Planet Fellowship (en)

Sunday, 14 February 2016

iloveFS 2016: Thank you OpenWRT developers!

Being Fellow #952 of FSFE » English | 12:26, Sunday, 14 February 2016

For this years “I love Free Software Day” I decided to express my gratitude to OpenWRT, a free firmware/OS for routers. It runs on almost any hardware, recently even on a 9$ Wifi SDcard reader which may be used as a mobile AP that way.

My router at home has been running on it for years now and I haven’t had ANY trouble with it ever since I flashed it. (OK, I messed up the config once but I can’t blame OpenWRT for that). I used to reboot it every two weeks or so with the stock firmware.

flattr this!

Happy #ilovefs

Elena ``of Valhalla'' | 10:12, Sunday, 14 February 2016

Happy #ilovefs

Happy I love Free Software Day https://fsfe.org/campaigns/ilovefs/2016/!

Immagine/fotohttp://ilovefs.org

My life has been full of Free Software for more than 15 years and listing all the software and projects I've used or interacted with would take a long post (and I would be sure to forget someone), so if you are reading this and are involved in Free Software: thank you! I may have used your work in the past, I may be using it some time in the future, or I may never use it personally, but you are making the world I live in a better place anyway.

Special thanks go to the local LUGs, where I've met my SO and to the @Debian project, where I've met a few people I can call friends.

@LIFO @Gruppo Linux Como #ilovefs

I love Free Software (Apps)

English – Max's weblog | 09:00, Sunday, 14 February 2016

Yoda-ilovefsDo you know being in a restaurant and getting a menu which is longer than the average novel, and you cannot decide for a single meal because every single one sounds more delicious than the other? That’s similar to the problem I was having when writing this blog post…

Today is the „I love Free Software“ day, on which people all over the world say „thank you“ to contributors of Free Software, often created in free time and with lots of passion. This is software you can use for any purpose, which source code you or others can analyse, which can be modified and distributed – any program respecting these essential freedoms benefits a fair society, and our most personal privacy and security in return.

After I thanked ZNC and Taskwarrior last Valentine’s Days, this year I want to focus on software running on the device that’s almost always in my pocket. My mobile phone is the gatekeeper of most of my communication: short messages, pictures, emails, social media, todo lists, calendar… it’s amazing thinking about what this tiny computer has to achieve to satisfy my needs. But of course, I also want to use as much Free Software as possible to secure my sensitive data. And because of that I cannot name a single software but have to list a few which I depend on almost every single day, and I want to sincerely thank the people contributing to them!

The foundation

With mobile phones it’s not easy to have a completely free operating system platform, depending on your phone model. For mine, I chose OmniROM, which still contains some non-free firmware but is as much Free Software as possible. And it works like a charm, having lots of nice features, a broad device compatibility, and actively development team.

Because I want to avoid non-free software and services which use my most sensitive data for their profit, I avoid Google and similar products as much as possible. Because of that, I do not load my application from Google Play but from F-Droid, an app „store“ offering Free Software apps only! Right now there are far over 1000 apps available, most of them fulfilling high quality requirements. All the apps I’ll list below can be found there.

My big five

I use my mobile phone for communication and information purposes. So K-9 Mail is my sanctuary, enabling me to receive and send, de- and encrypt my emails. Admittedly, the user interface isn’t the best, some things can get on your nerves (organising many folders…), but it just works. That’s an attribute I learnt to value.

The next layer is short texts communication. Since almost nobody in my circle of acquaintances uses oldschool short messages anymore, I switched most of my chitchat communication over to LibreSignal, a Google-dependency-freed fork of Signal, providing very strong encryption and a great and easy user interface at the same time. At the same time I still use Telegram (non-free server) and WhatsApp (absolutely bad) because it’s hard to convince all the contacts you have. But it’s nice to see how many people switched over to better alternatives meanwhile. And with Twidere, I can manage my GnuSocial and Twitter accounts easily with lots of features. And if you are still forced to use Facebook, try Face Slim.

As a scout, many people seem to think that I always know any direction. In the old days I had to navigate using stars and moss on stones, but nowadays I just pick my ultimate compass and can lead the way thanks to OsmAnd and Transportr. The former enables me to download offline vector maps, navigate on them, find points of interest (bars, shops, bus stops – and bars), with the latter I can use the public transport system of almost every larger city in Europe using a neat and fast-responding interface. And the best thing: It even works in areas without sun, stars, or moss-grown stones. But well, without battery…

The small things

F-Droid also contains a myriad of small jewels, nice tools for the even most absurd needs and situations most of us are confronted with not more than once in our lifetime. Not so absurd but also quite helpful for me are primitive ftpd, SMS Backup+, JAWS, and Port Authority. The first starts a small (S)FTP server which I can connect to using a client like Filezilla on my desktop computer, so I can exchange huge amounts of files faster than via Bluetooth. SMS Backup+ backups – surprise surprise – SMSs. But it uploads (and restores) them (and also call logs) to any IMAP folder you define, which comes in handy when you want to search your SMSs quickly at your computer in your email client. JAWS and Port Authority are small tools to debug networks. The former shows all nearby Wifi networks, their signal strength and BSSID. The latter allows you to see all devices in the network including MAC address or open ports.

Conclusion

So you see, Free Software is everywhere and you can do great things with it. Everytime I can replace another non-free and privacy-disrespecting service with Free Software, it makes my day. I hope I can give some of this joy today to the people making this possible!

Transportr – the public transport app

I LOVE IT HERE » English | 07:05, Sunday, 14 February 2016

Today I want to thank Torsten Grote for his work on Transportr, a Free Software public transport program for Android. heart out of transpotr logos As there are so many amazing Free Software contributors out there, it is always difficult for me to decide what I want to write about on the “I love Free Software Day”. In the past I thanked GnuPG contributors, developers of programs I use for my music setup, a coreboot developer, and others. As I try to travel as much as possible with public transportation, Transportr is one of the most useful programs on my mobile phone. So here a short overview so you understand why I dedicated this post to Torsten.

First of all, Transportr gives you access to travel information for many different public transportation providers all over the world. You do not have to install and update several apps for all the public transport providers in different countries and cities.

image

After you selected them once, you can afterwards switch between them easily.

image

You can search for nearby stations. For example which stations are available around FSFE’s Berlin office.

image

As well as display them with OpenStreetmap data.

You can have a look at all departures from a train stop.

image

And of course find connections between two locations. For example from FSFE’s Berlin office to Brussels.

image

image

When you decided which train you want to take, you can add the connection to your calendar with a click on the upper right, as well as regularly update the connection to see if there are any delays.

image

If you like what you saw, you can install Transportr from F-Droid.

Thank you Torsten! Thank you for this wonderful piece of Free Software, which makes my life easier!

Saturday, 13 February 2016

Make Your Own Personal Banner for I Love Free Software Day

Florian Snows Blog » en | 18:52, Saturday, 13 February 2016

For this year’s I love Free Software day on February 14, I decided to design a couple of banners with a heart theme. Well, actually it wasn’t originally meant that way, but it was an idea for a different campaign and the heart shape was popular enough to make it into it’s own banner.

So you want to have your own banner?  It’s easy:  Just download one of the following SVGs, paste an appropriate photo of you into the file in Inkscape, an amazing Free Software vector graphics editor, select “Object” -> “Lower to bottom”, change the text and name, and you’re done.  You can then select “File” -> “Export PNG image”, click on page, set the size you want, and click on “Export”.  Now you have an image you can share with others.

Here are the files:

The files without any names (the ones that say “Jane Doe”) and without personal pictures are licensed under a Creative Commons Attribution 4.0 International License. It’s ok to only attribute in the metadata and if that gets lost on some platforms, that’s ok. I encourage you to share changes with others, but I cannot enforce it because I want you to be able to relicense the banners with your name and image under a Creative Commons Attribution-NoDerivatives 4.0 International License; this is what the banners with personal images or names here are licensed under.  Feel free to share those on any platform, but you may not change them so you cannot make statements on behalf of the people named or depicted.

Here are some example banners (you can share those) that we set up in our local FSFE group:

banner christian

banner Christianbanner Florianbanner Florianbanner florianbanner Florian

By the way, the 1s and 0s in the heart shape spell “FREEDOM” in ASCII. Really nerdy, huh?

Friday, 12 February 2016

The next Generation of Code Hosting Platforms

English – Björn Schießle's Weblog | 19:30, Friday, 12 February 2016

Source Code

CC BY-SA 2.0 by
Christiaan Colen

The last few weeks there has been a lot of rumors about GitHub. GitHub is a code hosting platform which tries to make it as easy as possible to develop software and collaborate with people. The main achievement from GitHub is probably to moved the social part of software development to a complete new level. As more and more Free Software initiatives started using GitHub it became really easy to contribute a bug fix or a new feature to the 3rd party library or application you use. With a few clicks you can create a fork, add your changes and send them back to the original project as a pull request. You don’t need to create a new account, don’t need to learn the tools used by the project, etc. Everybody is on the same platform and you can contribute immediately. In many cases this improves the collaboration between projects a lot. Also the ability to mention the developer of other projects easily in your pull request or issue improved the social interactions between developers and makes collaboration across different projects the default.

That’s the good parts of GitHub, but there are also bad parts. GitHub is completely proprietary which makes it impossible to fix or improve stuff by yourself or run it by your own. Benjamin Mako Hill already argued 2010 why this is a problem and why Free Software needs free tools. More and more people seems to realize that this can create serious problems and a large group of active and influential GitHub users sent a letter to GitHub which ends with:

“Hopefully none of these are a surprise to you as we’ve told you them before. We’ve waited years now for progress on any of them. If GitHub were open source itself, we would be implementing these things ourselves as a community — we’re very good at that!”

I can’t stress this argument enough. The Free Software community is a community of people who are used to do stuff and don’t just consume it. If we use a third party library and find a bug or need a feature we don’t just complain, instead we look at the code, try to fix it and provide a patch to upstream. We could do the same for the tools we use. But we need to be able to do it. It has to be Free Software.

Now a lot of rumors and discussion evolved around the news that GitHub is undergoing a full-blown overhaul as execs and employees depart. Some people even predict that this will be the end of GitHub.

Wait for it. Three months from now, GitHub introduces "features" no-one wants or needs. 12 months from now, the exodus.

— Pieter Hintjens (@hintjens) February 7, 2016

It seems that many people underestimated the lock-in effect of the new hosting platforms such as GitHub for a long time. Now they start to realize that it might be easy to export the git repository but what about the issue tracker, the wiki, CI integration, all the social interaction and collaboration between the projects, all the useful scripts written for the GitHub-API? You can’t clone all this stuff easily and move on.

I don’t want to go deeper into the discussion about what’s going on at GitHub and what will happen next. There are plenty of articles and discussions about it, you can read some of them if you follow the links in this blog.

At the moment the ESLint initiative discusses the option to move away from GitHub and by reading the comments you can get a idea about the lock-in effect I’m talking about. With the growing dissatisfaction and with people realizing that they are sitting in a “golden cage” I have the feeling that we might have a opportunity to think about the next generation of code hosting platforms and how they should look like.

Some of you may remember how Git come into existence, the tool which is used as the underlying technology of GitHub. Ironically, Git was born because of quite similar reasons for which the next generation source code hosting platforms might arise. Before Git, the Linux-Kernel developer community used BitKeeper. BitKeeper is a proprietary source control management system. The developer decided to use it because from a technical point of view BitKeeper was so much better than what we had until then, mainly SVN and CVS. The developer enjoyed the tool and didn’t thought about the problems such a dependency could create. At some point the copyright holder of BitKeeper had withdrawn gratis use of the product after claiming that Andrew Tridgell had reverse-engineered the BitKeeper protocols. The Linux-Kernel community had to move on and Linus Torvalds wrote Git.

Back to the next generation of source code hosting and collaboration platforms. It is easy to find Free Software to run your own git repository, a issue tracker and a wiki. But in 2016 I think that this is no longer enough. As described before, the crucial part is to connect software initiatives and developer to make the interaction between them as easy as possible. That’s why traditional code hosting platforms like for example Savannah are no longer a real option for many projects. I think the next generation code hosting platform needs to work in a decentralized way. Every project should be able to either host its own platform or chose a provider freely without loosing the connection to other software initiatives and developers. This development, from proprietary and centralized solutions to centralized Free Software solutions to federated Free Software solutions is something we already saw in the area of social networks and cloud services. Maybe it is worth looking at what they already achieved and how they did it.

To make the same transition happen for code hosting platforms we need implementations based on Free Software, Open Standards and protocols which enabled this kind of federation. The good news is that we already have most of them. Git by itself is already a distributed revision control system and doesn’t need a central server for collaboration. What’s missing is a nice web interfaces to glue all this parts together: a issue tracker, a wiki, good integration in Free Software CI tools, good APIs and of course Git. This will enable us to fork projects across servers, send pull requests, interact with the other developers and comment on issues no matter if they are on the same server or not. Chances are high that we will already find a suitable protocol by looking at the large amount of federated social networks. By choosing a exiting protocol of a established federated social network we could even provide a tight integration in traditional social networks which could provide additional benefits beyond what we already have. The hard part will be to pull all this together. Will it happen? I don’t know. But I hope that after we have seen the raise and fall of SourceForge, Google Code and maybe at some point GitHub we will move on to create something more sustainable instead of building the next data silo and wait until it fails again.

Will you be my cryptovalentine?

nikos.roussos - opensource | 06:01, Friday, 12 February 2016

cryptovalentine

Roses are red, violets are blue; I use free software to encrypt my online communication and so should you.

Over the last few year Free Software Foundation Europe runs a campaign called "I love Free Software Day". It's an opportunity to share your appreciation (or love) with the developers of your favorite Free Software project. So after you are done reading this post, choose your favorite project and send its developer(s) an appreciation email.

Last year Zak Rogoff , had a great similar idea. On a post he wrote he suggested we use the Valentine's Day as an opportunity to use Free Software in order to setup secure and private communications with our significant other.

Ask someone you like -- romantically or otherwise -- to be your cryptovalentine. If they say yes (yikes, nervous!) use the free program GnuPG to set up private and encrypted communication with them.

Last year this was like a late new year's resolution for me. I didn't want to stick to GnuPG or just set the tools up. I wanted to make sure that all forms of communication are secure and private. This is how I (partially) did it. This is focused on mobile communications, because that is what we almost exclusively use for communicating when online.

Email

The first thing that comes to mind is email and the obvious choice of GnuPG. And specifically OpenKeyChain and K9. And it's of course the first thing I did. If you are thinking "GPG keys on mobile? Are you sure?", then you have a different threat model in mind.

OpenKeyChain has made major steps over the last couple of years in terms of usability. It's easy even to generate a new key directly on your phone and easily fetch your contacts keys from keyservers or import them. It's also easy to connect it with the K9 mail client.

Despite all improvements I'm not completely satisfied with the end result at the moment. There is one thing that can really ruin everything. There is no way currently to configure K9 to encrypt all outgoing emails by default if a key is present. That can lead to accidentally replying to an encrypted email in plain text, or just forget to tick the encryption mode when composing a new email. Good thing is that K9 doesn't quote an encrypted email as unencrypted text when replying, which makes emails look ugly but at least it saves you from leaking data by mistake. There is also the issue of PGP/Mime support, but that' not relevant to the communication model I'm describing here. Both ends will use PGP inline, so you'll be ok.

Chat

The obvious decentralized choice would be Jabber with OTR. Many things have changed over the last couple of years. Apps like WhatsApp or Telegram have become really popular. Both of course are not to be considered secure. Source code is not completely open and free and both are centralized which gives one entity the knowledge of the entire social graph. But these apps created a usability precedence. People expect easy registration, even if that requires giving away their phone number and, even worse, their entire addressbook. And people also expect that this will work flawlessly on mobile, where connection can sometimes be flaky. Jabber with OTR fails on both. For the communication model I'm describing here registration issues are not important. But being able to communicate over mobile networks is really important.

Surprisingly many people on the free and open source camp started using (and promoting) Signal, which is indeed better that the two previous options of WhatsApp and Telegram, since the whole stack is completely free and open source. But it keeps all the other problems mentioned above (centralized, addressbook access, etc). I have written about this in details before and Signal's attitude shows that things can only get worse.

So where does this leave us? Signal's protocol, Axolotl Ratchet, is really well designed. What if this could work on top of Jabber? Then we would have the best things of both worlds. That's what OMEMO does.

So my choice was the Conversations app using Jabber along with OMEMO encryption. I have to admit this turn out to work far better than I expected. You set the encryption once and then you forget about it. It just works. All communications are encrypted by default. Offline messages just work. You don't have to worry if the other end is online at the moment. No need to terminate or re-establish encryption sessions (sounds familiar OTR friends?). This worked so good that we actually replaced email communications. I mean, think about it. Most of the emails we exchange during the day are short texts. The only reason we were using email was because it gives the feeling of asynchronous non-urgent communication. But if you have a chat application that online presence doesn't really matters then you already have this.

SMS

We rarely use the mobile telephony network to chat, and since we started using Jabber/OMEMO, this became even more rare. But just for these rare cases, here is what I did and suggest.

Signal started as TextSecure and it used to support the SMS network too. At some point they decided to drop SMS support for various reasons. Then a free software team forked it and kept just the SMS part (it's Axolotl Ratchet again) and dropped all Google dependencies to create SMSSecure. Similar to what I mentioned above, you setup the encryption once and then you forget it. I set this up months ago and all SMS we have exchanged since are encrypted. The app of course works as a regular SMS app, so you just make it your default one and use it for regular plain text SMS messages for the rest of your not-so-brave contacts. At least you'll have encrypted local storage for your sms messages, something that most sms apps don't offer.

Voice

This is the most difficult one, and the one we haven't yet completely achieve. It's not easy to encrypt phone calls and still keep using the traditional mobile network of your carrier. So the next best thing is to do it over the data network. Again usability is important here. So SIP was not my first option. Many apps have come into life over the last couple of years, but most of them are still not mature enough. For instance Tox is nice, but the mobile client lacks voice calls at the moment and their core protocol is not designed with mobile usage in mind, which leads to battery drainage.

Another similar approach is the Ring. It's also at its early days, but recently the mobile client added voice calls. We started using it over the last month, but it's still early to judge it. If you are interested in the technical details see the core developers presentation at this year's Fosdem.

Video

Weirdly enough this is something we solved long before the voice communications. Video is something you explicitly choose to do, so you don't have so many requirements in terms of integration with the rest of the phone operating system. We use WebRTC. Encryption is mandatory for WebRTC, using DTLS and it's P2P. You can find many services out there, some completely Free and Open Source (so you can set it up on your own if you don't trust them), and a few also offer private rooms.

Another option (still WebRTC) is Firefox Hello. I've been using Hello from the first day it was released and works great. The only problem is that you can initiate a call only from a Desktop Firefox. But a few months back Hello offered the option to create a room, give it an alias to make it more recognizable than a hash and bookmark it. So if both ends have this unique url they can initiate a video call directly from Firefox mobile.

Whatever WebRTC option you choose remember that this works through your browser. I have test this only on Firefox, but it should work on other browsers too with no extra plugin. Just use a browser that it's Free and Open Source. Otherwise you shouldn't trust it for your communications.

Now it's your turn

All apps mentioned here are available on F-droid, so it's not that hard to get started. Remember, our privacy is interdependent. It's not enough to secure your devices only. What better way to start than this? Ask your significant other or someone you like, romantically or otherwise, to be your cryptovalentine. You don't have to use the specific tools I mention here. I urge you to use only Free / Open Source software and decentralized services. And remember this is just the beginning. After you succeed, spread this know-how to the rest of your friends.


Comments and reactions on Diaspora or Twitter

Wednesday, 10 February 2016

Report of the local FSFE meeting in Frankfurt on Feb 3rd

Being Fellow #952 of FSFE » English | 21:16, Wednesday, 10 February 2016

We once again met in Café Albatros in Frankfurt. A lot of people excused themselves for various reasons so we ended up with just three persons.
In this small group, I participated more than I took notes, so this will be a rather short post.

Main subject was the planning of our next meeting on March 2 in the Coworking Zentrale. Initially this was supposed to be our chance to still do something about the upcoming municipal elections in the federal state of Hesse. On the other hand, many of our regular visitors have expressed interest in a talk about Free Software licenses. And it happens to be that legal network member and long term FSFE activist Michael Stehmann will be in the area on the very same day our next meeting comes up.He agreed to give the talk on this occasion so this is what we are going to do at our new meeting location!

Depending on how many politicians will find the time to visit us just a few days before the elections, we should still manage to combine both subjects to a certain extend.
Next to that, the following topics were discussed:

  • Problems at large scale migrations – we focused on the psychological obstacles of all stakeholders
  • The German Army uses MS Office 365 o.O?
  • The next date for the Rotlintstraßenfest seems to be September 10, 2016. So, you volunteers, mark your calendars!
  • How we may pursue our target to meet in youth houses in and around Frankfurt

That’s basically what my sparse notes reveal. I am looking forward to the next meeting in Bornheim with the talk about Free Software licences. More details will follow soon on our group page in the Fellowship-Wiki.

flattr this!

Friday, 05 February 2016

Giving up democracy to get it back

DanielPocock.com - fsfe | 22:07, Friday, 05 February 2016

Do services like Facebook and Twitter really help worthwhile participation in democracy, or are they the most sinister and efficient mechanism ever invented to control people while giving the illusion that they empower us?

Over the last few years, groups on the left and right of the political spectrum have spoken more and more loudly about the problems in the European Union. Some advocate breaking up the EU, while behind the scenes milking it for every handout they can get. Others seek to reform it from within.

Yanis Varoufakis on motorbike

Most recently, former Greek finance minister Yanis Varoufakis has announced plans to found a movement (not a political party) that claims to "democratise" the EU by 2025. Ironically, one of his first steps has been to create a web site directing supporters to Facebook and Twitter. A groundbreaking effort to put citizens back in charge? Or further entangling activism in the false hope of platforms that are run for profit by their Silicon Valley overlords? A Greek tragedy indeed, in the classical sense.

Varoufakis rails against authoritarian establishment figures who don't put the citizens' interests first. Ironically, big data and the cloud are a far bigger threat than Brussels. The privacy and independence of each citizen is fundamental to a healthy democracy. Companies like Facebook are obliged - by law and by contract - to service the needs of their shareholders and advertisers paying to study and influence the poor user. If "Facebook privacy" settings were actually credible, who would want to buy their shares any more?

Facebook is more akin to an activism placebo: people sitting in their armchair clicking to "Like" whales or trees are having hardly any impact at all. Maintaining democracy requires a sufficient number of people to be actively involved, whether it is raising funds for worthwhile causes, scrutinizing the work of our public institutions or even writing blogs like this. Keeping them busy on Facebook and Twitter renders them impotent in the real world (but please feel free to alert your friends with a tweet)

Big data is one of the areas that requires the greatest scrutiny. Many of the professionals working in the field are actually selling out their own friends and neighbours, their own families and even themselves. The general public and the policy makers who claim to represent us are oblivious or reckless about the consequences of this all-you-can-eat feeding frenzy on humanity.

Pretending to be democratic is all part of the illusion. Facebook's recent announcement to deviate from their real-name policy is about as effective as using sunscreen to treat HIV. By subjecting themselves to the laws of Facebook, activists have simply given Facebook more status and power.

Data means power. Those who are accumulating it from us, collecting billions of tiny details about our behavior, every hour of every day, are fortifying a position of great strength with which they can personalize messages to condition anybody, anywhere, to think the way they want us to. Does that sound like the route to democracy?

I would encourage Mr Varoufakis to get up to speed with Free Software and come down to Zurich next week to hear Richard Stallman explain it the day before launching his DiEM25 project in Berlin.

Will the DiEM25 movement invite participation from experts on big data and digital freedom and make these issues a core element of their promised manifesto? Is there any credible way they can achieve their goal of democracy by 2025 without addressing such issues head-on?

Or put that the other way around: what will be left of democracy in 2025 if big data continues to run rampant? Will it be as distant as the gods of Greek mythology?

Still not convinced? Read about Amazon secretly removing George Orwell's 1984 and Animal Farm from Kindles while people were reading them, Apple filtering the availability of apps with a pro-Life bias and Facebook using algorithms to identify homosexual users.

FOSDEM 2016 – Meeting with Friends from Around the World

Florian Snows Blog » en | 16:15, Friday, 05 February 2016

When I arrived in Brussels on January 29, 2016, I very quickly started thinking that this trip might be more difficult than I had imagined at first. I realized my French had gotten so bad over the years that I stood in the wrong line for 20 minutes and then, the gentleman who helped me had to resort to using English to explain to me what I actually needed to do. I then proceeded to get lost on my way to have lunch with the FSFE group from Linz at Fin de Siècle.

Having great food and good company cheered me up and after a stop at a nice coffee place, that served wonderful Japanese green tea, prepared exactly to the point, I ended up at the apartment I was going to stay at for the next two days. I was greeted by our host Mauricio and he had turned his apartment into a wonderful meeting place for everyone with lots of nice food and beer. He took great care of everyone and we all had a good European Coordinators Meeting there.  After that, there was a party of course that was a lot of fun.

The next day started with a lot of rain, so by the time we arrived at FOSDEM, I was completely soaked, including my shoes.  There’s hardly anything I dislike more.  However, plenty of great talks more than made up for the disgusting weather.  I heard Francis Rowe‘s talk about libreboot and Luke Kenneth Casson Leighton, who develops hardware that respects your freedom (not yet certified). Both of these endeavors are becoming more and more important so we can still use hardware in freedom when Intel and AMD have both abandoned us altogether.

Tom Marble interviews Richard Stallman

Tom Marble interviews Richard Stallman

Unfortunately, I didn’t manage to attend any talks in the GNU Guile devroom, but the Legal and Policy Issues devroom was a pretty big highlight.  Not only did they have an interview with RMS on Sunday, they also had some great talks about the distribution clause in the GNU GPL, about dependency management and licensing information, about legal strategies for commercial ventures, and about copyleft for the next decade.  In between talks, I had the chance to talk to Bradley M. Kuhn of the Software Freedom Conservancy and one of the organizers of that devroom.  The final talk I heard in this devroom, was the interview with RMS on Sunday which was interesting as always and I enjoyed the auction of the adorable, adorable GNU a lot more, knowing that I already have one.  It went for 342 Euros, by the way and this would have blown my budget by a lot.

RMS and the adorable, adorable GNU

RMS and the adorable, adorable GNU

The most important thing about FOSDEM turned out to be the FSFE meetups.  Whether it was chatting with people at the FSFE booth, going out with others, or the evening/night at the Brewdog, it was all immensely enjoyable.  I had a great time getting to know Christian and Max a bit better on the train, meeting Matthias for the first time, seeing how Erik led the ECM, and debating finances with Reinhard.  Talking to Matija, Cryptie, Alessandro, Marc, Polina, Simon, and many others who are from all over Europe, really made the FSFE feel like a European team of computer activists.  It was also great to suddently stand next to and talk to a legend in the Free Software world like Werner Koch, developer of GnuPG and one of the founders of the FSFE, even if it was a bit embarrassing at first because I didn’t recognize him immediately.

FSFE booth at FOSDEM

The FSFE booth at FOSDEM

Hanging out at the FSFE booth was also fun, yet dangerous with all the tremendously attractive merchandise there.  Not having blown my budget at the auction of the adorable, adorable gnu, I was on a quest to find something I could spend my money on. On Saturday, Polina had made me realize on how wonderful the FSFE hoodies are, so I had to go check them out at the booth on Sunday.  Cryptie supported my craving for merchandise and made sure to sell me as much of it as possible.  :-)   No, seriously, she tried to stop me, but she presented everything well and I had a hard time resisting. I have to say the FSFE shop does not do the black hoodies justice.  It’s not that the presentation there is bad or anything, but if you get the chance to see them for yourself, you immediately realize how remarkably soft they are and of what great quality they are.  They are all made in a fair-trade process because the FSFE cares about treating people right in general, not just when it comes to computers.  Needless to say, I went home with a bunch of stuff, including a new hoodie for my wife, so we can now sport the same look.

merchandise at the FSFE booth

all the glorious merchandise at the FSFE booth

All in all, I immensely enjoyed FOSDEM, making new friends and experiencing different cultures.  By the way, I left Brussels the same way I got there—by getting lost on the way to my tram. However, this time, i was able to ask someone for the way in French and understand the answer.  I am looking forward to going to FOSDEM again next year and hopefully, I will see some of the people I met again soon.

A big thank you to everyone who helped organize the FSFE related events and an especially big thank you to Mauricio, our wonderful host for the weekend!

Thursday, 04 February 2016

Australians stuck abroad and alleged sex crimes

DanielPocock.com - fsfe | 10:30, Thursday, 04 February 2016

Two Australians have achieved prominence (or notoriety, depending on your perspective) for the difficulty in questioning them about their knowledge of alleged sex crimes.

One is Julian Assange, holed up in the embassy of Ecuador in London. He is back in the news again today thanks to a UN panel finding that the UK is effectively detaining him, unlawfully, in the Ecuadorian embassy. The effort made to discredit and pursue Assange and other disruptive technologists, such as Aaron Swartz, has an eerie resemblance to the way the Inquisition hunted witches in the middle ages and beyond.

The other Australian stuck abroad is Cardinal George Pell, the most senior figure in the Catholic Church in Australia. The Royal Commission into child sex abuse by priests has heard serious allegations claiming the Cardinal knew about and covered up abuse. This would appear far more sinister than anything Mr Assange is accused of. Like Mr Assange, the Cardinal has been unable to travel to attend questioning in person. News reports suggest he is ill and can't leave Rome, although he is being accommodated in significantly more comfort than Mr Assange.

If you had to choose, which would you prefer to leave your child alone with?

Wednesday, 03 February 2016

Getting Started with GNU social

Marcus's Blog | 09:52, Wednesday, 03 February 2016

Some of you might already know the federated social network called GNU social. It has raised from the ashes of a software called StatusNet which once drove the well known instance Identi.ca.

Since then, a lot of things have changed. We have learned that having only one or two big instances may cause a lot of trouble if they fail. The idea of a federated social network is to have as many instances as possible. As not everyone has the ability to host his or her own instances, it’s suggested to build small instances toghether with your peer group (a.k.a. friends ;) ).

We have done this for our Swiss Fellows and our instance can be found at GNUsocial.ch. We have enabled the popular Qvitter engine by default so it looks quite modern as well. This is not a public instances but one can apply for an account.

If you have just joined an instance or (even better) have set up your own, you might feel a bit lost. Due to the character of federation it’s a bit harder to find your old friends and make new ones. The general concept of following a person is to open his or her remote profile (like mine) and click on the Subscribe button. Then you have to type in your Profile Account name and will be redirected to your instance. Here you will have to confirm that you want to subscribe that user account. Qvitter has a nice functionality to simplify this process. If you see an account in your timeline that you want to follow, simply hover the account name. A pop-up will appear allowing you to click a Follow button. That’s all, no need to browse the remote instance manually.

If you are not sure whom to follow, you can subscribe to so called !Fedgroups. Those are groups of interests which can be subscribed similar to subscribing to an user. A list of known federated groups can be found here.

If you want to create your own fedgroup, please take a look if there is already a similar group available, first. After creating a new group, you can announce it to the !Fedgroups group (you have to subscribe to it first). Please note that the Qvitter frontend does not (yet) display groups, so you have to either browse the groups page manually (it can be found at https://your.instance/groups) or switch to the classic view, by clicking on your Profile picture and selecting the ‘Switch to classic GNU social’ function. You can always switch back to Qvitter by clicking on the ‘New …’ button in the top bar.

Now that you are used to the basics of GNU social, there are some things that are different then on other social networks:

Threads
GNU social supports threads. This is very useful for long conversations with a bunch of people. To view the complete thread of a conversation in Qvitter, simply click on the Dent (this is the message, the name comes from the ancient word I’Dent’i.ca) and click the Expand full conversation button. The button is only displayed when there are multiple Dents in a thread.

Post to group
When you want to post to a group, please make sure that you are subscribed to it in advance. If you are subscribed the group name will be resolved and a link to it will be displayed in the dent.

Address someone
If you want to address someone directly simply type @ followed by the username. Qvitter has an auto completion functionality which is quite handy. It does not matter if you write the @username at the beginning of the post or in between. You can also address a user by typing @username@instance.tld

Move to another instance
If you are ever forced to create a new user account on another instance, please do not re-use the same username. Otherwise functions like the auto completion tend to struggle. E.g. I have an account called marcus on GNUsocial.ch but another one called marcusmoeller on GNUsocial.de. The latter is for backup purpose only and generally not needed.

Also keep in mind that if you change to another account you have to inform your followers so that they can follow the new account as well.

Hopefully this is a first starting point that helps you to join the Fediverse. If you have further questions, either post your question to the relevant !Fedgroup or ask on #social / Freenode IRC.

Tuesday, 02 February 2016

Making Python Programs Faster with Shedskin

Paul Boddie's Free Software-related blog » English | 00:14, Tuesday, 02 February 2016

A few months ago, I had the opportunity to combine two of my interests: retrocomputing and Python programming. The latter needs little additional explanation, but the former perhaps requires a few more words. Retrocomputing is the study and use of computing equipment from an earlier era in computing, where such equipment is typically no longer in use, or is no longer in widespread use. My own experiences with microcomputers began in the 1980s and are largely centred upon those manufactured by Acorn Computers, such as the Acorn Electron and BBC Microcomputer.

Some History

One of my earlier initiatives was to attempt to document and understand the functioning of the Acorn Electron’s ULA integrated circuit: the Uncommitted Logic Array employed in the computer to generate video and perform input/output tasks. When Acorn decided to make the Electron as a variant of the BBC Microcomputer, the engineers merged many of the functions performed by separate chips into a single one, for several good and not-so-good reasons:

  • To reduce system complexity: having to connect several components and make sure that they all work correctly and in time with each other can be challenging, and it is arguably best to reduce the number of things that can go wrong by just reducing the number of things involved in the first place.
  • To reduce system cost: production becomes less complicated and savings can potentially be realised by combining discrete components.
  • To deepen the organisation’s experience with integrated circuit design: this being the company that developed the ARM architecture and eventually brought the first ARM chipset (CPU, audio/video controller, memory management unit, and input/output controller) to market.
  • To make a proprietary component that others could not readily clone: this being something of an obsession in the early 1980s marketplace.

Now, the ULA has the job of reading from memory and translating what it reads into a sequence of colour values, thus generating a picture on the screen. However, it has the annoying limitation of locking the CPU out of the memory (in fact, only the RAM which resides in a certain region) while it generates each line of the displayed image. Depending on which “screen mode” is selected (determining the resolution and colour depth), it may still let the CPU access the RAM at a lower speed, or it may effectively suspend the CPU for the entire time taken to generate a single horizontal display line.

Consequently, the Acorn Electron is considerably slower than the BBC Microcomputer for this reason: the BBC Micro employs faster memory and lets the CPU and its own video circuitry take turns with the memory while they both run at full speed; the Electron used cheaper memory as another cost-saving measure; reviews of the Electron, while generally positive about getting BBC Micro features for less, tended to note this performance degradation with some disappointment.

The Acorn Electron ULA

The Acorn Electron ULA (with socket cover/heatsink removed)

Some Background

Normally, the matter of the CPU stalling for much of its time would be considered a disadvantage, but my brother and I were having a discussion about software running from ROM (or, in fact, in the area of memory not affected by the ULA), with the pitfalls of such software needing to access the RAM and potentially becoming stalled as the CPU finds itself waiting for the ULA to do its work. Somehow the notion arose that the ULA effectively provides a kind of synchronisation mechanism for software needing to run in the period between display lines.

So, a program can read instructions from ROM and then, when it needs to know that the display is not being updated, it can attempt to access RAM. Whether or not the program stalls remains unknown to the program itself, but when it gets the result of accessing the RAM – perhaps immediately, perhaps after a few microseconds – it can be certain that the ULA is not accessing the RAM because it just did so itself.

A screen image showing the update region

An image showing the display update region (the "test card" picture) when the ULA accesses memory, with the black border indicating the region (or time period) during which the CPU may access the lower region of the Electron's memory.

(See the BBC Test Cards for the origin of the above picture.)

One might wonder what kind of program would benefit from synchronising itself to the display line periods. Well, one thing that tended to happen back in the microcomputing era, was the trick of reprogramming the display palette – the selection of colours shown on screen – so that a greater number of colours can be displayed simultaneously on the screen than would normally be the case for that particular display configuration. For example, a screen mode normally offering only four colours could instead offer the full range – eight “proper” colours on an Electron – if it switched the palette during screen updates. Even a screen mode offering only two colours could offer eight by employing palette switching.

And with a certain amount of experimentation, a working solution was eventually delivered (with only limited input needed from my side). By running software in a ROM (or from RAM mapped into the same area of memory as a ROM), it became possible to reliably change the palette on a line-by-line basis, bridging the gap between a medium-resolution four-colour mode and a hypothetical eight-colour version that would only become available on Acorn’s ARM-based microcomputers. Although only four colours can be used per display line, each of the 256 display lines can employ four-colour combinations of the full eight colours, not quite making an eight-colour mode – which would, of course, allow eight colours on every display line – but still permitting graphical output much closer to a true eight-colour mode than can be contemplated with a restrictive four-colour mode.

Rainbow lorikeets on a lawn

Rainbow lorikeets on a lawn (left: 4 colours from 8 per display line; right: 8 colours per display line)

Palette Optimisation

With the trick in place to switch the palette on demand, all that remained was to make a program that could take an input image and to optimise the colours so that…

  1. Only the eight permitted colours (black, white, primary and secondary colours) are used in the image.
  2. No pixel row (display line) employs more than four different colours.

Expectations were rather low at first. First of all, in this era of bountiful quantities of fresh imagery, most pictures appear to have plenty of colours and are photographs, and so the easiest images to use are the ones that first need to be reduced in both resolution and colour depth. And once this is done, the job of optimising the colours to meet the second of the above criteria is required. So, initially, very simple techniques were employed to do both of these things.

Later, after some discussions, it appeared that integrating the two processing activities and, crucially, applying basic dithering and error propagation techniques, made it possible to represent complicated “deep-colour” images within the limited display representation.

Magnified details of the two representations

Magnified details of the two representations

Closer examination of the above images reveals how the algorithm attempts to spread the responsibility of representing colours across rows, being restricted to the choice of four colours (in the left image) to produce the appropriate tones that are more readily encoded using eight colours (in the right image).

Tuning the Implementation

To perform the optimisation process, I wrote a program which took an input image, rotated and scaled it to the target resolution, and processed the colours by inspecting the pixel data on each horizontal line (or row) of the image, calculating the appropriate four-colour combination for a line and generating suitable pixel data appropriate for this restricted palette. Since I am probably most comfortable with Python, and since Python also has various convenient image-processing libraries, I found myself developing a short Python program to do the work.

Now, Python doesn’t usually exhibit the highest performance, particularly for tasks such as this, and as the experimentation with different approaches started to lessen, with the most rewarding approaches making themselves evident, and with the temptation to convert lots of images just to see the results, my attentions turned to speeding up the program. Since I had been involved with packaging the Shedskin Python-to-C++ compiler for Debian, and thus the package was right there for me to use, it made sense to give it a try on this code.

At this point, the program was taking around 40 seconds to convert a 16 megapixel photographic image into the appropriate output representation. Despite using the Python Imaging Library to do the rotation and scaling, visiting each pixel in a Python program and doing some simple statistical and arithmetic operations was taking up rather a lot of time. In the past, I have used various “numeric” Python extensions – usually the ones supported by pygame – but things have moved on somewhat incoherently since then, and I also wanted to keep my code straightforward and readable, which is often something that is lost when making code “numeric”.

Time for Shedskin

I have used Shedskin before, and the first thing to think about when using it is how it will interact with non-Python code. Shedskin takes Python code and generates C++ which must then be compiled. If a whole program is translated to C++, the resulting executable can be run with no further work necessary. However, the program of interest here uses libraries that are actually implemented in C and are delivered as shared libraries that are loaded by CPython (the Python virtual machine implementation written in the C programming language). Shedskin cannot generally translate such a program in its entirety.

From the earliest days of Python, it was (and has remained) a common practice to first write library code in Python, desire better performance, and to then rewrite much of that code in the C programming language against the Python/C API (or CPython API) as an “extension module”, which is what these problematic shared libraries are. Such libraries act as part of the CPython virtual machine, more or less, and with suitable implementation choices made for performance, everything using such libraries will run much more quickly. Unfortunately, but understandably, Shedskin doesn’t seek to interact closely with the CPython implementation: it produces C++ code that works with its own runtime libraries.

So, instead of working with a single program file, I split my program up into a main program which deals with CPython extensions such as the Python Imaging Library, whose JPEG and PNG manipulation facilities are too convenient to abandon, along with a library module that does all the computation for this particular application. The library would provide its own image abstraction for pixel-level accesses, but be given the pixel data obtained by the main program, returning the processed data to the main program for saving to a file. By only compiling the library, Shedskin can produce a standalone library file containing hopefully high-performance implementations of the original Python code.

But how can such a library constructed by Shedskin be used? Would we now need to somehow translate the main program into C or C++ in order to be able to use it? Fortunately, but slightly confusingly, Shedskin can also generate the necessary CPython API wrapper around the translated code, making it possible for CPython to load this newly-created library after all.

(One might wonder how this is possible, but if one considers that arbitrary C or C++ code can be wrapped using the CPython API, with the values being sent in and out of a library only being converted at the interface, Shedskin has the luxury of generating something that lives by its own rules internally, with the wrapper doing the necessary “marshalling” of the values as they go in and come out. Such a wrapped library might be frowned upon in the Python world, not being a sophisticated extension module that takes full advantage of the CPython API, but such libraries were, and probably still are, the “bread and butter” of Python’s access to a wide array of tools and technologies.)

Knowing that this is a reasonable approach, I experienced a moment of excessive ambition. I tried to take the newly-broken-out library and compile it using the appropriate option:

shedskin -e optimiser.py

This took quite some time, and things did not go well…

*** SHED SKIN Python-to-C++ Compiler 0.9.2 ***
Copyright 2005-2011 Mark Dufour; License GNU GPL version 3 (See LICENSE)

[analyzing types..]
****************************88%
*WARNING* reached maximum number of iterations
********************************100%
[generating c++ code..]
*WARNING* 'get_combinations' function not exported (cannot convert argument 'c')
*WARNING* 'get_colours' function not exported (cannot convert return value)
*WARNING* 'balance' function not exported (cannot convert argument 'd')
*WARNING* optimiser.py: expression has dynamic (sub)type: {None, int, tuple}
*WARNING* optimiser.py: expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* optimiser.py: expression has dynamic (sub)type: {float, int, tuple}
*WARNING* optimiser.py: expression has dynamic (sub)type: {int, tuple}
*WARNING* optimiser.py: variable 'data' has dynamic (sub)type: {None, int, tuple}
*WARNING* optimiser.py: variable (class SimpleImage, 'data') has dynamic (sub)type: {None, int, tuple}

And then there were many more lines of a more specific nature:

*WARNING* optimiser.py:41: function distance not called!
*WARNING* optimiser.py:50: expression has dynamic (sub)type: {None, int, tuple}
*WARNING* optimiser.py:53: expression has dynamic (sub)type: {None, int, tuple}
*WARNING* optimiser.py:57: expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* optimiser.py:57: expression has dynamic (sub)type: {int, tuple}

And so on. Now, if you are thinking that this will probably not end well, you would be right. Running make gives plenty of errors looking as scary as this…

optimiser.cpp: In function '__shedskin__::list<__shedskin__::tuple2<__shedskin__::tuple2<int, int>*, double>*>* __optimiser__::list_comp_0(__shedskin__::pyiter<double>*)':
optimiser.cpp:76:17: error: base operand of '->' is not a pointer
optimiser.cpp:77:21: error: base operand of '->' is not a pointer
optimiser.cpp:78:68: error: invalid conversion from '__shedskin__::tuple2<int, int>*' to 'int' [-fpermissive]
In file included from /usr/share/shedskin/lib/builtin.hpp:1204:0,
                 from optimiser.cpp:1:
/usr/share/shedskin/lib/builtin/tuple.hpp:211:28: error:   initializing argument 2 of '__shedskin__::tuple2<A, B>::tuple2(int, A, B) [with A = int; B = double]' [-fpermissive]
optimiser.cpp:78:70: error: no matching function for call to '__shedskin__::list<__shedskin__::tuple2<__shedskin__::tuple2<int, int>*, double>*>::append(__shedskin__::tuple2<int, double>*)'
optimiser.cpp:78:70: note: candidate is:
In file included from /usr/share/shedskin/lib/builtin.hpp:1203:0,
                 from optimiser.cpp:1:
/usr/share/shedskin/lib/builtin/list.hpp:96:25: note: void* __shedskin__::list<T>::append(T) [with T = __shedskin__::tuple2<__shedskin__::tuple2<int, int>*, double>*]
/usr/share/shedskin/lib/builtin/list.hpp:96:25: note:   no known conversion for argument 1 from '__shedskin__::tuple2<int, double>*' to '__shedskin__::tuple2<__shedskin__::tuple2<int, int>*, double>*'

Of course, it would be unfair to expect this to have worked: Shedskin did indeed give us plenty of warnings! But we should at least try and understand such warnings if we are to make progress. After a few more iterations of this bold strategy, I realised that I had started out in the wrong fashion, presenting Shedskin with code that is too dynamic (and ambiguous) for it to reasonably infer sensible types and produce a compilable C++ representation.

First Things First

I started out by reintroducing some necessary changes gradually. First of all, I made a branch of my code committing the special image abstraction to be used in any future Shedskin-compiled version. Meanwhile, I looked at some things that might generally be performance-degrading in Python, and which might also help Shedskin deduce the program types more readily.

One thing that I had done in the initial implementation was to freely use sequences to represent colour triplets: the red, green and blue values. I was using code like this:

def invert(srgb):
    return tuple(map(lambda x: 1.0 - x, srgb))

This might be elegant – there’s no separate treatment of each element in the triplet – but there is likely to be more overhead in treating the triplet as a sequence, iterating over it, and so on. Moreover, Shedskin is likely to see objects appearing from a collection without any idea of what was put into that collection to start with. So, more mundane code was introduced in its place:

def invert(srgb):
    r, g, b = srgb
    return 1.0 - r, 1.0 - g, 1.0 - b

Such changes reduced the processing time from around 35 seconds to around 25 seconds. After various other performance modifications, such as avoiding the repeated computation of common values, this became around 18 to 19 seconds. Interestingly, merging such modifications into the branch with the special image abstraction reduced the running time to around 16 to 17 seconds. But at this point, obvious optimisation opportunities were more or less exhausted.

It then became time for another attempt to present this to Shedskin. This time, instead of calling the main program main.py and the library optimiser.py, which is not particularly intuitive, I retained the name of the main program as optimiser.py and used the traditional optimiserlib.py naming for the library:

shedskin -e optimiserlib.py

This completed without any warnings, and running make produced a library file, optimiserlib.so, that Python recognises as an extension module. Running the program produced a palette-optimised image in just under 9 seconds!

Making the Difference

So, what were the differences that made Shedskin accept the library code? Since the splitting up of the code into two files makes comparisons between versions awkward, we can first compare the version of the program before our preparatory work with the version of the program that fed into our Shedskin version. There are four areas of changes:

  • The introduction of that image abstraction class – SimpleImage – to be used to manipulate images instead of using Python Imaging Library objects. (In fact, this is only used initially as a container for the raw pixel data, with such data being passed to library functions, as described below.)
  • Modifications to access the different components of colour triplets explicitly.
  • Some “common sense” performance modifications, avoiding the repeated computation of things that always produce the same result anyway.
  • Some local name adjustments.

This final point is something that the Shedskin documentation mentions prominently, but it can be easy to forget. Consider the following code (in the balance function of the library module):

dd = dict([(value, f) for f, value in d])

Originally, this looked like this:

d = dict([(value, f) for f, value in d])

This earlier version just reverses a dictionary mapping and assigns the result to the name of the original dictionary. Although this seems harmless enough, Shedskin’s analysis would be complicated substantially by having to deal with a name being reassigned and potentially being associated with completely different kinds of objects, even if in this case we are only dealing with dictionaries. (Even if the same type were only ever involved, as we see here, it would also prevent any analysis being done on the nature of the keys and values in the dictionaries.)

We can see the effect of this by trying to compile the functioning version with the earlier naming scheme reintroduced. First, we see a warning like this:

*WARNING* 'balance' function not exported (cannot convert argument 'd')

Since Shedskin propagates type information around the program, this leads to other problems:

*WARNING* optimiserlib.py: expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* optimiserlib.py: expression has dynamic (sub)type: {float, int, tuple}
*WARNING* optimiserlib.py: expression has dynamic (sub)type: {int, tuple}
*WARNING* optimiserlib.py: variable (function (function balance, 'list_comp_0'), 'value') has dynamic (sub)type: {int, tuple}
*WARNING* optimiserlib.py: variable (function (function balance, 'list_comp_1'), 'f') has dynamic (sub)type: {float, int, tuple2}
*WARNING* optimiserlib.py: variable (function (function balance, 'list_comp_1'), 'value') has dynamic (sub)type: {int, tuple}

And later in the messages, the more specific errors indicate the problem and its consequences:

*WARNING* optimiserlib.py:100: expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* optimiserlib.py:100: expression has dynamic (sub)type: {float, int, tuple}
*WARNING* optimiserlib.py:100: expression has dynamic (sub)type: {int, tuple}
*WARNING* optimiserlib.py:102: expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* optimiserlib.py:102: expression has dynamic (sub)type: {float, int, tuple}
*WARNING* optimiserlib.py:103: expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* optimiserlib.py:103: expression has dynamic (sub)type: {float, int, tuple}
*WARNING* optimiserlib.py:104: expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* optimiserlib.py:104: expression has dynamic (sub)type: {float, int, tuple}
*WARNING* optimiserlib.py:105: class 'list' has no method 'items'
*WARNING* optimiserlib.py:105: expression has dynamic (sub)type: {float, int, tuple2}
*WARNING* optimiserlib.py:105: expression has dynamic (sub)type: {float, int, tuple}
*WARNING* optimiserlib.py:105: expression has dynamic (sub)type: {int, tuple}

And so on. Such warnings, which will cause errors if one tries to compile the result, can seem very intimidating, but within all these details the cause should be identifiable.

But another important aspect of the successful translation of the library module should not be forgotten: it is the matter of choosing the right initial functionality to give to Shedskin. Instead of trying to compile everything, it makes sense to concentrate on things like functions which are fairly self-contained, which do not call potentially vast regions of other program functionality, and which are invoked often, especially in loops that take a long time. Migrating a small piece of functionality at a time helps to keep the troubleshooting activity manageable.

By using the SimpleImage class as a convenient staging post for pixel data, simple library functions could be migrated first, and the library could be kept ignorant of the abstractions being maintained in the main program. Later on, as we shall see below, such abstractions and functions that require them could then be migrated themselves.

Broadening the Scope

With some core functionality migrated to a compilable extension module, it becomes possible to give other things the Shedskin treatment. At the start of the second attempt to get Shedskin to compile the code, quite a few functions were still being run by the CPython virtual machine, notably various image operations. With the functions called by these operations already migrated, it becomes possible to move each of these operations over into the extension module. The expectation here is that since these functions can now call each other without the overhead of the CPython API, as well as avoiding running code in the virtual machine, further performance improvements will occur.

And since Shedskin’s own runtime library supports certain Python standard library modules in accelerated form, it becomes interesting to migrate operations that employ such module functionality. For example, the get_combinations function can be moved to take advantage of Shedskin’s itertools implementation. And in addition to just moving functions, classes can also be compiled by Shedskin and potentially accessed more quickly, while remaining accessible to normal Python code that hasn’t been compiled.

Not all of these optimisations give the boost in performance that might be hoped for, perhaps even bringing performance penalties when first introduced. But it is important to look beyond any current, small optimisation to future optimisations that the accumulation of those small optimisations will permit. Moving the SimpleImage class into the extension module permits the migration of other code, with the consequence that the program when run takes around 6 seconds instead of 9 seconds: the apparent optimisation barrier is overcome, leading to yet more gains!

Some Conclusions

It is possible to make very useful performance gains just by revisiting code and writing it in a way that suits the language implementation. Starting out with an execution time of around 40 seconds, it was possible to make the program run in closer to 15 seconds, and that might have been enough for occasional conversion of images. But by adopting Shedskin and applying it to a subset of the program’s functionality, an execution time of 9 seconds was initially obtained. This might not be quite as impressive as the earlier two-and-a-half fold reduction in time (or, of course, a two-and-a-half fold increase in throughput), but it was obtained with little additional effort, with admittedly some planning for it being incorporated into the earlier optimisation work.

Ultimately, reaching around 6 seconds of execution time means that Shedskin was indeed able to more or less match earlier performance gains, but again with little actual optimisation effort. And one can argue that merely using Shedskin helped to inform those earlier gains, anyway. Regardless of what should take the credit, the program ended up running almost seven times faster than when we started out on this journey.

Tools like Shedskin have a slightly controversial place in the Python world. People like to point out that Shedskin really only compiles a “restricted subset” of Python: one that Shedskin is able to analyse. And as the above exercise demonstrates, modifications to programs are likely to be required to take advantage of it. But the resulting programs are still Python programs, and the CPython virtual machine will still run them, just slower – three times slower in this case – than if they were compiled.

Authors of tools like Shedskin and alternative implementations of the Python language have a tough decision to make. They must either deal with the continuously changing “full-fat” version of the language, with new features being added all the time that they have to support, with the risk that they will never catch up and never be considered a “proper” implementation. Or they must impose limitations on the form of the language and the features they support, knowing that even if their software accepts programs written in Python, it will be marginalised and regarded as a distraction from “proper” Python programming. And yet, Python as delivered by CPython offers little in the way of things that Shedskin and similar tools seek to offer, so it should be no wonder that such tools have come to exist.

Instead, one might wonder why it is that the language must continue to evolve in ways that frustrate static analysis and enhancements to program performance and scalability. Indeed, my own interests in the analysis of Python code have been somewhat rekindled by this exercise, but unlike the valiant efforts of other developers (such as the author of Nuitka and his continuing quest to support the compilation of “full-fat” Python), I have no intention of using Python as my gold standard. In essence, Python is and has been a productive language to use – that is why I have used it here and many times before – but the very nature of the language should be open to question and review.

If, by discarding features, something like Python can be more predictable and better-performing, why would exploring this avenue of inquiry be a bad thing? Shedskin shows us that there are benefits in doing so, and I hope that this article has also shown some practical techniques for using and understanding the tool. And maybe this will encourage me and others to make some more progress with our own Python program analysis efforts as well, if only to offer alternatives that seek to deliver on some of the unrealised promise and potential that Python seemed to offer back when we first discovered it, so many years ago now.

Oslo architecture (4 from 8 colours with scaled original)

An architectural picture from Oslo with the left version using 4 colours from 8 on every display line, the right version being a scaled version of the original.

Monday, 01 February 2016

Fighting Passive Surveillance should be our top priority

nikos.roussos - opensource | 02:01, Monday, 01 February 2016

massive

Post-Snowden

We definitely live in a different world since Snowden leaks, but for some people nothing has changed. We always knew that certain individuals are targeted by local or international law enforcement agencies. In some cases they even have a legal way of doing this. If you work on certain fields or operate as an activist in political issues, you always assumed or knew that your communications are monitored. We may have better knowledge on the way the do it, or which things they have broken and which not yet. But essentially nothing is new about this on the post-Snowden world.

What Snowden leaks actually changed, what we learned from the documents, is that there is a vast ongoing process of massive passive surveillance and data collection. It doesn't matter if you are considered important. It doesn't matter if you have something to hide or not. All of your communications are monitored, stored and analyzed. This is what changed. This is what we learned.

Let me pause my thoughts for a moment and share a controversial story...

Mobile email encryption

Would you store your private PGP key to your mobile smartphone? Many (most?) hackers/geeks would easily answer in a negative way. Mobile phones have two major security implications that our laptops (usually) don't.

  • Physical security. It's more easy to lose your phone, or for someone to steal it. It's a comparatively smaller device, usually carried away in your pocket. And once you lose it, all keys stored there should be considered compromised (which is a big problem on its own, since PGP doesn't offer Forward Secrecy).

  • More than one operating system. Even if you have taken all measures to secure your operating system, the problem is that your phone runs also a second operating system. The "radio" OS running on your baseband chip. It's a complete proprietary black box, that you don't know what it does. You don't even know if it's isolated from your "smart" operating system.

On a side note, mobile operating systems have a security advantage that almost all modern desktop operating systems (even most major linux distributions) lack. All applications are sandboxed. So even if you are running a malicious application (you know, like Angry Birds) it may do various unwanted things regarding your personal mobile usage (eg. track location) but it can't easily steal your PGP private key stored inside OpenKeyChain's isolated storage. Not many desktop operating systems can protect you from a malicious application getting access to your .gnupg or .ssh folder.

So, although these two points are completely valid and indeed mobile smartphones are less secure, we have to realize that this is where most users read their emails. In many cases, a mobile phone is the only device people read their emails. Many people have come to cryptoparties, and after getting in touch with the complete lack of usability that comes with the standard pgp gui stack (Thunderbird + Enigmail), they ask how the can do the same things on their mobile. Most hackers would react (or even deny to help) exactly because of the reasons mentioned above. Let me clear up the dilemma a bit: Most people have two options to choose. Either use email encryption on their mobile phone or don't use encryption at all. And unfortunately most hackers fail to see that for most people the threat model is passive surveillance.

Threat Model

Not all people are trying to protect from the same things or the same type of adversaries. Not all people have the same Threat Model.

I was very pleased to see Werner Koch presenting at 32c3 this year about the current status of GnuPG, where he mentioned that the focus from now on is the passive surveillance threat model. Building tools that focus on the passive surveillance threat model, means that usability and encryption by default is top priority.

I have participated and co-organized many Cryptoparties, Free Software Meetups, and related crypto/privacy events/workshops. And I believe that the passive surveillance threat model should also be our focus. Yes, sometimes we need to quickly determine if a person has a different threat model (eg. journalists), but most people participating in these kind of events are not targets (at least not NSA targets). We know that they collect everything, we know that they love pgp because it's rarely used and stands out. Let's make their job more difficult. Encrypt all things by default. Let's start from fighting against massive passive surveillance.


Comments and reactions on Diaspora or Twitter

Saturday, 30 January 2016

Free software replacement for UTAU nearly completed

tobias_platen's blog | 09:04, Saturday, 30 January 2016

In 2011 I discovered UTAU, a proprietary singing synthesizer from Japan that is similar to VOCALOID, but limited to the Japanese language. It is available gratis, has no DRM and it’s voicebank format is documented, but it is still proprietary. It requires a Japanese 8-Bit locale, which is unable to encode European Umlauts. I installed UTAU using Wine, and began to reverse engineer the UST file format, which was really easy for me in this case. I also discovered that the developers of VOCALOID, had released their Spectral Modeling Synthesis Tools as free software under the terms of the GNU GPL. So I wrote a parser for the UST format, and used that parser in my smsUTAU resampler. I also wrote a first replacement for UTAU’s graphical user interface, using the cross platform toolkit Qt.

After I had done my first attempt to replace UTAU, I found two other free software singing synthesizers and a GUI written in Java. I found out that Debian includes Cadencii, which can be used as a replacement for the VOCALOID editor. It was originally written to allow Mac users to run the proprietary VOCALOID software on their incompatible proprietary OS, but it has been ported to GNU/Linux, and it can be used with v.Connect-STAND, an advanced indepedent UTAU resampler that is released under the GNU GPL. The second free singing synthesizer is eCantorix, which lacks a graphical frontend. In the meantime I found out that a group of UTAU users, had released an improved version of my first graphical frontend, but this one did not include a workig synthesizer. They decided to write the program from scratch, using an advanced design. I also found out that Trisquel GNU/Linux incudes Cadencii, but the freedom bugs are not solved until now. Because Cadencii is written in Java, it is extremely inflexible, making it hard to add new features.

In the meantime the QTau devgroup had stopped working on the free software replacements that I had stated in 2011, so I decided to fork their editor and add support for both existing synthesizers (ecantorix and v.Connect-STAND). I began adding new features such as Jack Transport, so that QTau can syncronized with other applications such as Ardour and Rosegarden. I plan to add NSM support in the next release. I created a git repository on NotABug.org and encourage anyone to install the free UTAU replacement. I will publish prebuilt binaries as part of Ongakunix, a Free GNU/Linux distribution with special emphasis on music production. My version of the program only runs on GNU/Linux, there is no support for Windows.

Thursday, 21 January 2016

Weird hangers on a Debian 8 system?

Viktor's notes » English | 22:22, Thursday, 21 January 2016

If everyday actions on your Debian Jessie with systemd start to hang forever:

  • Pulseaudio clients cannot connect to their servers any more…
  • “ifup” of a network device needs to be Ctrl-C’ed (but has accomplished its work)…
  • Trivial daemons refuse to start with “systemctl start”…

…then it might be that systemd has choked on something and needs to be restarted. Fortunately, that is possible without any reboot or log-out:

systemctl daemon-reexec

The structure of a freedom-fighting NGO

Weblog | 09:21, Thursday, 21 January 2016

Seeing this tweet, I felt that this was a great opportunity to talk about the structure of the FSFE as a freedom-fighting NGO and how it has evolved over time. At the last General Assembly of the organisation, Matthias and I as the executives of the organisation, was given a very clear mandate — indeed, you may even call it an order — to work on ways in which the FSFE can be more inclusive and transparent in our work, and to make it easier for people to participate and to have an influence in our work.

Some of what we’re doing is making it easier for volunteers to access the technical infrastructure we use for our work, making the structure itself more transparent and clarifying what teams we have (both topical and geographical) and what decisions they’re responsible for. This blog post is a step in the direction of making the structure more transparent, so that it’s easier to see how to get involved and have a voice in the various bodies. It can be considered a draft form, and background for material that should later get properly organised on our web pages.

When we founded the FSFE in 2001, we believed that a European organisation required formal chapters in each European country, and the structure we put in place for this reflected that. We had a European hub registered in Germany, with local chapters in other countries. The members of the local chapters, with some additions, made up the members of the European hub. In practice, we learned that having a local chapter formally registered as an association in a country was a lot of work, didn’t seem to contribute substantially to our work, and most of the benefits of having a local organisation was connected more to having a local team rather than a formal organisation.

So the organisation shifted towards having teams of people (without a formal organisation), which can be geographical (like Sweden, Italy, Berlin, DACH, or any other geographic overlapping or non-overlapping formation) or topical (like our web team, system administration team, translators, or so on). To a significant extent, this is how the FSFE is still organised, though where we’ve failed to be as transparent as we could be is in providing easier access to those teams, and more clarity on our web pages about what teams we actually have (this will see some work on our part in 2016).

Members

So what about the members then? Let’s start at the top of the organisation. The highest decision making body of any organisation is the annual gathering of its members. The same is true for the FSFE, and we routinely talk about this as our General Assembly (or just GA for short), regardless of if we mean the actual time of year when the members meet or if we talk about the mailing list that all members are subscribed to. In practice, the annual meeting is a rather sordid affair mostly to settle some of the legal obligations we have, to elect and exonerate our president, vice president, and financial officer. The protocols from those meetings are publicly available on our web pages.

The members also provide feedback on (and approve) the organisation’s budget, support the executives in long term strategy, receive regular reports about individual employees and so on. A lot of this happens throughout the year and isn’t connected to the annual meeting, but include the same people albeit virtually. In practice, the members can also give orders to the executives about the activities the organisation engage in, to hire or fire staff, or to change the organisations constitution. If there was a majority in favor of it among the members, they could even change the purpose and activities of the organisation to one that favour proprietary software!

They don’t, and one reason they don’t is that it’s a smaller (currently 21 people) group of people who’ve demonstrated a significant commitment to free software over a long period of time (I don’t have any statistics on this, but we’re talking on average somewhere between 10 and 30 years). The likelihood that one of them would go against the principles of free software is very slim, and that’s the very purpose of the GA: to provide the long term commitment and stability to the organisation. Every once in a while, someone new joins the GA, and this usually happens after they’ve been a member of the organisations Fellowship for some time, participated in some teams, and met many of the existing members in order to establish some mutual trust.

There’s no formal way in which this happens, but in practice, the FSFE’s President is usually the one that either identify people that would want to join, or who is approached by people wanting to join. If there’s an agreement between the members, the President would then grant membership to that person to be confirmed at the next annual meeting.

Fellowship

As a way of supporting the organisation, individuals may choose to donate money to support our activities or to join one of the teams to participate in the work. A lot of people also decide to join the organisations Fellowship, which is a great way to contribute financially to the organisation, and to get a deeper connection with our work. In some cities around Europe, Fellows meet regularly, engage actively in our campaigns or develop their own campaigns for their area to promote free software.

Every year, we also hold an election between the Fellows where they elect someone from among themselves to join the General Assembly for a two year term. The people elected by the Fellows take some responsibility for being the link between the GA and the Fellows and have the same rights as anyone else in the GA.

Executives

The executives of the organisation: the President, Vice President, Executive Director, together with the Financial Officer as an observer, make up what we call the Executive Council. This is the closest you can get to a board of directors as you would know it from another organisation, and the members are elected or appointed by the General Assembly. The executive council manage the budget, follow up on our financial results routinely and often approve larger expenses.

A lot of the day to day decisions that are needed by the organisation’s staff, but which don’t need the approval of the GA, are taken by the executive council, including (recent examples), which bank should we use, who should be authorised to make expenses and should we send out donation receipts ourselves or should we contract someone to do that. These are decisions that are important for the organisation and the staff that they are taken, but which do not directly influence our mission.

Teams

There are more teams in the FSFE than even I are aware of, most of them driven by volunteers and active within their own geographic area or topic. This is where we’ll spend some effort during 2016 to make the list of teams more transparent, to make sure that each team is presented on our web page, including information about what they work on, so that it’s easier for people who look at the organisation to see where they can get involved.

The teams are where all the truly interesting decisions are taken! And to a large extent, the teams work autonomously and don’t require any authority from anyone else in the organisation for their decisions. Our local Fellowship teams regularly participate in events or organise some activities, without any need to ask anyone else. Our system administrators take a lot of decisions about the infrastructure we offer, and so on. These decisions are usually taken by consensus among the people within the team, or — if you want to be a bit critical — by the absence of opposition. Frequently, a lot of decisions are taken by someone emailing a list saying that “I’m going to do X, unless someone objects.”

There’s some exceptions of course: a team can’t take a decision that influence other teams. Such decisions require communication beforehand so that everyone is on the same page. And a team can’t make expenses for the organisation without approval first. When there are decisions that influence more than one team, they’re often taken in our Core Team or our Coordinators group, both of which include the coordinators from our teams. When there’s a decision that require funding, this is often approved by the executive council unless it already fits in one of the existing budgets (for instance, if a local team needs some funding to print leaflets, we’d usually offer to print them or fund that from our usual budget for information material without the need for the council to make a decision).

Where to have an influence

If you are interested in joining the FSFE, a common first step is to join our Fellowship and one of our teams. You’ll have the opportunity to work together with other volunteers, our staff, and to do things truly useful to bring free software forward. Having been a Fellow for at least a year allows you be a candidate for the election to the GA. And in general, showing a sustaining commitment to free software, establishing trust between you and other members and Fellows, is a step towards one day joining the GA on a more permanent basis if this is of interest to you.

For a lot of people, the administrative affairs of the GA are much less exciting than the day to day activities of our teams, and a lot of people who’ve been volunteers for the organisation for very many years feel that what they provide to further free software by working actively in a team is much more important than the contribution they could make in deciding on a budget for the organisation.

From my side, when people ask me whether they should contribute financially to the organisation or join one of our teams as a volunteer, I always ask them to join as a volunteer. While we appreciate any financial contribution we get, the work that we do is heavily influenced and made possible by our volunteers and the contribution of even an hour a week to our work, or helping us organise a presence at a local event, is much more useful for free software than the financial contribution.

What’s missing?

I’ve hinted at this before, that what’s critically missing at the moment is a good overview of the teams the FSFE have, who is helping to coordinate each team and what they do. That’s something we want to improve on, and it’s something that will see improvement during 2016, which will also see other changes in how we work and how we become more transparent and inclusive in our work generally. Our default should be: free and open.

Monday, 18 January 2016

Ο σκοταδισμός της πνευματικής ιδιοκτησίας

nikos.roussos - opensource | 02:21, Monday, 18 January 2016

Εδώ και πολλά χρόνια οι εταιρίες παραγωγής οπτικοακουστικού υλικού και οι οργανισμοί συλλογικής διαχείρισης πνευματικών δικαιωμάτων προσπαθούν να αντιμετωπίσουν τη διακίνηση πνευματικού έργου μέσω του internet. Δεν προσπάθησαν ούτε να το κατανοήσουν, ούτε να προσαρμοστούν. Αυτό που ξεκίνησε ως προσπάθεια περιορισμού, συνεχίστηκε ως προσπάθεια καταστολής και προσπάθεια άρσης βασικών ατομικών ελευθεριών. Και δυστυχώς δεν είναι πάντα απλώς προσπάθειες. Υπάρχουν και ήττες και νίκες σ' αυτό τον "πόλεμο".

Φτάσαμε σε ένα σημείο που οι άνθρωποι του πνεύματος (μέσω των εκπροσώπων τους, των δικηγόρων τους και των εταιριών στις οποίες οικειοθελώς παραχωρούν την εκμετάλλευση των έργων τους) έχουν συμφιλιωθεί με την ιδέα πως το δικαίωμα στην πνευματική ιδιοκτησία είναι πιο σημαντικό από βασικά ατομικά δικαιώματα και ελευθερίες, όπως το απόρρητο των επικοινωνιών ή η ελευθερία λόγου. Δεν θα ξεχάσω την τελευταία φορά που συμμετείχα σε ημερίδα του Οργανισμού Πνευματικής Ιδιοκτησίας (ΟΠΙ), το γεγονός πως οι περισσότεροι οργανισμοί αντιμετώπιζαν το internet ως μια μάστιγα που ήρθε στην ανθρωπότητα και πρέπει να κάνουμε ό,τι περνάει απ' το χέρι μας να περιορίσουμε την ελεύθερη χρήση του. Νομικός εκπρόσωπος ενός τέτοιου οργανισμού έφτασε στο σημείο να προτείνει πως θα ήταν "καλή ιδέα" να περιοριστεί το μέγεθος των αρχείων που μπορούμε να κατεβάσουμε απ' το internet σε λίγα MB. Πέρα απ' την φανερή έλλειψη βασικής τεχνογνωσίας για τη λειτουργία του internet, τέτοιες απόψεις και η ευκολία με την οποία προτείνουν να περιορίσουμε ένα εργαλείο που έχει εκδημοκρατίσει σε μεγάλο βαθμό τη διανομή πνευματικής δημιουργίας, είναι ο λόγος που το παρόν post φέρει αυτό τον τίτλο.

Εδώ και κάποιες ημέρες έχει τεθεί σε διαβούλευση ο νέος νόμος διαχείρισης δικαιωμάτων πνευματικής ιδιοκτησίας. Ως συνήθως ο νόμος είναι αρκετά μακροσκελής και οργουελικά ασαφής για να τον διαβάσουν οι περισσότεροι πολίτες. Θα ήθελα να σταθώ σε δύο σημαντικά σημεία του νόμου. Στο θέμα της επιτροπής λογοκρισίας, που συστήνεται στον υπό πρόταση νόμο, και στο θέμα της a priori αμοιβής των καλλιτεχνών από αγορές ηλεκτρονικών υπολογιστών.

Επιτροπή Λογοκρισίας

Το άρθρο 69, παράγραφος 8 περιγράφει τη δημιουργία μιας επιτροπής που θα αποφαίνεται για ζητήματα παραβίασης του νόμου περί πνευματικής ιδιοκτησίας (του περιβόητου 2121/1993) στο internet. Για να σας γλιτώσω αρκετό διάβασμα παραθέτω τα σημαντικά σημεία.

  • Η Επιτροπή είναι 5μελής και θα αποτελείται από τον πρόεδρο και τον διευθυντή του ΟΠΙ, έναν εκπρόσωπο της ΕΕΤΤ, έναν δικαστή του Αρείου Πάγου και έναν δικαστή του Συμβουλίου της Επικρατείας.

  • Οι δικαιούχοι έργων πνευματικής ιδιοκτησίας μπορούν να προσφύγουν σ' αυτή την Επιτροπή, η οποία πρέπει εντός 10 ημερών να αποφασίσει αν υπάρχει όντως θέμα ή όχι.

  • Αν η Επιτροπή αποφανθεί πως υπάρχει παράβαση ζητά απ' τους παρόχους πρόσβασης internet (ISPs) να κόψουν την πρόσβαση στο συγκεκριμένο website.

  • Σε περίπτωση μη συμμόρφωσης προς το δικαστικό της απόφασης η Επιτροπή επιβάλλει πρόστιμο ποσού 500€ έως 1000€ για κάθε ημέρα μη συμμόρφωσης.

  • Είναι σημαντικό πως ξεκαθαρίζεται ότι η παρούσα διαδικασία δεν εφαρμόζεται κατά τελικών χρηστών. Προς το παρόν λοιπόν ο νόμος δεν περιγράφει διαδικασίες άρσης απορρήτου για τους χρήστες που κατεβάζουν έργα πνευματικής δημιουργίας ενδεχομένως παρανόμως.

  • Κατά των αποφάσεων της Επιτροπής μπορεί να ασκηθεί προσφυγή ενώπιον του Διοικητικού Εφετείου Αθηνών εντός 30 ημερών από την κοινοποίηση της απόφασης. Δεν είναι σαφές απ' το κείμενο του νόμου αν την προσφυγή πρέπει να την κάνει ο πάροχος της υπηρεσίας (πχ. ο κάτοχος της ιστοσελίδας) ή μπορεί οποιοσδήποτε θεωρεί πως θίγεται απ' την εφαρμογή της απόφασης να προσφύγει στη δικαιοσύνη.

Αν δεν είναι αρκετά σαφές ας το διατυπώσω όσο πιο εμφατικά μπορώ. Αυτό που περιγράφει ο νόμος είναι τη σύσταση μια επιτροπής με την απόλυτη εξουσία και χωρίς να έχει προηγηθεί καμία δικαστική απόφαση να διατάσσει τους παρόχους να μπλοκάρουν ένα website από το ελληνικό internet.

Είναι φανερό πως η δημιουργία της επιτροπής είναι εμπνευσμένη απ' την αντίστοιχη που υπάρχει για τα τυχερά παιχνίδια (ΕΕΕΠ). Τα πράγματα βέβαια στον χώρο των πνευματικών δικαιωμάτων είναι ακόμα πιο πολύπλοκα και το μέλλον αρκετά πιο ζοφερό.

Υπάρχουν αρκετές δικαστικές αποφάσεις ως τώρα που έχουν διατυπώσει πως το να φιλοξενείς στο website σου παραπομπές για παράνομο υλικό που φιλοξενείται αλλού δεν συνιστά παράβαση. Ο Βασίλης Σωτηρόπουλος έχει καταγράψει κάποιες απ' αυτές τις μικρές νίκες. Υπάρχει η απόφαση του εφετείου της Βαρκελώνης, η απόφαση του Πρωτοδικείου Κιλκίς (με αφορμή το greek-movies.com, που λινκάρει περιεχόμενο κυρίως στο youtube), και πολλές ακόμα σε Ευρώπη και ΗΠΑ.

Για να το κάνω λίγο πιο σαφές αυτό, αν στο site σου παρέχεις links προς κομμάτια μουσικής που φιλοξενούνται αλλού (πχ. youtube) τα δικαστήρια έχουν πολλάκις αποφανθεί πως δεν φέρεις εσύ την νομική ευθύνη για το αν τα έργα αυτά είναι νομίμως αναρτημένα. Θα σεβαστεί η Επιτροπή όλα αυτά τα δεδικασμένα; Ας το τραβήξω όμως λίγο παραπάνω. Τι γίνεται με τους torrent trackers; Οι torrent trackers δεν φιλοξενούν έργα πνευματικής ιδιοκτησίας ή γενικώς αρχεία προς κατέβασμα. Περιέχουν αρχεία μεταδεδομένων (metadata) ώστε να μπορούν οι χρήστες να μοιραστούν αρχεία (πχ. μια ταινία) μεταξύ τους. Παρέχουν συνήθως ένα magnet link, δηλαδή μια παραπομπή ώστε οι χρήστες να διαμοιραστούν αρχεία. Πρακτικά είναι ακόμα πιο "αθώα" από μια παραπομπή στο site μου προς ένα έργο στο youtube. Θα σεβαστεί η Επιτροπή την ελευθερία ύπαρξης τέτοιων υπηρεσιών;

Ποιος ελέγχει την Επιτροπή σε περίπτωση που καταχραστεί την εξουσία της; Ο νόμος δίνει καταρχήν τη δυνατότητα στους παρόχους να αιτιολογήσουν πιθανή μη-συμμόρφωση. Αλλά κρίνοντας απ' το πως έχουν χειριστεί το θέμα με την ΕΕΕΠ, μάλλον δεν πρέπει να ελπίζουμε πως θα σκεφτούν το συμφέρον των πελατών τους. Ο νόμος επίσης δίνει τη δυνατότητα για δικαστική προσφυγή, αλλά εκ των υστέρων και χωρίς να αναστέλλεται η απόφαση στο ενδιάμεσο.

Τέλος υπάρχει και το τεχνικό κομμάτι. Οποιοσδήποτε χρήστης μπορεί να "παρακάμψει" τέτοιες απαγορεύσεις είτε αλλάζοντας τους DNS servers που χρησιμοποιεί από αυτούς του παρόχου του σε κάτι πιο δημοκρατικό. Ή εναλλακτικά να χρησιμοποιήσει Tor. Αλλά νομίζω πως έχει γίνει σαφές ως τώρα πως το πρόβλημα δεν είναι πρωτίστως τεχνικό.

Αμοιβή καλλιτεχνών

Στο ίδιο άρθρο στην παράγραφο 2β ο νόμος προβλέπει αμοιβή 2% απ' την αγορά ηλεκτρονικών υπολογιστών. Δεν θέλω να σταθώ τόσο στο γιατί είναι λάθος να χρεώνεις a priori όλους τους χρήστες ηλεκτρονικών υπολογιστών ανεξαρτήτως αν κάνουν χρήση έργων πνευματικής ιδιοκτησίας. Αυτό που θεωρώ πιο σημαντικό στη συγκεκριμένη περίπτωση είναι το γεγονός πως δεν υπάρχει απολύτως καμία διαφάνεια γύρω απ' τους οργανισμούς συλλογικής διαχείρισης ώστε να αποδίδεται δικαίως αυτή η αμοιβή. Ας πάρουμε το παράδειγμα της μουσικής και της ΑΕΠΙ. Τι γίνεται με τους μουσικούς που έχουν επιλέξει να διανέμουν τη μουσική τους με ελεύθερες άδειες και κατ' επέκταση δεν είναι μέλη της ΑΕΠΙ; Που είναι τα πλήρη οικονομικά στοιχεία της ΑΕΠΙ για να δούμε πώς κατανέμονται τα χρήματα που συλλέγει; Γιατί είναι κερδοσκοπικού χαρακτήρα απ' τη στιγμή που υπάρχει απλά για να εκπροσωπεί τους καλλιτέχνες; Απ' τη στιγμή που υπάρχει αυτή η έλλειψη διαφάνειας και οι οργανισμοί συλλογικής διαχείρισης λειτουργούν ως κερδοσκοπικές ιδιωτικές εταιρίες για ποιο λόγο το κράτος λειτουργεί ως εισπράκτορας για λογαριασμό τους;

Τι μπορείς να κάνεις

  • Ενημερώσου. Διάβασε το αναλυτικό post του kargig για να έχεις μια πιο σφαιρική εικόνα της λογοκρίσίας στο ελληνικό internet.

  • Τώρα ξέρεις. Ενημέρωσε όσους περισσότερους ανθρώπους μπορείς. Μην περιμένεις να αρχίσουν να κυνηγούν και χρήστες (δηλαδή να χτυπήσουν και τη δική σου πόρτα) για να αντιδράσεις.

  • Αν ο νόμος τελικώς ψηφιστεί, φρόντισε τουλάχιστον να αμυνθείς σε τεχνικό επίπεδο. Μάθε πως μπορείς να παρακάμψεις τη λογοκρισία ή/και να διατηρήσεις την ανωνυμία σου. Στο Hackerspace.gr κάνουμε συχνά συναντήσεις και workshops γύρω απ' αυτά τα θέματα. Αν κατά τύχη είσαι σε κάποιο εκπαιδευτικό οργανισμό ή βιβλιοθήκη θα χαρούμε να οργανώσουμε κι εκεί κάποιο workshop.

  • Αν όλα πάνε στραβά, χρειαζόμαστε δικηγόρους. Έστω κι αν καταφέρουμε να αντιμετωπίσουμε τη λογοκρισία εκ των υστέρων και να αντιστρέψουμε περιπτώσεις κατάχρησης εξουσίας εκ μέρους της Επιτροπής, θα είναι αρκετά σημαντικό

  • Γράψε την άποψη σου στη διαβούλευση. Αν και δεν είμαι υπέρμαχος δομών που συντηρούν την ψευδαίσθηση συμμετοχικής δημοκρατίας, ανοιχτής διακυβέρνησης, ή όπως αλλιώς λέγεται αυτή την περίοδο, είναι κρίμα σχεδόν όλα τα σχόλια στο συγκεκριμένο άρθρο να είναι από οργανισμούς συλλογικής διαχείρισης που ζητούν ακόμα μεγαλύτερη "αυστηρότητα".

Αντί επιλόγου

Αν και έχω χρησιμοποιήσει τον όρο "πνευματική ιδιοκτησία" αρκετές φορές στο post, αποφεύγω συνήθως να τον χρησιμοποιώ. Δεν αναγνωρίζω δικαιώματα ιδιοκτησίας στην πνευματικής δημιουργία. Ανέκαθεν θεωρούσα πως απ' τη στιγμή που ένας δημιουργός διαθέσει το έργο του δημόσια τότε αυτομάτως γίνεται και δημόσιο κτήμα (public domain που λένε και οι νομικοί). Αλλά παρόλα αυτά, αν αναγνωρίσουμε δικαιώματα ιδιοκτησίας, τότε θα πρέπει να το κάνουμε σε συνδυασμό με ό,τι ο όρος ιδιοκτησία συνεπάγεται. Μεταξύ αυτών είναι και η φορολόγηση αυτής της ιδιοκτησίας, ανεξαρτήτως αν αποφέρει έσοδα.


Comments and reactions on Diaspora or Twitter

BDFSM

Elena ``of Valhalla'' | 08:01, Monday, 18 January 2016

BDFSM

Enrico Zini http://www.enricozini.org/ coined the BDSM Free Software Manifesto http://www.enricozini.org/2013/debian/notes-from-that-other-lightning-talk-session2/ (formerly Definition, which however isn't as precise as a description and more importantly doesn't fit in a cool geeky acronym):

I refuse to be bound by software I cannot negotiate with.


This begged to be turned into a cross-stitch wall hanging. I couldn't refuse.

Immagine/fotohttp://social.gl-como.it/photos/valhalla/image/75f28c7ef6c17319f09b858b882bca49

More information and context for the phrase can be found in the notes for Enrico's talk http://www.enricozini.org/2015/debian/standup-comedy-notes/ at DebConf 2015: "Enrico's Semi Serious Stand-up Comedy". Note that while fully textual, the topics may be considered not really SFW, and some of the links definitely aren't. It also includes many insights into the nature of collaboration and Free Software Communities, so I'd recommend reading it (and watching the video recording of the talk) anyway.

I've finally also published the pattern http://www.trueelena.org/computers/projects/bdfsm.html on my website:

* The image I've used while embroidering http://www.trueelena.org/computers/projects/bdfsm/bdfsm-pattern.png
* kxstitch project http://www.trueelena.org/computers/projects/bdfsm/bdfsm.kxs (converted now that kxstitch is back into Debian)
* kxstitch generated PDF http://www.trueelena.org/computers/projects/bdfsm/bdfsm-pattern.pdf

Edit: fixed broken links to kxstitch resources.

Friday, 15 January 2016

OpenBSD on the Thinkpad X250

emergency exit | 16:17, Friday, 15 January 2016

Since posts like these often helped me setup some device, I thought I’d write one as well this time. Also it is advertising for a good free operating system.

TL;DR

Everything works almost perfectly, good hardware, good software! You should give it a try :)

Hardware

I have got a fairly high-end config:

  • Intel® Core™ i7-5600U
  • 16GB RAM
  • 1920×1080 Display, non-glare, non-touch
  • 512GB Samsung SSD
  • Intel LAN + WLAN
  • Pro-Dock

Installing OpenBSD

You need a current OpenBSD snapshot (or 5.9 once it is released).

  1. get the install58.fs from a server near you, dd it to a USB-Stick and boot from it
  2. follow the instructions on the screen to install 5.8
  3. get the bsd.rd from a current snapshot and place it in / (maybe backup the existing one)
  4. reboot into it (enter boot bsd.rd at the bootloader prompt)
  5. follow the intructions on the screen to update to the 5.9-snapshot
  6. after you have rebooted into 5.9, run sysmerge

Et voila, you are on a current branch of OpenBSD. You should have seen the virtual console resize after the update to the new version.

BIOS

The BIOS has some useful settings, you might want to make, e.g. switching
Fn and lCtrl buttons and switching the meaning of the F*-keys to be F*-keys by default and not “media keys”. Unfortunately deactivating the keypad from the BIOS does not work ( it can however be deactivated by software, see below).

Xorg and periphals

No xorg.conf nor any configuration like that is needed to bring up X since the new Intel driver takes care of everything. 3D acceleration works, however the direct rendering devices come with write access only given to root. It’s probably a security “feature”, but it prevents 3D for regular users so I created
/etc/rc.local (this is run on startup) with:

#!/bin/sh
/bin/chmod g+rw /dev/drm*

You should have setup the keyboard to your local layout during install, but if
you haven’t done so or want to deactivate dead keys you can edit /etc/kbdtype, e.g. to de.nodead. This affects both the console and Xorg. Inside Xorg the “media buttons” for display brightness and sound work automatically.

To deactivate the mouse touchpad and make scrolling working with the pointer in combination with the middle mouse button, I have added the following to my .xinitrc/.xsession:

# deactivate touchpad
synclient TouchpadOff=1

# activate scroll wheel button
xinput set-prop "/dev/wsmouse" "WS Pointer Wheel Emulation" 1
xinput set-prop "/dev/wsmouse" "WS Pointer Wheel Emulation Axes" 6 7 4 5
xinput set-prop "/dev/wsmouse" "WS Pointer Wheel Emulation Button" 2
xinput set-prop "/dev/wsmouse" "WS Pointer Wheel Emulation Timeout" 50
xinput set-prop "/dev/wsmouse" "WS Pointer Wheel Emulation Inertia" 3

# increase pointer speed
xinput set-prop "/dev/wsmouse" "Device Accel Constant Deceleration" 0.4

I have to note though that the Pointer Wheel Emulation does not work satisfactory, there is often some jitter and then scrolling stops working. Also the increased sensitivity produces very slight ghost movements of the mouse (very small, but noticable movements of the mouse in the bottom left direction). I still need to debug this, maybe its also a hardware issue.

The dock seems to work (charging and on/off), although I have not yet tested hooking up external input devices or screens.

Networking

Both lan and wlan devices come with working drivers and the firmware for the wifi card is automatically downloaded upon install. It should be noted that OpenBSD does not have a service for managing networks and that it implements WPA[2] PSK inside its regular networking infrastructure (it doesn’t need wpa_supplicant). For enterprise WPA (like eduroam) however, wpa_supplicant is needed.

I have fiddled around with some solutions and ended up adapting a script. The original is wifinwid, but I changed it so that it restarts wpa_supplicant before trying every network and also only starts dhclient after it has attached to a network. This solution requires a file at /usr/local/etc/nwids.iwm0 with your saved networks in preferred order (every line is the arguments line for the ifconfig call), e.g.:

nwid MYSSID -wpa wpa wpaakms psk wpakey SECRETYO up
nwid eduroam -wpa wpa wpaakms 802.1x up

For the “enterprise” WPA networks like eduroam you have to additionally edit /etc/wpa_supplicant.conf (but not for other WPA networks!). The exact values are the same as for other operating systems, see e.g. this site. You do however need to add a wpa_supplicant_flags=-c /etc/wpa_supplicant.conf -D openbsd -i iwm0 line /etc/rc.conf.local.

Ultimately you have make the script be started on boottime and also initially make it not connect to some random unencrypted network via /etc/hostname.iwm0:

nwid NONEXISTANT
rtsol
!/usr/local/sbin/wifinwid \$if &

Now you have the behaviour that it only ever connects to known networks and that you can roam between different known networks, encrypted or unencrypted, PSK or with personal authentication.

Powermanagement

You need to activate the APM-daemon in your rc.conf.local:

apmd_flags="-A"
apmd_enable="YES"

This enables speed-stepping and also suspend and resume. I have tested the zzz command (suspend to RAM), but not yet ZZZ (suspend to disk). There seem to be no problems at all with X and the wifi also automatically reconnects if setup like above.

Brightness control works through keyboard shortcuts and the battery time seems to be good, although I haven’t done long-term tests, yet. With the large battery official number is “up to 20 hours”, if I get 12 hours that would be enough for me. A nice thing is that the notebook has an internal battery so you can change the external one without rebooting. The estimation of the remaining time via apm or sysctl seems to be accurate and my windows manager i3′s infobar supports these sensors automatically.

Summary

Altogether I am very happy about the hardware support, with the only annoyance being the mouse (which is not crucial, because I work more via keyboard anyway). Thanks to all the involved developers! I will probably update this post in the near future, once I have more things tested!

Thursday, 14 January 2016

The Best of 2015

Seravo | 09:31, Thursday, 14 January 2016

 

Another new year has started, and we think it is time to look a bit back and review what became the most popular content in Seravo Blog in 2015.

Alltogether, in 2015, Seravo’s web page gained 233 681 visits and 196 401 users – these are pretty cool numbers for a modest sized company that we still are. Actually, there were more visits to seravo.fi during the year than there are people living in our hometown Tampere (being the third largest city in Finland with 225 269 inhabitants).

For these great statistics we can blame this blog, which has attracted the vast majority of our online visitors. So let’s see what were the most popular blog posts last year – and which ones remain as the all-time favourites still today.

The five most popular blog posts in Seravo.fi in 2015

1. 10 reasons to migrate to MariaDB (if still using MySQL)

The most popular post last year – and actually the first article written in 2015 – was the one praising MariaDB and providing a list of reasons to start using it as your database. The article also created lively discussion in the comment section!

2. Ubuntu Phone and Unity vs Jolla and SailfishOS

In August we compared two Linux-based mobile operating systems that stand as competitors to Android. As a conclusion we claimed that  “Jolla and SailfishOS would be the technically and usabilitywise superior alternative, but then again Ubuntu could be able to leverage on it’s position as the most popular Linux distribution in desktops and servers”. All in all, we hoped for new innovations fueling from these (at least for now minor) competitors.

3. Ubuntu Phone review by a non-geek

The new Ubuntu Phone was clearly in the center of the open source community’s attention in the summer of 2015. A not-that-technical review on the phone became the year’s third most visited blog post. After that the phone has been tested and tried by Seravo geeks too – and has not gained too admirable evaluations…

4. Continuous integration testing for WordPress plugins on Github using Travis CI

If that wasn’t technical enough for you, maybe the article on testing WordPress plugins will do? And if you found youself puzzled after reading it, do not hesitate to contact us. Seravo can help you using PHPUnit, Rspec and Travis in your projects, please feel free to ask us about our WordPress testing via email at wordpress@seravo.fi .

PS. If you identify yourself as a Finn (or for some other odd reason happen to be familiar with Finnish), check out our blog on WP-palvelu.fi that focuses on all things happening within and around WordPress.

5. Fixing black screen after login in Ubuntu 14.04

The fifth most read article in 2015 was our guide to fixing a Ubuntu login problem that raised from some of our customers. Instead of charging for one hour of work for fixing the problem, we provided the instructions for everyone to do it on their own.

 

The all-time favourites

Even though they say that infomation ages faster than ever, it seems that even ancient articles in the Seravo blog are still valid and popular today. The post on how to turn any computer into a wireless access point with Hostapd from August 2014 is actually still the most popular of all seravo.fi pages with over 67 000 page visits. The more recent post on why to migrate to MariaDB has taken the second place with nerly 57 000 visits.

Next in the all-time top five favourites come the following articles:

Free Your Android phone (and upgrade to the latest Android version)!

Optimizing web server performance with Nginx and PHP

Virtualized bridged networking with MacVTap

 

In fact, our front page seravo.fi with approximately ten thousand visits per year only comes as sixth on the list of our most popular pages. This proves us that a blog is a great way to attract attention and to participate in the on-going technological discussion.

Although located in the northern corner of the world, in this distant land of snow and software, Seravo has with its online presence drawn visitors from all over the world: United States, India, Germany and United Kingdom form the top four and our dear own Finland takes the fifth place on this list.

 

At this point we would like to thank all of our visitors, readers and especially those who have commented on the blog posts! We will keep on posting new topics in 2016 as well, and the comment section is always open for new thoughts and constructive criticism. We are also more than happy to receive ideas for future blog posts from any of you.

Happy new year!

Conservancy supporter, at last!

Elena ``of Valhalla'' | 08:58, Thursday, 14 January 2016

Conservancy supporter, at last!

Yesterday I've finally donated to become a Conservancy Supporter http://sfconservancy.org/supporter/.

The reasons to donate have already been explained many times both on Planet Debian http://planet.debian.org/ and elsewhere; a few weeks ago I wrote a post (in Italian) on the Ninux community blog https://blog.ninux.org/2015/12/03/causa-vmware-per-violazione-gpl-sponsor-ritirano-fondi-a-software-freedom-conservancy/ to spread the word about it.

So, why I haven't donated earlier?

Trying to donate via PayPal from Italy (and, it seems, from Europe in general) requires a PayPal account, which I don't have and don't want to have, so I contacted them to ask for bank transfer instructions.
The first instructions I received were too complex for my online-only bank account, so I asked my bank for help, there was an exchange of emails, further simpler instructions from their bank, a small donation to test everything and time passed.

Finally, the good news: it is possible to donate to Conservancy from Italy (and probably from elsewhere in EU) using a SEPA transfer with minimal commissions and usually available from the home banking websites, so that it doesn't require significantly more effort than using paypal.
You can contact Conservancy via e-mail mailto:accounting@sfconservancy.org to get the relevant payment data.

(Conservancy has an account in EUR which is then used to pay for expenses in EUR, so no currency conversion commission are involved.)

Tuesday, 12 January 2016

Testing Times for Free Software and Open Hardware

Paul Boddie's Free Software-related blog » English | 00:26, Tuesday, 12 January 2016

The last few months haven’t been too kind on Free Software and open hardware initiatives in a number of ways. Here, in a shorter form than one might usually expect from me, are some problematic developments on topics that I may have covered in the past year.

Software Freedom Undervalued

About a couple of months ago, the Software Freedom Conservancy started a fund-raising campaign after it became apparent that companies could not be relied upon to support the organisation’s activities. Since the start of the campaign, many individuals have stepped up and pledged financial support of their own, which is very generous of them, as is the support of enlightened organisations that have offered to match individual contributions.

Sadly, such generosity seems not to be shared by many of the largest companies making money from Free Software and from Linux in particular, and thus from the non-financial contributions that make projects like Linux viable in the first place, with many of those even coming from those same generous individuals who have supported the Conservancy financially. And let us consider for a moment why one prominent umbrella organisation’s members might not want to enforce the GPL, especially given that some of them have been successfully prosecuted for violating that licence, in relation to various Free Software projects, in the past.

The Proprietary Instincts of the BBC

The BBC Micro Bit was a topic covered in the last year, when I indicated a degree of caution about the mistakes of the past being repeated needlessly. And indeed, for some time, everything was being done behind the curtain of a non-disclosure agreement (NDA), meaning that very little information was being made available about the device and accompanying materials, and thus very little could be done by the average member of the public to prepare for the availability of the device, let alone develop their own materials, software, accessories or anything else for it.

Since then, a degree of secrecy has been eliminated, and efforts have been made to get the embedded variant of Python known as Micropython working on the board. However, certain parts of that work still appear to be encumbered by NDA, arguably making the effort of developing Python-related materials something of a social networking exercise. Meanwhile, notorious industry monopolist, Microsoft, somehow managed to muscle in on the initiative and take control of the principally-supported method of developing software with the device. I guess people at the BBC and their friends in politics and business don’t always learn from the mistakes of the past, particularly as they spend other people’s money.

The Walled Garden Party’s Hangover for Free Software Development

Just over twelve months ago, I made some observations about the Python core development group’s attraction to GitHub. It seems that the infatuation with the enthusiastic masses and their inevitable unleashing on Python assets, with the expectation of stimulating an exponential upturn in development activity, will now be gratified through a migration of various Python infrastructure components to the proprietary and centralised service that GitHub offers. (I have my doubts as to whether CPython contribution barriers are really the cause of Python’s current malaise, despite the usual clamour for Git and the associated “network effects” amongst a community of self-proclaimed version control wizards whose powers somehow don’t extend to mastering simple workflows with other tools.)

Anatoly Techtonik makes some interesting points, which will presumably go unheard because those involved have all decided not to listen to him any more. One of the more disturbing ones is that the “comparison shopping” mentality, where Free Software developers abandon their colleagues writing various tools and systems in favour of random corporations offering proprietary stuff at no cost, may well result in the Free Software solutions in such areas becoming seen as uncompetitive and unattractive. What those making such foolish decisions fail to realise is that their own projects can easily get the same treatment, if nobody bothers to see beyond the end of their own nose.

The result of all this is less funding and fewer resources for Free Software projects, with potentially fewer contributions, too, as the attraction of supporting “losing” solutions starts to fade. Community-oriented Free Software is arguably grossly underfunded as it is: we don’t really need other Free Software developers abandoning or undermining their colleagues while ridiculing those colleagues’ “ideological purity“. And, of course, volunteer effort will undoubtedly be burned up in the needless migration to the proprietary solution, setting everyone up for another costly transition down the road, which experience indicates is always more work than anyone anticipated (if they even bothered to think ahead at all).

PayPal: Doesn’t Pay, Not Your Pal

It has been a long time since I wrote about the Neo900 project. Things were looking promising: necessary components had been secured, and everyone was just waiting for Nikolaus to finish his work with the Pyra handheld console. And then we learned that PayPal had decided to hold a significant amount of money as a form of “security”, thus cutting off a vital source of funds for actually doing the work. Apparently, PayPal have a habit of doing this kind of thing, on one reported occasion even taking the opportunity to then offer loans to those people they deliberately put in such a difficult position.

If you supported the Neo900 project and pledged funds via PayPal, you need to tell PayPal to actually pay the project. You know: like the verb in their company name. Otherwise, in the worst case, you may not only not get a Neo900 and not see it developed to completion, but you will also have loaned your money to a large corporation for a substantial period and earned no interest on that involuntary loan, perhaps even incurring fees for the privilege. (So, please see the “How to fix it” section of the relevant article.)

Maybe in 2016, people will become a lot clearer about who their real friends are. Let us hope so!

Monday, 11 January 2016

monopati, a minimalistic static content generator

nikos.roussos - opensource | 08:01, Monday, 11 January 2016

I have tried many static content generators in the past. My site/blog is rendered to static since a couple of years ago. So this post is about writing yet another static content generator.

I have two major requirements. Simplicity and no extra features. All I want is a simple blog and some static pages. So Markdown and Jinja should be enough. No fancy features needed. I also wanted this to be so simple that even non-tech people would use it with minimum effort. One of the things that bothers me with most generators is that they render the whole website in another folder, so it's hard to have one repository with both your posts markdown code and the rendered output so you can easily host it (eg. on Github pages).

So I scratched my itch and monopati, a minimalistic static content generator, was born. As of today my website is rendered using my own static content generator (with all content on version control). I promise to write a post with concrete easy steps on how to deploy your own website/blog using monopati and without paying for any hosting service.

Feedback and code patches are always welcomed.


Comments and reactions on Diaspora or Twitter

FOSDEM RTC Dev-room schedule published

DanielPocock.com - fsfe | 06:09, Monday, 11 January 2016

If you want to help make Free Real-time Communication (RTC) with free, open source software surpass proprietary solutions this year, a great place to start is the FOSDEM RTC dev-room.

On Friday we published the list of 17 talks accepted in the dev-room (times are still provisional until the FOSDEM schedule is printed). They include a range of topics, including SIP, XMPP, WebRTC and peer-to-peer Real-time communication.

RTC will be very prominent at FOSDEM this year with several talks on this topic, including my own, in the main track.

Saturday, 09 January 2016

Comments about people with mental illness

DanielPocock.com - fsfe | 17:00, Saturday, 09 January 2016

A quote:

As the Buddha said 2500 years ago... we're all out of our fucking minds. (Albert Ellis)

There have been a few occasions over the last year where people suffering mental illnesses have been the subject of much discussion.

In March 2015 there was the tragic loss of Germanwings flight 9525. It was discovered that the co-pilot, Andreas Lubitz, had been receiving treatment for mental illness. Under strict privacy laws, nobody at his employer, the airline, had received any information about the diagnosis or treatment.

During the summer, the private mailing list for a large online community discussed the mental illness of a contributor to a project. Various people expressed opinions that appeared to be generalizations about all those with mental illness. Some people hinted the illness was a lie to avoid work while others speculated about options for treatment. Nobody involved mentioned having any medical expertise.

It is ironic that on the one hand, we have the dramatic example of an aircraft crashing at the hands of somebody who is declared unfit to work but working anyway and on the other hand when somebody else couldn't do something, the diagnosis is being disputed by people who find it inconvenient or don't understand it.

More recently, there has been openly public discussion about whether another developer may have had mental illness. Once again, there doesn't appear to be any evidence from people with any medical expertise or documentation whatsoever. Some of the comments appear to be in the context of a grudge or justifying some other opinion.

What's worse, some comments appear to suggest that mental illness can be blamed for anything else that goes wrong in somebody's life. If somebody is shot and bleeds to death, do you say low blood pressure killed him or do you just say he was shot? Likewise, if somebody is subject to some kind of bullying and abused, does this have no interaction with mental illness? In fact, Google reveals an enormous number of papers from experts in this field suggesting that mental illness can arise or be exacerbated by bad experiences. Although it may not have been clear at that point in time, when we look back at Alan Turing's death today, suicide was not a valid verdict and persecution was a factor.

Statistics tell us that 1 in 4 people experience a mental health problem in the UK each year. In the USA it is 26% of the adult population, each year. These may be long term conditions or they may be short term conditions. They may arise spontaneously or they may be arising from some kind of trauma, abuse or harassment in the home, workplace or some other context.

For large online communities, these statistics imply it is inevitable that some participants will be suffering from mental illness and others will have spouses, parents or children suffering from such conditions. These people will be acutely aware of the comments being made publicly about other people in the community. Social interaction also relates to the experience of mental illness, people who are supported by their community and society are more likely to recover while those who feel they are not understood or discriminated against may feel more isolated, compounding their condition.

As a developer, I wouldn't really like the idea of doctors meddling with my code, so why is it that some people in the IT and business community are so happy to meddle around in the domain of doctors, giving such strong opinions about something they have no expertise in?

Despite the tragic loss of life in Germanwings 9525, observing some of these other discussions that have taken place reminds me why Germany and some other countries do have such strict privacy laws for people who seek medical treatment.

(You can Follow or Tweet about this blog on Twitter)

Friday, 08 January 2016

About Cartes – the OSM app inside FirefoxOS marketplace

English Planet – Dreierlei | 00:40, Friday, 08 January 2016

cartes

After my first steps with Firefox OS, this time I looked out for a navigation app because proper navigation is to me among the most important services of a mobile phone. I navigated through Mozillas marketplace and so far there are Cartes, Bing Maps, traffc, Maps Online, Find Me Google, Compass +, zMaps and Easy Taxi. Unfortunately, you do not see which one are Free Software and which not. But, after reading the info-pages inside the market place, I found Cartes to be the only navigation app in the market place so far, that is Free Software. So I gave this one a try.

First, I love a lot that it comes with a very easy-to-use interface that is composed of simply one line where you can enter for example an address that you are looking for. Or two lines in case you look for a route. Basically like openstreetmap.org itself. This interface is so much easier to use than the one from my beloved Osmand, which has a much more complex and unintuitive interface. Actually, every time I look for an address in Osmand, I wish there would be something like an easy “one line interface” to find the address I am looking for …
However, I think the difference in search usability derives from one of the most important features that Osmand offers and Cartes not, at least not yet: Offline maps and navigation. Offline maps are much more powerful than online searches, they are faster and work without any dependency on your internet connection. Which is especially important when you are travelling and like to have a full navigation system without roaming charges – anywhere in the world. Also I have to admit that Osmand~ offers multiple times more features and functionality than Cartes, for example OpenStreetMap editing on your device.

But hey, Cartes is a good start and I would love to see further development to give Firefox OS users easy-to-use freedom to OpenStreetMap for their navigation instead of being tied to proprietary services. And, as I can see from updates, there is already a “First attempt at offline use, now viewed tiles are cached an can be reused offline”. Thanks, Maël Lavault, keep the good work going.
BTW: Interesting to see, that Cartes can display satellite images? Where does it take it from? Bing?

Thursday, 07 January 2016

Do you own your phone or does it own you?

DanielPocock.com - fsfe | 15:05, Thursday, 07 January 2016

Have you started thinking about new year's resolutions for 2016? Back to the gym or giving up sugary drinks?

Many new year's resolutions have a health theme. Unless you have a heroin addiction, there may not be anything else in your life that is more addictive and has potentially more impact on your health and quality of life than your mobile phone. Almost every week there is some new report about the negative impact of phone use on rest or leisure time. Children are particularly at risk and evidence strongly suggests their grades at school are tanking as a consequence.

Can you imagine your life changing for the better if you switched off your mobile phone or left it at home for one day per week in 2016? If you have children, can you think of anything more powerful than the example you set yourself to help them stay in control of their phones? Children have a remarkable ability to emulate the bad habits they observe in their parents.

Are you in control?

Turning it off is a powerful act of showing who is in charge. If you feel you can't live without it, then you are putting your life in the hands of the people who expect an immediate answer of their calls, your phone company and the Silicon Valley executives who make all those apps you can't stop using.

As security expert Jacob Appelbaum puts it, cell phones are tracking devices that also happen to make phone calls. Isn't that a chilling thought to reflect on the next time you give one as Christmas gift?

For your health, your children and your bank balance

Not so long ago we were having lunch in a pizza restaurant in Luzern, a picturesque lakeside town at the base of the Swiss Alps. Luzern is a popular first stop for tourists from all around the world.

A Korean family came along and sat at the table next to us. After ordering their food, they all immediately took out their mobile devices and sat there in complete silence, the mother and father, a girl of eight and a boy of five, oblivious to the world around them and even each other, tapping and swiping for the next ten minutes until their food arrived.

We wanted to say hello to them, I joked that I should beep first, initiating communication with the sound of a text message notification.

Is this how all holidays will be in future? Is it how all families will spend time together? Can you imagine your grandchildren and their children sharing a meal like this in the year 2050 or beyond?

Which gadgets does Bond bring to Switzerland?

On Her Majesty's Secret Service is one of the more memorable Bond movies for its spectacular setting in the Swiss Alps, the location now transformed into a mountain-top revolving restaurant visited by thousands of tourists every day with a comfortable cable car service and hiking trails with breathtaking views that never become boring.

Can you imagine Bond leaving behind his gun and his skis and visiting Switzerland with a smartphone instead? Eating a pizza with one hand while using the fingertips of the other to operate an app for making drone strikes on villains, swiping through Tinder for a new girl to replace the one who died (from boredom) in his previous "adventure" and letting his gelati melt while engrossed in a downhill ski or motorcycle game in all the glory of a 5.7" 24-bit colour display?

Of course its absurd. Would you want to live like that yourself? We see more and more of it in people who are supposedly in Switzerland on the trip of a lifetime. Would you tolerate it in a movie? The mobile phone industry has paid big money to have their technology appear on the silver screen but audience feedback shows people are frustrated with movies that plaster the contents of text messages across the screen every few minutes; hopefully Bond movies will continue to plaster bullets and blood across the screen instead.

Time for freedom

How would you live for a day or a weekend or an entire holiday without your mobile phone? There are many small frustrations you may experience but the biggest one and the indirect cause of many other problems you will experience may be the inability to tell the time.

Many people today have stopped wearing a watch, relying instead upon their mobile phone to tell the time.

Without either a phone or a watch, frustration is not far away.

If you feel apprehension just at the thought of leaving your phone at home, the lack of a watch may be a subconcious factor behind your hesitation.

Trying is better than reading

Many articles and blogs give opinions about how to buy a watch, how much to spend and what you can wear it with. Don't spend a lot of time reading any of it, if you don't know where to start, simply go down to the local high street or mall and try them. Start with the most glamorous and expensive models from Swiss manufacturers, as these are what everything else is compared to and then perhaps proceed to look more widely. While Swiss brands tend to sell through the stores, vendors on Amazon and eBay now distribute a range of watches from manufacturers in Japan, China and other locations, such as Orient and Invicta, at a fraction of the price of those in the stores. You still need to try a few first to identify your preferred style and case size though. Google can also turn up many options for different budgets.



Copying or competition? Similarity of Invicta (from Amazon) and Rolex Submariner

You may not know whether you want a watch that is manually wound, automatically wound or battery operated. Buying a low-cost automatic model online could be a good way to familiarize yourself before buying anything serious. Mechanical watches have a smoother and more elegant second-hand movement and will survive the next Carrington event but may come to grief around magnets - a brief encounter with a low-cost de-gausser fixes that.

Is it smart to buy a smart watch?

If you genuinely want to have the feeling of complete freedom and control over technology, you may want to think twice about buying a smart watch. While it may be interesting to own and experiment with it some of the time, being free from your phone means being free from other electronic technology too. If you do go for a smart watch (and there are many valid reasons for trying one some of the time), maybe make it a second (or third) watch.

Smart watches are likely to be controversial for some time to come due to their impact in schools (where mobile phones are usually banned) and various privacy factors.

Help those around you achieve phone freedom in 2016

There will be further blogs on this theme during 2016, each looking at the pressures people face when with or without the mobile phone.

As a developer of communications technology myself, you may be surprised to see me encouraging people not to use it every waking minute. Working on this technology makes me more conscious of its impact on those around me and society in general.

A powerful factor to consider when talking about any communications technology is the presence of peer pressure and the behavior of those around you. Going phone-free may involve helping them to consider taking control too. Helping them out with a new watch as a gift (be careful to seek advice on the style that they are likely to prefer or ensure the purchase can be exchanged) may be an interesting way to help them engage with the idea and every time they look at the time, they may also be reminded of your concern for their freedom.

Wednesday, 06 January 2016

Want to use free software to communicate with your family in Christmas 2016?

DanielPocock.com - fsfe | 12:25, Wednesday, 06 January 2016

Was there a friend or family member who you could only communicate with using a proprietary, privacy-eroding solution like Skype or Facebook this Christmas?

Would you like to be only using completely free and open solutions to communicate with those people next Christmas?

Developers

Even if you are not developing communications software, could the software you maintain make it easier for people to use "sip:" and "xmpp:" links to launch other applications? Would this approach make your own software more convenient at the same time? If your software already processes email addresses or telephone numbers in any way, you could do this.

If you are a web developer, could you make WebRTC part of your product? If you already have some kind of messaging or chat facility in your website, WebRTC is the next logical step.

If you are involved with the Debian or Fedora projects, please give rtc.debian.org and FedRTC.org a go and share your feedback.

If you are involved with other free software communities, please come to the Free-RTC mailing list and ask how you can run something similar.

Everybody can help

Do you know any students who could work on RTC under Google Summer of Code, Outreachy or any other student projects? We are particularly keen on students with previous experience of Git and at least one of Java, C++ or Python. If you have contacts in any universities who can refer talented students, that can also help a lot. Please encourage them to contact me directly.

In your workplace or any other organization where you participate, ask your system administrator or developers if they are planning to support SIP, XMPP and WebRTC. Refer them to the RTC Quick Start Guide. If your company web site is built with the Drupal CMS, refer them to the DruCall module, it can be installed by most webmasters without any coding.

If you are using Debian or Ubuntu in your personal computer or office and trying to get best results with the RTC and VoIP packages on those platforms, please feel free to join the new debian-rtc mailing list to discuss your experiences and get advice on which packages to use.

Everybody is welcome to ask questions and share their experiences on the Free-RTC mailing list.

Please also come and talk to us at FOSDEM 2016, where RTC is in the main track again. FOSDEM is on 30-31 January 2016 in Brussels, attendance is free and no registration is necessary.

This mission can be achieved with lots of people making small contributions along the way.

Put Freedom into Firefox OS marketplace

English Planet – Dreierlei | 11:45, Wednesday, 06 January 2016

<figure class="wp-caption alignright" id="attachment_1169" style="width: 150px">Firefox OS Marketplace logo<figcaption class="wp-caption-text">Firefox OS Marketplace logo</figcaption></figure>My main interest towards Firefox OS derives from the fact that it is Free Software and that it is by Mozilla, an organisation that knows about the importance of free software and that fights for an “open web”. They also don’t hide that Mozilla heavily relies on Free Software technologies.

Given this background and the market share of Mozilla software – this leads me to the idea that Mozilla can play a crucial role in spreading software freedom into the mobile world and the world of connected devices. Even more as Mozilla publicly announced that they like to use Firefox OS as a Pivot to Connected Devices to

explore and prototype new use cases in the world of connected devices as an open source project with a clear focus on the user benefit and experience.

I like to argue, that a clear benefit to the user experience would be to easily find and use Free Software inside Firefox OS and therewith support Mozilla’s idea of “Open Web”. With the upcoming “internet of things”, it will be crucial that the people are in control of the technology and the devices that surrounds them. And as one simple but effective step towards that vision, I propose that Mozilla has a clearer information policy inside the Firefox OS market place. Please, add some information or label to make finding Free Software an easy thing. Make the use and the promotion of Free Software a concept inside Firefox OS, it’s market and add-ons. This would be a true benefit for the user.

About a Free Software information policy in Mozillas market place

<figure class="wp-caption alignright" id="attachment_1239" style="width: 212px">is not enough<figcaption class="wp-caption-text">is not enough</figcaption></figure>In the current state of Mozillas marketplace, the only information you can see is an “Install for free” label for apps inside the marketplace. I expect that “Install for free” shall mean that you do not have to pay for the software and that an alternative label will come up to show a price (have not seen other information label so far). If so, however, this information is too simple as it is only about price. And Free Software is not about price. It is about having control, independence from vendor lock-ins and computing in freedom. Aspects that are priceless.

Given that Mozilla assigns the market entry of Firefox OS to offer an open source operating system for mobile devices – the less I can understand that they put no emphasis on this in their market place. There is no information included, if an app is Free Software or not. Well, developers can add this information inside the free text in the “detailed” view of an app – but no chance for users to see it at a glance.

I will demonstrate this for the “maps & navigation apps” category in the marketplace, because navigation apps are to me one of the most useful technologies of a mobile device.
Now, if I look into the marketplace of Firefox OS, I have the choice between:

<figure class="wp-caption alignright" id="attachment_1161" style="width: 150px">Firefox OS marketplace - Maps & Navigation Apps 2016-01-01<figcaption class="wp-caption-text">Screenshot of Firefox OS marketplace – Maps & Navigation Apps on 2016-01-01</figcaption></figure>Cartes
Bing Maps
traffc
Maps Online
Find Me Google
Compass +
zMaps
Easy Taxi

but I have no chance to see at a glance which of these apps are Free Software and which not. All appear to be the same in their service model, telling “Install for free”. But in fact, they are not the same.
Cartes, based on OpenStreetMap, is the only Free Software app – all others are proprietary and therewith in principle a threat to Mozillas “Open Web”. So why the hack not highlighting the fact that Cartes is Free Software / Open Source?

<figure class="wp-caption alignright" id="attachment_1240" style="width: 212px">example<figcaption class="wp-caption-text">(exemplary)</figcaption></figure>It could be so simple: Just adding a label or a symbol to mark Free Software would help users and developers so much to choose the road to freedom – in a simple way.

Doing so would help triple: Users could easily see where to go to exercise freedom, developers see where they can contribute or adapt and those who do not yet know or care about software freedom get an incentive to look what such a label refers too.

tl;dr

With Firefox OS, Mozilla has a good chance to spread freedom into the mobile world. A clear benefit to the user experience would be to easily find and use Free Software and therewith support Mozilla’s idea of “Open Web”.

Planet Fellowship (en): RSS 2.0 | Atom | FOAF |

  /127.0.0.?  /var/log/fsfe/flx » planet-en  Albrechts Blog  Alessandro at FSFE » English  Alessandro's blog  Alina Mierlus - Building the Freedom » English  André on Free Software » English  Being Fellow #952 of FSFE » English  Bela's Internship Blog  Bernhard's Blog  Bits from the Basement  Blog of Martin Husovec  Blog » English  Bobulate  Brian Gough's Notes  Carlo Piana :: Law is Freedom ::  Ciarán's free software notes  Colors of Noise - Entries tagged planetfsfe  Communicating freely  Computer Floss  Daniel Martí's blog  DanielPocock.com - fsfe  Don't Panic » English Planet  ENOWITTYNAME  Elena ``of Valhalla''  English Planet – Dreierlei  English – Björn Schießle's Weblog  English – Max's weblog  Escape to freedom  FLOSS – Creative Destruction & Me  FSFE Fellowship Vienna » English  FSFE interviews its Fellows  Fellowship News  Florian Snows Blog » en  Frederik Gladhorn (fregl) » FSFE  Free Software & Digital Rights Noosphere  Free Software with a Female touch  Free Software –  Free Software – hesa's Weblog  Free as LIBRE  Free speech is better than free beer » English  Free, Easy and Others  From Out There  GLOG » Free Software  Graeme's notes » Page not found  Green Eggs and Ham  Handhelds, Linux and Heroes  Heiki "Repentinus" Ojasild » English  HennR's FSFE blog  Henri Bergius  Hook’s Humble Homepage  Hugo - FSFE planet  I LOVE IT HERE » English  Inductive Bias  Jelle Hermsen » English  Jens Lechtenbörger » English  Karsten on Free Software  Losca  Marcus's Blog  Mario Fux  Mark P. Lindhout’s Flamepit  Martin's notes - English  Matej's blog » FSFE  Myriam's blog  Mäh?  Nice blog  Nico Rikken » fsfe  Nicolas Jean's FSFE blog » English  PB's blog » en  Paul Boddie's Free Software-related blog » English  Pressreview  Rekado  Riccardo (ruphy) Iaconelli - blog  Saint's Log  Seravo  Technology – Intuitionistically Uncertain  The Girl Who Wasn't There » English  The trunk  Thib's Fellowship Blog » fsfe  Think. Innovation. » Blog  Thinking out loud » English  Thomas Koch - free software  Thomas Løcke Being Incoherent  Told to blog - Entries tagged fsfe  Tonnerre Lombard  Torsten's FSFE blog » english  Viktor's notes » English  Vitaly Repin. Software engineer's blog  Weblog  Weblog  Weblog  Weblog  Weblog  Weblog  Weblog  Werner's own blurbs  With/in the FSFE » English  a fellowship ahead  agger's Free Software blog  anna.morris's blog  ayers's blog  bb's blog  blog  drdanzs blog » freesoftware  emergency exit  free software blog  freedom bits  gollo's blog » English  irl:/dev/blog » fsfe-planet  julia.e.klein's blog  marc0s on Free Software  mina86.com  mkesper's blog » English  nikos.roussos - opensource  pichel's blog  rieper|blog » en  softmetz' anglophone Free Software blog  stargrave's blog  the_unconventional's blog » English  things i made  tobias_platen's blog  tolld's blog  wkossen's blog  yahuxo's blog