Planet Fellowship (en)

Wednesday, 10 February 2016

Report of the local FSFE meeting in Frankfurt on Feb 3rd

Being Fellow #952 of FSFE » English | 21:16, Wednesday, 10 February 2016

We once again met in Café Albatros in Frankfurt. A lot of people excused themselves for various reasons so we ended up with just three persons.
In this small group, I participated more than I took notes, so this will be a rather short post.

Main subject was the planning of our next meeting on March 2 in the Coworking Zentrale. Initially this was supposed to be our chance to still do something about the upcoming municipal elections in the federal state of Hesse. On the other hand, many of our regular visitors have expressed interest in a talk about Free Software licenses. And it happens to be that legal network member and long term FSFE activist Michael Stehmann will be in the area on the very same day our next meeting comes up.He agreed to give the talk on this occasion so this is what we are going to do at our new meeting location!

Depending on how many politicians will find the time to visit us just a few days before the elections, we should still manage to combine both subjects to a certain extend.
Next to that, the following topics were discussed:

  • Problems at large scale migrations – we focused on the psychological obstacles of all stakeholders
  • The German Army uses MS Office 365 o.O?
  • The next date for the Rotlintstraßenfest seems to be September 10, 2016. So, you volunteers, mark your calendars!
  • How we may pursue our target to meet in youth houses in and around Frankfurt

That’s basically what my sparse notes reveal. I am looking forward to the next meeting in Bornheim with the talk about Free Software licences. More details will follow soon on our group page in the Fellowship-Wiki.

flattr this!

Friday, 05 February 2016

Giving up democracy to get it back - fsfe | 22:07, Friday, 05 February 2016

Do services like Facebook and Twitter really help worthwhile participation in democracy, or are they the most sinister and efficient mechanism ever invented to control people while giving the illusion that they empower us?

Over the last few years, groups on the left and right of the political spectrum have spoken more and more loudly about the problems in the European Union. Some advocate breaking up the EU, while behind the scenes milking it for every handout they can get. Others seek to reform it from within.

Yanis Varoufakis on motorbike

Most recently, former Greek finance minister Yanis Varoufakis has announced plans to found a movement (not a political party) that claims to "democratise" the EU by 2025. Ironically, one of his first steps has been to create a web site directing supporters to Facebook and Twitter. A groundbreaking effort to put citizens back in charge? Or further entangling activism in the false hope of platforms that are run for profit by their Silicon Valley overlords? A Greek tragedy indeed, in the classical sense.

Varoufakis rails against authoritarian establishment figures who don't put the citizens' interests first. Ironically, big data and the cloud are a far bigger threat than Brussels. The privacy and independence of each citizen is fundamental to a healthy democracy. Companies like Facebook are obliged - by law and by contract - to service the needs of their shareholders and advertisers paying to study and influence the poor user. If "Facebook privacy" settings were actually credible, who would want to buy their shares any more?

Facebook is more akin to an activism placebo: people sitting in their armchair clicking to "Like" whales or trees are having hardly any impact at all. Maintaining democracy requires a sufficient number of people to be actively involved, whether it is raising funds for worthwhile causes, scrutinizing the work of our public institutions or even writing blogs like this. Keeping them busy on Facebook and Twitter renders them impotent in the real world (but please feel free to alert your friends with a tweet)

Big data is one of the areas that requires the greatest scrutiny. Many of the professionals working in the field are actually selling out their own friends and neighbours, their own families and even themselves. The general public and the policy makers who claim to represent us are oblivious or reckless about the consequences of this all-you-can-eat feeding frenzy on humanity.

Pretending to be democratic is all part of the illusion. Facebook's recent announcement to deviate from their real-name policy is about as effective as using sunscreen to treat HIV. By subjecting themselves to the laws of Facebook, activists have simply given Facebook more status and power.

Data means power. Those who are accumulating it from us, collecting billions of tiny details about our behavior, every hour of every day, are fortifying a position of great strength with which they can personalize messages to condition anybody, anywhere, to think the way they want us to. Does that sound like the route to democracy?

I would encourage Mr Varoufakis to get up to speed with Free Software and come down to Zurich next week to hear Richard Stallman explain it the day before launching his DiEM25 project in Berlin.

Will the DiEM25 movement invite participation from experts on big data and digital freedom and make these issues a core element of their promised manifesto? Is there any credible way they can achieve their goal of democracy by 2025 without addressing such issues head-on?

Or put that the other way around: what will be left of democracy in 2025 if big data continues to run rampant? Will it be as distant as the gods of Greek mythology?

Still not convinced? Read about Amazon secretly removing George Orwell's 1984 and Animal Farm from Kindles while people were reading them, Apple filtering the availability of apps with a pro-Life bias and Facebook using algorithms to identify homosexual users.

FOSDEM 2016 – Meeting with Friends from Around the World

Florian Snows Blog » en | 16:15, Friday, 05 February 2016

When I arrived in Brussels on January 29, 2016, I very quickly started thinking that this trip might be more difficult than I had imagined at first. I realized my French had gotten so bad over the years that I stood in the wrong line for 20 minutes and then, the gentleman who helped me had to resort to using English to explain to me what I actually needed to do. I then proceeded to get lost on my way to have lunch with the FSFE group from Linz at Fin de Siècle.

Having great food and good company cheered me up and after a stop at a nice coffee place, that served wonderful Japanese green tea, prepared exactly to the point, I ended up at the apartment I was going to stay at for the next two days. I was greeted by our host Mauricio and he had turned his apartment into a wonderful meeting place for everyone with lots of nice food and beer. He took great care of everyone and we all had a good European Coordinators Meeting there.  After that, there was a party of course that was a lot of fun.

The next day started with a lot of rain, so by the time we arrived at FOSDEM, I was completely soaked, including my shoes.  There’s hardly anything I dislike more.  However, plenty of great talks more than made up for the disgusting weather.  I heard Francis Rowe‘s talk about libreboot and Luke Kenneth Casson Leighton, who develops hardware that respects your freedom (not yet certified). Both of these endeavors are becoming more and more important so we can still use hardware in freedom when Intel and AMD have both abandoned us altogether.

Tom Marble interviews Richard Stallman

Tom Marble interviews Richard Stallman

Unfortunately, I didn’t manage to attend any talks in the GNU Guile devroom, but the Legal and Policy Issues devroom was a pretty big highlight.  Not only did they have an interview with RMS on Sunday, they also had some great talks about the distribution clause in the GNU GPL, about dependency management and licensing information, about legal strategies for commercial ventures, and about copyleft for the next decade.  In between talks, I had the chance to talk to Bradley M. Kuhn of the Software Freedom Conservancy and one of the organizers of that devroom.  The final talk I heard in this devroom, was the interview with RMS on Sunday which was interesting as always and I enjoyed the auction of the adorable, adorable GNU a lot more, knowing that I already have one.  It went for 342 Euros, by the way and this would have blown my budget by a lot.

RMS and the adorable, adorable GNU

RMS and the adorable, adorable GNU

The most important thing about FOSDEM turned out to be the FSFE meetups.  Whether it was chatting with people at the FSFE booth, going out with others, or the evening/night at the Brewdog, it was all immensely enjoyable.  I had a great time getting to know Christian and Max a bit better on the train, meeting Matthias for the first time, seeing how Erik led the ECM, and debating finances with Reinhard.  Talking to Matija, Cryptie, Alessandro, Marc, Polina, Simon, and many others who are from all over Europe, really made the FSFE feel like a European team of computer activists.  It was also great to suddently stand next to and talk to a legend in the Free Software world like Werner Koch, developer of GnuPG and one of the founders of the FSFE, even if it was a bit embarrassing at first because I didn’t recognize him immediately.

FSFE booth at FOSDEM

The FSFE booth at FOSDEM

Hanging out at the FSFE booth was also fun, yet dangerous with all the tremendously attractive merchandise there.  Not having blown my budget at the auction of the adorable, adorable gnu, I was on a quest to find something I could spend my money on. On Saturday, Polina had made me realize on how wonderful the FSFE hoodies are, so I had to go check them out at the booth on Sunday.  Cryptie supported my craving for merchandise and made sure to sell me as much of it as possible.  :-)   No, seriously, she tried to stop me, but she presented everything well and I had a hard time resisting. I have to say the FSFE shop does not do the black hoodies justice.  It’s not that the presentation there is bad or anything, but if you get the chance to see them for yourself, you immediately realize how remarkably soft they are and of what great quality they are.  They are all made in a fair-trade process because the FSFE cares about treating people right in general, not just when it comes to computers.  Needless to say, I went home with a bunch of stuff, including a new hoodie for my wife, so we can now sport the same look.

merchandise at the FSFE booth

all the glorious merchandise at the FSFE booth

All in all, I immensely enjoyed FOSDEM, making new friends and experiencing different cultures.  By the way, I left Brussels the same way I got there—by getting lost on the way to my tram. However, this time, i was able to ask someone for the way in French and understand the answer.  I am looking forward to going to FOSDEM again next year and hopefully, I will see some of the people I met again soon.

A big thank you to everyone who helped organize the FSFE related events and an especially big thank you to Mauricio, our wonderful host for the weekend!

Thursday, 04 February 2016

Australians stuck abroad and alleged sex crimes - fsfe | 10:30, Thursday, 04 February 2016

Two Australians have achieved prominence (or notoriety, depending on your perspective) for the difficulty in questioning them about their knowledge of alleged sex crimes.

One is Julian Assange, holed up in the embassy of Ecuador in London. He is back in the news again today thanks to a UN panel finding that the UK is effectively detaining him, unlawfully, in the Ecuadorian embassy. The effort made to discredit and pursue Assange and other disruptive technologists, such as Aaron Swartz, has an eerie resemblance to the way the Inquisition hunted witches in the middle ages and beyond.

The other Australian stuck abroad is Cardinal George Pell, the most senior figure in the Catholic Church in Australia. The Royal Commission into child sex abuse by priests has heard serious allegations claiming the Cardinal knew about and covered up abuse. This would appear far more sinister than anything Mr Assange is accused of. Like Mr Assange, the Cardinal has been unable to travel to attend questioning in person. News reports suggest he is ill and can't leave Rome, although he is being accommodated in significantly more comfort than Mr Assange.

If you had to choose, which would you prefer to leave your child alone with?

Wednesday, 03 February 2016

Getting Started with GNU social

Marcus's Blog | 09:52, Wednesday, 03 February 2016

Some of you might already know the federated social network called GNU social. It has raised from the ashes of a software called StatusNet which once drove the well known instance

Since then, a lot of things have changed. We have learned that having only one or two big instances may cause a lot of trouble if they fail. The idea of a federated social network is to have as many instances as possible. As not everyone has the ability to host his or her own instances, it’s suggested to build small instances toghether with your peer group (a.k.a. friends ;) ).

We have done this for our Swiss Fellows and our instance can be found at We have enabled the popular Qvitter engine by default so it looks quite modern as well. This is not a public instances but one can apply for an account.

If you have just joined an instance or (even better) have set up your own, you might feel a bit lost. Due to the character of federation it’s a bit harder to find your old friends and make new ones. The general concept of following a person is to open his or her remote profile (like mine) and click on the Subscribe button. Then you have to type in your Profile Account name and will be redirected to your instance. Here you will have to confirm that you want to subscribe that user account. Qvitter has a nice functionality to simplify this process. If you see an account in your timeline that you want to follow, simply hover the account name. A pop-up will appear allowing you to click a Follow button. That’s all, no need to browse the remote instance manually.

If you are not sure whom to follow, you can subscribe to so called !Fedgroups. Those are groups of interests which can be subscribed similar to subscribing to an user. A list of known federated groups can be found here.

If you want to create your own fedgroup, please take a look if there is already a similar group available, first. After creating a new group, you can announce it to the !Fedgroups group (you have to subscribe to it first). Please note that the Qvitter frontend does not (yet) display groups, so you have to either browse the groups page manually (it can be found at https://your.instance/groups) or switch to the classic view, by clicking on your Profile picture and selecting the ‘Switch to classic GNU social’ function. You can always switch back to Qvitter by clicking on the ‘New …’ button in the top bar.

Now that you are used to the basics of GNU social, there are some things that are different then on other social networks:

GNU social supports threads. This is very useful for long conversations with a bunch of people. To view the complete thread of a conversation in Qvitter, simply click on the Dent (this is the message, the name comes from the ancient word I’Dent’ and click the Expand full conversation button. The button is only displayed when there are multiple Dents in a thread.

Post to group
When you want to post to a group, please make sure that you are subscribed to it in advance. If you are subscribed the group name will be resolved and a link to it will be displayed in the dent.

Address someone
If you want to address someone directly simply type @ followed by the username. Qvitter has an auto completion functionality which is quite handy. It does not matter if you write the @username at the beginning of the post or in between. You can also address a user by typing @username@instance.tld

Move to another instance
If you are ever forced to create a new user account on another instance, please do not re-use the same username. Otherwise functions like the auto completion tend to struggle. E.g. I have an account called marcus on but another one called marcusmoeller on The latter is for backup purpose only and generally not needed.

Also keep in mind that if you change to another account you have to inform your followers so that they can follow the new account as well.

Hopefully this is a first starting point that helps you to join the Fediverse. If you have further questions, either post your question to the relevant !Fedgroup or ask on #social / Freenode IRC.

Tuesday, 02 February 2016

Making Python Programs Faster with Shedskin

Paul Boddie's Free Software-related blog » English | 00:14, Tuesday, 02 February 2016

A few months ago, I had the opportunity to combine two of my interests: retrocomputing and Python programming. The latter needs little additional explanation, but the former perhaps requires a few more words. Retrocomputing is the study and use of computing equipment from an earlier era in computing, where such equipment is typically no longer in use, or is no longer in widespread use. My own experiences with microcomputers began in the 1980s and are largely centred upon those manufactured by Acorn Computers, such as the Acorn Electron and BBC Microcomputer.

Some History

One of my earlier initiatives was to attempt to document and understand the functioning of the Acorn Electron’s ULA integrated circuit: the Uncommitted Logic Array employed in the computer to generate video and perform input/output tasks. When Acorn decided to make the Electron as a variant of the BBC Microcomputer, the engineers merged many of the functions performed by separate chips into a single one, for several good and not-so-good reasons:

  • To reduce system complexity: having to connect several components and make sure that they all work correctly and in time with each other can be challenging, and it is arguably best to reduce the number of things that can go wrong by just reducing the number of things involved in the first place.
  • To reduce system cost: production becomes less complicated and savings can potentially be realised by combining discrete components.
  • To deepen the organisation’s experience with integrated circuit design: this being the company that developed the ARM architecture and eventually brought the first ARM chipset (CPU, audio/video controller, memory management unit, and input/output controller) to market.
  • To make a proprietary component that others could not readily clone: this being something of an obsession in the early 1980s marketplace.

Now, the ULA has the job of reading from memory and translating what it reads into a sequence of colour values, thus generating a picture on the screen. However, it has the annoying limitation of locking the CPU out of the memory (in fact, only the RAM which resides in a certain region) while it generates each line of the displayed image. Depending on which “screen mode” is selected (determining the resolution and colour depth), it may still let the CPU access the RAM at a lower speed, or it may effectively suspend the CPU for the entire time taken to generate a single horizontal display line.

Consequently, the Acorn Electron is considerably slower than the BBC Microcomputer for this reason: the BBC Micro employs faster memory and lets the CPU and its own video circuitry take turns with the memory while they both run at full speed; the Electron used cheaper memory as another cost-saving measure; reviews of the Electron, while generally positive about getting BBC Micro features for less, tended to note this performance degradation with some disappointment.

The Acorn Electron ULA

The Acorn Electron ULA (with socket cover/heatsink removed)

Some Background

Normally, the matter of the CPU stalling for much of its time would be considered a disadvantage, but my brother and I were having a discussion about software running from ROM (or, in fact, in the area of memory not affected by the ULA), with the pitfalls of such software needing to access the RAM and potentially becoming stalled as the CPU finds itself waiting for the ULA to do its work. Somehow the notion arose that the ULA effectively provides a kind of synchronisation mechanism for software needing to run in the period between display lines.

So, a program can read instructions from ROM and then, when it needs to know that the display is not being updated, it can attempt to access RAM. Whether or not the program stalls remains unknown to the program itself, but when it gets the result of accessing the RAM – perhaps immediately, perhaps after a few microseconds – it can be certain that the ULA is not accessing the RAM because it just did so itself.

A screen image showing the update region

An image showing the display update region (the "test card" picture) when the ULA accesses memory, with the black border indicating the region (or time period) during which the CPU may access the lower region of the Electron's memory.

(See the BBC Test Cards for the origin of the above picture.)

One might wonder what kind of program would benefit from synchronising itself to the display line periods. Well, one thing that tended to happen back in the microcomputing era, was the trick of reprogramming the display palette – the selection of colours shown on screen – so that a greater number of colours can be displayed simultaneously on the screen than would normally be the case for that particular display configuration. For example, a screen mode normally offering only four colours could instead offer the full range – eight “proper” colours on an Electron – if it switched the palette during screen updates. Even a screen mode offering only two colours could offer eight by employing palette switching.

And with a certain amount of experimentation, a working solution was eventually delivered (with only limited input needed from my side). By running software in a ROM (or from RAM mapped into the same area of memory as a ROM), it became possible to reliably change the palette on a line-by-line basis, bridging the gap between a medium-resolution four-colour mode and a hypothetical eight-colour version that would only become available on Acorn’s ARM-based microcomputers. Although only four colours can be used per display line, each of the 256 display lines can employ four-colour combinations of the full eight colours, not quite making an eight-colour mode – which would, of course, allow eight colours on every display line – but still permitting graphical output much closer to a true eight-colour mode than can be contemplated with a restrictive four-colour mode.

Rainbow lorikeets on a lawn

Rainbow lorikeets on a lawn (left: 4 colours from 8 per display line; right: 8 colours per display line)

Palette Optimisation

With the trick in place to switch the palette on demand, all that remained was to make a program that could take an input image and to optimise the colours so that…

  1. Only the eight permitted colours (black, white, primary and secondary colours) are used in the image.
  2. No pixel row (display line) employs more than four different colours.

Expectations were rather low at first. First of all, in this era of bountiful quantities of fresh imagery, most pictures appear to have plenty of colours and are photographs, and so the easiest images to use are the ones that first need to be reduced in both resolution and colour depth. And once this is done, the job of optimising the colours to meet the second of the above criteria is required. So, initially, very simple techniques were employed to do both of these things.

Later, after some discussions, it appeared that integrating the two processing activities and, crucially, applying basic dithering and error propagation techniques, made it possible to represent complicated “deep-colour” images within the limited display representation.

Magnified details of the two representations

Magnified details of the two representations

Closer examination of the above images reveals how the algorithm attempts to spread the responsibility of representing colours across rows, being restricted to the choice of four colours (in the left image) to produce the appropriate tones that are more readily encoded using eight colours (in the right image).

Tuning the Implementation

To perform the optimisation process, I wrote a program which took an input image, rotated and scaled it to the target resolution, and processed the colours by inspecting the pixel data on each horizontal line (or row) of the image, calculating the appropriate four-colour combination for a line and generating suitable pixel data appropriate for this restricted palette. Since I am probably most comfortable with Python, and since Python also has various convenient image-processing libraries, I found myself developing a short Python program to do the work.

Now, Python doesn’t usually exhibit the highest performance, particularly for tasks such as this, and as the experimentation with different approaches started to lessen, with the most rewarding approaches making themselves evident, and with the temptation to convert lots of images just to see the results, my attentions turned to speeding up the program. Since I had been involved with packaging the Shedskin Python-to-C++ compiler for Debian, and thus the package was right there for me to use, it made sense to give it a try on this code.

At this point, the program was taking around 40 seconds to convert a 16 megapixel photographic image into the appropriate output representation. Despite using the Python Imaging Library to do the rotation and scaling, visiting each pixel in a Python program and doing some simple statistical and arithmetic operations was taking up rather a lot of time. In the past, I have used various “numeric” Python extensions – usually the ones supported by pygame – but things have moved on somewhat incoherently since then, and I also wanted to keep my code straightforward and readable, which is often something that is lost when making code “numeric”.

Time for Shedskin

I have used Shedskin before, and the first thing to think about when using it is how it will interact with non-Python code. Shedskin takes Python code and generates C++ which must then be compiled. If a whole program is translated to C++, the resulting executable can be run with no further work necessary. However, the program of interest here uses libraries that are actually implemented in C and are delivered as shared libraries that are loaded by CPython (the Python virtual machine implementation written in the C programming language). Shedskin cannot generally translate such a program in its entirety.

From the earliest days of Python, it was (and has remained) a common practice to first write library code in Python, desire better performance, and to then rewrite much of that code in the C programming language against the Python/C API (or CPython API) as an “extension module”, which is what these problematic shared libraries are. Such libraries act as part of the CPython virtual machine, more or less, and with suitable implementation choices made for performance, everything using such libraries will run much more quickly. Unfortunately, but understandably, Shedskin doesn’t seek to interact closely with the CPython implementation: it produces C++ code that works with its own runtime libraries.

So, instead of working with a single program file, I split my program up into a main program which deals with CPython extensions such as the Python Imaging Library, whose JPEG and PNG manipulation facilities are too convenient to abandon, along with a library module that does all the computation for this particular application. The library would provide its own image abstraction for pixel-level accesses, but be given the pixel data obtained by the main program, returning the processed data to the main program for saving to a file. By only compiling the library, Shedskin can produce a standalone library file containing hopefully high-performance implementations of the original Python code.

But how can such a library constructed by Shedskin be used? Would we now need to somehow translate the main program into C or C++ in order to be able to use it? Fortunately, but slightly confusingly, Shedskin can also generate the necessary CPython API wrapper around the translated code, making it possible for CPython to load this newly-created library after all.

(One might wonder how this is possible, but if one considers that arbitrary C or C++ code can be wrapped using the CPython API, with the values being sent in and out of a library only being converted at the interface, Shedskin has the luxury of generating something that lives by its own rules internally, with the wrapper doing the necessary “marshalling” of the values as they go in and come out. Such a wrapped library might be frowned upon in the Python world, not being a sophisticated extension module that takes full advantage of the CPython API, but such libraries were, and probably still are, the “bread and butter” of Python’s access to a wide array of tools and technologies.)

Knowing that this is a reasonable approach, I experienced a moment of excessive ambition. I tried to take the newly-broken-out library and compile it using the appropriate option:

shedskin -e

This took quite some time, and things did not go well…

*** SHED SKIN Python-to-C++ Compiler 0.9.2 ***
Copyright 2005-2011 Mark Dufour; License GNU GPL version 3 (See LICENSE)

[analyzing types..]
*WARNING* reached maximum number of iterations
[generating c++ code..]
*WARNING* 'get_combinations' function not exported (cannot convert argument 'c')
*WARNING* 'get_colours' function not exported (cannot convert return value)
*WARNING* 'balance' function not exported (cannot convert argument 'd')
*WARNING* expression has dynamic (sub)type: {None, int, tuple}
*WARNING* expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* expression has dynamic (sub)type: {float, int, tuple}
*WARNING* expression has dynamic (sub)type: {int, tuple}
*WARNING* variable 'data' has dynamic (sub)type: {None, int, tuple}
*WARNING* variable (class SimpleImage, 'data') has dynamic (sub)type: {None, int, tuple}

And then there were many more lines of a more specific nature:

*WARNING* function distance not called!
*WARNING* expression has dynamic (sub)type: {None, int, tuple}
*WARNING* expression has dynamic (sub)type: {None, int, tuple}
*WARNING* expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* expression has dynamic (sub)type: {int, tuple}

And so on. Now, if you are thinking that this will probably not end well, you would be right. Running make gives plenty of errors looking as scary as this…

optimiser.cpp: In function '__shedskin__::list<__shedskin__::tuple2<__shedskin__::tuple2<int, int>*, double>*>* __optimiser__::list_comp_0(__shedskin__::pyiter<double>*)':
optimiser.cpp:76:17: error: base operand of '->' is not a pointer
optimiser.cpp:77:21: error: base operand of '->' is not a pointer
optimiser.cpp:78:68: error: invalid conversion from '__shedskin__::tuple2<int, int>*' to 'int' [-fpermissive]
In file included from /usr/share/shedskin/lib/builtin.hpp:1204:0,
                 from optimiser.cpp:1:
/usr/share/shedskin/lib/builtin/tuple.hpp:211:28: error:   initializing argument 2 of '__shedskin__::tuple2<A, B>::tuple2(int, A, B) [with A = int; B = double]' [-fpermissive]
optimiser.cpp:78:70: error: no matching function for call to '__shedskin__::list<__shedskin__::tuple2<__shedskin__::tuple2<int, int>*, double>*>::append(__shedskin__::tuple2<int, double>*)'
optimiser.cpp:78:70: note: candidate is:
In file included from /usr/share/shedskin/lib/builtin.hpp:1203:0,
                 from optimiser.cpp:1:
/usr/share/shedskin/lib/builtin/list.hpp:96:25: note: void* __shedskin__::list<T>::append(T) [with T = __shedskin__::tuple2<__shedskin__::tuple2<int, int>*, double>*]
/usr/share/shedskin/lib/builtin/list.hpp:96:25: note:   no known conversion for argument 1 from '__shedskin__::tuple2<int, double>*' to '__shedskin__::tuple2<__shedskin__::tuple2<int, int>*, double>*'

Of course, it would be unfair to expect this to have worked: Shedskin did indeed give us plenty of warnings! But we should at least try and understand such warnings if we are to make progress. After a few more iterations of this bold strategy, I realised that I had started out in the wrong fashion, presenting Shedskin with code that is too dynamic (and ambiguous) for it to reasonably infer sensible types and produce a compilable C++ representation.

First Things First

I started out by reintroducing some necessary changes gradually. First of all, I made a branch of my code committing the special image abstraction to be used in any future Shedskin-compiled version. Meanwhile, I looked at some things that might generally be performance-degrading in Python, and which might also help Shedskin deduce the program types more readily.

One thing that I had done in the initial implementation was to freely use sequences to represent colour triplets: the red, green and blue values. I was using code like this:

def invert(srgb):
    return tuple(map(lambda x: 1.0 - x, srgb))

This might be elegant – there’s no separate treatment of each element in the triplet – but there is likely to be more overhead in treating the triplet as a sequence, iterating over it, and so on. Moreover, Shedskin is likely to see objects appearing from a collection without any idea of what was put into that collection to start with. So, more mundane code was introduced in its place:

def invert(srgb):
    r, g, b = srgb
    return 1.0 - r, 1.0 - g, 1.0 - b

Such changes reduced the processing time from around 35 seconds to around 25 seconds. After various other performance modifications, such as avoiding the repeated computation of common values, this became around 18 to 19 seconds. Interestingly, merging such modifications into the branch with the special image abstraction reduced the running time to around 16 to 17 seconds. But at this point, obvious optimisation opportunities were more or less exhausted.

It then became time for another attempt to present this to Shedskin. This time, instead of calling the main program and the library, which is not particularly intuitive, I retained the name of the main program as and used the traditional naming for the library:

shedskin -e

This completed without any warnings, and running make produced a library file,, that Python recognises as an extension module. Running the program produced a palette-optimised image in just under 9 seconds!

Making the Difference

So, what were the differences that made Shedskin accept the library code? Since the splitting up of the code into two files makes comparisons between versions awkward, we can first compare the version of the program before our preparatory work with the version of the program that fed into our Shedskin version. There are four areas of changes:

  • The introduction of that image abstraction class – SimpleImage – to be used to manipulate images instead of using Python Imaging Library objects. (In fact, this is only used initially as a container for the raw pixel data, with such data being passed to library functions, as described below.)
  • Modifications to access the different components of colour triplets explicitly.
  • Some “common sense” performance modifications, avoiding the repeated computation of things that always produce the same result anyway.
  • Some local name adjustments.

This final point is something that the Shedskin documentation mentions prominently, but it can be easy to forget. Consider the following code (in the balance function of the library module):

dd = dict([(value, f) for f, value in d])

Originally, this looked like this:

d = dict([(value, f) for f, value in d])

This earlier version just reverses a dictionary mapping and assigns the result to the name of the original dictionary. Although this seems harmless enough, Shedskin’s analysis would be complicated substantially by having to deal with a name being reassigned and potentially being associated with completely different kinds of objects, even if in this case we are only dealing with dictionaries. (Even if the same type were only ever involved, as we see here, it would also prevent any analysis being done on the nature of the keys and values in the dictionaries.)

We can see the effect of this by trying to compile the functioning version with the earlier naming scheme reintroduced. First, we see a warning like this:

*WARNING* 'balance' function not exported (cannot convert argument 'd')

Since Shedskin propagates type information around the program, this leads to other problems:

*WARNING* expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* expression has dynamic (sub)type: {float, int, tuple}
*WARNING* expression has dynamic (sub)type: {int, tuple}
*WARNING* variable (function (function balance, 'list_comp_0'), 'value') has dynamic (sub)type: {int, tuple}
*WARNING* variable (function (function balance, 'list_comp_1'), 'f') has dynamic (sub)type: {float, int, tuple2}
*WARNING* variable (function (function balance, 'list_comp_1'), 'value') has dynamic (sub)type: {int, tuple}

And later in the messages, the more specific errors indicate the problem and its consequences:

*WARNING* expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* expression has dynamic (sub)type: {float, int, tuple}
*WARNING* expression has dynamic (sub)type: {int, tuple}
*WARNING* expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* expression has dynamic (sub)type: {float, int, tuple}
*WARNING* expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* expression has dynamic (sub)type: {float, int, tuple}
*WARNING* expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* expression has dynamic (sub)type: {float, int, tuple}
*WARNING* class 'list' has no method 'items'
*WARNING* expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* expression has dynamic (sub)type: {float, int, tuple}
*WARNING* expression has dynamic (sub)type: {int, tuple}

And so on. Such warnings, which will cause errors if one tries to compile the result, can seem very intimidating, but within all these details the cause should be identifiable.

But another important aspect of the successful translation of the library module should not be forgotten: it is the matter of choosing the right initial functionality to give to Shedskin. Instead of trying to compile everything, it makes sense to concentrate on things like functions which are fairly self-contained, which do not call potentially vast regions of other program functionality, and which are invoked often, especially in loops that take a long time. Migrating a small piece of functionality at a time helps to keep the troubleshooting activity manageable.

By using the SimpleImage class as a convenient staging post for pixel data, simple library functions could be migrated first, and the library could be kept ignorant of the abstractions being maintained in the main program. Later on, as we shall see below, such abstractions and functions that require them could then be migrated themselves.

Broadening the Scope

With some core functionality migrated to a compilable extension module, it becomes possible to give other things the Shedskin treatment. At the start of the second attempt to get Shedskin to compile the code, quite a few functions were still being run by the CPython virtual machine, notably various image operations. With the functions called by these operations already migrated, it becomes possible to move each of these operations over into the extension module. The expectation here is that since these functions can now call each other without the overhead of the CPython API, as well as avoiding running code in the virtual machine, further performance improvements will occur.

And since Shedskin’s own runtime library supports certain Python standard library modules in accelerated form, it becomes interesting to migrate operations that employ such module functionality. For example, the get_combinations function can be moved to take advantage of Shedskin’s itertools implementation. And in addition to just moving functions, classes can also be compiled by Shedskin and potentially accessed more quickly, while remaining accessible to normal Python code that hasn’t been compiled.

Not all of these optimisations give the boost in performance that might be hoped for, perhaps even bringing performance penalties when first introduced. But it is important to look beyond any current, small optimisation to future optimisations that the accumulation of those small optimisations will permit. Moving the SimpleImage class into the extension module permits the migration of other code, with the consequence that the program when run takes around 6 seconds instead of 9 seconds: the apparent optimisation barrier is overcome, leading to yet more gains!

Some Conclusions

It is possible to make very useful performance gains just by revisiting code and writing it in a way that suits the language implementation. Starting out with an execution time of around 40 seconds, it was possible to make the program run in closer to 15 seconds, and that might have been enough for occasional conversion of images. But by adopting Shedskin and applying it to a subset of the program’s functionality, an execution time of 9 seconds was initially obtained. This might not be quite as impressive as the earlier two-and-a-half fold reduction in time (or, of course, a two-and-a-half fold increase in throughput), but it was obtained with little additional effort, with admittedly some planning for it being incorporated into the earlier optimisation work.

Ultimately, reaching around 6 seconds of execution time means that Shedskin was indeed able to more or less match earlier performance gains, but again with little actual optimisation effort. And one can argue that merely using Shedskin helped to inform those earlier gains, anyway. Regardless of what should take the credit, the program ended up running almost seven times faster than when we started out on this journey.

Tools like Shedskin have a slightly controversial place in the Python world. People like to point out that Shedskin really only compiles a “restricted subset” of Python: one that Shedskin is able to analyse. And as the above exercise demonstrates, modifications to programs are likely to be required to take advantage of it. But the resulting programs are still Python programs, and the CPython virtual machine will still run them, just slower – three times slower in this case – than if they were compiled.

Authors of tools like Shedskin and alternative implementations of the Python language have a tough decision to make. They must either deal with the continuously changing “full-fat” version of the language, with new features being added all the time that they have to support, with the risk that they will never catch up and never be considered a “proper” implementation. Or they must impose limitations on the form of the language and the features they support, knowing that even if their software accepts programs written in Python, it will be marginalised and regarded as a distraction from “proper” Python programming. And yet, Python as delivered by CPython offers little in the way of things that Shedskin and similar tools seek to offer, so it should be no wonder that such tools have come to exist.

Instead, one might wonder why it is that the language must continue to evolve in ways that frustrate static analysis and enhancements to program performance and scalability. Indeed, my own interests in the analysis of Python code have been somewhat rekindled by this exercise, but unlike the valiant efforts of other developers (such as the author of Nuitka and his continuing quest to support the compilation of “full-fat” Python), I have no intention of using Python as my gold standard. In essence, Python is and has been a productive language to use – that is why I have used it here and many times before – but the very nature of the language should be open to question and review.

If, by discarding features, something like Python can be more predictable and better-performing, why would exploring this avenue of inquiry be a bad thing? Shedskin shows us that there are benefits in doing so, and I hope that this article has also shown some practical techniques for using and understanding the tool. And maybe this will encourage me and others to make some more progress with our own Python program analysis efforts as well, if only to offer alternatives that seek to deliver on some of the unrealised promise and potential that Python seemed to offer back when we first discovered it, so many years ago now.

Oslo architecture (4 from 8 colours with scaled original)

An architectural picture from Oslo with the left version using 4 colours from 8 on every display line, the right version being a scaled version of the original.

Monday, 01 February 2016

Fighting Passive Surveillance should be our top priority

nikos.roussos - opensource | 02:01, Monday, 01 February 2016



We definitely live in a different world since Snowden leaks, but for some people nothing has changed. We always knew that certain individuals are targeted by local or international law enforcement agencies. In some cases they even have a legal way of doing this. If you work on certain fields or operate as an activist in political issues, you always assumed or knew that your communications are monitored. We may have better knowledge on the way the do it, or which things they have broken and which not yet. But essentially nothing is new about this on the post-Snowden world.

What Snowden leaks actually changed, what we learned from the documents, is that there is a vast ongoing process of massive passive surveillance and data collection. It doesn't matter if you are considered important. It doesn't matter if you have something to hide or not. All of your communications are monitored, stored and analyzed. This is what changed. This is what we learned.

Let me pause my thoughts for a moment and share a controversial story...

Mobile email encryption

Would you store your private PGP key to your mobile smartphone? Many (most?) hackers/geeks would easily answer in a negative way. Mobile phones have two major security implications that our laptops (usually) don't.

  • Physical security. It's more easy to lose your phone, or for someone to steal it. It's a comparatively smaller device, usually carried away in your pocket. And once you lose it, all keys stored there should be considered compromised (which is a big problem on its own, since PGP doesn't offer Forward Secrecy).

  • More than one operating system. Even if you have taken all measures to secure your operating system, the problem is that your phone runs also a second operating system. The "radio" OS running on your baseband chip. It's a complete proprietary black box, that you don't know what it does. You don't even know if it's isolated from your "smart" operating system.

On a side note, mobile operating systems have a security advantage that almost all modern desktop operating systems (even most major linux distributions) lack. All applications are sandboxed. So even if you are running a malicious application (you know, like Angry Birds) it may do various unwanted things regarding your personal mobile usage (eg. track location) but it can't easily steal your PGP private key stored inside OpenKeyChain's isolated storage. Not many desktop operating systems can protect you from a malicious application getting access to your .gnupg or .ssh folder.

So, although these two points are completely valid and indeed mobile smartphones are less secure, we have to realize that this is where most users read their emails. In many cases, a mobile phone is the only device people read their emails. Many people have come to cryptoparties, and after getting in touch with the complete lack of usability that comes with the standard pgp gui stack (Thunderbird + Enigmail), they ask how the can do the same things on their mobile. Most hackers would react (or even deny to help) exactly because of the reasons mentioned above. Let me clear up the dilemma a bit: Most people have two options to choose. Either use email encryption on their mobile phone or don't use encryption at all. And unfortunately most hackers fail to see that for most people the threat model is passive surveillance.

Threat Model

Not all people are trying to protect from the same things or the same type of adversaries. Not all people have the same Threat Model.

I was very pleased to see Werner Koch presenting at 32c3 this year about the current status of GnuPG, where he mentioned that the focus from now on is the passive surveillance threat model. Building tools that focus on the passive surveillance threat model, means that usability and encryption by default is top priority.

I have participated and co-organized many Cryptoparties, Free Software Meetups, and related crypto/privacy events/workshops. And I believe that the passive surveillance threat model should also be our focus. Yes, sometimes we need to quickly determine if a person has a different threat model (eg. journalists), but most people participating in these kind of events are not targets (at least not NSA targets). We know that they collect everything, we know that they love pgp because it's rarely used and stands out. Let's make their job more difficult. Encrypt all things by default. Let's start from fighting against massive passive surveillance.

Comments and reactions on Diaspora or Twitter

Saturday, 30 January 2016

Free software replacement for UTAU nearly completed

tobias_platen's blog | 09:04, Saturday, 30 January 2016

In 2011 I discovered UTAU, a proprietary singing synthesizer from Japan that is similar to VOCALOID, but limited to the Japanese language. It is available gratis, has no DRM and it’s voicebank format is documented, but it is still proprietary. It requires a Japanese 8-Bit locale, which is unable to encode European Umlauts. I installed UTAU using Wine, and began to reverse engineer the UST file format, which was really easy for me in this case. I also discovered that the developers of VOCALOID, had released their Spectral Modeling Synthesis Tools as free software under the terms of the GNU GPL. So I wrote a parser for the UST format, and used that parser in my smsUTAU resampler. I also wrote a first replacement for UTAU’s graphical user interface, using the cross platform toolkit Qt.

After I had done my first attempt to replace UTAU, I found two other free software singing synthesizers and a GUI written in Java. I found out that Debian includes Cadencii, which can be used as a replacement for the VOCALOID editor. It was originally written to allow Mac users to run the proprietary VOCALOID software on their incompatible proprietary OS, but it has been ported to GNU/Linux, and it can be used with v.Connect-STAND, an advanced indepedent UTAU resampler that is released under the GNU GPL. The second free singing synthesizer is eCantorix, which lacks a graphical frontend. In the meantime I found out that a group of UTAU users, had released an improved version of my first graphical frontend, but this one did not include a workig synthesizer. They decided to write the program from scratch, using an advanced design. I also found out that Trisquel GNU/Linux incudes Cadencii, but the freedom bugs are not solved until now. Because Cadencii is written in Java, it is extremely inflexible, making it hard to add new features.

In the meantime the QTau devgroup had stopped working on the free software replacements that I had stated in 2011, so I decided to fork their editor and add support for both existing synthesizers (ecantorix and v.Connect-STAND). I began adding new features such as Jack Transport, so that QTau can syncronized with other applications such as Ardour and Rosegarden. I plan to add NSM support in the next release. I created a git repository on and encourage anyone to install the free UTAU replacement. I will publish prebuilt binaries as part of Ongakunix, a Free GNU/Linux distribution with special emphasis on music production. My version of the program only runs on GNU/Linux, there is no support for Windows.

Thursday, 21 January 2016

Weird hangers on a Debian 8 system?

Viktor's notes » English | 22:22, Thursday, 21 January 2016

If everyday actions on your Debian Jessie with systemd start to hang forever:

  • Pulseaudio clients cannot connect to their servers any more…
  • “ifup” of a network device needs to be Ctrl-C’ed (but has accomplished its work)…
  • Trivial daemons refuse to start with “systemctl start”…

…then it might be that systemd has choked on something and needs to be restarted. Fortunately, that is possible without any reboot or log-out:

systemctl daemon-reexec

The structure of a freedom-fighting NGO

Weblog | 09:21, Thursday, 21 January 2016

Seeing this tweet, I felt that this was a great opportunity to talk about the structure of the FSFE as a freedom-fighting NGO and how it has evolved over time. At the last General Assembly of the organisation, Matthias and I as the executives of the organisation, was given a very clear mandate — indeed, you may even call it an order — to work on ways in which the FSFE can be more inclusive and transparent in our work, and to make it easier for people to participate and to have an influence in our work.

Some of what we’re doing is making it easier for volunteers to access the technical infrastructure we use for our work, making the structure itself more transparent and clarifying what teams we have (both topical and geographical) and what decisions they’re responsible for. This blog post is a step in the direction of making the structure more transparent, so that it’s easier to see how to get involved and have a voice in the various bodies. It can be considered a draft form, and background for material that should later get properly organised on our web pages.

When we founded the FSFE in 2001, we believed that a European organisation required formal chapters in each European country, and the structure we put in place for this reflected that. We had a European hub registered in Germany, with local chapters in other countries. The members of the local chapters, with some additions, made up the members of the European hub. In practice, we learned that having a local chapter formally registered as an association in a country was a lot of work, didn’t seem to contribute substantially to our work, and most of the benefits of having a local organisation was connected more to having a local team rather than a formal organisation.

So the organisation shifted towards having teams of people (without a formal organisation), which can be geographical (like Sweden, Italy, Berlin, DACH, or any other geographic overlapping or non-overlapping formation) or topical (like our web team, system administration team, translators, or so on). To a significant extent, this is how the FSFE is still organised, though where we’ve failed to be as transparent as we could be is in providing easier access to those teams, and more clarity on our web pages about what teams we actually have (this will see some work on our part in 2016).


So what about the members then? Let’s start at the top of the organisation. The highest decision making body of any organisation is the annual gathering of its members. The same is true for the FSFE, and we routinely talk about this as our General Assembly (or just GA for short), regardless of if we mean the actual time of year when the members meet or if we talk about the mailing list that all members are subscribed to. In practice, the annual meeting is a rather sordid affair mostly to settle some of the legal obligations we have, to elect and exonerate our president, vice president, and financial officer. The protocols from those meetings are publicly available on our web pages.

The members also provide feedback on (and approve) the organisation’s budget, support the executives in long term strategy, receive regular reports about individual employees and so on. A lot of this happens throughout the year and isn’t connected to the annual meeting, but include the same people albeit virtually. In practice, the members can also give orders to the executives about the activities the organisation engage in, to hire or fire staff, or to change the organisations constitution. If there was a majority in favor of it among the members, they could even change the purpose and activities of the organisation to one that favour proprietary software!

They don’t, and one reason they don’t is that it’s a smaller (currently 21 people) group of people who’ve demonstrated a significant commitment to free software over a long period of time (I don’t have any statistics on this, but we’re talking on average somewhere between 10 and 30 years). The likelihood that one of them would go against the principles of free software is very slim, and that’s the very purpose of the GA: to provide the long term commitment and stability to the organisation. Every once in a while, someone new joins the GA, and this usually happens after they’ve been a member of the organisations Fellowship for some time, participated in some teams, and met many of the existing members in order to establish some mutual trust.

There’s no formal way in which this happens, but in practice, the FSFE’s President is usually the one that either identify people that would want to join, or who is approached by people wanting to join. If there’s an agreement between the members, the President would then grant membership to that person to be confirmed at the next annual meeting.


As a way of supporting the organisation, individuals may choose to donate money to support our activities or to join one of the teams to participate in the work. A lot of people also decide to join the organisations Fellowship, which is a great way to contribute financially to the organisation, and to get a deeper connection with our work. In some cities around Europe, Fellows meet regularly, engage actively in our campaigns or develop their own campaigns for their area to promote free software.

Every year, we also hold an election between the Fellows where they elect someone from among themselves to join the General Assembly for a two year term. The people elected by the Fellows take some responsibility for being the link between the GA and the Fellows and have the same rights as anyone else in the GA.


The executives of the organisation: the President, Vice President, Executive Director, together with the Financial Officer as an observer, make up what we call the Executive Council. This is the closest you can get to a board of directors as you would know it from another organisation, and the members are elected or appointed by the General Assembly. The executive council manage the budget, follow up on our financial results routinely and often approve larger expenses.

A lot of the day to day decisions that are needed by the organisation’s staff, but which don’t need the approval of the GA, are taken by the executive council, including (recent examples), which bank should we use, who should be authorised to make expenses and should we send out donation receipts ourselves or should we contract someone to do that. These are decisions that are important for the organisation and the staff that they are taken, but which do not directly influence our mission.


There are more teams in the FSFE than even I are aware of, most of them driven by volunteers and active within their own geographic area or topic. This is where we’ll spend some effort during 2016 to make the list of teams more transparent, to make sure that each team is presented on our web page, including information about what they work on, so that it’s easier for people who look at the organisation to see where they can get involved.

The teams are where all the truly interesting decisions are taken! And to a large extent, the teams work autonomously and don’t require any authority from anyone else in the organisation for their decisions. Our local Fellowship teams regularly participate in events or organise some activities, without any need to ask anyone else. Our system administrators take a lot of decisions about the infrastructure we offer, and so on. These decisions are usually taken by consensus among the people within the team, or — if you want to be a bit critical — by the absence of opposition. Frequently, a lot of decisions are taken by someone emailing a list saying that “I’m going to do X, unless someone objects.”

There’s some exceptions of course: a team can’t take a decision that influence other teams. Such decisions require communication beforehand so that everyone is on the same page. And a team can’t make expenses for the organisation without approval first. When there are decisions that influence more than one team, they’re often taken in our Core Team or our Coordinators group, both of which include the coordinators from our teams. When there’s a decision that require funding, this is often approved by the executive council unless it already fits in one of the existing budgets (for instance, if a local team needs some funding to print leaflets, we’d usually offer to print them or fund that from our usual budget for information material without the need for the council to make a decision).

Where to have an influence

If you are interested in joining the FSFE, a common first step is to join our Fellowship and one of our teams. You’ll have the opportunity to work together with other volunteers, our staff, and to do things truly useful to bring free software forward. Having been a Fellow for at least a year allows you be a candidate for the election to the GA. And in general, showing a sustaining commitment to free software, establishing trust between you and other members and Fellows, is a step towards one day joining the GA on a more permanent basis if this is of interest to you.

For a lot of people, the administrative affairs of the GA are much less exciting than the day to day activities of our teams, and a lot of people who’ve been volunteers for the organisation for very many years feel that what they provide to further free software by working actively in a team is much more important than the contribution they could make in deciding on a budget for the organisation.

From my side, when people ask me whether they should contribute financially to the organisation or join one of our teams as a volunteer, I always ask them to join as a volunteer. While we appreciate any financial contribution we get, the work that we do is heavily influenced and made possible by our volunteers and the contribution of even an hour a week to our work, or helping us organise a presence at a local event, is much more useful for free software than the financial contribution.

What’s missing?

I’ve hinted at this before, that what’s critically missing at the moment is a good overview of the teams the FSFE have, who is helping to coordinate each team and what they do. That’s something we want to improve on, and it’s something that will see improvement during 2016, which will also see other changes in how we work and how we become more transparent and inclusive in our work generally. Our default should be: free and open.

Monday, 18 January 2016

Ο σκοταδισμός της πνευματικής ιδιοκτησίας

nikos.roussos - opensource | 02:21, Monday, 18 January 2016

Εδώ και πολλά χρόνια οι εταιρίες παραγωγής οπτικοακουστικού υλικού και οι οργανισμοί συλλογικής διαχείρισης πνευματικών δικαιωμάτων προσπαθούν να αντιμετωπίσουν τη διακίνηση πνευματικού έργου μέσω του internet. Δεν προσπάθησαν ούτε να το κατανοήσουν, ούτε να προσαρμοστούν. Αυτό που ξεκίνησε ως προσπάθεια περιορισμού, συνεχίστηκε ως προσπάθεια καταστολής και προσπάθεια άρσης βασικών ατομικών ελευθεριών. Και δυστυχώς δεν είναι πάντα απλώς προσπάθειες. Υπάρχουν και ήττες και νίκες σ' αυτό τον "πόλεμο".

Φτάσαμε σε ένα σημείο που οι άνθρωποι του πνεύματος (μέσω των εκπροσώπων τους, των δικηγόρων τους και των εταιριών στις οποίες οικειοθελώς παραχωρούν την εκμετάλλευση των έργων τους) έχουν συμφιλιωθεί με την ιδέα πως το δικαίωμα στην πνευματική ιδιοκτησία είναι πιο σημαντικό από βασικά ατομικά δικαιώματα και ελευθερίες, όπως το απόρρητο των επικοινωνιών ή η ελευθερία λόγου. Δεν θα ξεχάσω την τελευταία φορά που συμμετείχα σε ημερίδα του Οργανισμού Πνευματικής Ιδιοκτησίας (ΟΠΙ), το γεγονός πως οι περισσότεροι οργανισμοί αντιμετώπιζαν το internet ως μια μάστιγα που ήρθε στην ανθρωπότητα και πρέπει να κάνουμε ό,τι περνάει απ' το χέρι μας να περιορίσουμε την ελεύθερη χρήση του. Νομικός εκπρόσωπος ενός τέτοιου οργανισμού έφτασε στο σημείο να προτείνει πως θα ήταν "καλή ιδέα" να περιοριστεί το μέγεθος των αρχείων που μπορούμε να κατεβάσουμε απ' το internet σε λίγα MB. Πέρα απ' την φανερή έλλειψη βασικής τεχνογνωσίας για τη λειτουργία του internet, τέτοιες απόψεις και η ευκολία με την οποία προτείνουν να περιορίσουμε ένα εργαλείο που έχει εκδημοκρατίσει σε μεγάλο βαθμό τη διανομή πνευματικής δημιουργίας, είναι ο λόγος που το παρόν post φέρει αυτό τον τίτλο.

Εδώ και κάποιες ημέρες έχει τεθεί σε διαβούλευση ο νέος νόμος διαχείρισης δικαιωμάτων πνευματικής ιδιοκτησίας. Ως συνήθως ο νόμος είναι αρκετά μακροσκελής και οργουελικά ασαφής για να τον διαβάσουν οι περισσότεροι πολίτες. Θα ήθελα να σταθώ σε δύο σημαντικά σημεία του νόμου. Στο θέμα της επιτροπής λογοκρισίας, που συστήνεται στον υπό πρόταση νόμο, και στο θέμα της a priori αμοιβής των καλλιτεχνών από αγορές ηλεκτρονικών υπολογιστών.

Επιτροπή Λογοκρισίας

Το άρθρο 69, παράγραφος 8 περιγράφει τη δημιουργία μιας επιτροπής που θα αποφαίνεται για ζητήματα παραβίασης του νόμου περί πνευματικής ιδιοκτησίας (του περιβόητου 2121/1993) στο internet. Για να σας γλιτώσω αρκετό διάβασμα παραθέτω τα σημαντικά σημεία.

  • Η Επιτροπή είναι 5μελής και θα αποτελείται από τον πρόεδρο και τον διευθυντή του ΟΠΙ, έναν εκπρόσωπο της ΕΕΤΤ, έναν δικαστή του Αρείου Πάγου και έναν δικαστή του Συμβουλίου της Επικρατείας.

  • Οι δικαιούχοι έργων πνευματικής ιδιοκτησίας μπορούν να προσφύγουν σ' αυτή την Επιτροπή, η οποία πρέπει εντός 10 ημερών να αποφασίσει αν υπάρχει όντως θέμα ή όχι.

  • Αν η Επιτροπή αποφανθεί πως υπάρχει παράβαση ζητά απ' τους παρόχους πρόσβασης internet (ISPs) να κόψουν την πρόσβαση στο συγκεκριμένο website.

  • Σε περίπτωση μη συμμόρφωσης προς το δικαστικό της απόφασης η Επιτροπή επιβάλλει πρόστιμο ποσού 500€ έως 1000€ για κάθε ημέρα μη συμμόρφωσης.

  • Είναι σημαντικό πως ξεκαθαρίζεται ότι η παρούσα διαδικασία δεν εφαρμόζεται κατά τελικών χρηστών. Προς το παρόν λοιπόν ο νόμος δεν περιγράφει διαδικασίες άρσης απορρήτου για τους χρήστες που κατεβάζουν έργα πνευματικής δημιουργίας ενδεχομένως παρανόμως.

  • Κατά των αποφάσεων της Επιτροπής μπορεί να ασκηθεί προσφυγή ενώπιον του Διοικητικού Εφετείου Αθηνών εντός 30 ημερών από την κοινοποίηση της απόφασης. Δεν είναι σαφές απ' το κείμενο του νόμου αν την προσφυγή πρέπει να την κάνει ο πάροχος της υπηρεσίας (πχ. ο κάτοχος της ιστοσελίδας) ή μπορεί οποιοσδήποτε θεωρεί πως θίγεται απ' την εφαρμογή της απόφασης να προσφύγει στη δικαιοσύνη.

Αν δεν είναι αρκετά σαφές ας το διατυπώσω όσο πιο εμφατικά μπορώ. Αυτό που περιγράφει ο νόμος είναι τη σύσταση μια επιτροπής με την απόλυτη εξουσία και χωρίς να έχει προηγηθεί καμία δικαστική απόφαση να διατάσσει τους παρόχους να μπλοκάρουν ένα website από το ελληνικό internet.

Είναι φανερό πως η δημιουργία της επιτροπής είναι εμπνευσμένη απ' την αντίστοιχη που υπάρχει για τα τυχερά παιχνίδια (ΕΕΕΠ). Τα πράγματα βέβαια στον χώρο των πνευματικών δικαιωμάτων είναι ακόμα πιο πολύπλοκα και το μέλλον αρκετά πιο ζοφερό.

Υπάρχουν αρκετές δικαστικές αποφάσεις ως τώρα που έχουν διατυπώσει πως το να φιλοξενείς στο website σου παραπομπές για παράνομο υλικό που φιλοξενείται αλλού δεν συνιστά παράβαση. Ο Βασίλης Σωτηρόπουλος έχει καταγράψει κάποιες απ' αυτές τις μικρές νίκες. Υπάρχει η απόφαση του εφετείου της Βαρκελώνης, η απόφαση του Πρωτοδικείου Κιλκίς (με αφορμή το, που λινκάρει περιεχόμενο κυρίως στο youtube), και πολλές ακόμα σε Ευρώπη και ΗΠΑ.

Για να το κάνω λίγο πιο σαφές αυτό, αν στο site σου παρέχεις links προς κομμάτια μουσικής που φιλοξενούνται αλλού (πχ. youtube) τα δικαστήρια έχουν πολλάκις αποφανθεί πως δεν φέρεις εσύ την νομική ευθύνη για το αν τα έργα αυτά είναι νομίμως αναρτημένα. Θα σεβαστεί η Επιτροπή όλα αυτά τα δεδικασμένα; Ας το τραβήξω όμως λίγο παραπάνω. Τι γίνεται με τους torrent trackers; Οι torrent trackers δεν φιλοξενούν έργα πνευματικής ιδιοκτησίας ή γενικώς αρχεία προς κατέβασμα. Περιέχουν αρχεία μεταδεδομένων (metadata) ώστε να μπορούν οι χρήστες να μοιραστούν αρχεία (πχ. μια ταινία) μεταξύ τους. Παρέχουν συνήθως ένα magnet link, δηλαδή μια παραπομπή ώστε οι χρήστες να διαμοιραστούν αρχεία. Πρακτικά είναι ακόμα πιο "αθώα" από μια παραπομπή στο site μου προς ένα έργο στο youtube. Θα σεβαστεί η Επιτροπή την ελευθερία ύπαρξης τέτοιων υπηρεσιών;

Ποιος ελέγχει την Επιτροπή σε περίπτωση που καταχραστεί την εξουσία της; Ο νόμος δίνει καταρχήν τη δυνατότητα στους παρόχους να αιτιολογήσουν πιθανή μη-συμμόρφωση. Αλλά κρίνοντας απ' το πως έχουν χειριστεί το θέμα με την ΕΕΕΠ, μάλλον δεν πρέπει να ελπίζουμε πως θα σκεφτούν το συμφέρον των πελατών τους. Ο νόμος επίσης δίνει τη δυνατότητα για δικαστική προσφυγή, αλλά εκ των υστέρων και χωρίς να αναστέλλεται η απόφαση στο ενδιάμεσο.

Τέλος υπάρχει και το τεχνικό κομμάτι. Οποιοσδήποτε χρήστης μπορεί να "παρακάμψει" τέτοιες απαγορεύσεις είτε αλλάζοντας τους DNS servers που χρησιμοποιεί από αυτούς του παρόχου του σε κάτι πιο δημοκρατικό. Ή εναλλακτικά να χρησιμοποιήσει Tor. Αλλά νομίζω πως έχει γίνει σαφές ως τώρα πως το πρόβλημα δεν είναι πρωτίστως τεχνικό.

Αμοιβή καλλιτεχνών

Στο ίδιο άρθρο στην παράγραφο 2β ο νόμος προβλέπει αμοιβή 2% απ' την αγορά ηλεκτρονικών υπολογιστών. Δεν θέλω να σταθώ τόσο στο γιατί είναι λάθος να χρεώνεις a priori όλους τους χρήστες ηλεκτρονικών υπολογιστών ανεξαρτήτως αν κάνουν χρήση έργων πνευματικής ιδιοκτησίας. Αυτό που θεωρώ πιο σημαντικό στη συγκεκριμένη περίπτωση είναι το γεγονός πως δεν υπάρχει απολύτως καμία διαφάνεια γύρω απ' τους οργανισμούς συλλογικής διαχείρισης ώστε να αποδίδεται δικαίως αυτή η αμοιβή. Ας πάρουμε το παράδειγμα της μουσικής και της ΑΕΠΙ. Τι γίνεται με τους μουσικούς που έχουν επιλέξει να διανέμουν τη μουσική τους με ελεύθερες άδειες και κατ' επέκταση δεν είναι μέλη της ΑΕΠΙ; Που είναι τα πλήρη οικονομικά στοιχεία της ΑΕΠΙ για να δούμε πώς κατανέμονται τα χρήματα που συλλέγει; Γιατί είναι κερδοσκοπικού χαρακτήρα απ' τη στιγμή που υπάρχει απλά για να εκπροσωπεί τους καλλιτέχνες; Απ' τη στιγμή που υπάρχει αυτή η έλλειψη διαφάνειας και οι οργανισμοί συλλογικής διαχείρισης λειτουργούν ως κερδοσκοπικές ιδιωτικές εταιρίες για ποιο λόγο το κράτος λειτουργεί ως εισπράκτορας για λογαριασμό τους;

Τι μπορείς να κάνεις

  • Ενημερώσου. Διάβασε το αναλυτικό post του kargig για να έχεις μια πιο σφαιρική εικόνα της λογοκρίσίας στο ελληνικό internet.

  • Τώρα ξέρεις. Ενημέρωσε όσους περισσότερους ανθρώπους μπορείς. Μην περιμένεις να αρχίσουν να κυνηγούν και χρήστες (δηλαδή να χτυπήσουν και τη δική σου πόρτα) για να αντιδράσεις.

  • Αν ο νόμος τελικώς ψηφιστεί, φρόντισε τουλάχιστον να αμυνθείς σε τεχνικό επίπεδο. Μάθε πως μπορείς να παρακάμψεις τη λογοκρισία ή/και να διατηρήσεις την ανωνυμία σου. Στο κάνουμε συχνά συναντήσεις και workshops γύρω απ' αυτά τα θέματα. Αν κατά τύχη είσαι σε κάποιο εκπαιδευτικό οργανισμό ή βιβλιοθήκη θα χαρούμε να οργανώσουμε κι εκεί κάποιο workshop.

  • Αν όλα πάνε στραβά, χρειαζόμαστε δικηγόρους. Έστω κι αν καταφέρουμε να αντιμετωπίσουμε τη λογοκρισία εκ των υστέρων και να αντιστρέψουμε περιπτώσεις κατάχρησης εξουσίας εκ μέρους της Επιτροπής, θα είναι αρκετά σημαντικό

  • Γράψε την άποψη σου στη διαβούλευση. Αν και δεν είμαι υπέρμαχος δομών που συντηρούν την ψευδαίσθηση συμμετοχικής δημοκρατίας, ανοιχτής διακυβέρνησης, ή όπως αλλιώς λέγεται αυτή την περίοδο, είναι κρίμα σχεδόν όλα τα σχόλια στο συγκεκριμένο άρθρο να είναι από οργανισμούς συλλογικής διαχείρισης που ζητούν ακόμα μεγαλύτερη "αυστηρότητα".

Αντί επιλόγου

Αν και έχω χρησιμοποιήσει τον όρο "πνευματική ιδιοκτησία" αρκετές φορές στο post, αποφεύγω συνήθως να τον χρησιμοποιώ. Δεν αναγνωρίζω δικαιώματα ιδιοκτησίας στην πνευματικής δημιουργία. Ανέκαθεν θεωρούσα πως απ' τη στιγμή που ένας δημιουργός διαθέσει το έργο του δημόσια τότε αυτομάτως γίνεται και δημόσιο κτήμα (public domain που λένε και οι νομικοί). Αλλά παρόλα αυτά, αν αναγνωρίσουμε δικαιώματα ιδιοκτησίας, τότε θα πρέπει να το κάνουμε σε συνδυασμό με ό,τι ο όρος ιδιοκτησία συνεπάγεται. Μεταξύ αυτών είναι και η φορολόγηση αυτής της ιδιοκτησίας, ανεξαρτήτως αν αποφέρει έσοδα.

Comments and reactions on Diaspora or Twitter


Elena ``of Valhalla'' | 08:01, Monday, 18 January 2016


Enrico Zini coined the BDSM Free Software Manifesto (formerly Definition, which however isn't as precise as a description and more importantly doesn't fit in a cool geeky acronym):

I refuse to be bound by software I cannot negotiate with.

This begged to be turned into a cross-stitch wall hanging. I couldn't refuse.


More information and context for the phrase can be found in the notes for Enrico's talk at DebConf 2015: "Enrico's Semi Serious Stand-up Comedy". Note that while fully textual, the topics may be considered not really SFW, and some of the links definitely aren't. It also includes many insights into the nature of collaboration and Free Software Communities, so I'd recommend reading it (and watching the video recording of the talk) anyway.

I've finally also published the pattern on my website:

* The image I've used while embroidering
* kxstitch project (converted now that kxstitch is back into Debian)
* kxstitch generated PDF

Edit: fixed broken links to kxstitch resources.

Friday, 15 January 2016

OpenBSD on the Thinkpad X250

emergency exit | 16:17, Friday, 15 January 2016

Since posts like these often helped me setup some device, I thought I’d write one as well this time. Also it is advertising for a good free operating system.


Everything works almost perfectly, good hardware, good software! You should give it a try :)


I have got a fairly high-end config:

  • Intel® Core™ i7-5600U
  • 16GB RAM
  • 1920×1080 Display, non-glare, non-touch
  • 512GB Samsung SSD
  • Intel LAN + WLAN
  • Pro-Dock

Installing OpenBSD

You need a current OpenBSD snapshot (or 5.9 once it is released).

  1. get the install58.fs from a server near you, dd it to a USB-Stick and boot from it
  2. follow the instructions on the screen to install 5.8
  3. get the bsd.rd from a current snapshot and place it in / (maybe backup the existing one)
  4. reboot into it (enter boot bsd.rd at the bootloader prompt)
  5. follow the intructions on the screen to update to the 5.9-snapshot
  6. after you have rebooted into 5.9, run sysmerge

Et voila, you are on a current branch of OpenBSD. You should have seen the virtual console resize after the update to the new version.


The BIOS has some useful settings, you might want to make, e.g. switching
Fn and lCtrl buttons and switching the meaning of the F*-keys to be F*-keys by default and not “media keys”. Unfortunately deactivating the keypad from the BIOS does not work ( it can however be deactivated by software, see below).

Xorg and periphals

No xorg.conf nor any configuration like that is needed to bring up X since the new Intel driver takes care of everything. 3D acceleration works, however the direct rendering devices come with write access only given to root. It’s probably a security “feature”, but it prevents 3D for regular users so I created
/etc/rc.local (this is run on startup) with:

/bin/chmod g+rw /dev/drm*

You should have setup the keyboard to your local layout during install, but if
you haven’t done so or want to deactivate dead keys you can edit /etc/kbdtype, e.g. to de.nodead. This affects both the console and Xorg. Inside Xorg the “media buttons” for display brightness and sound work automatically.

To deactivate the mouse touchpad and make scrolling working with the pointer in combination with the middle mouse button, I have added the following to my .xinitrc/.xsession:

# deactivate touchpad
synclient TouchpadOff=1

# activate scroll wheel button
xinput set-prop "/dev/wsmouse" "WS Pointer Wheel Emulation" 1
xinput set-prop "/dev/wsmouse" "WS Pointer Wheel Emulation Axes" 6 7 4 5
xinput set-prop "/dev/wsmouse" "WS Pointer Wheel Emulation Button" 2
xinput set-prop "/dev/wsmouse" "WS Pointer Wheel Emulation Timeout" 50
xinput set-prop "/dev/wsmouse" "WS Pointer Wheel Emulation Inertia" 3

# increase pointer speed
xinput set-prop "/dev/wsmouse" "Device Accel Constant Deceleration" 0.4

I have to note though that the Pointer Wheel Emulation does not work satisfactory, there is often some jitter and then scrolling stops working. Also the increased sensitivity produces very slight ghost movements of the mouse (very small, but noticable movements of the mouse in the bottom left direction). I still need to debug this, maybe its also a hardware issue.

The dock seems to work (charging and on/off), although I have not yet tested hooking up external input devices or screens.


Both lan and wlan devices come with working drivers and the firmware for the wifi card is automatically downloaded upon install. It should be noted that OpenBSD does not have a service for managing networks and that it implements WPA[2] PSK inside its regular networking infrastructure (it doesn’t need wpa_supplicant). For enterprise WPA (like eduroam) however, wpa_supplicant is needed.

I have fiddled around with some solutions and ended up adapting a script. The original is wifinwid, but I changed it so that it restarts wpa_supplicant before trying every network and also only starts dhclient after it has attached to a network. This solution requires a file at /usr/local/etc/nwids.iwm0 with your saved networks in preferred order (every line is the arguments line for the ifconfig call), e.g.:

nwid MYSSID -wpa wpa wpaakms psk wpakey SECRETYO up
nwid eduroam -wpa wpa wpaakms 802.1x up

For the “enterprise” WPA networks like eduroam you have to additionally edit /etc/wpa_supplicant.conf (but not for other WPA networks!). The exact values are the same as for other operating systems, see e.g. this site. You do however need to add a wpa_supplicant_flags=-c /etc/wpa_supplicant.conf -D openbsd -i iwm0 line /etc/rc.conf.local.

Ultimately you have make the script be started on boottime and also initially make it not connect to some random unencrypted network via /etc/hostname.iwm0:

!/usr/local/sbin/wifinwid \$if &

Now you have the behaviour that it only ever connects to known networks and that you can roam between different known networks, encrypted or unencrypted, PSK or with personal authentication.


You need to activate the APM-daemon in your rc.conf.local:


This enables speed-stepping and also suspend and resume. I have tested the zzz command (suspend to RAM), but not yet ZZZ (suspend to disk). There seem to be no problems at all with X and the wifi also automatically reconnects if setup like above.

Brightness control works through keyboard shortcuts and the battery time seems to be good, although I haven’t done long-term tests, yet. With the large battery official number is “up to 20 hours”, if I get 12 hours that would be enough for me. A nice thing is that the notebook has an internal battery so you can change the external one without rebooting. The estimation of the remaining time via apm or sysctl seems to be accurate and my windows manager i3′s infobar supports these sensors automatically.


Altogether I am very happy about the hardware support, with the only annoyance being the mouse (which is not crucial, because I work more via keyboard anyway). Thanks to all the involved developers! I will probably update this post in the near future, once I have more things tested!

Thursday, 14 January 2016

The Best of 2015

Seravo | 09:31, Thursday, 14 January 2016


Another new year has started, and we think it is time to look a bit back and review what became the most popular content in Seravo Blog in 2015.

Alltogether, in 2015, Seravo’s web page gained 233 681 visits and 196 401 users – these are pretty cool numbers for a modest sized company that we still are. Actually, there were more visits to during the year than there are people living in our hometown Tampere (being the third largest city in Finland with 225 269 inhabitants).

For these great statistics we can blame this blog, which has attracted the vast majority of our online visitors. So let’s see what were the most popular blog posts last year – and which ones remain as the all-time favourites still today.

The five most popular blog posts in in 2015

1. 10 reasons to migrate to MariaDB (if still using MySQL)

The most popular post last year – and actually the first article written in 2015 – was the one praising MariaDB and providing a list of reasons to start using it as your database. The article also created lively discussion in the comment section!

2. Ubuntu Phone and Unity vs Jolla and SailfishOS

In August we compared two Linux-based mobile operating systems that stand as competitors to Android. As a conclusion we claimed that  “Jolla and SailfishOS would be the technically and usabilitywise superior alternative, but then again Ubuntu could be able to leverage on it’s position as the most popular Linux distribution in desktops and servers”. All in all, we hoped for new innovations fueling from these (at least for now minor) competitors.

3. Ubuntu Phone review by a non-geek

The new Ubuntu Phone was clearly in the center of the open source community’s attention in the summer of 2015. A not-that-technical review on the phone became the year’s third most visited blog post. After that the phone has been tested and tried by Seravo geeks too – and has not gained too admirable evaluations…

4. Continuous integration testing for WordPress plugins on Github using Travis CI

If that wasn’t technical enough for you, maybe the article on testing WordPress plugins will do? And if you found youself puzzled after reading it, do not hesitate to contact us. Seravo can help you using PHPUnit, Rspec and Travis in your projects, please feel free to ask us about our WordPress testing via email at .

PS. If you identify yourself as a Finn (or for some other odd reason happen to be familiar with Finnish), check out our blog on that focuses on all things happening within and around WordPress.

5. Fixing black screen after login in Ubuntu 14.04

The fifth most read article in 2015 was our guide to fixing a Ubuntu login problem that raised from some of our customers. Instead of charging for one hour of work for fixing the problem, we provided the instructions for everyone to do it on their own.


The all-time favourites

Even though they say that infomation ages faster than ever, it seems that even ancient articles in the Seravo blog are still valid and popular today. The post on how to turn any computer into a wireless access point with Hostapd from August 2014 is actually still the most popular of all pages with over 67 000 page visits. The more recent post on why to migrate to MariaDB has taken the second place with nerly 57 000 visits.

Next in the all-time top five favourites come the following articles:

Free Your Android phone (and upgrade to the latest Android version)!

Optimizing web server performance with Nginx and PHP

Virtualized bridged networking with MacVTap


In fact, our front page with approximately ten thousand visits per year only comes as sixth on the list of our most popular pages. This proves us that a blog is a great way to attract attention and to participate in the on-going technological discussion.

Although located in the northern corner of the world, in this distant land of snow and software, Seravo has with its online presence drawn visitors from all over the world: United States, India, Germany and United Kingdom form the top four and our dear own Finland takes the fifth place on this list.


At this point we would like to thank all of our visitors, readers and especially those who have commented on the blog posts! We will keep on posting new topics in 2016 as well, and the comment section is always open for new thoughts and constructive criticism. We are also more than happy to receive ideas for future blog posts from any of you.

Happy new year!

Conservancy supporter, at last!

Elena ``of Valhalla'' | 08:58, Thursday, 14 January 2016

Conservancy supporter, at last!

Yesterday I've finally donated to become a Conservancy Supporter

The reasons to donate have already been explained many times both on Planet Debian and elsewhere; a few weeks ago I wrote a post (in Italian) on the Ninux community blog to spread the word about it.

So, why I haven't donated earlier?

Trying to donate via PayPal from Italy (and, it seems, from Europe in general) requires a PayPal account, which I don't have and don't want to have, so I contacted them to ask for bank transfer instructions.
The first instructions I received were too complex for my online-only bank account, so I asked my bank for help, there was an exchange of emails, further simpler instructions from their bank, a small donation to test everything and time passed.

Finally, the good news: it is possible to donate to Conservancy from Italy (and probably from elsewhere in EU) using a SEPA transfer with minimal commissions and usually available from the home banking websites, so that it doesn't require significantly more effort than using paypal.
You can contact Conservancy via e-mail to get the relevant payment data.

(Conservancy has an account in EUR which is then used to pay for expenses in EUR, so no currency conversion commission are involved.)

Tuesday, 12 January 2016

Testing Times for Free Software and Open Hardware

Paul Boddie's Free Software-related blog » English | 00:26, Tuesday, 12 January 2016

The last few months haven’t been too kind on Free Software and open hardware initiatives in a number of ways. Here, in a shorter form than one might usually expect from me, are some problematic developments on topics that I may have covered in the past year.

Software Freedom Undervalued

About a couple of months ago, the Software Freedom Conservancy started a fund-raising campaign after it became apparent that companies could not be relied upon to support the organisation’s activities. Since the start of the campaign, many individuals have stepped up and pledged financial support of their own, which is very generous of them, as is the support of enlightened organisations that have offered to match individual contributions.

Sadly, such generosity seems not to be shared by many of the largest companies making money from Free Software and from Linux in particular, and thus from the non-financial contributions that make projects like Linux viable in the first place, with many of those even coming from those same generous individuals who have supported the Conservancy financially. And let us consider for a moment why one prominent umbrella organisation’s members might not want to enforce the GPL, especially given that some of them have been successfully prosecuted for violating that licence, in relation to various Free Software projects, in the past.

The Proprietary Instincts of the BBC

The BBC Micro Bit was a topic covered in the last year, when I indicated a degree of caution about the mistakes of the past being repeated needlessly. And indeed, for some time, everything was being done behind the curtain of a non-disclosure agreement (NDA), meaning that very little information was being made available about the device and accompanying materials, and thus very little could be done by the average member of the public to prepare for the availability of the device, let alone develop their own materials, software, accessories or anything else for it.

Since then, a degree of secrecy has been eliminated, and efforts have been made to get the embedded variant of Python known as Micropython working on the board. However, certain parts of that work still appear to be encumbered by NDA, arguably making the effort of developing Python-related materials something of a social networking exercise. Meanwhile, notorious industry monopolist, Microsoft, somehow managed to muscle in on the initiative and take control of the principally-supported method of developing software with the device. I guess people at the BBC and their friends in politics and business don’t always learn from the mistakes of the past, particularly as they spend other people’s money.

The Walled Garden Party’s Hangover for Free Software Development

Just over twelve months ago, I made some observations about the Python core development group’s attraction to GitHub. It seems that the infatuation with the enthusiastic masses and their inevitable unleashing on Python assets, with the expectation of stimulating an exponential upturn in development activity, will now be gratified through a migration of various Python infrastructure components to the proprietary and centralised service that GitHub offers. (I have my doubts as to whether CPython contribution barriers are really the cause of Python’s current malaise, despite the usual clamour for Git and the associated “network effects” amongst a community of self-proclaimed version control wizards whose powers somehow don’t extend to mastering simple workflows with other tools.)

Anatoly Techtonik makes some interesting points, which will presumably go unheard because those involved have all decided not to listen to him any more. One of the more disturbing ones is that the “comparison shopping” mentality, where Free Software developers abandon their colleagues writing various tools and systems in favour of random corporations offering proprietary stuff at no cost, may well result in the Free Software solutions in such areas becoming seen as uncompetitive and unattractive. What those making such foolish decisions fail to realise is that their own projects can easily get the same treatment, if nobody bothers to see beyond the end of their own nose.

The result of all this is less funding and fewer resources for Free Software projects, with potentially fewer contributions, too, as the attraction of supporting “losing” solutions starts to fade. Community-oriented Free Software is arguably grossly underfunded as it is: we don’t really need other Free Software developers abandoning or undermining their colleagues while ridiculing those colleagues’ “ideological purity“. And, of course, volunteer effort will undoubtedly be burned up in the needless migration to the proprietary solution, setting everyone up for another costly transition down the road, which experience indicates is always more work than anyone anticipated (if they even bothered to think ahead at all).

PayPal: Doesn’t Pay, Not Your Pal

It has been a long time since I wrote about the Neo900 project. Things were looking promising: necessary components had been secured, and everyone was just waiting for Nikolaus to finish his work with the Pyra handheld console. And then we learned that PayPal had decided to hold a significant amount of money as a form of “security”, thus cutting off a vital source of funds for actually doing the work. Apparently, PayPal have a habit of doing this kind of thing, on one reported occasion even taking the opportunity to then offer loans to those people they deliberately put in such a difficult position.

If you supported the Neo900 project and pledged funds via PayPal, you need to tell PayPal to actually pay the project. You know: like the verb in their company name. Otherwise, in the worst case, you may not only not get a Neo900 and not see it developed to completion, but you will also have loaned your money to a large corporation for a substantial period and earned no interest on that involuntary loan, perhaps even incurring fees for the privilege. (So, please see the “How to fix it” section of the relevant article.)

Maybe in 2016, people will become a lot clearer about who their real friends are. Let us hope so!

Monday, 11 January 2016

monopati, a minimalistic static content generator

nikos.roussos - opensource | 08:01, Monday, 11 January 2016

I have tried many static content generators in the past. My site/blog is rendered to static since a couple of years ago. So this post is about writing yet another static content generator.

I have two major requirements. Simplicity and no extra features. All I want is a simple blog and some static pages. So Markdown and Jinja should be enough. No fancy features needed. I also wanted this to be so simple that even non-tech people would use it with minimum effort. One of the things that bothers me with most generators is that they render the whole website in another folder, so it's hard to have one repository with both your posts markdown code and the rendered output so you can easily host it (eg. on Github pages).

So I scratched my itch and monopati, a minimalistic static content generator, was born. As of today my website is rendered using my own static content generator (with all content on version control). I promise to write a post with concrete easy steps on how to deploy your own website/blog using monopati and without paying for any hosting service.

Feedback and code patches are always welcomed.

Comments and reactions on Diaspora or Twitter

FOSDEM RTC Dev-room schedule published - fsfe | 06:09, Monday, 11 January 2016

If you want to help make Free Real-time Communication (RTC) with free, open source software surpass proprietary solutions this year, a great place to start is the FOSDEM RTC dev-room.

On Friday we published the list of 17 talks accepted in the dev-room (times are still provisional until the FOSDEM schedule is printed). They include a range of topics, including SIP, XMPP, WebRTC and peer-to-peer Real-time communication.

RTC will be very prominent at FOSDEM this year with several talks on this topic, including my own, in the main track.

Saturday, 09 January 2016

Comments about people with mental illness - fsfe | 17:00, Saturday, 09 January 2016

A quote:

As the Buddha said 2500 years ago... we're all out of our fucking minds. (Albert Ellis)

There have been a few occasions over the last year where people suffering mental illnesses have been the subject of much discussion.

In March 2015 there was the tragic loss of Germanwings flight 9525. It was discovered that the co-pilot, Andreas Lubitz, had been receiving treatment for mental illness. Under strict privacy laws, nobody at his employer, the airline, had received any information about the diagnosis or treatment.

During the summer, the private mailing list for a large online community discussed the mental illness of a contributor to a project. Various people expressed opinions that appeared to be generalizations about all those with mental illness. Some people hinted the illness was a lie to avoid work while others speculated about options for treatment. Nobody involved mentioned having any medical expertise.

It is ironic that on the one hand, we have the dramatic example of an aircraft crashing at the hands of somebody who is declared unfit to work but working anyway and on the other hand when somebody else couldn't do something, the diagnosis is being disputed by people who find it inconvenient or don't understand it.

More recently, there has been openly public discussion about whether another developer may have had mental illness. Once again, there doesn't appear to be any evidence from people with any medical expertise or documentation whatsoever. Some of the comments appear to be in the context of a grudge or justifying some other opinion.

What's worse, some comments appear to suggest that mental illness can be blamed for anything else that goes wrong in somebody's life. If somebody is shot and bleeds to death, do you say low blood pressure killed him or do you just say he was shot? Likewise, if somebody is subject to some kind of bullying and abused, does this have no interaction with mental illness? In fact, Google reveals an enormous number of papers from experts in this field suggesting that mental illness can arise or be exacerbated by bad experiences. Although it may not have been clear at that point in time, when we look back at Alan Turing's death today, suicide was not a valid verdict and persecution was a factor.

Statistics tell us that 1 in 4 people experience a mental health problem in the UK each year. In the USA it is 26% of the adult population, each year. These may be long term conditions or they may be short term conditions. They may arise spontaneously or they may be arising from some kind of trauma, abuse or harassment in the home, workplace or some other context.

For large online communities, these statistics imply it is inevitable that some participants will be suffering from mental illness and others will have spouses, parents or children suffering from such conditions. These people will be acutely aware of the comments being made publicly about other people in the community. Social interaction also relates to the experience of mental illness, people who are supported by their community and society are more likely to recover while those who feel they are not understood or discriminated against may feel more isolated, compounding their condition.

As a developer, I wouldn't really like the idea of doctors meddling with my code, so why is it that some people in the IT and business community are so happy to meddle around in the domain of doctors, giving such strong opinions about something they have no expertise in?

Despite the tragic loss of life in Germanwings 9525, observing some of these other discussions that have taken place reminds me why Germany and some other countries do have such strict privacy laws for people who seek medical treatment.

(You can Follow or Tweet about this blog on Twitter)

Friday, 08 January 2016

About Cartes – the OSM app inside FirefoxOS marketplace

English Planet – Dreierlei | 00:40, Friday, 08 January 2016


After my first steps with Firefox OS, this time I looked out for a navigation app because proper navigation is to me among the most important services of a mobile phone. I navigated through Mozillas marketplace and so far there are Cartes, Bing Maps, traffc, Maps Online, Find Me Google, Compass +, zMaps and Easy Taxi. Unfortunately, you do not see which one are Free Software and which not. But, after reading the info-pages inside the market place, I found Cartes to be the only navigation app in the market place so far, that is Free Software. So I gave this one a try.

First, I love a lot that it comes with a very easy-to-use interface that is composed of simply one line where you can enter for example an address that you are looking for. Or two lines in case you look for a route. Basically like itself. This interface is so much easier to use than the one from my beloved Osmand, which has a much more complex and unintuitive interface. Actually, every time I look for an address in Osmand, I wish there would be something like an easy “one line interface” to find the address I am looking for …
However, I think the difference in search usability derives from one of the most important features that Osmand offers and Cartes not, at least not yet: Offline maps and navigation. Offline maps are much more powerful than online searches, they are faster and work without any dependency on your internet connection. Which is especially important when you are travelling and like to have a full navigation system without roaming charges – anywhere in the world. Also I have to admit that Osmand~ offers multiple times more features and functionality than Cartes, for example OpenStreetMap editing on your device.

But hey, Cartes is a good start and I would love to see further development to give Firefox OS users easy-to-use freedom to OpenStreetMap for their navigation instead of being tied to proprietary services. And, as I can see from updates, there is already a “First attempt at offline use, now viewed tiles are cached an can be reused offline”. Thanks, Maël Lavault, keep the good work going.
BTW: Interesting to see, that Cartes can display satellite images? Where does it take it from? Bing?

Thursday, 07 January 2016

Do you own your phone or does it own you? - fsfe | 15:05, Thursday, 07 January 2016

Have you started thinking about new year's resolutions for 2016? Back to the gym or giving up sugary drinks?

Many new year's resolutions have a health theme. Unless you have a heroin addiction, there may not be anything else in your life that is more addictive and has potentially more impact on your health and quality of life than your mobile phone. Almost every week there is some new report about the negative impact of phone use on rest or leisure time. Children are particularly at risk and evidence strongly suggests their grades at school are tanking as a consequence.

Can you imagine your life changing for the better if you switched off your mobile phone or left it at home for one day per week in 2016? If you have children, can you think of anything more powerful than the example you set yourself to help them stay in control of their phones? Children have a remarkable ability to emulate the bad habits they observe in their parents.

Are you in control?

Turning it off is a powerful act of showing who is in charge. If you feel you can't live without it, then you are putting your life in the hands of the people who expect an immediate answer of their calls, your phone company and the Silicon Valley executives who make all those apps you can't stop using.

As security expert Jacob Appelbaum puts it, cell phones are tracking devices that also happen to make phone calls. Isn't that a chilling thought to reflect on the next time you give one as Christmas gift?

For your health, your children and your bank balance

Not so long ago we were having lunch in a pizza restaurant in Luzern, a picturesque lakeside town at the base of the Swiss Alps. Luzern is a popular first stop for tourists from all around the world.

A Korean family came along and sat at the table next to us. After ordering their food, they all immediately took out their mobile devices and sat there in complete silence, the mother and father, a girl of eight and a boy of five, oblivious to the world around them and even each other, tapping and swiping for the next ten minutes until their food arrived.

We wanted to say hello to them, I joked that I should beep first, initiating communication with the sound of a text message notification.

Is this how all holidays will be in future? Is it how all families will spend time together? Can you imagine your grandchildren and their children sharing a meal like this in the year 2050 or beyond?

Which gadgets does Bond bring to Switzerland?

On Her Majesty's Secret Service is one of the more memorable Bond movies for its spectacular setting in the Swiss Alps, the location now transformed into a mountain-top revolving restaurant visited by thousands of tourists every day with a comfortable cable car service and hiking trails with breathtaking views that never become boring.

Can you imagine Bond leaving behind his gun and his skis and visiting Switzerland with a smartphone instead? Eating a pizza with one hand while using the fingertips of the other to operate an app for making drone strikes on villains, swiping through Tinder for a new girl to replace the one who died (from boredom) in his previous "adventure" and letting his gelati melt while engrossed in a downhill ski or motorcycle game in all the glory of a 5.7" 24-bit colour display?

Of course its absurd. Would you want to live like that yourself? We see more and more of it in people who are supposedly in Switzerland on the trip of a lifetime. Would you tolerate it in a movie? The mobile phone industry has paid big money to have their technology appear on the silver screen but audience feedback shows people are frustrated with movies that plaster the contents of text messages across the screen every few minutes; hopefully Bond movies will continue to plaster bullets and blood across the screen instead.

Time for freedom

How would you live for a day or a weekend or an entire holiday without your mobile phone? There are many small frustrations you may experience but the biggest one and the indirect cause of many other problems you will experience may be the inability to tell the time.

Many people today have stopped wearing a watch, relying instead upon their mobile phone to tell the time.

Without either a phone or a watch, frustration is not far away.

If you feel apprehension just at the thought of leaving your phone at home, the lack of a watch may be a subconcious factor behind your hesitation.

Trying is better than reading

Many articles and blogs give opinions about how to buy a watch, how much to spend and what you can wear it with. Don't spend a lot of time reading any of it, if you don't know where to start, simply go down to the local high street or mall and try them. Start with the most glamorous and expensive models from Swiss manufacturers, as these are what everything else is compared to and then perhaps proceed to look more widely. While Swiss brands tend to sell through the stores, vendors on Amazon and eBay now distribute a range of watches from manufacturers in Japan, China and other locations, such as Orient and Invicta, at a fraction of the price of those in the stores. You still need to try a few first to identify your preferred style and case size though. Google can also turn up many options for different budgets.

Copying or competition? Similarity of Invicta (from Amazon) and Rolex Submariner

You may not know whether you want a watch that is manually wound, automatically wound or battery operated. Buying a low-cost automatic model online could be a good way to familiarize yourself before buying anything serious. Mechanical watches have a smoother and more elegant second-hand movement and will survive the next Carrington event but may come to grief around magnets - a brief encounter with a low-cost de-gausser fixes that.

Is it smart to buy a smart watch?

If you genuinely want to have the feeling of complete freedom and control over technology, you may want to think twice about buying a smart watch. While it may be interesting to own and experiment with it some of the time, being free from your phone means being free from other electronic technology too. If you do go for a smart watch (and there are many valid reasons for trying one some of the time), maybe make it a second (or third) watch.

Smart watches are likely to be controversial for some time to come due to their impact in schools (where mobile phones are usually banned) and various privacy factors.

Help those around you achieve phone freedom in 2016

There will be further blogs on this theme during 2016, each looking at the pressures people face when with or without the mobile phone.

As a developer of communications technology myself, you may be surprised to see me encouraging people not to use it every waking minute. Working on this technology makes me more conscious of its impact on those around me and society in general.

A powerful factor to consider when talking about any communications technology is the presence of peer pressure and the behavior of those around you. Going phone-free may involve helping them to consider taking control too. Helping them out with a new watch as a gift (be careful to seek advice on the style that they are likely to prefer or ensure the purchase can be exchanged) may be an interesting way to help them engage with the idea and every time they look at the time, they may also be reminded of your concern for their freedom.

Wednesday, 06 January 2016

Want to use free software to communicate with your family in Christmas 2016? - fsfe | 12:25, Wednesday, 06 January 2016

Was there a friend or family member who you could only communicate with using a proprietary, privacy-eroding solution like Skype or Facebook this Christmas?

Would you like to be only using completely free and open solutions to communicate with those people next Christmas?


Even if you are not developing communications software, could the software you maintain make it easier for people to use "sip:" and "xmpp:" links to launch other applications? Would this approach make your own software more convenient at the same time? If your software already processes email addresses or telephone numbers in any way, you could do this.

If you are a web developer, could you make WebRTC part of your product? If you already have some kind of messaging or chat facility in your website, WebRTC is the next logical step.

If you are involved with the Debian or Fedora projects, please give and a go and share your feedback.

If you are involved with other free software communities, please come to the Free-RTC mailing list and ask how you can run something similar.

Everybody can help

Do you know any students who could work on RTC under Google Summer of Code, Outreachy or any other student projects? We are particularly keen on students with previous experience of Git and at least one of Java, C++ or Python. If you have contacts in any universities who can refer talented students, that can also help a lot. Please encourage them to contact me directly.

In your workplace or any other organization where you participate, ask your system administrator or developers if they are planning to support SIP, XMPP and WebRTC. Refer them to the RTC Quick Start Guide. If your company web site is built with the Drupal CMS, refer them to the DruCall module, it can be installed by most webmasters without any coding.

If you are using Debian or Ubuntu in your personal computer or office and trying to get best results with the RTC and VoIP packages on those platforms, please feel free to join the new debian-rtc mailing list to discuss your experiences and get advice on which packages to use.

Everybody is welcome to ask questions and share their experiences on the Free-RTC mailing list.

Please also come and talk to us at FOSDEM 2016, where RTC is in the main track again. FOSDEM is on 30-31 January 2016 in Brussels, attendance is free and no registration is necessary.

This mission can be achieved with lots of people making small contributions along the way.

Put Freedom into Firefox OS marketplace

English Planet – Dreierlei | 11:45, Wednesday, 06 January 2016

<figure class="wp-caption alignright" id="attachment_1169" style="width: 150px">Firefox OS Marketplace logo<figcaption class="wp-caption-text">Firefox OS Marketplace logo</figcaption></figure>My main interest towards Firefox OS derives from the fact that it is Free Software and that it is by Mozilla, an organisation that knows about the importance of free software and that fights for an “open web”. They also don’t hide that Mozilla heavily relies on Free Software technologies.

Given this background and the market share of Mozilla software – this leads me to the idea that Mozilla can play a crucial role in spreading software freedom into the mobile world and the world of connected devices. Even more as Mozilla publicly announced that they like to use Firefox OS as a Pivot to Connected Devices to

explore and prototype new use cases in the world of connected devices as an open source project with a clear focus on the user benefit and experience.

I like to argue, that a clear benefit to the user experience would be to easily find and use Free Software inside Firefox OS and therewith support Mozilla’s idea of “Open Web”. With the upcoming “internet of things”, it will be crucial that the people are in control of the technology and the devices that surrounds them. And as one simple but effective step towards that vision, I propose that Mozilla has a clearer information policy inside the Firefox OS market place. Please, add some information or label to make finding Free Software an easy thing. Make the use and the promotion of Free Software a concept inside Firefox OS, it’s market and add-ons. This would be a true benefit for the user.

About a Free Software information policy in Mozillas market place

<figure class="wp-caption alignright" id="attachment_1239" style="width: 212px">is not enough<figcaption class="wp-caption-text">is not enough</figcaption></figure>In the current state of Mozillas marketplace, the only information you can see is an “Install for free” label for apps inside the marketplace. I expect that “Install for free” shall mean that you do not have to pay for the software and that an alternative label will come up to show a price (have not seen other information label so far). If so, however, this information is too simple as it is only about price. And Free Software is not about price. It is about having control, independence from vendor lock-ins and computing in freedom. Aspects that are priceless.

Given that Mozilla assigns the market entry of Firefox OS to offer an open source operating system for mobile devices – the less I can understand that they put no emphasis on this in their market place. There is no information included, if an app is Free Software or not. Well, developers can add this information inside the free text in the “detailed” view of an app – but no chance for users to see it at a glance.

I will demonstrate this for the “maps & navigation apps” category in the marketplace, because navigation apps are to me one of the most useful technologies of a mobile device.
Now, if I look into the marketplace of Firefox OS, I have the choice between:

<figure class="wp-caption alignright" id="attachment_1161" style="width: 150px">Firefox OS marketplace - Maps & Navigation Apps 2016-01-01<figcaption class="wp-caption-text">Screenshot of Firefox OS marketplace – Maps & Navigation Apps on 2016-01-01</figcaption></figure>Cartes
Bing Maps
Maps Online
Find Me Google
Compass +
Easy Taxi

but I have no chance to see at a glance which of these apps are Free Software and which not. All appear to be the same in their service model, telling “Install for free”. But in fact, they are not the same.
Cartes, based on OpenStreetMap, is the only Free Software app – all others are proprietary and therewith in principle a threat to Mozillas “Open Web”. So why the hack not highlighting the fact that Cartes is Free Software / Open Source?

<figure class="wp-caption alignright" id="attachment_1240" style="width: 212px">example<figcaption class="wp-caption-text">(exemplary)</figcaption></figure>It could be so simple: Just adding a label or a symbol to mark Free Software would help users and developers so much to choose the road to freedom – in a simple way.

Doing so would help triple: Users could easily see where to go to exercise freedom, developers see where they can contribute or adapt and those who do not yet know or care about software freedom get an incentive to look what such a label refers too.


With Firefox OS, Mozilla has a good chance to spread freedom into the mobile world. A clear benefit to the user experience would be to easily find and use Free Software and therewith support Mozilla’s idea of “Open Web”.

Tuesday, 05 January 2016

Promoting free software and free communications on popular social media networks - fsfe | 14:27, Tuesday, 05 January 2016

(You can Follow or Tweet about this blog on Twitter)

Sites like Twitter and Facebook are not fundamentally free platforms, despite the fact they don't ask their users for money. Look at how Facebook's censors confused Denmark's mermaid statue with pornography or how quickly Twitter can make somebody's account disappear, frustrating public scrutiny of their tweets and potentially denying access to vital information in their "direct message" mailbox. Then there is the fact that users don't get access to the source code, users don't have a full copy of their own data and, potentially worst of all, if most people bothered to read the fine print of the privacy policy they would find it is actually a recipe for downright creepiness.

Nonetheless, a significant number of people have accounts in these systems and are to some extent contactable there.

Many marketing campaigns that have been successful today, whether they are crowdfunding, political activism or just finding a lost cat claim to have had great success because of Twitter or Facebook. Is this true? In reality, many users of those platforms follow hundreds of different friends and if they only check-in once a day, filtering algorithms show them only a small subset of what all their friends posted. Against these odds, just posting your great idea on Facebook doesn't mean that more than five people are actually going to see it. Those campaigns that have been successful have usually had something else going in their favour, perhaps it was a friend working in the media who gave their campaign a plug on his radio show or maybe they were lucky enough to be slashdotted. Maybe it was having the funds for a professional video production with models who pass off as something spontaneous. The use of Facebook or Twitter alone did not make such campaigns successful, it was just part of a bigger strategy where everything fell into place.

Should free software projects, especially those revolving around free communications technology, use such platforms to promote themselves?

It is not a simple question. In favour, you could argue that everything we promote through public mailing lists and websites is catalogued by Google anyway, so why not make it easier to access for those who are on Facebook or Twitter? On top of that, many developers don't even want to run their own mail server or web server any more, let alone a self-hosted social-media platform like Even running a basic SIP proxy server for the large Debian and Fedora communities involved a lot of discussion about the approach to support it.

The argument against using Facebook and Twitter is that you are shooting yourself in the foot, when you participate in those networks, you give them even more credibility and power (which you could quantify using Metcalfe's law). The Metcalfe value of their network, being quadratic rather than linear, shoots ahead of the Metcalfe value of your own solution, putting your alternative even further out of reach. On top of that, the operators of the closed platform are able to evaluate who is responding to your message and how they feel about it and use that intelligence to further undermine you. In some cases, there may be passive censorship, such as WhatsApp silently losing messages that link to rival Telegram.

How do you feel about this choice? How and when should free software projects and their developers engage with mainstream social media technology? Please come and share your ideas on the Free-RTC mailing list or perhaps share and Tweet them.

OpenStreetMap editing “to go” – adding locations to OSM with Android

English Planet – Dreierlei | 11:03, Tuesday, 05 January 2016

Since I realized how easy it is to contribute anytime spontaneously to OpenStreetMap with your Android device, I wrote a how-to add locations to OpenStreetMap with Android (or an Android custom-ROM) in my OSM-profile. It is fun, easy and free.
This way I hope to inspire other people to take their mobile once in a while and to map the world together. This blog post is a duplicate of my profile information:

Installing Osmand~

Get F-Droid, the Free Software repository app. You can download the .apk directly from the home page and need to install it on your Android. If you encounter installation/permission problems, you most probably need to trust “unknown sources” first. Don’t panic : ) no harm involved.

F-Droid is an “alternative market place”, that only offers Free Software (as in Freedom). Others call it “Open Source”. For various reasons, Free Software is to be considered a good thing : )

Inside F-Droid, search for “Osmand”

and install “Osmand~”.
Don’t get confused by other apps : )

Get an account for OpenStreetMap

  1. Visit and go for -> “sign up”.
  2. Fill in the form – it’s free.
  3. After that, confirm your account and you are done


Enable editing OpenStreetMap inside Osmand~

I made a Screenshot-story below this paragraph. Telling it in textform and in a nutshell, you need to go to the menu (the button in bottom-left corner), go for settings (the gear wheel in the upper right corner). Now go for Plugins -> OSM editing -> Enable. After that go into the settings on the same page and fill in your OSM user name, your OSM password and check “Offline editing”.


Go to preferences in the upper right corner

Go for Plugins

Enable OSM editing

Again, go into settings

Fill in your Username + Password. If you like you can check “offline editing”. That means that you add your locations in offline mode first and later, at any point in time, you can decide to upload them. I usually check this box because I love mapping while I travel and due to roaming charges I am in offline mode anyway.

Adding a location

Now it’s time to do your first addition. choose a location that does not yet exist in OpenStreetmap but you see a non-described building. Or an already described building that is simply missing your information about the location. Usually it is some kind of business (Bar, Laundry, Post office, …), service (Agency, Administration, Church …) or public (Park, Station, …)

To add a location, find the explanation in Screenshots again:

OpenStreetMap is built on points and lines. All together they form areas like streets, buildings, countries and seas. Such areas can have meta information like a street name or a countrys name.
If you like to add any information on top of that (like a bar in building or a shop inside a building), you have to add additional meta information to a location. To add this information, you have to create a so called “point of interest” (in short: POI). To do so, long press the location you like add information to until you see the black information box appearing.

Press the black info box and you see a context menu popping up. From here, choose “Create POI” (see the grey background color in the screenshot)

Another window will open to let you fill in all kinds of information about this POI. You always need to fill in a NAME and a CATEGORY or you will not be able to save the POI. You get suggestions for categories via typing and I suggest you choose one of them. All other information is not needed to create a POI but of course appreciated.

If you have chosen to upload your locally saved POIs later, then after filling in the information and having saved the POI, you should see a green marker that shows your newly added POI. Else, it will be uploaded directly.

Later Uploading a location

Depending on your settings you directly upload your Point of interest or you have chosen to do so later. You can change it any time by checking/unchecking in Plugins -> OSM editing -> Settings -> Offline editing

I choose “Offline editing” to upload my content later. First, because I love mapping while I travel and often I resist to pay roaming service and I am in offline mode anyway. But also because I like to upload some points later at the same time. I can see them 5 minutes later appearing in my browser and I can improve or correct them if necessary.

Here is how to upload your locations:

Go to Plugins -> OSM editing -> Settings -> Locally saved OSM POIs/Notes

Here you see your recently marked POIs that are locally saved but not yet uploaded.

In case you have more than one, you can choose to either upload them entry by entry or in a whole with the upload-button in the bottom-left corner.


Hey, well done! Thank you for contributing. Go, check and see your places magically appear in the next minutes. Don’t forget to renew the page from time to time while waiting : )

Multi-End Message and Object Encryption. What?

nikos.roussos - opensource | 03:41, Tuesday, 05 January 2016

So, many people promoting Signal over Jabber/OTR for its usability and security features (besides all caveats). Most of these features are offered due the Axolotl Ratchet protocol.

What if this protocol was implemented as an extension to Jabber? This would combine all best things from both worlds. Offline (encrypted) messages, multiple devices, better mobile integration but on the same time decentralized federated service. Well it’s done. Meet OMEMO.

Conversations on Android already supports it, ChatSecure is implementing it too and tickets are already opened on Pidgin and Tor Messenger. Gajim is currently the only desktop app that supports it (through a plugin), but if you want to have OTR too then Gajim is not an option since its OTR plugin is unmaintained.

I’ve been testing Conversations/OMEMO over the last week and it works great. So maybe in a few months we’ll have something truly secure, decentralized and usable to suggest to our friends ;) Or just suggest Conversations to the most brave of your friends.


Comments and reactions on Diaspora or Twitter

Monday, 04 January 2016

I am Using Let’s Encrypt on my server now

Hook’s Humble Homepage | 23:45, Monday, 04 January 2016

I just moved my web server’s SSL/TLS certificates to Let’s Encrypt and I am positively surprised how relatively easy it was.

In all honesty, it started as a simple “Hullo! What’s this all about?” and after toying with it a bit, I decided to simply use it to replace all my and StartSSL certificates.

For those who have not heard yet, “Let’s Encrypt is a new Certificate Authority, [which] is free, automated and open” run by Internet Security Research Group as a Linux Foundation Collaborative Project with many big name supporters.

Basically they are trying to substitute going through the yearly chore of logging in and filling in online forms on a traditional CA’s website every year for every domain you own and in the process even pay for the service. What they came up with is an automated system where you get everything done in a matter of minutes (seconds?) from the CLI and even renew simply with a cronjob.

After fumbling about a bit and asking for help on #nginx the wonderful FinalX suggested that I follow John Maguare’s tutorial and even suggested how to tweak it in order to fit my system. That worked pretty well ☺

Caveat (in 0.1.1):

  • the web server automatic set-up currently works only for Apache, but Nginx is planned next – you can still use it to generate keys for any web server regardless and write the web server config by hand (never a bad idea);
  • if it is not packaged in your distro, you can expect some twiddling to set it up – the official source package does have an auto-install command, but currently it supports only a few distros;
  • the current version is actually called 0.1.1-corrected, which probably caused problems with some distros (e.g. it did for Gentoo);
  • it does not support domain wildcards – but you can always extend your cert with additional domains, so no biggie;
  • it does not support international domain names yet;
  • yes, it is beta, but as Roland Bracewell Shoemaker explained in his “Let’s Encrypt – What launching a free CA looks like” talk at the 32C3, they are aiming at a long beta period, similar to the one Google used for GMail.

hook out → sniffling due to cold

Sunday, 03 January 2016

My first impressions using Firefox OS 2.6

English Planet – Dreierlei | 22:24, Sunday, 03 January 2016

FirefoxOS - PR logo
Update: After feedback from the community I updated some information using quotes.

Thanks to @ensowhat, I am now taking part in Mozillas Foxfooding program with a Sony Xperia Z3 and Firefox OS 2.6 by Mozilla. While I am testing Firefox OS, I will share my experiences in dedicated blog posts.

Here is some general feedback after my first hours:

  • Flashing the device (Sony Xperia Z3) seems to be among the easiest things to do. I guess Valentin had some special script to do it, but still, it was a 3 minute job and it was running more or less automatically. If I remember the efforts we had and still have to flash Custom Android ROMs on phones … Especially on Sony devices who do developers a really hard job by heavily protecting their hardware with “DRM security keys”.
  • <figure class="wp-caption alignleft" id="attachment_1146" style="width: 150px">The default Firefox OS keyboard<figcaption class="wp-caption-text">The default Firefox OS keyboard</figcaption></figure> The default keyboard is a pain in the a** and I couldn’t find an alternative in the marketplace to fix it: There is no left or right arrow to move your cursor in its position. If you have big fingers like I have, it can drive you crazy to strike the position you are aiming at.
    It also comes with – in comparison to the default Android keyboard – very few double assignments (long pressing a letter key). That makes you need to change the keyboard layout to – for example – simply type in some numbers.
  • Home screen is not very customizable. All your apps will automatically appear on your home screen and you can only choose their order and the amount of columns to list them. When I go for Settings -> Home Screens -> Change Home Screen -> Get more Home Screens I get into the market place in “Popular Homescreens” where it says “The list returned no results”. So, got to stick to that default Home Screen.
  • You can choose “Legacy Home Screen” which is more customizable. I like that you can define “areas” and choose if their app icons should appear big or small. I Like it.

  • Navigation: Before I will have a final thought on this, I need more experience with the navigation logic of Firefox OS. However, coming from an Android OS, the navigation is quite different. Especially, I miss a general “go back” button. When you keep inside one App in Firefox OS, you usually find a back navigation button on the top left screen, shown as an arrow to the left. But if you click on something that leads to from one app to the other, there will be no back button displayed.
    In the beginning this drove me crazy until I realized the “Edge Swipe Navigation”. This functionality lets you jump from one app to the other by dragging from the left or right edge of the screen. This actually is a nice way for navigation and I start to like it. I only wonder if the edge wipe navigation also means that all these apps keep to be open at the same time and this is eating more battery and power?
  • In the market place, inside Add-Ons, you find “Back Button” by Shing Lui. Great idea, but still is a bit buggy, by not sending me back sometimes and sending me to another app instead. I Keep testing.

  • firefox-os-privacy-settingsGood to see that “App permissions” are integrated in the “Privacy and Security” category inside the system settings, where you can allow or disallow certain permissions to certain apps. In the same category you also find “Do not track”, a feature to let websites know you do not like to be tracked.

I will keep sharing what I find when I dig deeper into the system.

Saturday, 02 January 2016

The great life of Ian Murdock and police brutality in context - fsfe | 20:45, Saturday, 02 January 2016


(You can Follow or Tweet about this blog on Twitter)

Over the last week, people have been saying a lot about the wonderful life of Ian Murdock and his contributions to Debian and the world of free software. According to one news site, a San Francisco police officer, Grace Gatpandan, has been doing the opposite, starting a PR spin operation, leaking snippets of information about what may have happened during Ian's final 24 hours. Sadly, these things are now starting to be regurgitated without proper scrutiny by the mainstream press (note the erroneous reference to SFGate with link to, this is British tabloid media at its best).

The report talks about somebody (no suggestion that it was even Ian) "trying to break into a residence". Let's translate that from the spin-doctor-speak back to English: it is the silly season, when many people have a couple of extra drinks and do silly things like losing their keys. "a residence", or just their own home perhaps? Maybe some AirBNB guest arriving late to the irritation of annoyed neighbours? Doesn't the choice of words make the motive sound so much more sinister? Nobody knows the full story and nobody knows if this was Ian, so snippets of information like this are inappropriate, especially when somebody is deceased.

Did they really mean to leave people with the impression that one of the greatest visionaries of the Linux world was also a cat burglar? That somebody who spent his life giving selflessly and generously for the benefit of the whole world (his legacy is far greater than Steve Jobs, as Debian comes with no strings attached) spends the Christmas weekend taking things from other people's houses in the dark of the night? The report doesn't mention any evidence of a break-in or any charges for breaking-in.

If having a few drinks and losing your keys in December is such a sorry state to be in, many of us could potentially be framed in the same terms at some point in our lives. That is one of the reasons I feel so compelled to write this: somebody else could be going through exactly the same experience at the moment you are reading this. Any of us could end up facing an assault as unpleasant as the tweets imply at some point in the future. At least I can console myself that as a privileged white male, the risk to myself is much lower than for those with mental illness, the homeless, transgender, Muslim or black people but as the tweets suggest, it could be any of us.

The story reports that officers didn't actually come across Ian breaking in to anything, they encountered him at a nearby street corner. If he had weapons or drugs or he was known to police that would have almost certainly been emphasized. Is it right to rush in and deprive somebody of their liberties without first giving them an opportunity to identify themselves and possibly confirm if they had a reason to be there?

The report goes on, "he was belligerent", "he became violent", "banging his head" all by himself. How often do you see intelligent and successful people like Ian Murdock spontaneously harming themselves in that way? Can you find anything like that in any of the 4,390 Ian Murdock videos on YouTube? How much more frequently do you see reports that somebody "banged their head", all by themselves of course, during some encounter with law enforcement? Do police never make mistakes like other human beings?

When a felon is convicted of a crime, there is always a lot of discussion about whether they apologize and show remorse. What is staggering about police communications, like this one, is that there is never any hint that they may have any responsibility, nobody saying "he was in our care, and we failed", no sign of regret or humility.

If any person was genuinely trying to spontaneously inflict a head injury on himself, as the police have suggested, why wouldn't the police leave them in the hospital or other suitable care? Do they really think that when people are displaying signs of self-harm, rounding them up and taking them to jail will be in their best interests?

Now, I'm not suggesting this started out with some sort of conspiracy. Police may have been at the end of a long shift (and it is a disgrace that many US police are not paid for their overtime) or just had a rough experience with somebody far more sinister. On the other hand, there may have been a mistake, gaps in police training or an inappropriate use of a procedure that is not always justified, like a strip search, that causes profound suffering for many victims.

A select number of US police forces have been shamed around the world for a series of incidents of extreme violence in recent times, including the death of Michael Brown in Ferguson, shooting Walter Scott in the back, death of Freddie Gray in Baltimore and the attempts of Chicago's police to run an on-shore version of Guantanamo Bay. Beyond those highly violent incidents, the world has also seen the abuse of Ahmed Mohamed, the Muslim schoolboy arrested for his interest in electronics and in 2013, the suicide of Aaron Swartz which appears to be a direct consequence of the "Justice" department's obsession with him.

What have the police learned from all this bad publicity? Are they changing their methods, or just hiring more spin doctors? If that is their response, then doesn't it leave them with a cruel advantage over those people who were deceased?

Isn't it standard practice for some police to simply round up anybody who is a bit lost and write up a charge sheet for resisting arrest or assaulting an officer as insurance against questions about their own excessive use of force?

When British police executed Jean Charles de Menezes on a crowded tube train and realized they had just done something incredibly outrageous, their PR office went to great lengths to try and protect their image, even photoshopping images of Menezes to make him look more like some other suspect in a wanted poster. To this day, they continue to refer to Menezes as a victim of the terrorists, could they be any more arrogant? While nobody believes the police woke up that morning thinking "let's kill some random guy on the tube", it is clear they made a mistake and like many people (not just police), they immediately prioritized protecting their reputation over protecting the truth.

Nobody else knows exactly what Ian was doing and exactly what the police did to him. We may never know. However, any disparaging or irrelevant comments from the police should be viewed with some caution.

The horrors of incarceration

It would be hard for any of us to understand everything that an innocent person goes through when detained by the police. The recently released movie about The Stanford Prison Experiment may be an interesting place to start, a German version produced in 2001, Das Experiment, is also very highly respected.

The United States has the largest prison population in the world and the second-highest per-capita incarceration rate. Many, including some on death row, are actually innocent, in the wrong place at the wrong time, without the funds to hire an attorney. The system, and the police and prison officers who operate it, treat these people as packages on a conveyor belt, without even the most basic human dignity. Whether their encounter lasts for just a few hours or decades, is it any surprise that something dies inside them when they discover this cruel side of American society?

Worldwide, there is an increasing trend to make incarceration as degrading as possible. People may be innocent until proven guilty, but this hasn't stopped police in the UK from locking up and strip-searching over 4,500 children in a five year period, would these children go away feeling any different than if they had an encounter with Jimmy Saville or Rolf Harris? One can only wonder what they do to adults.

What all this boils down to is that people shouldn't really be incarcerated unless it is clear the danger they pose to society is greater than the danger they may face in a prison.

What can people do for Ian and for justice?

Now that these unfortunate smears have appeared, it would be great to try and fill the Internet with stories of the great things Ian has done for the world. Write whatever you feel about Ian's work and your own experience of Debian.

While the circumstances of the final tweets from his Twitter account are confusing, the tweets appear to be consistent with many other complaints about US law enforcement. Are there positive things that people can do in their community to help reduce the harm?

Sending books to prisoners (the UK tried to ban this) can make a difference. Treat them like humans, even if the system doesn't.

Recording incidents of police activities can also make a huge difference, such as the video of the shooting of Walter Scott or the UK police making a brutal unprovoked attack on a newspaper vendor. Don't just walk past a situation and assume everything is under control. People making recordings may find themselves in danger, it is recommended to use software that automatically duplicates each recording, preferably to the cloud, so that if the police ask you to delete such evidence, you can let them watch you delete it and still have a copy.

Can anybody think of awards that Ian Murdock should be nominated for, either in free software, computing or engineering in general? Some, like the prestigious Queen Elizabeth Prize for Engineering can't be awarded posthumously but others may be within reach. Come and share your ideas on the debian-project mailing list, there are already some here.

Best of all, Ian didn't just build software, he built an organization, Debian. Debian's principles have helped to unite many people from otherwise different backgrounds and carry on those principles even when Ian is no longer among us. Find out more, install it on your computer or even look for ways to participate in the project.

Friday, 01 January 2016

Term Limited

Bits from the Basement | 18:39, Friday, 01 January 2016

I woke up this morning and realized that for the first time since 17 April 2001, I am no longer a member of the Debian Technical Committee.

My departure from the committee is a consequence of the Debian General Resolution "limiting the term of the technical committee members" that was passed amending the Debian Constitution nearly a year ago. As the two longest-serving members, both over the term limit, Steve Langasek and I completed our service yesterday.

In early March 2015, I stepped down from the role of chairman after serving in that role for the better part of a decade, to help ensure a smooth transition. Don Armstrong is now serving admirably in that role, I have the utmost respect for the remaining members of the TC, and the process of nominating replacements for the two now-vacant seats is already well underway.

So, for the Debian project as a whole, today is really a non-event... which is exactly as it should be! Debian has been a part of my life since 1994, and I sincerely hope to be able to remain involved for many years to come!

Planet Fellowship (en): RSS 2.0 | Atom | FOAF |

  /127.0.0.?  /var/log/fsfe/flx » planet-en  Albrechts Blog  Alessandro at FSFE » English  Alessandro's blog  Alina Mierlus - Building the Freedom » English  André on Free Software » English  Being Fellow #952 of FSFE » English  Bela's Internship Blog  Bernhard's Blog  Bits from the Basement  Björn Schießle's Weblog » English  Blog of Martin Husovec  Blog » English  Bobulate  Brian Gough's Notes  Carlo Piana :: Law is Freedom ::  Ciarán's free software notes  Colors of Noise - Entries tagged planetfsfe  Communicating freely  Computer Floss  Daniel Martí's blog - fsfe  Don't Panic » English Planet  ENOWITTYNAME  Elena ``of Valhalla''  English Planet – Dreierlei  Escape to freedom  FLOSS – Creative Destruction & Me  FSFE Fellowship Vienna » English  FSFE interviews its Fellows  Fellowship News  Florian Snows Blog » en  Frederik Gladhorn (fregl) » FSFE  Free Software & Digital Rights Noosphere  Free Software with a Female touch  Free Software –  Free Software – hesa's Weblog  Free as LIBRE  Free speech is better than free beer » English  Free, Easy and Others  From Out There  GLOG » Free Software  Graeme's notes » Page not found  Green Eggs and Ham  Handhelds, Linux and Heroes  Heiki "Repentinus" Ojasild » English  HennR's FSFE blog  Henri Bergius  Hook’s Humble Homepage  Hugo - FSFE planet  I LOVE IT HERE » English  Inductive Bias  Jelle Hermsen » English  Jens Lechtenbörger » English  Karsten on Free Software  Losca  Marcus's Blog  Mario Fux  Mark P. Lindhout’s Flamepit  Martin's notes - English  Matej's blog » FSFE  Max's weblog » English  Myriam's blog  Mäh?  Nice blog  Nico Rikken » fsfe  Nicolas Jean's FSFE blog » English  PB's blog » en  Paul Boddie's Free Software-related blog » English  Pressreview  Rekado  Riccardo (ruphy) Iaconelli - blog  Saint's Log  Seravo  Technology – Intuitionistically Uncertain  The Girl Who Wasn't There » English  The trunk  Thib's Fellowship Blog » fsfe  Think. Innovation. » Blog  Thinking out loud » English  Thomas Koch - free software  Thomas Løcke Being Incoherent  Told to blog - Entries tagged fsfe  Tonnerre Lombard  Torsten's FSFE blog » english  Viktor's notes » English  Vitaly Repin. Software engineer's blog  Weblog  Weblog  Weblog  Weblog  Weblog  Weblog  Weblog  Werner's own blurbs  With/in the FSFE » English  a fellowship ahead  agger's Free Software blog  anna.morris's blog  ayers's blog  bb's blog  blog  drdanzs blog » freesoftware  emergency exit  free software blog  freedom bits  gollo's blog » English  irl:/dev/blog » fsfe-planet  julia.e.klein's blog  marc0s on Free Software  mkesper's blog » English  nikos.roussos - opensource  pichel's blog  rieper|blog » en  softmetz' anglophone Free Software blog  stargrave's blog  the_unconventional's blog » English  things i made  tobias_platen's blog  tolld's blog  wkossen's blog  yahuxo's blog