatex, archaeologie, arsclassica, autoaligne, autobreak, autosp, axodraw2, babel, babel-azerbaijani, babel-english, babel-french, babel-indonesian, babel-japanese, babel-malay, babel-ukrainian, bangorexam, baskervaldx, baskervillef, bchart, beamer, beamerswitch, bgteubner, biblatex-abnt, biblatex-anonymous, biblatex-archaeology, biblatex-arthistory-bonn, biblatex-bookinother, biblatex-caspervector, biblatex-cheatsheet, biblatex-chem, biblatex-chicago, biblatex-claves, biblatex-enc, biblatex-fiwi, biblatex-gb7714-2015, biblatex-gost, biblatex-ieee, biblatex-iso690, biblatex-manuscripts-philology, biblatex-morenames, biblatex-nature, biblatex-opcit-booktitle, biblatex-oxref, biblatex-philosophy, biblatex-publist, biblatex-shortfields, biblatex-subseries, bibtexperllibs, bidi, biochemistry-colors, bookcover, boondox, bredzenie, breqn, bxbase, bxcalc, bxdvidriver, bxjalipsum, bxjaprnind, bxjscls, bxnewfont, bxorigcapt, bxpapersize, bxpdfver, cabin, callouts, chemfig, chemformula, chemmacros, chemschemex, childdoc, circuitikz, cje, cjhebrew, cjk-gs-integrate, cmpj, cochineal, combofont, context, conv-xkv, correctmathalign, covington, cquthesis, crimson, crossrefware, csbulletin, csplain, csquotes, css-colors, cstldoc, ctex, currency, cweb, datetime2-french, datetime2-german, datetime2-romanian, datetime2-ukrainian, dehyph-exptl, disser, docsurvey, dox, draftfigure, drawmatrix, dtk, dviinfox, easyformat, ebproof, elements, endheads, enotez, eqnalign, erewhon, eulerpx, expex, exsheets, factura, facture, fancyhdr, fbb, fei, fetamont, fibeamer, fithesis, fixme, fmtcount, fnspe, fontmfizz, fontools, fonts-churchslavonic, fontspec, footnotehyper, forest, gandhi, genealogytree, glossaries, glossaries-extra, gofonts, gotoh, graphics, graphics-def, graphics-pln, grayhints, gregoriotex, gtrlib-largetrees, gzt, halloweenmath, handout, hang, heuristica, hlist, hobby, hvfloat, hyperref, hyperxmp, ifptex, ijsra, japanese-otf-uptex, jlreq, jmlr, jsclasses, jslectureplanner, karnaugh-map, keyfloat, knowledge, komacv, koma-script, kotex-oblivoir, l3, l3build, ladder, langsci, latex, latex2e, latex2man, latex3, latexbug, latexindent, latexmk, latex-mr, leaflet, leipzig, libertine, libertinegc, libertinus, libertinust1math, lion-msc, lni, longdivision, lshort-chinese, ltb2bib, lualatex-math, lualibs, luamesh, luamplib, luaotfload, luapackageloader, luatexja, luatexko, lwarp, make4ht, marginnote, markdown, mathalfa, mathpunctspace, mathtools, mcexam, mcf2graph, media9, minidocument, modular, montserrat, morewrites, mpostinl, mptrees, mucproc, musixtex, mwcls, mweights, nameauth, newpx, newtx, newtxtt, nfssext-cfr, nlctdoc, novel, numspell, nwejm, oberdiek, ocgx2, oplotsymbl, optidef, oscola, overlays, pagecolor, pdflatexpicscale, pdfpages, pdfx, perfectcut, pgfplots, phonenumbers, phonrule, pkuthss, platex, platex-tools, polski, preview, program, proofread, prooftrees, pst-3dplot, pst-barcode, pst-eucl, pst-func, pst-ode, pst-pdf, pst-plot, pstricks, pstricks-add, pst-solides3d, pst-spinner, pst-tools, pst-tree, pst-vehicle, ptex2pdf, ptex-base, ptex-fontmaps, pxbase, pxchfon, pxrubrica, pythonhighlight, quran, ran_toks, reledmac, repere, resphilosophica, revquantum, rputover, rubik, rutitlepage, sansmathfonts, scratch, seealso, sesstime, siunitx, skdoc, songs, spectralsequences, stackengine, stage, sttools, studenthandouts, svg, tcolorbox, tex4ebook, tex4ht, texosquery, texproposal, thaienum, thalie, thesis-ekf, thuthesis, tikz-kalender, tikzmark, tikz-optics, tikz-palattice, tikzpeople, tikzsymbols, titlepic, tl17, tqft, tracklang, tudscr, tugboat-plain, turabian-formatting, txuprcal, typoaid, udesoftec, uhhassignment, ukrainian, ulthese, unamthesis, unfonts-core, unfonts-extra, unicode-math, uplatex, upmethodology, uptex-base, urcls, variablelm, varsfromjobname, visualtikz, xassoccnt, xcharter, xcntperchap, xecjk, xepersian, xetexko, xevlna, xgreek, xsavebox, xsim, ycbook.

08 October 2016

Norbert Preining: Debian/TeX update October 2016: all of TeX Live and Biber 2.6

Finally a new update of many TeX related packages: all the texlive-* including the binary packages, and biber have been updated to the latest release. This upload was delayed by my travels around the world, as well as the necessity to package a new Perl module (libdatetime-calendar-julian-perl) as required by new Biber. Also, my new job leaves me only the weekends for packaging. Anyway, the packages are now uploaded and should appear soon on your friendly local server. texlive2016-debian There are several highlights: The binaries have been patched with several upstream fixes (tex4ht and XeTeX compatibility, as well as various Japanese TeX engine fixes), updated biber and biblatex, and as usual loads of new and updated packages. Last but not least I want to thank one particular author: His package was removed from TeX Live due to the addition of a rather unusual clause in the license. Instead of simply uploading new packages to Debian with the rather important removed, I contacted the author and asked for clarification. And to my great pleasure he immediately answered with an update of the package with fixed license. All of us user of these many packages should be grateful to the authors of the packages who invest loads of their free time into supporting our community. Thanks! Enough now, here as usual the list of new and updated packages with links to their respective CTAN pages. Enjoy. New packages addfont, apalike-german, autoaligne, baekmuk, beamerswitch, beamertheme-cuerna, beuron, biblatex-claves, biolett-bst, cooking-units, cstypo, emf, eulerpx, filecontentsdef, frederika2016, grant, latexgit, listofitems, overlays, phonenumbers, pst-arrow, quicktype, revquantum, richtext, semantic-markup, spalign, texproposal, tikz-page, unfonts-core, unfonts-extra, uspace. Updated packages achemso, acmart, acro, adobemapping, alegreya, allrunes, animate, arabluatex, archaeologie, asymptote, attachfile, babel-greek, bangorcsthesis, beebe, biblatex, biblatex-anonymous, biblatex-apa, biblatex-bookinother, biblatex-chem, biblatex-fiwi, biblatex-gost, biblatex-ieee, biblatex-manuscripts-philology, biblatex-morenames, biblatex-nature, biblatex-opcit-booktitle, biblatex-phys, biblatex-realauthor, biblatex-science, biblatex-true-citepages-omit, bibleref, bidi, chemformula, circuitikz, cochineal, colorspace, comment, covington, cquthesis, ctex, drawmatrix, ejpecp, erewhon, etoc, exsheets, fancyhdr, fei, fithesis, footnotehyper, fvextra, geschichtsfrkl, gnuplottex, gost, gregoriotex, hausarbeit-jura, ijsra, ipaex, jfontmaps, jsclasses, jslectureplanner, latexdiff, leadsheets, libertinust1math, luatexja, markdown, mcf2graph, minutes, multirow, mynsfc, nameauth, newpx, newtxsf, notespages, optidef, pas-cours, platex, prftree, pst-bezier, pst-circ, pst-eucl, pst-optic, pstricks, pstricks-add, refenums, reledmac, rsc, shdoc, siunitx, stackengine, tabstackengine, tagpair, tetex, texlive-es, texlive-scripts, ticket, translation-biblatex-de, tudscr, turabian-formatting, updmap-map, uplatex, xebaposter, xecjk, xepersian, xpinyin. Enjoy.

26 December 2015

Norbert Preining: Debian/TeX Live 2015.20151226-1

Before I disappear into the Japanese winter holidays, here the Christmas update of all TeX Live packages. Nothing spectacular here, just the usual bunch of updates of loads of packages. There is a bug with respect to a file move from one package to another, will be fixed in an upload soon. Debian - TeX Live 2015 Updated packages apnum, appendix, archaeologie, babel, babel-french, babel-greek, babel-hungarian, bangorcsthesis, beamer-verona, bhcexam, bibarts, bidi, bxjscls, chemfig, commado, comprehensive, context, cslatex, csplain, ctanify, doclicense, dvips, ejpecp, exsheets, fbb, fibeamer, fithesis, fontools, francais-bst, gitinfo2, glossaries, gnuplottex, greek-fontenc, hyph-utf8, indextools, ksp-thesis, l3build, l3experimental, l3kernel, l3packages, latexcourse-rug, lollipop, lstbayes, lualibs, luaotfload, luatexja, luatexko, luatodonotes, make4ht, mcf2graph, media9, mex, mfirstuc, mhchem, mptopdf, nameauth, nevelok, newtx, nicetext, nucleardata, ocgx2, pageslts, petri-nets, phonrule, pkuthss, powerdot, proofread, proposal, pst-labo, pst-solides3d, reledmac, sapthesis, serbian-lig, showlabels, t2, tcolorbox, tempora, testhyphens, tetex, tex4ebook, tex4ht, texlive-scripts, texsis, thuthesis, toptesi, tudscr, ucharcat, versonotes, xcharter, xepersian, xifthen, xindy, xint. New packages beamertheme-detlevcm, beamertheme-metropolis, beamertheme-phnompenh, beamer-verona, bitpattern, carbohydrates, delimseasy, drawmatrix, einfuehrung2, ellipse, ffslides, gitlog, greektonoi, ksp-thesis, longfbox, options, simpler-wick, unicode-data. Enjoy.

28 November 2015

Daniel Pocock: Disabling Dynamic Currency Conversion (DCC) in Airbnb

In many travel-related web sites for airlines and hotels, there is some attempt to sting the customer with an extra fee by performing a currency conversion at an inflated exchange rate. Sometimes it is only about five percent and this may not appear to be a lot but in one case a hotel was trying to use a rate that increased the cost of my booking by 30%. This scheme/scam is referred to as Dynamic Currency Conversion (DCC). Sometimes the website says that they are making it "easy" for you by giving you a "guaranteed" exchange rate that "might" be better than the rate from your bank. Sometimes a hotel or restaurant in a tourist location insists that you have to pay in a currency that is not the same as the currency on your booking receipt or their menu card, this is also a DCC situation. Reality check: these DCC rates are universally bad. Last time I checked, my own credit card only has a 0.9% fee for currency conversion. Credit card companies have become a lot more competitive but the travel industry hasn't. Airbnb often claims that they want to help the little guy and empower people, at least that is the spin they were using when New York city authorities were scrutinizing their business model. Their PR blog tries to boast about the wonderful economic impact of Airbnb. But when it comes to DCC, the economic impact is universally bad for the customer and good for Airbnb's bosses. Most sites just turn on DCC by default and add some little opt-out link or checkbox that you have to click every time you book. Airbnb, however, is flouting regulations and deceiving people by trying to insist that you can't manually choose the currency you'll use for payment. Fortunately, Visa and Mastercard have insisted that customers do have the right to know the DCC exchange rate and choose not to use DCC. What are the rules? Looking at the Visa system, the Visa Product and Service Rules, page 371, s5.9.7.4 include the statement that the merchant (Airbnb) must "Inform the Cardholder that Dynamic Currency Conversion is optional". The same section also says that Airbnb must "Not use any language or procedures that may cause the Cardholder to choose Dynamic Currency Conversion by default". When you read the Airbnb help text about currencies, do you think the language and procedures there comply with Visa's regulations? What does Airbnb have to say about it? I wrote to Airbnb to ask about this. A woman called Eryn H replied "As it turns out we cannot provide our users with the option to disable currency conversion." She went on to explain "When it comes to currency converting, we have to make sure that the payments and payouts equal to be the same amount, this is why we convert it as well as offer to convert it for you. We took it upon ourselves to do this for our users as a courtesy, not so that we can inconvenience any users.". That, and the rest of Eryn's email, reads like a patronizing copy-and-paste response that we've all come to dread from some poorly trained customer service staff these days. Miss H's response also includes this little gem: "Additionally, if you pay in a currency that s different from the denominated currency of your payment method, your payment company (for example, your credit or bank card issuer) or third-party payment processor may apply a currency conversion rate or fees to your payment. Please contact your provider for information on what rates and fees may apply as these are not controlled by or known to Airbnb." and what this really means is that if Airbnb forces you to use a particular currency, with their inflated exchange rate and that is not the currency used by your credit card then you will have another currency conversion fee added by your bank, so you suffer the pain of two currency conversions. This disastrous scenario comes about because some clever person at Airbnb wanted to show users a little "courtesy", as Miss H describes it. What can users do? As DCC is optional and as it is not clear on the booking page, there are other things a user can do. At the bottom of the Airbnb page you can usually find an option to view prices in a different currency. You can also change your country of residence in the settings to ensure you view prices in the host currency. This allows you to see the real price, without the DCC steal. People have been able to email or call Airbnb and have DCC disabled for their account. Not all their telephone staff seem to understand these requests and apparently it is necessary to persist and call more than once. In the long term, the cost savings outweigh the time it may take even if you spend 20 minutes on the phone getting it fixed. Whatever you do, with any travel site, print a copy of the information page showing the price in host currency. After doing that for an Airbnb booking and before making any payment, send a message to the host quoting the total price in their currency and stating DCC is not authorized. If Airbnb does wrongly convert the currency, send a letter to the credit card company asking for a full refund/chargeback on the basis that the transaction in the wrong currency was not an authorized transaction. It is important to ensure that you do not agree to the payment using Verified-by-Visa or Mastercard Securecode and do not pay with a debit card as these things can undermine your chances of a successful chargeback. The chargeback rules are very clear about this. On the Visa website, the Guide for the Lodging Industry describes all the chargeback reason codes. On page 46, reason code 76 is described for cases such as these:
  • Cardholder was not advised that Dynamic Currency Conversion (DCC) would occur
  • Cardholder was refused the choice of paying in the merchant s local currency
If you feel that Airbnb's web site was not operating in compliance with these rules, while many other web sites have made the effort to do so, why shouldn't you demand a correction by your bank? Once enough people do this, don't be surprised if Airbnb fixes their site.

03 May 2015

Lunar: Paranoia, uh?

A couple days ago The Intercept has released new documents provided by Edward Snowden. They show the efforts of the CIA to break the security of Apple plateforms. One of the document introduces the Strawhorse program: Attacking the MacOS and iOS Software Development Kit:
(S//NF) Ken Thompson's gcc attack [ ] motivates the StrawMan work: what can be done of benefit to the US Intelligence Community (IC) if one can make an arbritrary modification to a system compiler [ ]? A (whacked) SDK can provide a subtle injection vector onto standalone developer networks, or it can modify any binary compiled by that SDK. In the past, we have watermarked binaries for attribution, used binaries as an exfiltration mechanism, and inserted Trojans into compiled binaries.
I knew it was a plausible hypothesis, but just reading it black on white gives me shivers. Reproducible builds need to become the standard.

30 November 2013

Petter Reinholdtsen: Dugnadsnett for alle, a wireless community network in Oslo, take shape

If you want the ability to electronically communicate directly with your neighbors and friends using a network controlled by your peers in stead of centrally controlled by a few corporations, or would like to experiment with interesting network technology, the Dugnasnett for alle i Oslo might be project for you. 39 mesh nodes are currently being planned, in the freshly started initiative from NUUG and Hackeriet to create a wireless community network. The work is inspired by Freifunk, Athens Wireless Metropolitan Network, Roofnet and other successful mesh networks around the globe. Two days ago we held a workshop to try to get people started on setting up their own mesh node, and there we decided to create a new mailing list dugnadsnett (at) nuug.no and IRC channel #dugnadsnett.no to coordinate the work. See also the NUUG blog post announcing the mailing list and IRC channel.

11 October 2013

Petter Reinholdtsen: Oslo community mesh network - with NUUG and Hackeriet at Hausmania

Wireless mesh networks are self organising and self healing networks that can be used to connect computers across small and large areas, depending on the radio technology used. Normal wifi equipment can be used to create home made radio networks, and there are several successful examples like Freifunk and Athens Wireless Metropolitan Network (see wikipedia for a large list) around the globe. To give you an idea how it work, check out the nice overview of the Kiel Freifunk community which can be seen from their dynamically updated node graph and map, where one can see how the mesh nodes automatically handle routing and recover from nodes disappearing. There is also a small community mesh network group in Oslo, Norway, and that is the main topic of this blog post. I've wanted to check out mesh networks for a while now, and hoped to do it as part of my involvement with the NUUG member organisation community, and my recent involvement in the Freedombox project finally lead me to give mesh networks some priority, as I suspect a Freedombox should use mesh networks to connect neighbours and family when possible, given that most communication between people are between those nearby (as shown for example by research on Facebook communication patterns). It also allow people to communicate without any central hub to tap into for those that want to listen in on the private communication of citizens, which have become more and more important over the years. So far I have only been able to find one group of people in Oslo working on community mesh networks, over at the hack space Hackeriet at Husmania. They seem to have started with some Freifunk based effort using OLSR, called the Oslo Freifunk project, but that effort is now dead and the people behind it have moved on to a batman-adv based system called meshfx. Unfortunately the wiki site for the Oslo Freifunk project is no longer possible to update to reflect this fact, so the old project page can't be updated to point to the new project. A while back, the people at Hackeriet invited people from the Freifunk community to Oslo to talk about mesh networks. I came across this video where Hans J rgen Lysglimt interview the speakers about this talk (from youtube): I mentioned OLSR and batman-adv, which are mesh routing protocols. There are heaps of different protocols, and I am still struggling to figure out which one would be "best" for some definitions of best, but given that the community mesh group in Oslo is so small, I believe it is best to hook up with the existing one instead of trying to create a completely different setup, and thus I have decided to focus on batman-adv for now. It sure help me to know that the very cool Serval project in Australia is using batman-adv as their meshing technology when it create a self organizing and self healing telephony system for disaster areas and less industrialized communities. Check out this cool video presenting that project (from youtube): According to the wikipedia page on Wireless mesh network there are around 70 competing schemes for routing packets across mesh networks, and OLSR, B.A.T.M.A.N. and B.A.T.M.A.N. advanced are protocols used by several free software based community mesh networks. The batman-adv protocol is a bit special, as it provide layer 2 (as in ethernet ) routing, allowing ipv4 and ipv6 to work on the same network. One way to think about it is that it provide a mesh based vlan you can bridge to or handle like any other vlan connected to your computer. The required drivers are already in the Linux kernel at least since Debian Wheezy, and it is fairly easy to set up. A good introduction is available from the Open Mesh project. These are the key settings needed to join the Oslo meshfx network:
SettingValue
Protocol / kernel modulebatman-adv
ESSIDmeshfx@hackeriet
Channel / Frequency11 / 2462
Cell ID02:BA:00:00:00:01
The reason for setting ad-hoc wifi Cell ID is to work around bugs in firmware used in wifi card and wifi drivers. (See a nice post from VillageTelco about "Information about cell-id splitting, stuck beacons, and failed IBSS merges! for details.) When these settings are activated and you have some other mesh node nearby, your computer will be connected to the mesh network and can communicate with any mesh node that is connected to any of the nodes in your network of nodes. :) My initial plan was to reuse my old Linksys WRT54GL as a mesh node, but that seem to be very hard, as I have not been able to locate a firmware supporting batman-adv. If anyone know how to use that old wifi access point with batman-adv these days, please let me know. If you find this project interesting and want to join, please join us on IRC, either channel #oslohackerspace or #nuug on irc.freenode.net. While investigating mesh networks in Oslo, I came across an old research paper from the university of Stavanger and Telenor Research and Innovation called The reliability of wireless backhaul mesh networks and elsewhere learned that Telenor have been experimenting with mesh networks at Gr nerl kka in Oslo. So mesh networks are also interesting for commercial companies, even though Telenor discovered that it was hard to figure out a good business plan for mesh networking and as far as I know have closed down the experiment. Perhaps Telenor or others would be interested in a cooperation? Update 2013-10-12: I was just told by the Serval project developers that they no longer use batman-adv (but are compatible with it), but their own crypto based mesh system.

20 September 2013

Vincent Sanders: Man is fully responsible for his nature and his choices.

Well at least he should be according to Sartre though I am not entirely convinced the repercussions of my choice to manufacture another folding chair were entirely thought through.

After my most recent posting the urge to do "just one more iteration" became too great and I succumbed. I therefore present version 4 of my folding chair which corrects all the previously discovered issues.

The popliteal height (420mm) and buttock popliteal length (400mm) are both comfortable for a wide selection of people. The seat slopes a few degrees front to back and the back rest no longer comes further forward than the rear of the seat.

There is a small gap above where the seat folds in when flat but that is only an aesthetic issue when being stored.

Manufacture wise the design is simple to produce although I really will have to teach our CNC router how to use the round over bit to reduce the finishing steps as currently that takes longer than the CNC operation.

In future if I make more of these I will use this design and, once she is less annoyed at me for making another chair, I am going to consult with my wife on adding some cushioning material to the seat and backrest.

And of course that concludes my furniture making for a while...yeah, right!

there have been comments which have complained about my usage of space on sheets and suggested I waste too much material. That is probably true and in my own defence I have not been working with this machine for very long and am not quite used to what I can "get away with" yet.

Side X folding stool
I was looking at the sheet after removing the last chair design and had a thought, I had not attempted a side X type folding design and perhaps I could squeeze one into the offcuts? I kinda got carried away, it roughly went:


Side X folding stool cut from sheet offcut
If all of that sounds like and utterly mad way to design a size X stool, you are of course correct, but it worked, and it was a very fast process taking less than four hours from idea to stool.

Paul testing the dry fit side X stool
There are a couple of issues:

Clamping stool why the glue drys
The seat went together dry fit and Paul tested it for me, however that last issue soon made me realise that this time I was going to have to resort to glue. Yes, sorry, this design needs to be glued to remain stable (I know plywood contains glue...please stop telling me that).


It is pretty simple to put together and aside from needing half the clamps in makespace to hold it in place while the glue dried, I had no trouble.

Though this is definitely not a case of use glue "sparingly" I put generous amounts in all the dowel joints and all the seat slots and got very little ooze so I guess it could have used more.

The final varnished stool is pretty robust but folds up nicely the concept of hooking to its own pivot dowel means it stays closed when flat which makes it very portable.

Total cost was an estimated 10.00 ( 4.25 dowel, 2.50 of 24mm ply, 1.75 for 18mm ply, 0.50 tool wear, 1.00 varnish) though the materials in my case could be argued to have cost nothing.

It has been suggested that I could make an entire picnic table and chairs set this way but if I did I would reduce the stool height by 50mm and examine ways to use less dowel.

This is usually the bit where I point you all at the freely usable design files on github and all the photos on flikr and wrap up.

But you know what the Monty Python boys say? "Nobody Expects the Spanish inquisition"

Or in this case my final (and yes I am going to do something else next) chair design. It is based on the stool, in fact it is the stool design with the outer legs extended and a back rest added.

The modified design reduces the dowel requirements to 775mm but requires a bit more sheet material (cannot get this one entirely from offcuts).

Total cost was an estimated 10.50 ( 2.50 dowel, 4.50 of 24mm ply, 1.75 for 18mm ply, 0.50 tool wear, 1.25 varnish).
Because it is based on the stool design it suffers from the height issue and in addition the back rest is a bit far back to be completely comfortable.

Neither of the side X designs have flaws that interest me enough to follow the iterative approach again to solve them. Both the designs work well enough and rounded out my adventures with folding chairs and indeed furniture for now.

As always the design files are on github and the images are on flikr.





07 August 2013

Keith Packard: Cursor tracking

Tracking Cursor Position I spent yesterday morning in the Accessibility BOF here at Guadec and was reminded that one persistent problem with tools like screen magnifiers and screen readers is that they need to know the current cursor position all the time, independent of which window the cursor is in and independent of grabs. The current method that these applications are using to track the cursor is to poll the X server using XQueryPointer. This is obviously terrible for at least a couple of reasons: These two problems also conflict with one another. Reducing input latency comes at the cost of further reducing the opportunities for power saving, and vice versa. XInput2 to the rescue (?) XInput2 has the ability to deliver raw device events right to applications, bypassing the whole event selection mechanism within the X server. This was designed to let games and other applications see relative mouse motion events and drawing applications see the whole tablet surface. These raw events are really raw though; they do not include the cursor position, and so cannot be directly used for tracking. However, we do know that the cursor only moves in response to input device events, so we can easily use the arrival of a raw event to trigger a query for the mouse position. A better plan? Perhaps what we should do is to actually create a new event type to report the cursor position and the containing window so that applications can simply track that. Yeah, it s a bit of a special case, but it s a common requirement for accessibility tools.
 
    CursorEvent
        EVENTHEADER
        detail:                    CARD32
        sourceid:                  DEVICEID
        flags:                     DEVICEEVENTFLAGS
    root:                      WINDOW
    window:                    WINDOW
    root-x, root-y:            INT16
    window-x, window-y:        INT16
 
A CursorEvent is sent whenever a sprite moves on the screen. sourceid is the master pointer which is moving. root is the root window containing the cursor, window is the window that the pointer is in. root-x and root-y indicate the position within the root window, window-x and window-y indicate the position within window . Demo Application Here s a short application, hacked from Peter Hutterer s part1.c
/* cc -o track_cursor track_cursor.c  pkg-config --cflags --libs xi x11  */
#include <stdio.h>
#include <string.h>
#include <X11/Xlib.h>
#include <X11/extensions/XInput2.h>
/* Return 1 if XI2 is available, 0 otherwise */
static int has_xi2(Display *dpy)
 
    int major, minor;
    int rc;
    /* We support XI 2.2 */
    major = 2;
    minor = 2;
    rc = XIQueryVersion(dpy, &major, &minor);
    if (rc == BadRequest)  
    printf("No XI2 support. Server supports version %d.%d only.\n", major, minor);
    return 0;
      else if (rc != Success)  
    fprintf(stderr, "Internal Error! This is a bug in Xlib.\n");
     
    printf("XI2 supported. Server provides version %d.%d.\n", major, minor);
    return 1;
 
static void select_events(Display *dpy, Window win)
 
    XIEventMask evmasks[1];
    unsigned char mask1[(XI_LASTEVENT + 7)/8];
    memset(mask1, 0, sizeof(mask1));
    /* select for button and key events from all master devices */
    XISetMask(mask1, XI_RawMotion);
    evmasks[0].deviceid = XIAllMasterDevices;
    evmasks[0].mask_len = sizeof(mask1);
    evmasks[0].mask = mask1;
    XISelectEvents(dpy, win, evmasks, 1);
    XFlush(dpy);
 
int main (int argc, char **argv)
 
    Display *dpy;
    int xi_opcode, event, error;
    XEvent ev;
    dpy = XOpenDisplay(NULL);
    if (!dpy)  
    fprintf(stderr, "Failed to open display.\n");
    return -1;
     
    if (!XQueryExtension(dpy, "XInputExtension", &xi_opcode, &event, &error))  
       printf("X Input extension not available.\n");
          return -1;
     
    if (!has_xi2(dpy))
    return -1;
    /* select for XI2 events */
    select_events(dpy, DefaultRootWindow(dpy));
    while(1)  
    XGenericEventCookie *cookie = &ev.xcookie;
    XIRawEvent      *re;
    Window          root_ret, child_ret;
    int         root_x, root_y;
    int         win_x, win_y;
    unsigned int        mask;
    XNextEvent(dpy, &ev);
    if (cookie->type != GenericEvent  
        cookie->extension != xi_opcode  
        !XGetEventData(dpy, cookie))
        continue;
    switch (cookie->evtype)  
    case XI_RawMotion:
        re = (XIRawEvent *) cookie->data;
        XQueryPointer(dpy, DefaultRootWindow(dpy),
                  &root_ret, &child_ret, &root_x, &root_y, &win_x, &win_y, &mask);
        printf ("raw %g,%g root %d,%d\n",
            re->raw_values[0], re->raw_values[1],
            root_x, root_y);
        break;
     
    XFreeEventData(dpy, cookie);
     
    return 0;
 
Hacks in xeyes Of course, one common mouse tracking application is xeyes, so I ve hacked up that code (on top of my present changes) here:
git clone git://people.freedesktop.org/~keithp/xeyes.git

09 March 2013

Lars Wirzenius: Can the world be saved by coding?

I love programming. I was born to code. I want to save the world by writing code. I feel very strongly about software freedom. As I get older, and my eyes open to see more of the evil in the world, I become more concerned about freedom in general. Software freedom is, at least traditionally, about permission use, study, modify, and re-distribute software. The Free Software Foundation expresses this as the four essential freedoms. Debian expanded on that, and produced the Debian Free Software Guidelines. This is no longer enough. It is not enough to have all the freedom when you using your own computer, to have the source code to every bit of code that runs on your hardware. We live in the era of the Internet. Much of what we use computers for involves communication over the Internet, and the Internet is being actively used to curtail the freedom of people. For example, governments and corporations do large-scale surveillance of everyone, by eavesdropping on private communications, gathering enormous databases of personal data, and by analysing everything they can in order to find patterns and make conclusions both at the statistical level and about individuals. This ruins privacy. Without privacy, democracy cannot survive. Another example: in the name of various strawmen, such as terrorism, copyright violations, drugs, and child pornography, governments and corporations are collaborating in limiting private people's communications. I'm a Finnish citizen living in the UK. Both countries are among the closest ones to an ideal democractic nation state. Both countries arbitrarily block access to websites based on lists provided by private organisations, assuming that those organisations produce accurate lists of sites that contain copyright violations. As a result, both countries blocked, for example, a site where musical artists promoted their own works, bypassing the large media corporations that fund the list-making organisation. These issues transcend software freedom, though they interact with it. Software freedom is a necessary requirement for freedom, in a world where almost everything is done with, or controlled by, the use of computers. Software freedom is not enough to prevent censorship or surveillance: even if all the software in the world were free, including the national firewalls of China, Finland, and the UK, this would not prevent those countries from censoring and surveilling their citizens. The firewall would run free software, but that does not give the citizens the freedom to disable, or modify, the firewall systems. Fixing these issues is not a coding task. It is a job for politics, and it is going to take a long time, I fear. In the mean time, is there something a hacker can do to improve things? My main hobby project is Obnam, my backup program. Does that help people to protect their freedom? I think it does, in a small way: Obnam supports online, encrypted backups (and de-duplication even for encryption is used), which means they can make backups to servers anywhere on the Internet without having to fear their data gets read and analysed by hostile entities such as their own government, other governments, large corporations, or criminals. Obviously this does not help them if their government prohibits the use of encryption, or requires key escrow, or mandates backdoors to all encryption methods. But it's a step in the right direction. I don't claim Obnam will save the world, but a million small such steps by a thousand individual hackers, even without any particular organisation or guidance, will make a big impact. What step can you take?

02 February 2013

Russ Allbery: First 2013 Powell's haul

I lost my will roll against placing another book order a couple of weeks ago. There are just too many people writing too many fascinating things that I want to read! Elizabeth Bear Shoggoths in Bloom (collection)
David Graeber Debt: The First 5,000 Years (non-fiction)
Eric Hobsbawm The Age of Revolution 1789 1848 (non-fiction)
China Mi ville Kraken (sff)
John McPhee Annals of the Former World (non-fiction)
C.E. Murphy The Queen's Bastard (sff)
C.E. Murphy The Pretender's Crown (sff)
Steven Pinker Words and Rules (non-fiction)
David Roodman Due Diligence (non-fiction)
Rebecca Skloot The Immortal Life of Henrietta Lacks (non-fiction)
Richard G. Wilkinson & Kate Pickett The Spirit Level (non-fiction)
Fumi Yoshinaga oku: The Inner Chambers #1 (graphic novel) As you can see, mostly non-fiction. Which is, of course, the type of book that takes the longest to read. I'm so smart about managing a backlog. The Pinker was recommended by one of my favorite Teaching Company courses (Myths, Lies, and Half-Truths of Language Usage by John McWhorter), and I was interested enough in linguistics to want to read something a bit more intensive. John McPhee's Annals of the Former World is about geology, something I've wanted to know more about for a while, and won the Pulitzer for general non-fiction. It's also huge. It might take me a while to get to that. Of the fiction, I read the first Murphy a long time back, but it was a borrowed copy, and I want to re-read it before reading the second volume in the duology. I remember really enjoying it, but don't remember anything about what happened. oku is manga that won the Tiptree award, so that sounded too interesting to pass up. And since I own just about everything else Elizabeth Bear has published, I figured I should keep the streak alive, even if I'm a bit behind on reading it.

27 February 2012

Andrew McMillan: 2012 DAViCal User Survey

Back in 2005 I saw that a new open standard was being developed for calendaring, and I thought it would be a great idea to implement it. Nothing too complicated - just a really simple implementation... And thus was born the "Really Simple CalDAV Store". A few years later, when I got about 90% of the way through implementing the base CalDAV specification, I realised that "Really Simple" and "Calendar" don't actually happen in the universe we inhabit, so after much deliberation the project got renamed to "DAViCal". Now, in 2012, DAViCal is one of the leading CalDAV servers available, and I spend quite a lot of my time helping people who want to use it. Earlier in the year I was looking at the web server logs and noticed that in a four week period (i.e. as far as my logs go back) there had been several thousand unique sources of hits on the URL that DAViCal uses internally to find out what the latest version is when you browse to the '/setup.php' page. This got me wondering how many DAViCal installations there are out there, and how big they might be, and so forth but since DAViCal is free open source software, there isn't a simple way to answer those questions. I thought that it must be time to run a survey of DAViCal users everywhere to try and find out what the scale of the penetration is. How big (and how small) are the installations running DAViCal? What... Well: lets save the questions for the actual place where you can put answers :-) So click here and take the survey right now... you know you want to :-)

18 January 2012

MJ Ray: SOPA: Lash Out is better than Black Out

Once again, lawmakers are considering a stupid protectionist measure and this time it s the US, so it has some effects outside the US too. Once again, some websites have taken themselves offline and caused great inconvenience to their supporters. This is really annoying. Protesting about threats to take websites offline by taking websites offline is as stupid as protesting against a ban on kissing by not kissing. It just demonstrates that you can do without your websites/kisses if you must. I feel it s much better to use websites to distribute information and call people to action, like this epetition for UK citizens and residents, or by asking your associations and suppliers to oppose these measures and their supporters. Wikipedia is probably a bit to blame. Although it called its action a blackout, it wasn t one and there were still many ways to access its information. In fact, if you use NoScript, the banner didn t even display and there s only a line on the front page to say anything is happening. The one that really annoyed me was identi.ca, which even turned off its API so clients just started spewing errors everywhere (I returned to my desk to a stack of retry questions). That stopped some of my websites from distributing a link to the anti-SOPA epetition because they read from my identi.ca stream how much other anti-SOPA activism was hindered? I ve been told that Evan held a vote, but I didn t see it, so I didn t vote and I don t know the turnout or anything. How many people voted for the blackout because they use other sites like twitter more anyway? Banners: yes; Blackouts: no.

26 November 2011

Andrew McMillan: CeBIT 2011 in (overdue) review

The German Linux Magazine runs a sponsored an "Open Source Lounge" at CeBIT each year. Last year I put in a proposal for DAViCal and it got accepted! With some airfare support from InternetNZ I got to showcase my Free Software project at the largest IT trade fair in the world.If you have an open source project to promote I can't recommend this highly enough. Below is a review of my experience at CeBIT early this year. This is long overdue for posting, and I'm prompted now because submissions are now open for the Open Source Project Lounge at CeBIT in 2012. Apply now.The German Linux Magazine runs a sponsored an "Open Source Lounge" at CeBIT each year. Last year I put in a proposal for DAViCal and it got accepted! With some airfare support from InternetNZ I got to showcase my Free Software project at the largest IT trade fair in the world. If you have an open source project to promote I can't recommend this highly enough. Below is a review of my experience at CeBIT early this year. This is long overdue for posting, and I'm prompted now because submissions are now open for the Open Source Project Lounge at CeBIT in 2012. Apply now.

CeBIT Hall 2 is an enormous space

DAViCal at CeBIT 2011 CeBIT in Hannover is said to be the largest trade fair in the world, attracting over 300,000 visitors during it's five days. Late last year a DAViCal user in Germany suggested that I apply for a free booth for DAViCal in the Linux New Media Open Source Project Lounge . When DAViCal was accepted, I realised I needed some funding to help me travel around the world to attend, so I applied for a grant from InternetNZ who were kind enough to agree to cover part of my travel costs, and I was on my way. Germany in March is cold, especially for me coming from Summer! My travel allowed for a couple of days in Germany before CeBIT because that was when I could get the cheapest flights, and I wanted to have a little time to recover from the journey. Everyone had warned me to pack my winter woollies, and they were definitely needed! I stayed with a friend in Hamburg for two days and on the the second day we walked through the frozen park, past the frozen lake and over the frozen streams to see the Attraktor Hackerspace in Hamburg Nord where the CCC also hold their meetings a very impressive hackerspace in a repurposed bank (including the vault :-) with several separated areas for talks, meetings and workplaces. The day before CeBIT I travelled to Hannover to take a look at my booth space, fetch exhibitor passes for myself and volunteers and generally prepare to do battle with the crowds. The following day the fair started and it was up at 6:30 to get ready and catch the 7:38 train out to the fairgrounds. Although the fair opens at 9:00 there was always something to do between eight o'clock or so when I arrived at my booth and when the attendees started wandering past.
I was fortunate to have two volunteers for my booth who were there all week, as well as a couple more who turned up on the first two days. Not only did this mean that I got to spend a few hours during the week actually wandering the fairgrounds, but that I had some knowledgeable native german speakers for the occasional visitor who could not speak English. DAViCal has been translated into a dozen languages, and there had been some extra work put in to update the German translation before CeBIT also. As well as showing DAViCal, I was also able to demonstrate a new project at the fair which was aCal - a CalDAV Calendar Client for Android which I had released into the market just a few days beforehand for a token sum (it is licensed GPL v3 or later and the source code is available on gitorious.org). Having the smartphone devices available was great for giving live demonstrations, and I used the timetable for events at the Open Source Forum across the aisle from the Open Source Lounge to populate a calendar that we shared among a variety of devices. The first day was really the calm before the storm, and we saw lots of people asking what we were about, and had some good conversations with people wanting to know more, or telling us they used the software and were very happy with it.
CeBIT closes the gates at 18:00 with the visitor supply drying up pretty quickly around then and the secret lives of the exhibitors are revealed with people starting to relax and joke, and beer or wine starting to come out and some booth parties kicking off... if you have the stamina! I didn't, so it was off back to the train, to Hildesheim, to dinner and to bed. That first day blurred into the next, and the next and by Friday I was starting to lose my voice with all the talking I had been doing. I was visited by a chap from Posnan University who are a DAViCal user and he invited me down to the Polish stand to tell me about what they do there, and he agreed that they would love to help get the Polish translation improved. Another DAViCal user turned up with some bavarian wheat beer and a special beer glass for it by way of thanks. In some spare moments I fixed a bug in aCal's handling of character sets and uploaded a new version, so that we could use umlauts in events. Many people came past to talk to us, some of whom want to help with them project or have ideas for interesting things to do with DAViCal, some were already users of DAViCal and some went away thinking that they would be in the future. The last day of CeBIT is a little different: it's a Saturday and the doors are opened to the public and the minimum age is lowered to allow children to attend the event. I had been warned that this day is a madhouse, and it did indeed seem to be so for many booths. For DAViCal it was probably quieter than the day before, I think perhaps because calendar server software is inherently less sexy than many of the other things on display. We still had plenty of great discussions with interested people nonetheless and to be honest I was fairly happy to be spared the further exhaustion that had been threatened. Sunday was spent recuperating: discovering that Hildesheim has a great little restaurant that does traditional german pancakes for breakfast and then wandering around the small city soaking in the sunshine that I'd seen through the windows outside all week. On Monday I caught the train to M nchengladbach to meet with an organisation that might provide support for DAViCal in Germany, but who hadn't been able to come to the fair to see me due to illness. I was encouraged to spend the night in Aachen a beautiful little city , which I did, arriving around sunset and I spent a couple more days before flying home being intensely antisocial to recover from the furious week beforehand. Is CeBIT worth it? CeBIT seemed to me to be quite a different business model, or perhaps on a different scale. I've seen trade fairs in New Zealand for other purposes, but not to showcase software and services in quite this way. To give an idea of it's scale, consider that I had a tiny booth in a hall that was probably four times the size of the TSB Arena, and CeBIT included around 20 such buildings , packed with exhibitors, with free buses to get around the campus, acres of multi-storey parking buildings, two train stations, and so on. The scale of the event is incredible.

Polish people are huge too, like these friendly DAViCal
users from Pozna University of Technology who
showed me all the cool toys they brought to CeBIT.

As a result of this scale, CeBIT boasts impressive visitor numbers, and while a visitor will usually attend with a specific area of interest in relation to their business they will also wander the fair to see other areas of more personal interest, or just to see what is around. Open Source is a specific area of interest to a significant percentage of business in Germany, and Deutsche Messe, the fair operators, recognise the value of having an open source area as a draw for visitors, with the primary open source area placed in Hall 2, directly off the main north entrance. Within the open source area, the Open Source Project Lounge , where DAViCal was located, is a series of booths sponsored by Linux New Media AG. Projects in the Open Source Lounge are selected by a jury of Linux New Media, Deutsche Messe and several community advisors, so as such there is a range of interesting projects on show and the draw of any given project has a flow-on effect to the others. As an example, at one point while briefly minding the adjacent stand for the OpenEmbedded project I was unable to help an inquiring visitor, but I was able to talk about DAViCal with him until the exhibitor returned to answer his question. His interest in DAViCal was definitely increased in this process, and I'm sure that many people came into our area of the lounge attracted by a specific exhibitor and moving on to see some of the others. Outside of this association with open source, however, CeBIT offers something which general free software events cannot: an association with mainstream software and services. This presentation of Open Source alongside IBM, SAP, HP, Oracle, Software AG, Apple, Microsoft and so forth makes inclusion at this event particularly valuable. Free software solutions can have good brand recognition within the open ecosystem itself and yet be practically unheard of outside it. Most traditional methods of communication with suppliers don't work well with Open Source projects: a request for proposal will sail silently by, unless noted by a related commercial entity. In general there is no sales department, and marketing is frequently a desultory hit or miss affair. The fair is different. The fair is about talking with people. While there is still plenty of collateral marketing with brochures, signs, presentations and giveaway knick-knacks those things are just there to bring people into range: the real action happens when you engage a person in conversation, and at that point a humble free software project can be on an equal footing with a larger booth staffed with eager young salesmen. Of course there are a number of places where free software can get a booth. Linuxtag is a German example where there are many booths for free software projects, linux.conf.au also offers booths to free software projects during it's more outreach Open Day and software freedom day events happen all around the world where booths are available, but the audience arriving at these events are all largely pre-sold on openness and free software. So in presenting this broad blend of people, in a way in which free software projects can present on a roughly equal footing with their commercial brethren, CeBIT is an opportunity not to be missed. The numbers speak for themselves, too: traffic to the DAViCal websites has increased by about 50% around CeBIT with 25% coming from Germany, but significant increases also from France, Netherlands, Italy, Switzerland and Poland. Traffic to the DAViCal wiki has doubled over the last 12 months in a steady increase to around 200,000 page views each month. This sudden increase to around 10000/day in March, with some days during CeBIT peaking at over 20000/day The Future I won't be returning to CeBIT to represent DAViCal in Hannover next year as the sponsored booth is pretty much a one-time thing and the costs involved in purchasing a booth for attendance at the fair are significant (around NZD$15000 for a small 3m x 2m stall). It's possible that I will return next year in a different capacity, as one of the larger stand organisers has confidentially indicated he will invite me to attend as part of an Open Source Apps area that he is considering running on his stand, somewhat along the lines of the Open Source Lounge . Time will tell, I guess, but if invited I think I would definitely go for that. I will definitely be suggesting to a few specific free software projects that they should apply for the Linux New Media opportunity when it comes around again. Koha is one project that immediately springs to mind, but of course there are many, many worthy free software projects and this opportunity seems to be little-understood outside of Germany.

Britta was unfailingly helpful and charming

If I do convince a project to apply, and they are successful, I will also try and give them some assistance and background knowledge to understand the fair, and how best they can take advantage of the opportunity it offers. Some basic tips would be: and finally... I would like to express my appreciation to InternetNZ for the grant to partially cover my travel costs to Hannover, making my attendance at this outstanding event much more achievable. My thanks also to Britta Wulfling who supported all of the projects in the Open Source Lounge. My friends Alexander & Meike in Hildesheim who supplied somewhere for me to recuperate, and accompanied me to the fair every day to run the Debian booth. Thanks also, of course, to the German Linux Magazine for selecting DAViCal for a free booth, and to Benny who pointed the opportunity out, encouraged me to apply, and came along and helped out for the whole week.

24 November 2011

Andrew McMillan: The Obligation to Vote

Could you not trust this man?Max and Fraser are very interested in this year's election. I guess political awareness starts at the first election after you turn 10, or so. They're both very curious about how mum and dad are voting, and while their mother will not tell (though we all have our suspicions :-) I don't see any reason not to discuss my political leanings with them.I've been what is commonly termed a 'floating' voter for most of my voting life. I imagine the politicians themselves might term people like me 'floaters', with an eye to the scatalogical implications. After all, their livelihoods are on the line!So, after reading this blog post I thought I might as well also share my personal voting plans with the world.

Could you not trust this man?

Max and Fraser are very interested in this year's election. I guess political awareness starts at the first election after you turn 10, or so. They're both very curious about how mum and dad are voting, and while their mother will not tell (though we all have our suspicions :-) I don't see any reason not to discuss my political leanings with them. I've been what is commonly termed a 'floating' voter for most of my voting life. I imagine the politicians themselves might term people like me 'floaters', with an eye to the scatalogical implications. After all, their livelihoods are on the line! So, after reading this blog post I thought I might as well also share my personal voting plans with the world. In the referendum I will be voting to retain MMP MMP is a straightforward system which gives a representation in parliament almost directly proportional to the proportion of votes for each party. It seems like a no-brainer to anyone aged five to twenty-five, and I figure it's important for their future that I vote this way. Some older folk seem shocked at the idea that a government might have to negotiate with representatives of large minorities in order to actually get legislation passed which would annoy one person in twenty. In voting for an alternative to MMP, should an insufficiency of fairness-loving voters visit the polls, I will be voting for STV. STV is a stupid alternative, because it's complicated and confusing, and so if we really end up going down to the wire against some less fair system than MMP it will be much easier to argue against STV, but I'm really hoping that doesn't happen. MMP has been a great enabler to produce a much more inclusive government for New Zealand since it's introduction. In the Mana Electorate I will be voting for Hekia Parata I've been disappointed with Kris Fa'afoi who seems to think that "communicating with the electorate" means "standing on street corners shouting into a megaphone", and I believe Hekia is much more aware of the issues, and a much more capable and experienced politician. My party vote will go to the Green Party It's pretty obvious that National don't need my party vote, and I've been disappointed with their performance on important environmental and economic issues in any case. In an ideal world they'd have to form a coalition with the Green Party in order to govern, but that seems unlikely unless every Labour and Green voter who can still draw breath turns up at the polling places while the National voters all sleep in and forget to vote. Unlikely. What I see from John Key seems increasingly like patronising gloss, and I can only imagine he has his hand behind his back with his fingers crossed. We're getting little real information in between the sound bites, for example the National Party has refused to answer the questions from Radio NZ. That can't be good. And what do the kids think? They tell me that they believe that these are good choices for the future. Fraser's fairly easily swayed by the opinions of those around him, but he's only 10 after all. Max does look at all the options, thinks about them and has interesting things to say. I don't think they're saying it just to please dad! Oh, and Max drew the politician for this post. I'll let you guess who he definitely doesn't trust...

02 November 2011

Andrew McMillan: Teaching our children to lie

My son is being encouraged to lie. It's a fairly regular occurrence around here, and I'm sure you've seen it yourself. It's that checkbox on the website you're visiting where you say "Yes, I am over X years of age".

How could you not trust this child?

It's well-known that there are 10 year olds on Facebook, and everyone agrees that they lied to get those accounts, but nobody really cares much. Facebook don't care. Facebook just see another pair of eyeballs, and another node in their social graph, but actually Fraser, Max (and even Heather) aren't nodes on that particular graph. Today's annoyance was that Fraser's Youtube account has been blocked. That just seems silly. It's an open website where anyone can read pretty much anything, except that to have an account on there you have to be older than X years (I haven't bothered to discover how old X is - it's not relevant). So it seems there's this website, worth many billions of dollars and these guys can only control the functionality available to signed up members with an "on/off" switch. Is it bad if under 12 year olds post comments in a public forum? Oh, we should not let them create accounts then. Is it bad if under 8 year olds see soft porn? Oh, if we stop them creating accounts they'll be safe from that! What about the 14 year old with the videos of her cat? Well we definitely, definitely don't want that! That's ludicrous! Can these people not design a website to accept a child? Someone who might want to log into the website just like mummy and daddy do? Then, when the honest child is logged in, perhaps the account can be linked to a parent's account, or perhaps it could just be restricted in different ways. Let's see what they say an account on Youtube offers you:
  1. Subscribe to your favorite channels.
  2. Rent or purchase top Hollywood movies
  3. Save videos to watch later
  4. Get recommendations based on what you've watched
  5. Share videos you like on Facebook, Twitter, and more
  6. Find your Facebook, Yahoo, Hotmail and Gmail contacts on YouTube
  7. Watch private videos from friends and family
OK, so as far as I can see:
  1. Might be useful to any age person, and is entirely innocuous in the context of the
    content of Youtube which is available to anonymous visitors of any age.
  2. Well, Fraser wouldn't be able to pay, since he doesn't have anything to pay
    with. I guess he could steal my credit card, but if he's already at that level
    of skullduggery then some silly checkbox would be "child's play" to his lying
    skillz.
  3. Entirely innocuous.
  4. Seems pretty innocuous too.
  5. Presumably he wouldn't because 10 year old's can't have identities. And this
    functionality could easily be restricted, in any case
  6. And if there are no relationships, there are no friends. Maybe there is family,
    which is fine, I guess. I think the risks here are controllable.
So there's plenty of value to a 10 year old in having an account. There's nothing that most reasonable parents would be concerned about, if there was a clear policy of limited functionality in place that parents could see and have confidence in. The Youtube thing actually seems to be related to (maybe) to Google's recent push towards "identity". Children younger than X are not allowed to have an on-line identity, because they might run amok on the intarwebs. Or see scary stuff. Or something. And yet, by denying them an account, they are removing any ability to actually apply a level of control that reflects the presumed maturity (since, after all, age is no more a direct measure of maturity than height). Truly though, what totally pisses me off about this situation, is that Fraser associated a bunch of channels with his Youtube account, and he receives a weekly digest of the activity. Unfortunately we can't log in to turn it off.

01 November 2011

Andrew McMillan: Switching desktop backgrounds in XFCE4

One of the things I liked about Gnome 2 was the ability to run a background 'slideshow' defined in an XML file with a list of background files to give me a change of scenery from time to time. Switching to XFCE4 I can't seem to find a simple way to do that, but the ingredients are all there: What's missing from the Desktop Settings is a setting for "switching background ever N minutes", which is kind of odd to not have, given the list thing being there - without my script it's only going to change every couple of weeks when I log in, or something. Not nearly often enough for me! There's lots of stuff on the internet saying "Just run xfdesktop --reload in a cron job", but this does not work for me, since cron is running with a different environment, and so xfdesktop doesn't know where the X server is and doesn't have the necessary XAUTHORITY and DISPLAY settings. If it was just DISPLAY that was needed it would be easy enough to set that in the crontab and be done with it - after all it doesn't change very often. XAUTHORITY is harder, since on Debian systems (and presumably others too) it has a random component in the name of a directory which lives in a directory without read permissions. I solved it with this script, which steals those values from the environmnt of xfce4-panel, which will be running already:
#!/bin/sh
#
PANELPID=" /usr/bin/pgrep -U $ LOGNAME  xfce4-panel "
stealEnvironment()  
  tr '\000' '\012' < /proc/$PANELPID/environ   grep -a "^$1="   cut -f2- -d=
 
export DISPLAY=" stealEnvironment DISPLAY "
export XAUTHORITY=" stealEnvironment XAUTHORITY "
/usr/bin/xfdesktop --reload
So now I have my background image switching among my favourite photos again, and my Desktop is effectively back as it was a week ago.

28 October 2011

Andrew McMillan: In which an obscure conundrum is exposed

Some time ago someone reported issues accessing cpan.catalyst.net.nz a little peculiar and puzzling at the time, but we put it down to some weird DNS cache issues and moved on. Turns out the problem is a DNS one, though not what we were thinking at the time:
$ host -t aaaa mail.catalyst.net.nz
mail.catalyst.net.nz has IPv6 address 2404:130:0:10::40:0
2404:130:0:10::40:0 == 2404:0130:0000:0010:0000:0000:0040:0000
$ echo $((0x24)).$((0x04)).$((0x01)).$((0x30))
36.4.1.48
So somewhere, some crappy device is getting a bunch of bytes back when it asks DNS for the address of something, and then it's taking the first four of them and calling that the IP address. Kudos to David Clarke for spotting the actual problem.

25 July 2011

Craig Small: Scary Functions: rawmemchr

Recently I received a bug report for psmisc that basically supplied a patch so psmisc works in a cygwin environment. Nothing terribly exciting in that and the changes are pretty uncontroversial. One of the changes is in that instead of using rawmemchr to find the end of the string, cygwin doesn t have that function and so it is replaced by strchr. I ve not seen the function rawmemchr before so I had a closer look. Initially I was a little worried, rawmemchr tries to find the given byte starting at a given pointer but unlike strchr it doesn t stop unless it finds the character. I think the only time this function is safe, or is no more evil than anything else, is when you are searching for the NUL character which is what fuser in psmisc does. Still, the string being checked is coming from getcwd which requires a string or buffer length so perhaps it would be better to use memchr which is a little slower but has a maximum length parameter. If you have code that uses this function, you may just want to check how it is being used because it seems like an old bad gets function that plagued a lot of programs.

03 July 2011

Benjamin Drung: Symptoms of a dying graphic card

All started in December last year. I saw a red and a green pixel on my monitor. Moving the window containing the wrong-colors pixels corrected them. The wrong-colored pixels reappear from time to time in increased quantity. Then a second symptom appeared: The screen went black and came back one second later. This was triggered by moving a window and scrolling. I wasn t sure what the reason was. Either it was a bug somewhere in the X stack or some hardware was dying. dmesg showed multiple problems with the radeon driver:
[283808.667454] radeon 0000:01:00.0: ffff88021f815c00 unpin not necessary
[283808.667820] radeon 0000:01:00.0: GPU softreset
[283808.667823] radeon 0000:01:00.0: R_008010_GRBM_STATUS=0xE57024A4
[283808.667825] radeon 0000:01:00.0: R_008014_GRBM_STATUS2=0 00330302
[283808.667826] radeon 0000:01:00.0: R_000E50_SRBM_STATUS=0x200000C0
[283808.667832] radeon 0000:01:00.0: R_008020_GRBM_SOFT_RESET=0x00007FEE
[283808.682844] radeon 0000:01:00.0: R_008020_GRBM_SOFT_RESET=0 00000001
[283808.698840] radeon 0000:01:00.0: R_008010_GRBM_STATUS=0 00003028
[283808.698843] radeon 0000:01:00.0: R_008014_GRBM_STATUS2=0 00000002
[283808.698845] radeon 0000:01:00.0: R_000E50_SRBM_STATUS=0x200000C0
[283808.699845] radeon 0000:01:00.0: GPU reset succeed
[283808.717570] [drm] Clocks initialized !
[283808.765829] [drm] ring test succeeded in 0 usecs
[283808.765838] [drm] ib test succeeded in 1 usecs
[283808.765840] [drm] Enabling audio support
[283812.521265] radeon 0000:01:00.0: GPU lockup CP stall for more than 1000msec
[283812.521269] [ cut here ]
[283812.521294] WARNING: at /build/buildd/linux-2.6.35/drivers/gpu/drm/radeon/radeon_fence.c:235 radeon_fence_wait+0 365/0x3d0 [radeon]()
[283812.521297] Hardware name:
[283812.521299] GPU lockup (waiting for 0x00AE670A last fence id 0x00AE6705)
[283812.521301] Modules linked in: btrfs zlib_deflate crc32c libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs xfs exportfs reiserfs nls_utf8 udf ip6table_filter ip6_tables binfmt_misc ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT xt_tcpudp iptable_filter ip_tables x_tables bridge stp kvm_intel kvm parport_pc ppdev snd_emu10k1_synth snd_emux_synth snd_seq_virmidi snd_seq_midi_emul snd_emu10k1 snd_ac97_codec ac97_bus snd_pcm snd_page_alloc snd_util_mem snd_hwdep snd_seq_midi radeon snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device ttm snd pl2303 drm_kms_helper coretemp usbserial joydev psmouse soundcore drm serio_raw intel_agp i2c_algo_bit lp parport hid_cherry usbhid hid firewire_ohci firewire_core usb_storage crc_itu_t e1000e ahci libahci pata_marvell
[283812.521360] Pid: 2194, comm: compiz Tainted: G W 2.6.35-24-generic #42-Ubuntu
[283812.521362] Call Trace:
[283812.521370] [<ffffffff8106089f>] warn_slowpath_common+0x7f/0xc0
[283812.521374] [<ffffffff81060996>] warn_slowpath_fmt+0 46/0 50
[283812.521390] [<ffffffffa01bd775>] radeon_fence_wait+0 365/0x3d0 [radeon]
[283812.521394] [<ffffffff8107f730>] ? autoremove_wake_function+0 0/0 40
[283812.521410] [<ffffffffa01bdf71>] radeon_sync_obj_wait+0 11/0 20 [radeon]
[283812.521418] [<ffffffffa01751a3>] ttm_bo_wait+0 103/0x1c0 [ttm]
[283812.521435] [<ffffffffa01d4e1a>] radeon_gem_wait_idle_ioctl+0x9a/0 150 [radeon]
[283812.521447] [<ffffffffa010f433>] drm_ioctl+0 463/0 520 [drm]
[283812.521465] [<ffffffffa01d4d80>] ? radeon_gem_wait_idle_ioctl+0 0/0 150 [radeon]
[283812.521470] [<ffffffff81162f0d>] vfs_ioctl+0x3d/0xd0
[283812.521473] [<ffffffff811637e1>] do_vfs_ioctl+0 81/0 340
[283812.521477] [<ffffffff811535f1>] ? vfs_read+0 181/0x1a0
[283812.521480] [<ffffffff81163b21>] sys_ioctl+0 81/0xa0
[283812.521484] [<ffffffff8100a0f2>] system_call_fastpath+0 16/0x1b
[283812.521487] [ end trace 6d5e03bab743abfa ]
[283812.521493] [drm] Disabling audio support
[283812.525575] [drm:radeon_ib_schedule] *ERROR* radeon: couldn t schedule IB(10).
[283812.525579] [drm:radeon_cs_ioctl] *ERROR* Faild to schedule IB !
[283812.527021] [drm:radeon_ib_schedule] *ERROR* radeon: couldn t schedule IB(11).
[283812.527024] [drm:radeon_cs_ioctl] *ERROR* Faild to schedule IB !
[283812.527921] [drm:radeon_ib_schedule] *ERROR* radeon: couldn t schedule IB(12).
[283812.527923] [drm:radeon_cs_ioctl] *ERROR* Faild to schedule IB !
The time between going black reduces every time. The system wasn t usable any more in the end. After testing that the screen was going blank on other systems like a live CD of Ubuntu and a not noteworthy proprietary system, it was clear that some hardware component was dying. My first assumption was verified after replacing it: My graphic card, a Radeon HD 4670, died. This was three weeks ago and around 25 month after I bought the graphics card. So I didn t have to worry if replacing the fan voided the guarantee, because the guarantee lasts only 24 month. Conclusion:
  1. Not every error is a software bug.
  2. The hardware component with the highest failure rate is the graphics card, followed by the motherboard. Four graphics cards died last year (in four different systems owned by four different people, in three different households).
  3. Not every error is a software bug.

Next.