Planet Russell


Planet DebianPau Garcia i Quiles: Reminder: Desktops DevRoom @ FOSDEM 2015

We are less than 10 days away from the deadline for the Desktops DevRoom at FOSDEM 2015, the largest Free and Open Source event in Europe.

Do you think you can fill a room with 200+ people out of 6,000+ geeks? Prove it!

Check the Call for Talks for details on how to submit your talk proposal about anything related to the desktop:

  • Development
  • Deployment
  • Community
  • SCM
  • Software distribution / package managers
  • Why a particular default desktop on a prominent Linux distribution ;-)
  • etc


Planet Linux News: Speaker Feature: Jeremy Kerr, Paul McKenney, Michael Kerrisk

Jeremy Kerr


OpenPOWER: Building an open-source software stack from bare metal

2:15pm Thursday 15th January 2015

Jeremy Kerr is a Power platform architect at IBM's Linux Technology Center. His background is in Linux development (specialising in Linux bringup on new hardware), and operating systems research.

Jeremy has been hacking on open source software development for over 14 years. As well as the kernel, Jeremy has contributed to a range of other open source projects, including petitboot (a Linux-based bootloader), K42 (a research operating system), patchwork (a web-based patch-tracking system) and nfsim (the netfilter simulation environment).

For more information on Jeremy and his presentation, see here. You can follow him as @jeremymeep and don’t forget to mention #lca2015.

Paul McKenney


Bare-Metal Multicore Performance in a General-Purpose Operating System (Adventures in Ubiquity)

3:40pm Thursday 15th January 2015

Paul E. McKenney has been coding for more than four decades, more than half of that on parallel hardware, where his work has earned him a reputation among some as a flaming heretic. Over the past decade, Paul has been an IBM Distinguished Engineer at the IBM Linux Technology Center.

Paul maintains the RCU implementation within the Linux kernel, where the variety of workloads present highly entertaining performance, scalability, real-time response, and energy-efficiency challenges. Prior to that, he worked on the DYNIX/ptx kernel at Sequent, and prior to that on packet-radio and Internet protocols (but long before it was polite to mention Internet at cocktail parties), system administration, business applications, and real-time systems. His hobbies include what passes for running at his age (AKA "hiking") along with the usual house-wife-and-kids habit.

For more information on Paul and his presentation, see here.

Michael Kerrisk

Michael Kerrisk

An introduction to Linux namespaces

10:40am Thursday 15th January 2015

Michael Kerrisk is the author of the acclaimed book, "The Linux Programming Interface", a guide and reference for system programming on Linux and UNIX. He contributes to the Linux kernel primarily via documentation, review, and testing of new kernel-user-space interfaces. In Auckland, he will be celebrating having recently passed 10 years as the maintainer of the Linux man-pages project.

Michael is New Zealander, working as a trainer and consultant in Munich, Germany.

For more information on Micheal and his presentation, see here.

Krebs on SecuritySkimmer Innovation: ‘Wiretapping’ ATMs

Banks in Europe are warning about the emergence of a rare, virtually invisible form of ATM skimmer involving a so-called “wiretapping” device that is inserted through a tiny hole cut in the cash machine’s front. The hole is covered up by a fake decal, and the thieves then use custom-made equipment to attach the device to ATM’s internal card reader.

According to the European ATM Security Team (EAST), a nonprofit that represents banks in 29 countries, financial institutions in two countries recently reported ATM attacks in which the card data was compromised internally by “wire-tapping” or “eavesdropping” on the customer transaction. The image below shows some criminal equipment used to perpetrate these eavesdropping attacks.

Equipment used by crooks to conduct "eavesdropping" or "wiretapping" attacks on ATMs.

Equipment used by crooks to conduct “eavesdropping” or “wiretapping” attacks on ATMs. Source: EAST.

“The criminals cut a hole in the fascia around the card reader where the decal is situated,” EAST described in a recent, non-public report. “A device is then inserted and connected internally onto the card reader, and the hole covered with a fake decal”
[pictured, bottom right].

Pictured above are what appear to be wires that are fed into the machine with some custom-made rods. It looks like the data is collected by removing the decal, fishing out the wire attached to the ATM’s card reader, and connecting it to a handheld data storage device.

I sought clarification from EAST about how the device works. Most skimmers are card slot overlay devices work by using a built-in component that reads the account data off of the magnetic stripe when the customer inserts the card. But Lachlan Gunn, EAST’s executive director, suggested that this device intercepts the card data from the legitimate card reader on the inside of the ATM. He described the wiretapping device this way:

“It’s where a tap is attached to the pre-read head or read head of the card reader,” Lachlan said. “The card data is then read through the tap. We still classify it as skimming, but technically the magnetic stripe [on the customer/victim’s card] is not directly skimmed as the data is intercepted.”

The last report in my ATM skimming series showcased some major innovations in so-called “insert skimmers,” card-skimming devices made to fix snugly and invisibly inside the throat of the card acceptance slot. EAST’s new report includes another, slightly more advanced, insert skimmer that’s being called an “insert transmitter skimmer.”

Like the one pictured below, an insert transmitter skimmer is made up of two steel plates and an internal battery that lasts approximately one to two weeks. “They do not store data, but transmit it directly to a receiving device — probably placed less than 1 meter from the ATM.

An insert transmitter skimmer. Source: EAST.

An insert transmitter skimmer. Source: EAST.

Both of these card skimming technologies rely on hidden cameras to steal customer PIN codes. In a typical skimming attack involving devices that lay directly on top of the card acceptance slot, the hidden camera is a pinhole spy cam that is embedded inside the card slot overlay and angled toward the PIN pad. Just as often, the camera is hidden in a false panel affixed directly above the PIN pan with the pinhole pointed downward.

According to east, the use of false sidebar panels is becoming more prevalent (see image below for an example). It is not unusual for hidden cameras to be obscured inside of phony brochure racks as well.


As this and other insert skimmer attacks show, it’s getting tougher to spot ATM skimming devices. It’s best to focus instead on protecting your own physical security while at the cash machine. If you visit an ATM that looks strange, tampered with, or out of place, try to find another ATM. Use only machines in public, well-lit areas, and avoid ATMs in secluded spots.

Last, but certainly not least, cover the PIN pad with your hand when entering your PIN: That way, if even if the thieves somehow skim your card, there is less chance that they will be able to snag your PIN as well. You’d be amazed at how many people fail to take this basic precaution. Yes, there is still a chance that thieves could use a PIN-pad overlay device to capture your PIN, but in my experience these are far less common than hidden cameras (and quite a bit more costly for thieves who aren’t making their own skimmers).

<iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="420"></iframe>
Are you as fascinated by ATM skimmers as I am? Check out my series on this topic, All About Skimmers.

CryptogramNew Snowden Documents Show GCHQ Paying Cable & Wireless for Access

A new story based on the Snowden documents and published in the German newspaper Süddeutsche Zeitung shows how the GCHQ worked with Cable & Wireless -- acquired by Vodafone in 2012 -- to eavesdrop on Internet and telecommunications traffic. New documents on the page, and here.

Ars Technica article. Slashdot thread.

TEDA TEDGlobal friendship, straight from the Amazon: Mark Plotkin and Tashka Yawanawá

Mark Plotkin and Chief Tashka were pleased to share the stage at TEDGlobal 2014. Photo: James Duncan Davidson

Mark Plotkin and Chief Tashka were pleased to share the stage at TEDGlobal 2014. Photo: James Duncan Davidson

A few years ago, ethno-botanist Mark Plotkin injured his foot. A visit to a doctor at home had him feeling pain-free for a few months, but things changed when he headed to the Amazon rainforest for work. There, a local shaman noticed his limp and offered him a palm tree wrap along with a specially-brewed tea. Plotkin has now been pain-free for years, he says in his TED talk, “What the people of the Amazon know that you don’t.”

This experience is just one that has led him to see the indigenous tribes of the Amazon—and the medicinal plants that their shamans cultivate—as an irreplaceable repository of wisdom. With his non-profit, the Amazon Conservation Team, Plotkin works hand-in-hand with indigenous tribes in the Amazon to help them put in place their own conservation strategies, and to make sure that they are compensated for ingredients they share with the world. Because, as Plotkin says, the people of the Amazon have a deep understanding of the “treasure trove” of potential cures in the their midst.

Last month at TEDGlobal, our audience got the rare opportunity to hear directly from an Amazonian indigenous chief, who happens to be a longtime friend and colleague of Plotkin’s. Tashka Yawanawá became chief of the Yawanawá people at age 35, and, on the stage, he told the recent story of Brazil’s indigenous rights movement, which gained momentum in the ’70s and ’80s. But lately, he says, government support for indigenous autonomy has waned, as the lands that the communities occupy come under threat from logging, mining and other types of exploitation. Chief Tashka expressed concern about the exploitation of local medicinal plants, key to Yawanawá beliefs, and explained how they are working to distribute their resources to outsiders through a partnership with Aveda, among other channels, that allows them to generate income for the community.

This month, Tashka Yawanawá is helping his tribe cope with terrible flooding in his region, far worse than they’ve ever seen. Many homes were destroyed, along with well pumps, water filters, generators, boats and more. We will present Yawanawá’s talk when he is back online and able to engage in the conversation.

In the meantime, Plotkin’s talk gives a powerful introduction to an essentially identical idea. Both of these speakers stressed the importance of indigenous ethnomedical wisdom, and the need to protect it and transmit it to younger generations. Both highlighted protecting nature as an absolute essential.

With Tashka Yawanawá offline, we asked Plotkin to talk to us a little bit about his friend.

“It’s a very strange story,” says Plotkin describing how they met. “I was speaking at a gathering in New Mexico, of all places, and there was this guy there [who I thought was] Native American. We were talking, and he had a little bit of an accent. So I said, ‘Are you Mexican?’ he said, ‘No, my wife is. I’m Brazilian.’ So we switched into Portuguese. We spent a couple of days together.”

Plotkin finds himself routinely blown away by Tashka Yawanawá.

“He’s such a fascinating character,” says Plotkin. “He’s a Brazilian Indian who wanted to be a Mexican and then wanted to be a cowboy. He has this unusual sort of tri-cultural background and now he’s gone back to be the chief of his community and protect their culture in the forest. I think he’s fascinating.”

While they don’t work together often—Plotkin says that Chief Tashka does a great job representing for his people—they do work in the same areas. “We watch and admire,” says Plotkin. “A lot of what the Yawanawá are doing is what [the Amazon Conservation Team] is doing too. We showed up in the Amazon 12 years ago and said, ‘We’re not going to map your lands, you’re going to map your lands. We’re going to give you the equipment and teach you how to do it, but we would like you to do it.’ That was revolutionary when we started and — having Tashka do it — that supported our work … We were also the first organization to encourage elderly indigenous people to pass their knowledge on to their kids and their grandkids. Having groups like Tashka’s take that on themselves is a measure of success. Because it shouldn’t be about us doing it — it should be about the people that it means the most to doing it themselves.”

While Plotkin works more often with the Trio people, another Amazonian community, he is continually intrigued by the Yawanawá. “They are people who have been in touch with the outside world for a while,” he says, “but they have managed to hang on to their culture and their forest, which is no easy thing to do in this world that we live in, where everybody everywhere wants resources.”

And this gets to one of the key tensions in Plotkin’s work—that introducing indigenous communities to the outside world can be a tricky thing. “Technology can help and technology can hurt,” says Plotkin. “If you go into a village and start handing out GPSs and iPads and radios, you’re may be giving them the impression that we know magic and that everything we know is better, which is totally false. It’s better to do it in a culturally sensitive way. To say, ‘Look, we have antibiotics and they’re great — they might be able to cure infections your shamans can’t — but you guys have medicines we don’t have. You can cure some things that we sometimes can’t.’”

As for Tashka Yawanawá, Plotkin does hope that the outside world will get to better know his friend through his upcoming TED Talk. “I’m hoping somebody will make a movie about his life,” says Plotkin.

The Amazon Conservation Team is participating in the Skoll Foundation Crowdrise Challenge. Find out how a donation can be doubled or tripled »

TEDThe house is a witness: A TED Fellow makes art from the rubble of her homes lost to war

Zena el Khalil poses in the midst of her new exhibit, which makes the rubble of her mother and father's homes in Lebanon into beautiful art. Photo: Eva Zayat

Zena el Khalil poses in the midst of her new exhibit, which makes the rubble of her mother and father’s destroyed homes in Lebanon into art. Photo: Eva Zayat

Artist Zena el Khalil doesn’t have the family home she remembers from childhood. Her mother’s house in Lebanon was destroyed in a U.S. bomb attack in 1983, while her father’s house was occupied by the Israeli army for 22 years, until its withdrawal from Lebanon in 2000. “Every home my grandfathers built was destroyed, bombed or occupied,” says Khalil.

This realization has led her to a notable turn away from her previously flamboyant work, like running around Beirut in a big pink wedding dress to spread a message of love and peace, and creating hot pink glittery sculptures mocking gender and political stereotypes. Her latest work soberly examines one of the harshest realities of living with war — displacement, and the loss of home.

In her current exhibition, “From Mirfaq to Vega,” el Khalil explores and mourns the physical and emotional repercussions of the destruction of her parents’ ancestral homes over decades of war and occupation in Lebanon. She does this through paintings, poetry, sculpture and sound. The exhibit is on view at the Giorgio Persano Gallery in Turin, Italy, through January 10, 2015.

Here, she tells the TED Blog the story of her journey into her family’s past to retrieve the broken pieces, in the hope that art can transmute conflict and suffering into peace.

Tell me how you made this new work, and what it’s about.

This work is about home — those we’ve had and those we’ve lost — and the people who destroyed them. It’s about land, boundaries, walls, breaking walls down — but ultimately, it’s about forgiveness and compassion and love.

My starting point was the idea that I don’t have a home that still exists from my childhood, because my parents’ houses were both blown up in two different wars in Lebanon. So I started by investigating this idea of a very personal and intimate space being taken away by force.

I’ve always grappled with the ongoing wars in my country. Now, with Syria so close by, I’m also thinking a lot about what’s happening there, and the refugees spilling into Lebanon that may not be able to go back and rebuild, possibly for decades. But the process of making these particular works took place on the sites of my own parents’ physical homes.

I began with my mother’s home, which was blown up in 1983 by the USS New Jersey when they came to Lebanon. It was just a random shelling: they were striking the mountains where my mother lives and her house was blown up. It was immediately rebuilt, because my grandfather happened to be a construction worker. But I found a house next to it that was never rebuilt — and that’s where my journey started.

I spent a few months in this abandoned house. I spent a lot time in it — weeks — drawing, talking to the walls, experiencing the space. These buildings stand as silent witnesses to the destruction around them. The house becomes a witness, in a way, both when it’s occupied and when it’s abandoned.

"The size of your faith is the size of your intellect." Al Aql, 2014. Indian ink, ashes, fabric and hair on canvas. Photo: Zena el Khalil

“The size of your faith is the size of your intellect.” Al Aql, 2014. Indian ink, ashes, fabric and hair on canvas. Photo: Zena el Khalil

I started trying to connect to the energy in this house. I did some paintings and little drawings, but the turning point was a performance where I dressed in the black and white religious clothing of the people of my region, the Druze. Then, I set fire to the white veil. I burnt many veils. From their ashes, I created an ink that I used to paint with — an ink that investigates the absence of light — and started making site-specific paintings where a great violence took place. I worked outdoors, directly on the land, and I dipped the veils that I hadn’t burned in ink, pounding the canvas really hard. They are energy-based paintings. I would have a period of meditation in the beginning, and then I’d hit the canvas with the veils. So all the paintings are both the imprints of the veil and the land underneath the canvas. At the last stage, I embroidered the poetry on top.

Where is your father’s house?

My father is from the south, close to the border with Israel. Our house there was occupied for 22 years by the Israeli army. It was on top of a hill, so it was a military strategic point. They appropriated the house and turned it into their headquarters. It was used as an interrogation center, and they were holding prisoners there.

I never actually saw this home until 2000, when the Israeli army left the south of Lebanon. The day I arrived was literally a few days after the Israeli army left. I documented it, took a lot of photographs. But until now, I’d never talked about what happened in it, or worked with the material I gathered there. So this summer, I started painting down there, too.

What kind of shape was it in when you got there in 2000?

It was disgusting. It had been used as a detention center, so I remember when I first walked in, the entire floor was covered in feces. They were keeping prisoners there. We eventually blew up the house and built a brand-new one. But when the army left our house, they left behind many “blast walls,”, each one being two meters of reinforced concrete that serve as a shield. Those are the only things we kept.

There was an oak tree my father used to play in as a child. When we arrived, we found the area covered with these blast walls and also little bunkers where they used to have snipers. Some of these bunkers were near the tree. The challenge was how to dismantle the bunkers without harming the tree. It took a few years, but eventually we got rid of them, and the tree survived.

From Mirfaq to Vega installation view, with Israeli Army Blast “T” Walls found on site of the family home in Hasbaya, May 2000. Photo: Zena el Khalil

“From Mirfaq to Vega” installation view, with Israeli Army Blast “T” Walls found on site of the family home in Hasbaya, May 2000. Photo: Zena el Khalil

You brought pieces of the blast walls to Italy as part of the exhibit.

Yes. The centerpiece of the exhibition is two of these walls from the house. I shipped them from Lebanon to Italy, and each weighs close to two tons.

I also decided to make a kind of homage to the tree. I made some rotating sculptures that resemble trees. But where the branches are, there is calligraphy I sculpted out of wood and plexiglass. It’s a poem, and the whole thing turns, so that the shadows of the letters are projected on the wall. In many ways, they resemble prayer wheels or whirling dervishes. The trees rotate slowly, filling the space with light.

The text that I used in the trees is the poem “Ya Dirati,”  written by a distant relative, Zayd Al Atrash, who was escaping the French in the 1920s. My great-grandfather fought alongside him and contributed a line of the poem. It was a different war, with different occupiers, but it’s the same idea about land and loss of land. We have a tradition of oral storytelling passed down through poetry. My grandmother used to sing this poem to me as a child, when she’d tell me stories of her father and my ancestors.

"Love, forgiveness." Mantra, detail. Photo: Zena el Khalil

“Love, forgiveness.” Mantra, detail. Photo: Zena el Khalil

This poem was also turned into a song by a famous musician at the time, Asmahan, who was the niece of Zayd. I wanted to re-create her song in the exhibition, using sound to tie everything in. Working with audio producer Ray Hage, we created six ambient sound pieces that play in the background of the exhibition. They are all based on recordings we did with me reading mantras that I used for paintings in the exhibition.

Mantra 1 is: Land, honor, love, compassion, forgiveness.

Mantra 2 is: And my heart is full of love. And my heart is full of love. And my heart is full of love. And my heart is full of love. And my heart is full of forgiveness. And I shine bright, with present light.

One of the sound pieces is a remake of Asmahan’s song. I asked a musician friend, Elizabeth Ayoub, if she could sing the lines of the poem for us. I am in love with her voice, and because she is also from south Lebanon, I felt it was a perfect match. She also knows the pain of losing her home.

Why did you feel it was important to bring the walls over?

There are museums all over the world dedicated to telling the stories of wars and civilizations. There are artifacts in these museums that help us better understand these histories. The Gate of Ishtar in the Pergamon Museum in Berlin gives us an inclination of what Babylon must have been like. The blue-tiled walls adorned with lions, bulls and dragons protected the city from invaders, but also give us insight to Babylon’s culture, the religion, power and people. The Holocaust museums around the world tell us of the tragedy of the Jewish people. We see personal artifacts, human belongings — books, letters, teeth — that are extensions of lives lost. These people then cease to become nameless war victims. They are not just numbers. They are Ana, David, Catarina, Hana, Benjamin.

We don’t have spaces in the Middle East — or really anywhere — dedicated to telling the story of the contemporary Arab people and the wars we are enduring.

I had to start somewhere. So I started with myself, being the family archivist, to start building a database of our lives, histories and experiences. By starting with the most personal, maybe we have a chance to share our stories and subsequently, a shift might happen in the public’s scope of perception and understanding of my region. We could move from being just numbers to becoming actual people — and the world would begin to understand that we are witnessing the slow destruction of an entire culture.

<iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="315" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="560"></iframe>

Above: Watch this short film to see footage from el Khalil’s family homes in Lebanon, as well as experience the gallery installation, including the poem tree and ambient sound pieces.

This occupation happened, and my grandfather died without ever being able to return to his home. These facts are true. The walls are a physical connection to a story fading fast into the past. They are artifacts, relics, affirmations of a specific history that must be told.

Ultimately I am bringing to light the disaster that happened to us, with the hope that we can find the capacity to love again, and to forgive, and move forward. But to move forward, we also have to fully acknowledge our past. Everyone has to take responsibility before any kind of reconciliation can begin.

When you went to the house for the first time, was your father with you?


It must have been really hard on him. It must have felt very strange.

Yes, it was. What was even stranger was I went into some of these bunkers and there was graffiti in Hebrew, but also in English. A lot of American Jews are flown to Israel for free under a principle of birthright. They come and visit, stay in a kibbutz and are taught about their land. Many decide to stay because it’s like a utopia. But there’s the obligatory three-year military service, so eventually these American kids join the army.

So when I was looking at this graffiti, I was like, “It’s some kid from Wisconsin.” He just happened to be Jewish and came to Israel and now he’s in my house! Some of the graffiti was really funny. I remember there was a list of “Top 10 things I want to do when I go back home.” Number one was, I think, “Never wear green and khaki ever again.” Number two was like, “Eat Mom’s cooking.” Number three: “Have sex without having to pay for it.” You realize they’re just kids.

You said that ultimately this work is about forgiveness and compassion. What can you say about the innocence of these soldiers — the innocence of people who get caught up in things that are bigger than themselves?

Yeah, that happens all the time. Regardless of race or gender, when the war machine starts, it’s very hard to avoid it. Most people join armies for economic reasons. Or you have to join a side or die. It’s always the people of lowest income who are the greatest victims, because they don’t have the financial capacity to avoid war.

So kids join the army, they die, family members take revenge — it’s a vicious cycle. And of course it’s very important at this point to understand that these wars are not really home-grown. Lebanon is a proxy. This is America versus Russia. This is Israel versus Iran. What’s happening in Syria now is for resources — oil, gas, water.

My personal understanding of all this is that it’s a continuation of what started on September 11th, because that was the moment where everything changed. There was always war in the Middle East, but this was different because the Americans were very actively involved. What started in Afghanistan and Iraq has been spreading, and even when there were periods of calm in one country, it was blowing up in another one.

“From fire, we create life. From destruction, we find the strength to construct meaning in our lives. If stars destroy themselves, then maybe it’s only natural for us to do the same. We are obeying the fundamental laws of our universe. Churning each other up, and spitting out starstuff. Constantly. Effortlessly.” Al Aql, 2014. Photo: Zena el Khalil

“From fire, we create life. From destruction, we find the strength to construct meaning in our lives. If stars destroy themselves, then maybe it’s only natural for us to do the same. We are obeying the fundamental laws of our universe. Churning each other up, and spitting out star stuff. Constantly. Effortlessly.”
Al Aql, 2014. Photo: Paolo Pellion

For those of us who live here, I feel the only way to move forward is for us to understand each other better, to come to terms with things, to become personally responsible for where we live and how we interact with our neighbors. So on my part, I feel like the most I can do is to plant these seeds of forgiveness. I’m ready to forgive people for taking away my home. If I can do it, it could be a first step. It’s not easy, but look at South Africa. Through reconciliation projects, there have been possibilities to start living together again. It’s not perfect, but it’s a start.

I don’t know if there’s an ideal model, but I think with time, it is possible. Change has to start from within. So if I can find the capacity to forgive and move forward, maybe my brother can too, and then my cousins, and my friends and then my entire community. And that’s it, you have the seeds of change starting to grow.

What does “From Mirfaq to Vega” refer to?

Mirfaq and Vega are the names of stars I worked under as I painted this summer. Being in the south of Lebanon, there was very little light pollution. I spent many nights sleeping outdoors staring at these two bright points, thinking about how each human being is a beautiful shining star. Together, we make up the constellations of the universe. We are all connected. I felt our ancestors walking with me. “Our fire burns bright. We are creating our path to light. Bombs cannot fall here tonight.”

“From Mirfaq to Vega” is showing at Giorgio Persano Gallery in Turin, Italy, through January 10, 2015.

Racialicious#WeAreAllNatives Parody Ad Skewers Cultural Appropriation

Comedy troupe Stupid Time Machine just released a great parody ad in time for Thanksgiving. In their words:

A Thanksgiving ad for Urban Outfiter’s new We Are All Natives collection – “Indian wear for the rest of us.” Filmed on spec by sketch comedy group Stupid Time Machine, the parody urges Urban – already famous for their controversial Kent State Massacre and The Holocaust Themed Apparel – to tap into something hipsters can’t get enough of: white people in headdresses.

<iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="560"></iframe>

(Thanks to CJ for the tip!)

The post #WeAreAllNatives Parody Ad Skewers Cultural Appropriation appeared first on Racialicious - the intersection of race and pop culture.

RacialiciousThe Producer and the Anarchist: Dear White People’s Critique and Vision of Film

by Guest Contributor Mario Fitzgerald

In one of the many footnotes in The Brief Wondrous Life of Oscar Wao, Yunior opines:

“Rushdie claims that tyrants and scribblers are natural antagonists, but I think that’s too simple; it lets writers off pretty easy. Dictators, in my opinion, just know competition when they see it. Same with writers. Like, after all, recognizes like.”

Through the mind of Yunior, Junot Diaz expresses a core truth about writing: Despite being a tool of dissent for justice and equality, writing is also a powerful and thoroughly successful method of erasure, revision, and domination.

Through his first feature film, Dear White People, director Justin Simien has demonstrated how film can similarly be a tool for either justice or domination. Through the characters of Helmut West, a reality television show producer and Sam White, an independent documentary filmmaker, Justin Simien dramatizes the different ways in which the film industry has responded to racism and white supremacy.

Helmut West drifts in and out of the film searching for “conflicts” on the campus of Winchester University from which he can create a reality television show. Despite the title of the film directing viewers’ attention towards the many documented micro-aggressions of White characters towards the film’s Black characters, West is a Black man.

His presence raises a critique against the constant search for anti-Black racist acts committed by White people rather than manifestations of White supremacist thinking which, as bell hooks has so eloquently written, operates within us all.

In acknowledging the manifestations of White supremacist thinking, the actions of characters such as Coco become more understandable as she pursues possible areas in which she, as a black woman, may actually benefit from White supremacy and its valuations of physical beauty. A focus on White supremacist thinking can also reveal the problematic nature of actions from characters such as Reggie. As White supremacist thinking is connected to patriarchal thinking, Reggie’s manipulation of the Armstrong Parker House’s voting system in order to thrust Sam into a position of power that she never wished to attain is more easily recognized as patriarchal and subsequently challenged and resisted by an anti-racist, black feminist lens. One would still be able to acknowledge that the most powerful characters, such as President Fletcher, are indeed white.

However, a focus on White supremacist thinking will reveal how individuals of all identities stand to benefit from various aspects of the status quo and, thus, may actually have a vested interest in upholding certain oppressive systems while struggling against others.

West is also possibly the most perceptive character in the film, perhaps even more so than Sam, as he quickly identifies which people around him will easily fit into a consumable racial stereotype, be it the “angry black activist,” the “ghetto black woman,” or the overtly bigoted white person. However, he uses his perceptive abilities to further a part of the film industry that profits off of racism, and so West seeks to exploit racial confrontations he finds on campus rather than to challenge them.

Juxtaposed against West is Sam White, a young, passionate filmmaker and campus activist intent on exposing the contradictions of society, starting with her college campus.

Through her campus radio program, “Dear White People” and her first short film of white faced white people losing their collective minds over the election of Barack Obama as president, Sam attempts to expose the racist contradictions of the world through direct and didactic methods. Such methods draw both ire and adoration from Sam’s peers as well as the attention of the Winchester’s President and Dean of Students.

After facing the pressures to conform to the demands of her peers as well as the university administrators, Sam eventually falls back on her identity as a filmmaker, and with the help of her boyfriend, Justin, Sam embraces the role of an “anarchist filmmaker.” As such she presents the contradictions of society as problematic while simultaneously avoiding offering any solutions leaving that task for her viewers, as displayed in the final moments of her second short film documenting the fall out from a campus “black face” party in which she ceases to complete her last “Dear White People” edict. In this way, Sam, as an “anarchist filmmaker” challenges rather than exploits the racism displayed on Winchester’s campus.

It seems safe to say that Justin Simien, himself, has set the task for himself of following the “anarchist” tradition of filmmaking, a tradition marked by the questioning of society’s manners, formalities, and figures of authority in order to unveil the truths hidden by such facades.

DWP exposes the contradictions of the United States – especially its founding freedoms ingrained with racism and white supremacy – while also exposing our own personal and all too human contradictions.

However, Simien does not provide an easy ending glorifying the possibilities of the film industry to confront and challenge racism. Rather at the end of the film, it is Helmut West – not Sam – who sits in front of President Fletcher pitching his idea of using the conflicts of the university’s “race riot” to create a reality television show which will ultimately provide profits to both the university and television studio for which West works.

Therefore, though Justin Simien’s own first effort has opened to quite
some success as has the works of filmmakers such as Ava DuVernay, Dee Rees, and Ryan Coogler, Dear White People still acknowledges that the works of Hollywood studios and reality television shows capitalizing off of and profiting from stereotypes of black Americans still mainly control and define the narratives of black Americans.

The struggle continues, even in film, for in the words of Toni Morrison:

“Racism will disappear when it’s, A, no longer profitable, and no longer psychologically useful. And when that happens, it’ll be gone. But at the moment, people make a lot of money off of it, pro and con.”

Mario Fitzgerald is currently a Pre – K Assistant, Library Aide, and aspiring writer hoping to follow the paths set forth by James Baldwin and Toni Morrison living in Charlotte, NC.

The post The Producer and the Anarchist: Dear White People’s Critique and Vision of Film appeared first on Racialicious - the intersection of race and pop culture.

Planet DebianGunnar Wolf: Guests in the classroom: @Rolman talks about persistent storage and filesystems

On November 14, as a great way to say goodbye to a semester, a good friend came to my class again to present a topic to the group; a good way to sum up the contents of this talk is "everything you ever wondered about persistent storage".

As people who follow my blog know, I like inviting my friends to present selected topics in my Operating Systems class. Many subjects will stick better if presented by more than a single viewpoint, and different experiences will surely enrich the group's learning.

So, here is Rolando Cedillo — A full gigabyte of him, spawning two hours (including two hiccups where my camera hit a per-file limit...).

Rolando is currently a RedHat Engineer, and in his long career, he has worked from so many trenches, it would be a crime not to have him! Of course, one day we should do a low-level hardware session with him, as his passion (and deep knowledge) for 8-bit arcades is beyond any other person I have met.

So, here is the full video on my server. Alternatively, you can get it from The Internet Archive.

Geek FeminismA tsunami of testimonies: assaults in the Swedish larp community

Warning: this post details sexual violence.

This is a guest post by Kristin Nilsdotter Isaksson. It originally appeared in Swedish and in English on Spelkult. The English translation is by Charlie Charlotta Haldén.

Editor’s note: “larp” is live-action role play.

We’re talking about sexual harassment in the world of larp. Molestation, groping, assault and rape of participants who are asleep or intoxicated, aggravated rape with violent abuse, and even attempted murder.

On June 17, 2014, a new Facebook group was created for Swedish-speaking larpers who identify wholly or partially as women. The group quickly drew many members, and now comprises 580 larpers of varying ages and backgrounds. The idea was to create a sanctuary for discussions about different aspects of being a female larper. There are discussion threads about portraying female antagonists, about dealing with menstruation during larps, about sewing tricks, creating characters, organising larps. Small questions, big questions, and questions of vital importance.

It’s so important that we talk about our experiences. About how common this is, and that it’s not OK. About our right to say no, and that it’s never, ever, acceptable for someone not to listen. Everybody knows a victim, but nobody knows a perpetrator, and it’s time to take a stand now. — anonymous

A lot of times, I am personally skeptical of gender separated forums and arenas. I think spaces that are open for all tend to support a broader sharing of experiences. But I have realised that there are exceptions.

Lately, a darker subject has crept into the discussion threads, and during the past few weeks, a tsunami of voices has swept over us. Post after post, comment after comment, telling stories of painful experiences. We’re talking about sexual assault. At larps, or in larping circles. Over a thousand posts detailing experiences, sharing thoughts, discussing preventive measures, and not least, holding out hands in support.

There are a lot of perpetrators, and a lot of victims. The threads almost exclusively tell of assaults perpetrated by men towards women. There have been instances of sexual harassment, molestation, groping, assault and rape of sleeping or intoxicated larpers, aggravated rape with violent abuse, and even attempted murder. Some of these incidents have been reported, but a large amount of them have not reached the police, or even the larp organisers. Until now.

I was almost completely out of it, and I couldn’t do much of anything to stop it, because I hardly understood what was happening. He raped me, and in the morning I was ashamed and just left the camp, because it felt like it was my own fault. — anonymous

A lot of cases involve young people, 15-16-year-olds who are offered alcohol and harassed by older boys or men, and then things get out of hand during the night. In other cases, the acts are meticulously planned and perpetrated over a long period of time.

I was always supposed to play a submissive role at the larps, a servant to the group, to his friends. I was thrown around like a handbag. But I felt so worthless, so I reckoned I should be happy to get any attention. Then it got worse, the mental stuff turned into physical abuse… — anonymous

Many people ask themselves how this can happen. Shouldn’t larping be a safe arena, with a lot of eyes and ears that can react if something seems to be going wrong?

Most probably, it can happen because the people around let it happen. Partly because larpers are not really any different from other people in society, partly because the setting of a lot of larps actually makes sexual harassment more acceptable. Sociology calls this “habitus”, a series of codes that underlie a person’s behaviour. A lot of larps, especially in the fantasy genre, are stereotypical. Gender roles are clear and coded with different behaviours.

Male players will often choose a warrior character with a macho attitude, an acceptance for sexualising women and literally taking what he wants. This is a behaviour that would not be at all OK in normal society, but one that is seen a lot at different larps.

In the same way, female characters are often coded to be submissive, service-minded, soft, madonna-whores, or defenceless. Given that context, it can seem perfectly reasonable if a male player is upset about new rules suddenly being enforced that forbid playing on rape, since he had planned that his character should be an active rapist during the larp. When female characters are coded as submissive, the more dominant aspects of the male characters are intensified.

I was 13 years old, going to my very first larp together with a friend. None of us had any experience, and we didn’t know anyone except each other. The larp begins, and everything goes pretty well until the second day, when we are handed a note. The note says that the two older men in the tent across from ours want to meet us, because they want to find wives. This made me extremely uncomfortable, and I ended up hiding in the woods for the remaining days. — anonymous

Another contributing factor in several stories is that the victim has been separated from her group and placed in a new situation where she hardly knows the other players. Her safety net is gone.

Note that I didn’t know ONE SINGLE person in Sverok (The Swedish Gaming Federation) then. I had gone there all alone, representing my organisation, and had never met anyone else, so I didn’t have a single person there to talk to or seek support from. — anonymous

Some of the stories shared tell of incidents where larpers have lost their way in the middle of the night and been offered a place to sleep in exchange for sexual favours, or woken up with an unknown person’s hands all over their body. Because the victim has few contacts in the new group, she automatically becomes dependent on the perpetrator, and her scope for action is restricted.

Suddenly, I notice someone lying down next to me and starting to touch me, moving their hands under my clothes. I was really gone, but I realise that it’s the guy from before, and that makes me feel I can’t say no, because he might have thought I wanted to. So I let him keep on, and I just wanted to go to sleep so I didn’t have to experience this. We never talked again, and I never told anyone. — anonymous

In many of the cases, shame or fear of retribution has kept the people involved from telling anyone about the incidents. Moreover, the perpetrator usually has a larger amount of social capital than the victim does. They may be much older and more experienced, perhaps an organiser or someone with a lot of contacts in the larping world – as one person wrote, “someone you could trust”. If the person who was assaulted would report it to the police, or involve an organiser, there is almost always a legitimate fear that she would tarnish more people than the perpetrator – their friends, their network, the larp event – by diminishing the perpetrator’s power and social standing. This very strong group mechanism can often cause many people to initially take the perpetrator’s side and turn against the victim. There may be accusations saying that she put herself in the situation, that she behaved like a slut, that she was drunk and provocative and “corrupted” the perpetrator. There are numerous examples of this. The Bjästa case in Sweden and the Steubenville rape in the US are just two well-known examples outside the larping world.

I walked homewards, ice cold and freezing. It was dark, I couldn’t even see the path. Almost knocked myself out. I just wanted to get home so I could sleep. This guy was friends with the organisers, with my friends, everybody. Nobody would believe me, and that’s why I just kept quiet. — anonymous

This ongoing conversation has already resulted in some practical measures: Several organisers have taken action against alleged perpetrators, and suggestions for preventive efforts have been put forth, such as larps providing safety hosts and safe sleeping quarters. And people are talking, and processing. Some who have not dared go to a larp for several years because of fear have now felt safe enough to sign up again, and many larp organisers are working hard to ensure that larp is not a lawless haven for perpetrators to hide in.

All this may lead to people being named and shamed, and suffering reprisals such as being banned from larps and other social contexts. Whether this is justified or not is, of course, a matter of judgement. There is also a significant risk that those who have now dared to speak out might be accused and called into question.

My blood runs cold when I realise that I probably know several of the guys described here. People I have larped with, had fun with, and maybe been lucky enough not to end up alone with — anonymous

But this can also lead to a much safer larping experience with increased freedom of action for many players. The tolerance for this kind of behaviour may decrease as the spotlight is placed upon it. What might have been silently accepted earlier can now be pulled out into the open and questioned. Together, organisers and players develop new methods to ensure safer play for everyone, and that more women dare take up more space and choose among a broader array of characters.

The issues are now being discussed in other open larp forums too, and several players have called for more male voices in the conversation. Partly because this is not just about women’s experiences. There are not only male perpetrators. There are male victims too, and they may risk invisibility and stigmatisation. But there are also a lot of men who want to do something about this and show support. However, the question is if this massive sharing of experiences would ever have happened at all if the forum had been open to everyone. Most of the members of the Facebook group would probably say a resounding “no” to that question. Those who have been subjected to violations need a sanctuary in order to find the courage to start talking.

Our newsfeeds keep filling up. We keep talking. We discover connections. Someone who has felt desperately alone in her experience discovers, with hope and with horror, that there are many others out there who have been through similar things. This gives strength and breeds courage. The voices are powerful, and they will surely not quieten for a long, long time yet.


The Facebook group referred to in the text is named LWU, Larp Women Unite. The group was started by Karin Edman after Linnea Risinger came up with the idea during the Summer of 2014.

The ”Prata om det” campaign (”Talk about it”, hashtag #prataomdet) was and is a movement consisting of writers, bloggers and tweeters, emanating from a Twitter discussion started by geek feminist Johanna Koljonen in 2010. This concerned sharing stories about grey areas in sexual situations, about when sex becomes violation. This campaign opened doors to conversations that had not previously been had on a larger scale in “geek culture”.

CryptogramFBI Agents Pose as Repairmen to Bypass Warrant Process

This is a creepy story. The FBI wanted access to a hotel guest's room without a warrant. So agents broke his Internet connection, and then posed as Internet technicians to gain access to his hotel room without a warrant.

From the motion to suppress:

The next time you call for assistance because the internet service in your home is not working, the "technician" who comes to your door may actually be an undercover government agent. He will have secretly disconnected the service, knowing that you will naturally call for help and -- when he shows up at your door, impersonating a technician -- let him in. He will walk through each room of your house, claiming to diagnose the problem. Actually, he will be videotaping everything (and everyone) inside. He will have no reason to suspect you have broken the law, much less probable cause to obtain a search warrant. But that makes no difference, because by letting him in, you will have "consented" to an intrusive search of your home.

Basically, the agents snooped around the hotel room, and gathered evidence that they submitted to a magistrate to get a warrant. Of course, they never told the judge that they had engineered the whole outage and planted the fake technicians.

More coverage of the case here.

This feels like an important case to me. We constantly allow repair technicians into our homes to fix this or that technological thingy. If we can't be sure they are not government agents in disguise, then we've lost quite a lot of our freedom and liberty.

Planet DebianEnrico Zini: calypso-davdroid

Calypso and DAVDroid

calypso and DAVdroid appeal to me. Let's try to make the whole thing work.

Update: radicale seems to also support git as a backend, and I plan to give it a try, too.

A self-signed SSL certificate

Generating the certificate:

$ openssl req -nodes -x509 -newkey rsa:2048 -keyout cal-key.pem -out cal-cert.pem -days 3650
Country Name (2 letter code) [AU]:IT
State or Province Name (full name) [Some-State]:Bologna
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []
Email Address []

Installing it on my phone:

$ openssl x509 -in cal-cert.pem -outform DER -out cal-cert.crt
$ adb push cal-cert.crt /mnt/sdcard/
$ enrico --follow-instructions

Installing calypso in my VPS

An updated calypso package:

$ git clone git://
$ git checkout debian -b enrico
$ git remote add chrysn  git://
$ git fetch chrysn
$ git merge chrysn/chrysn/integration
$ dch -v 1.4+enrico  "Merged with chrysn integration branch"
$ debuild -us -uc -rfakeroot

Install the package:

# dpkg -i calypso_1.4+enrico_all.deb

Create a system user to run it:

# adduser --system --disabled-password calypso
# chsh calypso  # /bin/dash

Make it run at boot time (based on calypso-init from the git repo):

# cat /etc/default/calypso
# diff -Nau calypso-init calypso-init.enrico
--- calypso-init        2014-11-26 11:50:35.301001194 +0100
+++ calypso-init.enrico 2014-11-26 12:18:16.564138554 +0100
@@ -62,8 +62,8 @@
        || return 1

    mkdir -p $(dirname $PIDFILE)
-       chown calypso:calypso $(dirname $PIDFILE)
-       start-stop-daemon --start -c $NAME --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+       chown calypso:nogroup $(dirname $PIDFILE)
+       start-stop-daemon --start -c $NAME:nogroup --quiet --pidfile $PIDFILE --exec $DAEMON -- \
        $CALYPSO_OPTS \
        || return 2
    # Add code here, if necessary, that waits for the process to be ready
# cp calypso-init.enrico /etc/init.d/calypso
# update-rc.d calypso defaults

Setting up the database

# su - calypso

Certificates and server setup:

$ mkdir .config/calypso/certs
$ mv cal-key.pem .config/calypso/certs/cal.key
$ mv cal-cert.pem .config/calypso/certs/cal.pem
$ chmod 0600 .config/calypso/certs/*
$ cat > .config/calypso/config << EOF


User passwords:

    $ htpasswd -s .config/calypso/htpasswd enrico

Database initialization:

$ mkdir -p .config/calypso/calendars
$ cd .config/calypso/calendars
$ git init
    $ cat > .calypso-collection << EOF
is-calendar = True
is-addressbook = False
displayname = Test
description = Test calendar
    $ git add .calypso-collection
$ git commit --allow-empty -m'initialize new calendar'

Start the server

# /etc/init.d/calypso start

DAVdroid configuration

  1. Add a new DAVdroid sync account
  2. Use server/username configuration
  3. For server, use https://:5233
  4. Add username and password

It should work.

Related links

Worse Than FailureError'd: What Kind of Grass Do They Have in Canada?!

For those of us in the US, today is our "Friday" in lieu of the Thanksgiving holiday. So, in honor of our nation's most hallowed day of feasting (and deep discount shopping the day after), here's an Error'd two days early. (Don't worry non-USians, we'll have classics running the rest of the week.) Enjoy!

"I was browsing for Grass Trimmers on the Canadian Tire website and...well...I'm not sure these would quite do the job," Brent W. writes.


"I was doing an online survey and this question came up... Guess I get to choose what error they give me?" wrote Ryan K.


"Wow...that penalty is a little bit excessive," writes Vicki K.


"I tried to look up the syntax for a recursive view on, so I tried to search for 'recursive view'. No results. 'recursive' didn't yield anything either. Nor did 'view'. Not even,'select', which is probably the most used keyword. I suppose Oracle and I disagree on what the search functionality should do," wrote Maurits.


Abbey S. writes, "I wasn't even doing anything involving removable media at the time - there was just the unexplained sad bingleybleep of a USB connection shutting down, and then this. If I had been able to determine what Drive ?????????fhqwhgads??????? *was*, I might have inserted a disk into it, just to see what would happen."


"Darn, I was hoping to get this next week not in 66 years!" wrote W. N.


Rob H. wrote, "I hoped this not to be a very accurate representation of the route, but took a small paper bag with me any way because I was afraid to be sick at bus takeoff and landing."


"I tried to uninstall VM Ware Player from my Windows 8 system: So, I can not uninstall the software because I can not install it?!" Charles M. wrote.


Planet DebianCharles Plessy: Browsing debian-private via SSH

I recently realised that one can browse the archives of debian-private via SSH. I find this a good compromise between subscription and ignorance. Here is for instance the command for November.

ssh -t mutt -f /home/debian/archive/debian-private/debian-private.201411

Planet DebianFrancois Marier: Hiding network disconnections using an IRC bouncer

A bouncer can be a useful tool if you rely on IRC for team communication and instant messaging. The most common use of such a server is to be permanently connected to IRC and to buffer messages while your client is disconnected.

However, that's not what got me interested in this tool. I'm not looking for another place where messages accumulate and wait to be processed later. I'm much happier if people email me when I'm not around.

Instead, I wanted to do to irssi what mosh did to ssh clients: transparently handle and hide temporary disconnections. Here's how I set everything up.

Server setup

The first step is to install znc:

apt-get install znc

Make sure you get the 1.0 series (in jessie or trusty, not wheezy or precise) since it has much better multi-network support.

Then, as a non-root user, generate a self-signed TLS certificate for it:

openssl req -x509 -sha256 -newkey rsa:2048 -keyout znc.pem -nodes -out znc.crt -days 365

and make sure you use something like as the subject name, that is the URL you will be connecting to from your IRC client.

Then install the certificate in the right place:

mkdir ~/.znc
mv znc.pem ~/.znc/
cat znc.crt >> ~/.znc/znc.pem

Once that's done, you're ready to create a config file for znc using the znc --makeconf command, again as the same non-root user:

  • create separate znc users if you have separate nicks on different networks
  • use your nickserv password as the server password for each network
  • enable ssl
  • say no to the chansaver and nickserv plugins

Finally, open the IRC port (tcp port 6697 by default) in your firewall:

iptables -A INPUT -p tcp --dport 6697 -j ACCEPT

Client setup (irssi)

On the client side, the official documentation covers a number of IRC clients, but the irssi page was quite sparse.

Here's what I used for the two networks I connect to ( and

servers = (
    address = "";
    chatnet = "OFTC";
    password = "fmarier/oftc:Passw0rd1!";
    port = "6697";
    use_ssl = "yes";
    ssl_verify = "yes";
    ssl_cafile = "~/.irssi/certs/znc.crt";
    address = "";
    chatnet = "Mozilla";
    password = "francois/mozilla:Passw0rd1!";
    port = "6697";
    use_ssl = "yes";
    ssl_verify = "yes";
    ssl_cafile = "~/.irssi/certs/znc.crt";

Of course, you'll need to copy your znc.crt file from the server into ~/.irssi/certs/znc.crt.

Make sure that you're no longer authenticating with the nickserv from within irssi. That's znc's job now.

Wrapper scripts

So far, this is a pretty standard znc+irssi setup. What makes it work with my workflow is the wrapper script I wrote to enable znc before starting irssi and then prompt to turn it off after exiting:

ssh "pgrep znc || znc"
read -p "Terminate the bouncer? [y/N] " -n 1 -r
if [[ $REPLY =~ ^[Yy]$ ]]
  ssh killall -sSIGINT znc

Now, instead of typing irssi to start my IRC client, I use irc.

If I'm exiting irssi before commuting or because I need to reboot for a kernel update, I keep the bouncer running. At the end of the day, I say yes to killing the bouncer. That way, I don't have a backlog to go through when I wake up the next day.

Geek FeminismThat’s The Way I Linkspam It (26 November 2014)

  • Twine, the Video Game Technology For All | New York Times Magazine: “Although plenty of independent games venture where mainstream games fear to tread, Twine represents something even more radical: the transformation of video games into something that is not only consumed by the masses but also created by them. A result has been one of the most fascinating and diverse scenes in gaming. The very nature of Twine poses a simple but deeply controversial question: Why shouldn’t more people get to be a part of games? Why shouldn’t everybody?”
  • 25 Tips for Diverse Hiring | Model View Culture: “In order to be successful with diverse recruiting, tech companies must invest in analysis and improvement at every stage of the hiring process. In this post, we offer a 101-style guide to top areas of focus, with specific suggestions to improve your hiring process and build more diverse teams.”
  • Ambling Along the Aqueduct: Sexual Harssment and Public Space: “I think that the difference for the second decade of the twenty-first century lies in the stunning, important fact that women are increasingly claiming a place in public space and are consequently transforming public discourse in ways that challenge male entitlement to a serious degree… The implication is that women are in public space on sufferance, as special cases, being given privileges that can be revoked for any one of a number of arbitrary reasons, usually amounting to not in some ways being above rubies.”
  • Casual sexism in scientific journal leads to editor’s note | Retraction Watch: “The Elsevier journal Biological Conservation has put out an apology, but not a retraction, after outcry over a bizarre, misogynistic non sequitur in a book review by Duke conservation biologist Stuart Pimm.”
  • Funding – 2015 | 12 – 16 Jan | BeAwesome: “Apps close December 9. LCA 2015 and InternetNZ are proud to support diversity. The InternetNZ Diversity Programme is one way we ensure that LCA 2015 continues to be an open and welcoming conference for everyone. Together with InternetNZ this program has been created to assist under-represented delegates who contribute to the Open Source community but, without financial assistance, would not be able to attend LCA 2015.”
  • How Blacks and Latin@s Are Left Out of Tech Hiring by Stephanie Morillo | Model View Culture: “In other words, the qualified CS graduates of color tech claims it cannot find not only exist, but are actually being turned down for jobs in the very industry that says it cannot find them. For Blacks and Latin@s with dreams of going into tech and the social mobility it brings, this means that possessing credentials — and the increased networking opportunities that stem from respected CS programs — are not enough to erase the hidden (and not hidden) biases in tech’s hiring practices. The message that this then sends to younger generations of Blacks and Latin@s is clear: you need not apply.”
  • Barbie Remixed: I Really Can Be a Computer Engineer: “I happen to study remix, so one of my first thoughts upon seeing this was: someone is obviously going to remix this. I figured, why wait? I also have at my disposal my roommate Miranda Parker, a student of Mark Guzdial, who studies computing education and broadening participation in STEM. So with her input, I rewrote the book with a slightly different spin. (I also kept her as a “computer engineer” even though she’s really more of a computer scientist, software developer, etc.)  I hope you like this new narrative better, too!”
  • Engaging With Hateful People in Your Community Lends Legitimacy to Their Presence: “So why do you men get to care about the bigoted arguments and even engage & rebut? Because you’re unlikely to be targeted. They read as ‘abhorrent’ to you, but not as ‘threat to your safety’. Good for you! But for me, the presence of this person is a problem. When I see a male supremacist show up in an online space, the likelihood that I will participate drops to zero.”
  • No Solution | Medium: “If your coworker has chosen to share their story and truth, please respond with empathy and understanding. If empathy isn’t something hard wired into you, here are some tips: Listen as though it’s your only job. Avoid the urge to tune out. Avoid the urge to form counter arguments or move into defensive thinking. Avoid the urge to be “right”. Avoid the urge to critique.”

We link to a variety of sources, some of which are personal blogs.  If you visit other sites linked herein, we ask that you respect the commenting policy and individual culture of those sites.

You can suggest links for future linkspams in comments here, or by using the “geekfeminism” tag on Pinboard, Delicious or Diigo; or the “#geekfeminism” tag on Twitter. Please note that we tend to stick to publishing recent links (from the last month or so).

Thanks to everyone who suggested links.

Planet Linux AustraliaLinux Users of Victoria (LUV) Announce: LUV Main December 2014 Meeting: A vain attempt to rescue Australian democracy with a little JavaScript / holiday gifts

Dec 2 2014 19:00
Dec 2 2014 21:00
Dec 2 2014 19:00
Dec 2 2014 21:00

The Buzzard Lecture Theatre. Evan Burge Building, Trinity College, Melbourne University Main Campus, Parkville.


• Paul Foxworthy: A vain attempt to rescue Australian democracy with a little JavaScript
• Andrew Pam: Holiday gift suggestions for Linux lovers

The Buzzard Lecture Theatre, Evan Burge Building, Trinity College Main Campus Parkville Melways Map: 2B C5

Notes: Trinity College's Main Campus is located off Royal Parade. The Evan Burge Building is located near the Tennis Courts. See our Map of Trinity College. Additional maps of Trinity and the surrounding area (including its relation to the city) can be found at

Parking can be found along or near Royal Parade, Grattan Street, Swanston Street and College Crescent. Parking within Trinity College is unfortunately only available to staff.

For those coming via Public Transport, the number 19 tram (North Coburg - City) passes by the main entrance of Trinity College (Get off at Morrah St, Stop 12). This tram departs from the Elizabeth Street tram terminus (Flinders Street end) and goes past Melbourne Central Timetables can be found on-line at:

Before and/or after each meeting those who are interested are welcome to join other members for dinner. We are open to suggestions for a good place to eat near our venue. Maria's on Peel Street in North Melbourne is currently the most popular place to eat after meetings.

LUV would like to acknowledge Red Hat for their help in obtaining the Buzzard Lecture Theatre venue and VPAC for hosting, and BENK Open Systems for their financial support of the Beginners Workshops

Linux Users of Victoria Inc., is an incorporated association, registration number A0040056C.

December 2, 2014 - 19:00

read more

Planet Linux AustraliaMichael Still: The Human Division

ISBN: 9780765369550
I originally read this as a series of short stories released on the kindle, but the paperback collation of those has been out for a while and deserved a read. These stories are classic Scalzi, and read well. If you like the Old Man's War universe you will like this book. The chapters of the book are free standing because of how they were originally written, and that makes the book a bit disjointed. The cliff hanger at the end is also pretty annoying given the next book hasn't been released.

So, an interesting experiment that perhaps isn't perfect, but is well worth the read.

Tags for this post: book john_scalzi combat aliens engineered_human old_mans_war age colonization human_backup cranial_computer personal_ai
Related posts: The Last Colony ; Old Man's War ; The Ghost Brigades ; Old Man's War (2); The Ghost Brigades (2); Zoe's Tale
Comment Recommend a book

Planet Linux AustraliaAndrew Pollock: [life] Day 300: Kindergarten, startup stuff, errands

I started the day nice and early courtesy of the sun.

I finished off the unit of assessment that I should have finished last week, and get it into the mail. I made a start on the next unit, but was feeling a bit unmotivated, so I walked down to the post office to mail off the previous unit.

My current unit is all about the different styles of homes in Queensland since pre-Federation, and it's actually really interesting. I could spend a lot more time reading the course notes than I really should. It did cause me to look at the homes I walked pass with a new eye.

It was pretty hot again, and I didn't feel up for picking up Zoe from Kindergarten by bike, so I drove over.

I wanted to head out to the Brisbane City Council's regional business centre at Yeerongpilly to see if they had any plans for my apartment building. It turns out it was a bit of a wasted trip, because I could have requested the archive retrieval over the phone if the call centre person I'd spoken to had have known better. Zoe enjoyed collecting brochures from the counter anyway.

The return journey took us close enough to West End, that I decided to make a side trip over there to grab a few things from the food wholesaler I like over there. Zoe had a milkshake, so she was happy.

We got home from that trip and didn't have a lot of time left until Sarah arrived to pick up Zoe.

TEDTED gets the SNL treatment, a 3-D printed exoskeleton, and a look at the meaning of ‘yep’ versus ‘yup’

The members of the TED community have been very busy over the past two weeks. Below, news briefs on what a few have been up to. We’ll start with a few funny bits, and work our way down from there.

<iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="360" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="586"></iframe>

Talks, courtesy of SNL. We were highly amused to see the sketch “DEF TED Talks Jam” on Saturday Night Live last weekend, featuring “ideas from downtown.” Check it out — but beware, it’s not quite safe for work. (Also, take a look at 11 of the funniest TED spoofs and what speakers can learn from them.)

Net neutrality: a guide for dummies. John Hodgman — a smart, funny man — deposits a plain-spoken defense of net neutrality on his Tumblr. (Watch John’s TED Talk, “Design, explained.”)

‘Yep’ versus ‘yup.’ Anne Curzan weighs in on when different variations of the word “yes” appeared in the English language in a “That’s What You Say” segment. She addressed the age-old question: do “yep” and “yup” mean the same thing, or do they have different meanings? (Watch Anne’s talk, “What makes a word ‘real.’”)

<iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="360" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="586"></iframe>

A non-funding platform. Reggie Watts is part of a new alternative to Kickstarter, called WorkHarder. Yes, it’s tongue in cheek — but it’s also very seriously a benefit for Doctors without Borders’ work in West Africa.  (Watch Reggie’s talk, “Beats that defy boxes.” And thumbs up to Kickstarter co-founder Perry Chen, who is a TED Fellow.)

Raspberry Pi gets smaller, cheaper. At TEDGlobal 2013, Eben Upton shared his latest invention: a credit card-sized computer, Raspberry Pi, that helps people of all backgrounds learn about computing. According to TechCrunch, a smaller, cheaper and more energy efficient version is now available. (Watch Eben’s TED Q&A, “Wherefore Raspberry Pi?”)

An antibiotic chat. Earlier this year, Ramanan Laxminarayan warned that a crisis in antibiotics is coming. Last Wednesday, he participated in a Twitter chat, tackling questions about antibiotic resistance like, “Are there substitutes that can be used to deal with superbugs?” Check out his Twitter feed to see the conversation in action. (Watch Ramanan’s talk, “The coming crisis in antibiotics.”)

<iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="360" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="586"></iframe>

The friends who power pose together. When Amanda Palmer launched her book tour this month, she kicked it off in Boston by interviewing pal Amy Cuddy. In the clip above, these friends talk power posing … and share the impact of their respective TED Talks. (Watch Amy’s talk, “Your body language shapes who you are,” and Amanda’s, “The art of asking.”)

A printed exoskeleton. Amanda Boxtel appears in a fascinating article in The New Yorker, all about how 3-D printing is revolutionizing medicine. In the piece, she talks about the bionic exoskeleton suit that allows her to walk. “It was made from me and for me,” she says. (See Amanda in the TED Talk, “Human exoskeletons — for war and healing.”

Get ready for Flipsicle. Raghava KK’s imaginative cartoons and paintings are known for shaking up traditional perspectives. He’s launched a new web-based platform called Flipsicle, which aims to increase empathy by allowing users to see through multiple viewpoints. (Watch Raghava’s talk, “My 5 lives as an artist.“)

<iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="360" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="586"></iframe>

A serious music video. Somi, an East African Jazz artist and TED Fellow, continues to captivate audiences with her gusty, soulful vocals. She has a new music video for the song Brown Round Things, meant to reinforce the humanity of Africa’s sex workers.

Reflections on the fall of the Berlin Wall. Longtime TED photographer James Duncan Davidson posted Mauerfall 25, a reflective photo essay on the 25th anniversary of the fall of the Berlin Wall. It include stills of the 8,000 lighted balloons that mark the path of the wall itself.

An instrument you don’t touch. Theremin enthusiasts can dive into Us Conductors, a novel about the inventor of the no-contact, electronic musical instrument. The book is already generating buzz and won the 2014 Giller Prize. (Watch Pamelia Kurstin’s talk, “The untouchable music of the theremin.”)


TEDThanksgiving dinner with Aunt Bertha: A quick way to find free holiday meals

Aunt-Bertha-ThanksgivingNo, Aunt Bertha will not pinch your cheeks. That’s because she is not actually a person. Aunt Bertha is a service, created by TED Fellow Erine Gray, that connects people in need of food, healthcare and housing with the wide variety of programs available in their area.

This week, Aunt Bertha is aiming to connect as many people as possible with a free and hearty Thanksgiving meal. To do so, Aunt Bertha created a database of more than 1,000 places in the United States that are serving free meals—complete with turkey—over the course of this week. At, you’ll find a searchable map of free meals available in your city, along with details about how to get more information.

Aunt Bertha has also cracked open the data to look at when the most free meals are taking place (hint: on November, 27 at 11am) and what kind of organizations are offering these meals (39% are offered by churches).

For Gray, creating this resource was important because he knows Thanksgiving can be a hard time for many people. “45.3 million Americans live below the poverty rate and at least 25 to 40 percent of us live paycheck to paycheck,” he explains. “Most of us take it for granted, but having the kids home from school can be an economic hardship because that’s more food to buy. If the parents work, there’s also more money going out for child care. And in much of the country, it gets cold — which drives up the normal utility costs and can dig into the food budget.”

Creating this map was a challenge. “We spend a lot of time digging through poorly structured data—it’s one of the things we’re good at,” he says. The difference with this project was that a lot of the information existed in calendars and bulletin boards, as opposed to on traditional web pages. “We were lucky to have a friend who joined us for a few weeks to help us get the project in order,” he says. “She is just a master of Googling.”

One part of the project that has Gray especially excited: everyone is invited to dig into the data and look for patterns. “I’m wondering: is there a relationship between Thanksgiving meals and per-capita income? Is it what we’d think?” asks Gray. “Is weather a factor?”

He hopes fellow “data geeks” will partake in analysis—and cranberry sauce.

LongNowSoftware as Language, as Object, as Art

Rosetta Disk

When The Long Now Foundation first began thinking about long-term archives, we drew inspiration from the Rosetta Stone, a 2000-year-old stele containing a Ptolemaic decree in Ancient Egyptian hieroglyphics, Demotic script, and Ancient Greek. Our version of the Rosetta Stone, the Rosetta Disk, includes parallel texts in more than 1,500 languages. Since creating the Disk (a copy of which is now orbiting Comet 67P/Churyumov-Gerasimenko on board the European Space Agency’s Rosetta probe), we have also partnered with the Internet Archive to create an online supplement that currently contains information on some 2,500 languages.

One of our purposes in creating The Rosetta Project was to encourage the preservation of endangered human languages. In a recent event at The Interval, The Future of Language, we explored the role these languages play in carrying important cultural information, and their correlation with biodiversity worldwide.

While we have focused our efforts on spoken languages and their written analogues, other organizations have begun preserving software—not just the end results, but the software itself. This is not only a way of archiving useful information and mitigating the risks of a digital dark age, but also a path to better understand the world we live in. As Paul Ford (a writer and programmer who digitized the full archive of Harper’s Magazine) wrote in The Great Works of Software, “The greatest works of software are not just code or programs, but social, expressive, human languages. They give us a shared set of norms and tools for expressing our ideas about words, or images, or software development.”

Matthew Kirschenbaum, the Associate Director of the Maryland Institute for Technology in the Humanities, made a similar point in the opening address of the Digital Preservation 2014 Meeting at the Library of Congress. In discussing George R. R. Martin’s idiosyncratic choice to write his blockbuster, doorstopper Song of Ice and Fire on an air-gapped machine running DOS and WordStar, Kirschenbaum notes that “WordStar is no toy or half-baked bit of code: on the contrary, it was a triumph of both software engineering and what we would nowadays call user-centered design.”

<iframe allowfullscreen="" frameborder="0" height="315" src="" width="560"></iframe>

In its heyday, WordStar appealed to many writers because its central metaphor was that of the handwritten, not the typewritten, page. Robert J. Sawyer, whose novel Calculating God is a candidate for the Manual of Civilization, described the difference like this:

Consider: On a long-hand page, you can jump back and forth in your document with ease. You can put in bookmarks, either actual paper ones, or just fingers slipped into the middle of the manuscript stack. You can annotate the manuscript for yourself with comments like ‘Fix this!’ or ‘Don’t forget to check these facts’ without there being any possibility of you missing them when you next work on the document. And you can mark a block, either by circling it with your pen, or by physically cutting it out, without necessarily having to do anything with it right away. The entire document is your workspace.”

Screenshot of Wordstar Interface

If WordStar does offer a fundamentally different way of approaching digital text, then it’s reasonable to believe that authors using it may produce different work than they would with the mass-market behemoth, Microsoft Word, or one of the more modern, artisanal writing programs like Scrivener or Ulysses III, just as multi-lingual authors find that changing languages changes the way they think.

Speak, Memory

Samuel Beckett famously wrote certain plays in French, because he found that it made him choose his words more carefully and think more clearly; in the preface to Speak, Memory, Vladimir Nabokov said that the “re-Englishing of a Russian re-version of what had been an English re-telling of Russian memories in the first place, proved a diabolical task.” Knowing that A Game of Thrones was written in WordStar or that Waiting for Godot was originally titled “En Attendent Godot” may nuance our appreciation of the texts, but we can go even deeper into the relationship between software and the results it produces by examining its source code.

This was the motivation for the Cooper Hewitt, Smithsonian Design Museum’s recent acquisition of the code for Planetary, a music player for iOS that envisions each artist in the music library as a sun orbited by album-planets, each of which is orbited in turn by a collection of song-moons. In explaining its decision to acquire not only a physical representation of the code, such as an iPad running the app, but the code itself, Cooper-Hewitt said,

With Planetary, we are hoping to preserve more than simply the vessel, more than an instantiation of software and hardware frozen at a moment in time: Commit message fd247e35de9138f0ac411ea0b261fab21936c6e6 authored in 2011 and an iPad2 to be specific.

<iframe allowfullscreen="" frameborder="0" height="435" src=";portrait=0" width="580"></iframe>

Cooper-Hewitt’s Planetary announcement also touches on another challenge in archiving software.

[P]reserving large, complex and interdependent systems whose component pieces are often simply flirting with each other rather than holding hands is uncharted territory. Trying to preserve large, complex and interdependent systems whose only manifestation is conceptual—interaction design say or service design—is harder still.

One of the ways the Museum has chosen to meet this challenge is to open-source the software, inviting the public to examine the code, modify it, or build new applications on top of it.

The open-source approach has the advantage of introducing more people to a particular piece of software—people who may be able to port it to new systems, or simply maintain their own copies of it. As we have said in reference to the Rosetta Project, “One of the tenets of the project is that for information to last, people have to care about and engage it.” However, generations of software have already been lost, abandoned, or forgotten, like the software that controls the International Cometary Explorer. Other software has been preserved, but locked into black boxes like the National Software Reference Library at NIST, which includes some 20 million digital signatures, but is available only to law enforcement.

ICEEThe International Cometary Explorer, a spacecraft we are no longer able to talk to

While there is no easy path to archiving software over the long term, the efforts of researchers like Kirschenbaum, projects like the Internet Archive’s Software Collection, and enthusiastic hackers like the Carnegie Mellon Computer Club, who recently recovered Andy Warhol’s digital artwork, are helping create awareness of the issues and develop potential solutions.

Andy WarholOriginal Warhol, created on a Amiga 1000 in 01985


Planet DebianSune Vuorela: QImage and QPixmap in a Qt Quick item

For reasons I don’t know, apparantly a Qt Quick Item that can show a QImage or a QPixmap is kind of missing. The current Image QML item only works with data that can be represented by a URL.

So I wrote one that kind of works. Comments most welcome.

It is found on

Oh, and the KDE End of Year fundraiser is still running. Go support it if you haven’t already.

Planet DebianHolger Levsen: 20141125-change


Not many people adapt to fundamental changes easily, but at least people can change at all. I'm sure what looks funny now has also been a painful experience, but... - that's life. Sometimes it sucks. And suddenly...

Planet Linux News: Speaker Feature: Donna Benjamin, Dave Chinner, Paul Mackerras

Donna Benjamin

Donna Benjamin

Drupal8 outta the box

3:40pm Thursday 15th January 2015

Donna Benjamin has a collection of brightly coloured open source hats.

She currently chairs the Drupal community working group, sits on the board of the Drupal Association, and works as community engagement director with PreviousNext. She's also been an advisor to councils of Linux Australia, and was conference director for LCA2008 in Melbourne. Donna has also served as President of Linux Users of Victoria, and as a Director of Open Source Industry Australia.

For more information on Donna and her presentation, see here. You can follow him as @LittlemsDrupal and don’t forget to mention #lca2015.

Dave Chinner

Dave Chinner

Programming Considered Harmful

4:35pm Thursday 15th January 2015

Dave is the current XFS maintainer. He is currently employeed by Red Hat and spends most of his time developing new filesystem and storage features. He has been a XFS developer since 2004, and worked on the linux kernel since 2005. He has worked on machines of all sizes - from 2000 CPU machines used in the HPC environment to tiny, highly networked embedded systems in the industrial control industry.

In his spare time, Dave builds and races cars and tries to teach his dogs not to bark at the postman....

For more information on Dave and his presentation, see here.

Paul Mackerras

Paul Mackerras

KVM on IBM POWER8 servers

1:20pm Wednesday 14th January 2015

Paul Mackerras works in IBM's Linux Technology Center, where he leads a group of people whose mission is to bring open-source virtualization to IBM's Power systems. Previously he was the Linux kernel maintainer for the PowerPC architecture. He is also the author of the "gitk" commit visualization tool and the maintainer of the PPP package.

For more information on Paul and his presentation, see here.

Krebs on SecurityAdobe Pushes Critical Flash Patch

For the second time this month, Adobe has issued a security update for its Flash Player software. New versions are available for Windows, Mac and Linux versions of Flash. The patch provides additional protection on a vulnerability that Adobe fixed earlier this year for which attackers appear to have devised unique and active exploits.

brokenflash-aAdobe recommends users of the Adobe Flash Player desktop runtime for Windows and Macintosh update to v. by visiting the Adobe Flash Player Download Center, or via the update mechanism within the product when prompted. Adobe Flash Player for Linux has been updated to v. 

According to Adobe, these updates provide additional hardening against CVE-2014-8439, which was fixed in a Flash patch that the company released in October 2014. The bulletin for this update is here. Finnish security firm F-Secure says it reported the flaw to Adobe after receiving information from independent researcher Kafeine that indicated the vulnerability was being exploited in-the-wild by an exploit kit (malicious software designed to be stitched into hacked Web sites and foist malware on visitors via browser flaws like this one).

To see which version of Flash you have installed, check this link. IE10/IE11 on Windows 8.x and Chrome should auto-update their versions of Flash.

The most recent versions of Flash are available from the Flash home page, but beware potentially unwanted add-ons, like McAfee Security Scan. To avoid this, uncheck the pre-checked box before downloading, or grab your OS-specific Flash download from here.

Windows users who browse the Web with anything other than Internet Explorer may need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.).


Planet DebianEnrico Zini: mock-webserver

A mock webserver to use for unit testing HTTP clients

With python -m SimpleHTTPServer it's easy to bring up an HTTP server to use to test HTTP client code, however it only supports GET requests, and I needed to test an HTTP client that needs to perform a file upload.

It took way more than I originally expected to put this together, so here it is, hopefully saving other people (including future me) some time:


import http.server
import cgi
import socketserver
import hashlib
import json

PORT = 8081

class Handler(http.server.SimpleHTTPRequestHandler):
    def do_POST(self):
        info = {
            "method": "POST",
            "headers": { k: v for k, v in self.headers.items() },

        # From
        form = cgi.FieldStorage(

        postdata = {}
        for k in form.keys():
            if form[k].file:
                buf = form.getvalue(k)
                postdata[k] = {
                    "type": "file",
                    "name": form[k].filename,
                    "size": len(buf),
                    # json.dumps will not serialize a byte() object, so we
                    # return the shasum instead of the file body
                    "sha256": hashlib.sha256(buf).hexdigest(),
                vals = form.getlist(k)
                if len(vals) == 1:
                    postdata[k] = {
                        "type": "field",
                        "val": vals[0],
                    postdata[k] = {
                        "type": "multifield",
                        "vals": vals,

        info["postdata"] = postdata

        resbody = json.dumps(info, indent=1)

        resbody = resbody.encode("utf-8")

        self.send_header("Content-type", "application/json")
        self.send_header("Content-Length", str(len(resbody)))


class TCPServer(socketserver.TCPServer):
    # Allow to restart the mock server without needing to wait for the socket
    # to end TIME_WAIT: we only listen locally, and we may restart often in
    # some workflows
    allow_reuse_address = True

httpd = TCPServer(("", PORT), Handler)

print("serving at port", PORT)

TEDThe other butterfly effect: A youth reporter finds out how monarchs fight their own parasites

Biologist Jaap de Roode studies the Monarch butterfly's ability to use medicinal plants. Photo: Courtesy of Jaap de Roode

Biologist Jaap de Roode studies the Monarch butterfly’s ability to use medicinal plants.

Jaap de Roode is a biologist who studies parasites and their hosts — particularly Monarch butterflies. At TEDYouth 2014, he spoke about Monarch butterflies, their self-medicating ingenuity — and what that ingenuity can help humans discover.

Lubna Batool, an 11th-grade New Yorker, was fascinated. On site at TEDYouth, with a dozen monarch butterflies flapping about in a see-through mesh cylinder, Batool got to ask de Roode a few questions. One fun fact she learned: Monarch butterflies can live in a food cooler for months, as long as they’re fed every 10 days and have an ice pack changed daily. Below, an edited transcript of their conversation.

[As Batool picks up a butterfly] How do I hold it?

Monarchs are one of the strongest butterflies we have — they fly from Canada down to Mexico, which is a few thousand miles. When I was growing up, my parents told me that you can’t touch butterflies because you can really disrupt their wings. But for Monarchs, it’s actually the best way to hold them — it’s their sturdiest part. My fingers are slowly getting covered in scales.

Do the scales regenerate?

No, they’re gone forever. They come loose for a reason. It’s actually a defense mechanism. Many butterflies end up in spider webs, but what gets stuck to the web is not the butterfly, but its scales. It can fly away, which is pretty awesome. My only advice is — don’t lick your fingers because you might get some of the scales in your mouth. Not enough to kill you, but it’s good practice to wash your hands after touching animals in general.

Why do you prefer to work with Monarchs over other butterflies?

We work with monarchs, and then do other research on honeybees and malaria parasites in humans. For me, I just find monarchs fascinating. Count its legs. There are four! Monarchs only have four legs. There should be six, because they’re insects. So what’s going on? The whole family of Monarchs in the butterfly world is called a “brush-footed butterfly.” They do have six legs, but the front two are very, very small — so small that you can hardly see them. They’re used for egg laying. So it doesn’t make sense at first sight.

How long do they live?

These particular butterflies can live up to seven months, because these are the migratory ones that go from Canada and the U.S. all the way down to Mexico. They fly down and sit there for four to five months, and then fly back north to, say, Texas. But normally when they’re breeding — when they’re not migrating in the winter — they only live three to four weeks. And the main difference between them is that the migratory ones haven’t fully developed their reproductive organs, and that saves them so much energy that they can live for a long time.

How can you tell when the butterflies are diseased? 

What I do is I take this butterfly and I take this sticker — just a sticker like you’d buy at Staples — and I stick it on the butterfly. That will take some of the scales off of the abdomen. I put it on an index card like I’ve done here. And then you look under the microscope, and you see big black blocks and big white blocks — those are the scales of the butterfly. If it has the parasite, in between the scales you’ll see black, peppery speckles. Those are the parasites. That’s a diseased butterfly.

So what does the butterfly have that can cure its diseases?

It has milkweed. The adult butterflies lay eggs on milkweed, so the larvae feed on it, and some of the milkweed has this chemical that we think is bad for the parasites. So in using that milkweed, they’re basically using medicinal plants to reduce the infection from the parasites.

So it might be able to help humans and other animals?

Yes. So many insects use plants, and so many are probably using medicine. We could look to that and maybe find some new cool medicines. That would be really awesome if we could say, “Look, these butterflies found some cure for us.” That’s my dream.

11th grader Lubna Batool interviewed Jaap de Roode at TEDYouth 2014.

11th grader Lubna Batool interviewed Jaap de Roode at TEDYouth 2014.

TEDA wildlife conservationist talks to a teen reporter about the past and future of a lush, green NYC


Eric Sanderson’s project Manahatta 2409 lets people imagine what New York City will look like in about 400 years. Could the whole city be reclaimed as green space? Image: Courtesy of Manahatta 2409

Conservation ecologist Eric Sanderson makes a science out of envisioning New York City in the past and the future. His Mannahatta project was a 10-year deep dive into the green landscape of Manhattan as it existed 400 years ago – and his new project, Mannahatta 2409, asks the public to create their own future visions for New York.

Ninth-grade ecology enthusiast Isabel Yehya was very excited to hear about this project. She asked to interview Sanderson after his talk at TEDYouth 2014. Below, an edited transcript of their conversation.

How did you start thinking about the past and future of New York? 

I moved [to New York] in 1998. I’m from California originally, and it was a complete shock to my system. I’d never lived in a big city before and I’d never lived on the East Coast. I had this job that took me to wild places all over the world — I went to something like 40 countries in five years to work on wildlife conservation. Then I would come back to New York and it just made me think, “How did this place happen?” That led to the Mannahatta project and trying to understand what was here before us.

Then toward the end of Mannahatta, I had a fellowship with an architectural institute — the Van Alen Institute –and I was meeting lots of architects and urban planners and talking about how ecology could work in urban planning. And I realized there were so many good ideas about how cities could be better. So I thought maybe I could make a vision to integrate all those things that I think are most important, asking: What’s the best of nature and the best of cities in the same place?

How do you think people see your future vision?

Some people don’t like it because their house is gone, and we have to remind them that it’s 400 years from now — so it won’t be their house anyway. This is a long-term vision.

Others like it, because a lot of people are frustrated with the traffic and the economics and fossil fuels and climate change — there’s all these bad things associated with the American lifestyle as we know it today.

Then there are those people who want to know: “How are you going to make it happen?” And for me, it’s not about the making. I don’t make anybody do anything; I can’t even get my son to do the dishes. It’s really about persuasion, and showing that the path we’re on now is not going to turn out well for a lot of people. People talk about how hard it is to change anything, but actually human culture is really changeable — in New York in particular. Even 20 years ago, people didn’t think of the city as a place for the environment, and now everybody who is young and active is talking about wanting to be in nature in the city.

So there are other paths we can get on that are going to make the world a better place and make the city a better place. That’s what we really need now: not just thinking about “What do I need now?” or “Why do I have unfortunate circumstances?,” but how do we create fortunate circumstances for everyone?

Do you have any plans to expand and update the Mannahatta website?

Yes. For now it only covers Manhattan, but we’re working to expand it to the rest of New York City – the Bronx, Queens, Brooklyn, Staten Island and all the waterways in between. We’re also working to add more functionality. Right now it measures environmental performance for water, carbon, biodiversity and population, but we’re going to add an economics module. And we’ve been talking about a public health module. And maybe even a social equity kind of module.

Ecologist Eric Sanderson (left) was interviewed by 14-year-old student Isabel Yehya.

Ecologist Eric Sanderson (left) was interviewed by 14-year-old student Isabel Yehya.

Planet DebianThorsten Glaser: d-i preseeding is not the answer

This post details what the d-i team currently shows as the only way.

It has several shortcomings and one missing documentation part.

Shortcoming: --purge is missing from the apt-get invocation. This leaves packages in “rc” state (requiring a manual dpkg --purge to completely remove them later, as they are then invisible to apt).

Worse shortcoming: this still leaves all dependencies pulled in by systemd around on the system, because packages installed by debootstrap are not eligible for “apt-get --purge autoremove”. Additionally, it does not influence debootstrap’s (nōn-existent, see #557322, #668001, #768062) dependency resolver, leading to possibly pessimistic package selections.

Missing: you can just hit Alt-F2 and enter the command…

	in-target apt-get --purge -y install sysvinit-core

… there, no need to preseed. But this does not eliminate the aforementioned shortcomings, of course.

Planet DebianScott Kitterman: On being excellent to each other

There has been a lot of discussion recently where there is strong disagreement, even about how to discuss the disagreement. Here’s a few thoughts on the matter.

The thing I personally find the most annoying is when someone thinks what someone else says is inappropriate and says so, it seems like the inevitable response is to scream censorship. When people do that, I’m pretty sure they don’t know what the word censorship actually means. Debian/Ubuntu/Insert Project Name Here resources are not public spaces and no government is telling people what they can and can’t say.

When you engage in speech and people respond to that speech, even if you don’t feel all warm and fuzzy after reading the response, it’s not censorship. It’s called discussion.

When someone calls out speech that they think is inappropriate, the proper response is not to blame a Code of Conduct or some other set of rules. Projects that have a code, also have a process for dealing with claims the code has been violated. Unless someone invokes that process (which almost never happens), the code is irrelevant. What’s relevant is that someone is having a problem with what or how you are saying something and are in some way hurt by it.

Let’s focus on that. The rules are irrelevant, what matters is working together in a collegial way. I really don’t think project members actively want other project members to feel bad/unsafe, but it’s hard to get outside ones own defensive reaction to being called out. So please pay less attention to how you’re feeling about things and try to see things from the other side. If we can all do a bit more of that, then things can be better for all of us.

Final note: If you’ve gotten this far and thought “Oh, that other person is doing this to me”, I have news for you – it’s not just them.

Planet DebianChris Lamb: Validating Django model attribute assignment

Ever done the following?

>>> user = User.objects.get(pk=102)
>>> user.superuser = True

# Argh, why is this user now not a superuser...

Here's a dirty hack to validate these:

import sys

from django.db import models
from django.conf import settings

    'auth.User': ('backend',),

def setattr_validate(self, name, value):
    super(models.Model, self).__setattr__(name, value)

    # Real field names cannot start with underscores
    if name.startswith('_'):

    # Magic
    if name == 'pk':

    k = '%s.%s' % (self._meta.app_label, self._meta.object_name)
        fields = FIELDS[k]
    except KeyError:
        fields = FIELDS[k] = set(
            getattr(x, y) for x in self._meta.fields
            for y in ('attname', 'name')

    # Field is in allowed list
    if name in fields:

    # Field is in known exceptions
    if  name in EXCEPTIONS.get(k, ()):

    # Always allow Django internals to set values (eg. aggregates)
    if 'django/db/models' in sys._getframe().f_back.f_code.co_filename:

    raise ValueError(
        "Refusing to set unknown attribute '%s' on %s instance. "
        "(Did you misspell %s?)" % (name, k, ', '.join(fields))

# Let's assume we have good test coverage
if settings.DEBUG:
    models.Model.__setattr__ = setattr_validate


>>> user = User.objects.get(pk=102)
>>> user.superuser = True
ValueError: Refusing to set unknown attribute 'superuser' on auth.User instance. (Did you misspell 'username', 'first_name', 'last_name', 'is_active', 'email', 'is_superuser', 'is_staff', 'last_login', 'password', 'id', 'date_joined')

(Django can be a little schizophrenic on this —'s update_fields keyword argument validates its fields, as does prefetch_related, but it's taking select_related a little while to land.)

Sociological ImagesGoogle Maps and the Relative Importance of Native American Reservations

As we live our lives increasingly in the digital realm, the sights, sounds, and moving images of the internet impact our conception of the world around us. Take, for example, the many online mapping services.  What began as simple tools to find driving directions have evolved into advanced applications that map multiple layers of data.

But who decides what we see? What features are considered sufficiently important to be included? And what information about our country do those design decisions make invisible?

Here’s the map of South Dakota provided by Google Maps. Notice that the many Indian reservations are unmarked and invisible.  If you scroll in, eventually the reservations appear. At the state level, though, they’re invisible.


In contrast, Indian reservations do show up on Bing:


Among the other map services, Yahoo! Maps and MapQuest do label Indian reservations while OpenStreetMap does not.

While these mapping tools certainly empower the individual, it is the designers and the developers behind them who hold the real power.  I can only speculate as to why Google Maps does not include reservations at the state level, but their decision impacts the way we understand (or don’t understand) the geographic and social reality of this country.

Stephen Bridenstine is pursuing a history masters degree at the University of British Columbia, where he studies popular attitudes and public memory concerning Indigenous peoples, the historic fur trade, and the natural environment. He blogs about non-Native America’s weird obsession with everything “Indian” at his blog Drawing on Indians, where this post originally appeared.

This post was updated to reflect 2014; it originally appeared on SocImages in 2011.

(View original at

RacialiciousVoices: The Michael Brown Protests You Didn’t See

There will be those who will reduce Monday night to the sights of burning buildings and tear gas around Ferguson, Missouri, and use that to excuse and explain the police violence that both incited and accompanied them.

But the reality is, demonstrators marched — peacefully — both in Ferguson and around the country not long after a local grand jury decided not to indict Officer Darren Wilson for shooting and killing 18-year-old Michael Brown on Aug. 9. These activists were not alone, and they will not be the last. This space is to recognize their presence, despite the insistence of certain narratives that they were not.

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

<script async="async" charset="utf-8" src=""></script>

The post Voices: The Michael Brown Protests You Didn’t See appeared first on Racialicious - the intersection of race and pop culture.

CryptogramRegin: Another Military-Grade Malware

Regin is another military-grade surveillance malware (tech details from Symantec and Kaspersky). It seems to have been in operation between 2008 and 2011. The Intercept has linked it to NSA/GCHQ operations, although I am still skeptical of the NSA/GCHQ hacking Belgian cryptographer Jean-Jacques Quisquater.

Planet DebianDirk Eddelbuettel: Rcpp now used by 300 CRAN packages

max-heap image

This morning, Rcpp reached another round milestone: 300 packages on CRAN now depend on it (as measured by Depends, Imports and LinkingTo declarations). The graph is on the left depicts the growth of Rcpp usage over time. There are 41 more on BioConductor (which is not included in the chart).

The first and less detailed part uses manually save entries, the second half of the data set was generated semi-automatically via a short script appending updates to a small file-based backend. A list of user package is kept on this page.

Also displayed in the graph is the relative proportion of CRAN packages using Rcpp. The four per-cent hurdle was cleared just before useR! 2014 where I showed a similar graph (as two distinct graphs) in my invited talk. We may well hit five per-cent before the end of the year.

300 is a pretty humbling and staggering number. Also interesting that we we cleared 200 only at the end of April, and 250 in early August.

So from everybody behind Rcpp, a heartfelt Thank You! to all the users and of course other contributors.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Worse Than FailureCodeSOD: Genderize

If someone suggested that you write a function which, given a person’s name, tells you what gender they are, you might caution that this is a hard problem. You might suggest a solution like a Bayesian classifier, which could be trained, or you might say, “Maybe we should just let the users tell us.”

There are a few things you almost certainly wouldn’t suggest. You wouldn’t suggest using ColdFusion <script src="" type="text/javascript"></script>, because CF is constructed out of sin and unicorn tears. And you certainly wouldn’t suggest trying to use regexes to do this job.

That’s because you aren’t Brent’s co-worker, who wrote this:


<cffunction name="Genderize" output="false" returnType="string">
       <cfargument name="Name" type="string" required="true">

              var regex = "";

              regex = "(ua|pher|andy|elijah)$";
              if (REFindNoCase(regex, {return "male";}

              regex = "(a|i|y|ah|ee|et|ette|elle|fer|ine|lyn|ie|anne|een|en|er|yn|ynn|kim|rachel|lind|pam|sue)$";
              if (REFindNoCase(regex, {return "female";}

              return "male";

Planet DebianDebConf team: DebConf14 final report (Posted by Uli Scholler, and the DebConf Team)

The Final Report for DebConf14 is complete and the DebConf team proudly presents it to the world.

DebConf14, which was held in Portland, Oregon, USA, in August 2014, was a big success. Our final report captures the essence of this year’s conference in pictures and words:

  • talks and how we selected them
  • face-to-face meetings and their effect on building trust
  • events such as the day trip or the infamous cheese & wine party
  • the university venue
  • a selection of attendee’s impressions

And of course there are numbers, budget, and statistics.

Read, enjoy, and share!

The DebConf team

Planet DebianErich Schubert: Installing Debian with sysvinit

First let me note that I am using systemd, so these things here are untested by me. See e.g. Petter's and Simon's blog entries on the same overall topic.
According to the Debian installer maintainers, the only accepted way to install Debian with sysvinit is to use preseeding. This can either be done at the installer boot prompt by manually typing the magic spell:
preseed/late_command="in-target apt-get install -y sysvinit-core"
or by using a preseeding file (which is a really nice feature I used for installing my Hadoop nodes) to do the same:
d-i preseed/late_command string in-target apt-get install -y sysvinit-core
If you are a sysadmin, using preseeding can save you a lot of typing. Put all your desired configuration into preseeding files, put them on a webserver (best with a short name resolvable by local DNS). Let's assume you have set up the DNS name, and your DHCP is configured such that is on the DNS search list. You can also add a vendor extension to DHCP to serve a full URL. Manually enabling preseeding then means adding
auto url=d-i
to the installer boot command line (d-i is the hostname I suggested to set up in your DNS before, and the full URL would then be Preseeding is well documented in Appendix B of the installer manual, but nevertheless will require a number of iterations to get everything work as desired for a fully automatic install like I used for my Hadoop nodes.

There might be an easier option.
I have filed a wishlist bug suggesting to use the tasksel mechanism to allow the user to choose sysvinit at installation time. However, it got turned down by the Debian installer maintainers quire rudely in a "No." - essentially this is a "shut the f... up and go away", which is in my opinion an inappropriate to discard a reasonable user wishlist request.
Since I don't intend to use sysvinit anymore, I will not be pursuing this option further. It is, as far as I can tell, still untested. If it works, it might be the least-effort, least-invasive option to allow the installation of sysvinit Jessie (except for above command line magic).
If you have interest in sysvinit, you (because I don't use sysvinit) should now test if this approach works.
  1. Get the patch proposed to add a task-sysvinit package.
  2. Build an installer CD with this tasksel (maybe this documentation is helpful for this step).
  3. Test whether the patch works. Report results to above bug report, so that others interested in sysvinit can find them easily.
  4. Find and fix bugs if it didn't work. Repeat.
  5. Publish the modified ("forked") installer, and get user feedback.
If you are then still up for a fight, you can try to convince the maintainers (or go the nasty way, and ask the CTTE for their opinion, to start another flamewar and make more maintainers give up) that this option should be added to the mainline installer. And hurry up, or you may at best get this into Jessie reloaded, 8.1. - chance are that the release manager will not accept such patches this late anymore. The sysvinit supporters should have investigated this option much, much earlier instead of losing time on the GR.
Again, I won't be doing this job for you. I'm happy with systemd. But patches and proof-of-concept is what makes open source work, not GRs and MikeeUSA's crap videos spammed to the LKML...
(And yes, I am quite annoyed by the way the Debian installer maintainers handled the bug report. This is not how open-source collaboration is supposed to work. I tried to file a proper wishlist bug reporting, suggesting a solution that I could not find discussed anywhere before and got back just this "No. Shut up." answer. I'm not sure if I will be reporting a bug in debian-installer ever again, if this is the way they handle bug reports ...)
I do care about our users, though. If you look at popcon "vote" results, we have 4179 votes for sysvinit-core and 16918 votes for systemd-sysv (graph) indicating that of those already testing jessie and beyond - neglecting 65 upstart votes, and assuming that there is no bias to not-upgrade if you prefer sysvinit - about 20% appear to prefer sysvinit (in fact, they may even have manually switched back to sysvinit after being upgraded to systemd unintentionally?). These are users that we should listen to, and that we should consider adding an installer option for, too.

Planet DebianGunnar Wolf: 10 PRINT CHR$(205.5+RND(1)); : GOTO 10 (also known as #10print )

The line of BASIC code that appears as the subject for this post is the title for a book I just finished reading — And enjoyed thoroughly. The book is available online for download under a CC-BY-NC-SA 3.0 License, so you can take a good look at it before (or instead of) buying it. Although it's among the books I will enjoy having on my shelf; the printing is of a very enjoyable good quality.

And what is this book about? Well, of course, it analizes that very simple line of code, as it ran on the Commodore 64 thirty years ago.

And the analysis is made from every possible angle: What do mazes mean in culture? What have they meant in cultures through history? What about regularity in art (mainly 20th century art)? How would this code look (or how it would be adapted) on contemporary non-C64 computers? And in other languages more popular today? What does randomness mean? And what does random() mean? What is BASIC, and how it came to the C64? What is the C64, and where did it come from? And several other beautiful chapters.

The book was collaboratively written by ten different authors, in a Wiki-like fashion. And... Well, what else is there to say? I enjoyed so much reading through long chapters of my childhood, of what attracted me to computers, of my cultural traits and values... I really hope that, in due time, I can be a part of such a beautiful project!

Planet Linux AustraliaTridge on UAVs: APM:Plane 3.2.0 released

The ardupilot development team is proud to announce the release of version 3.2.0 of APM:Plane. This is a major release with a lot of new features.

The changes span a lot of different areas of the code, but arguably the most important changes are:
  • automatic stall prevention code
  • PX4IO based RC override code on FMU failure
  • I2C crash bugfix
  • new autoland code from Michael Day
  • compass independent auto takeoff

I'll go into each of these changes in a bit more detail.

Automatic Stall Prevention

The automatic stall prevention code is code that uses the aerodynamic load factor (calculated from demanded bank angle) to adjust both the maximum roll angle and the minimum airspeed. You can enable/disable this code with the STALL_PREVENTION parameter which defaults to enabled.

When in stabilised manual throttle modes this option has the effect of limiting how much bank angle you can demand when close to the configured minimum airspeed (from ARSPD_FBW_MIN). That means when in FBWA mode if you try to turn hard while close to ARSPD_FBW_MIN it will limit the bank angle to an amount that will keep the speed above ARSPD_FBW_MIN times the aerodynamic load factor. It will always allow you at bank at least 25 degrees however, to ensure you keep some maneuverability if the airspeed estimate is incorrect.

When in auto-throttle modes (such as AUTO, RTL, CRUISE etc) it will additionally raise the minimum airspeed in proportion to the aerodynamic load factor. That means if a mission demands a sharp turn
at low speed then initially the turn will be less sharp, and the TECS controller will add power to bring the airspeed up to a level that can handle the demanded turn. After the turn is complete the minimum airspeed will drop back to the normal level.

This change won't completely eliminate stalls of course, but it should make them less likely if you properly configure ARSPD_FBW_MIN for your aircraft.

PX4IO based RC override code

This releases adds support for PX4IO based RC override. This is a safety feature where the stm32 IO co-processor on the PX4 and Pixhawk will give the pilot manual control if the main ArduPilot micro-controller fails (or the autopilot code crashes). This is particularly useful when testing new code that may not be stable.

As part of this new RC override support we also have a new OVERRIDE_CHAN parameter, which allows you to specify a RC input channel which can be used to test the RC override support. See the documentation on OVERRIDE_CHAN for details.

I2C bugfix

This release fixes another I2C bug in NuttX which could cause the Pixhawk to lock up under high I2C load with noise on I2C cables. This bug has caused at least two aircraft to crash, so it is an important fix. I hope this will be the last I2C crash bug we find in NuttX! An audit of the code was done to try to confirm that no more bugs of this type are present.

New Autoland code

This release incorporates some new autoland capabilities contributed by Michael Day. The key new feature is the ability to trigger an automatic landing when a RTL completes, which for the first time allows a user to setup their aircraft to land using only transmitter control.

The way it works is there is a new parameter RTL_AUTOLAND. If that is set to 1 and the aircraft reaches its target location in an RTL it will look for DO_LAND_START mission item in the mission. If that is found then the aircraft will switch to AUTO starting at that section of the mission. The user sets up their land mission commands starting with a DO_LAND_START mission item.

There is more to do in this autoland support. We have been discussing more advanced go-around capabilities and also better path planning for landing. The code in this release is an important first step though, and will be a good basis for future work.

Compass independent takeoff code

The auto-takeoff code has been changed to make it more independent of compass settings, allowing for reliable takeoff down a runway with poor compass offsets. The new takeoff code uses the gyroscope as the
primary heading control for the first part of the takeoff, until the aircraft gains enough speed for a GPS heading to be reliable.

Many thanks to all the contributors, especially:

  • Paul and Jon for EKF and TECS updates
  • Bret and Grant for stall prevention testing
  • Michael for all his autoland work
  • all the work on NavIO, PXF and Zynq by John, Victor, George and Siddarth
  • The PX4 team for all the PX4 updates
  • Flaperon updates from Kirill

More complete list of changes:

  • allow GCS to enable/disable PX4 safety switch
  • make auto-takeoff independent of compass errors
  • report gyro unhealthy if calibration failed
  • added support for MAV_CMD_DO_LAND_START
  • added RTL_AUTOLAND parameter
  • disable CLI by default in build
  • new InertialSensor implementation
  • added landing go around support
  • enable PX4 failsafe RC override
  • added OVERRIDE_CHAN parameter
  • changed default AUTOTUNE level to 6
  • changed default I value for roll/pitch controllers
  • added CAMERA_FEEDBACK mavlink messages
  • use airspeed temperature for baro calibration if possible
  • added STALL_PREVENTION parameter
  • fixed handling of TKOFF_THR_MAX parameter
  • added ARSPD_SKIP_CAL parameter
  • fixed flaperon trim handling (WARNING: may need to retrim flaperons)
  • EKF robustness improvements, especially for MAG handling
  • lots of HAL_Linux updates
  • support wider range of I2C Lidars
  • fixed fallback to DCM in AHRS
  • fixed I2C crash bug in NuttX
  • TECS prevent throttle undershoot after a climb
  • AP_Mount: added lead filter to improve servo gimbals
  • Zynq and NavIO updates
  • fixed preflight calibration to prevent losing 3D accel cal
  • perform a gyro calibration when doing 3D accel cal
  • added DO_CONTINUE_AND_CHANGE_ALT mission command
  • added support for DO_FENCE_ENABLE mission command
  • allow gyro calibration to take up to 30 seconds
  • improved health checks in the EKF for DCM fallback

Note: If you use flaperons you may need to re-trim them before you
fly due to the change in flaperon trim handling.

I hope that everyone enjoys flying this new APM:Plane release as much as we enjoyed producing it!

Happy flying!

Planet DebianKenshi Muto: Bug #668001

If the bug title of #668001 was not "debootstrap: cant install systemd instead of sysvinit", but was like "debootstrap ignores everything from the first pipe character to the end of Depends/Pre-Depends line.", it would be treated more carefully ;)

My patch posting #20 aims to fix it.

Well, I wish this bug will be solved on jessie+1 or backports.

Planet DebianDirk Eddelbuettel: YATORP -- Yet Another Tutorial on R Packaging

What the world needs right now is yet another tutorial on R packages and their creation. Luckily, this last Friday and Saturday, I had the opportunity to present in a workshop organized by Frank DiTraglia at Penn's shiny new Warren Center, and held at Wharton.

Given the Warren Center's focus, the workshop centered around Big Data and Open Science with R. Yihui Xie and myself alternated on delivering four units on an Introduction to R, Writing R packages, Dynamic Documents with R, and HPC with Rcpp and RcppArmadillo.

So I had to come up with a plan for teaching creating R packages -- and decided to do it from the very bottom up, clearly introducing the underlying R CMD ... commands and only then switching to taking advantage of an environment such as the RStudio IDE.

The resulting slides are now available on my presentations page. The code examples are in a repo subdirectory on GitHub as well. While both were designed to support the parallel live instruction offered in the workshop, I would be interested in feedback (preferably via email) about how useful the slides are by themselves.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Planet Linux AustraliaDavid Rowe: OpenRadio Part 3 – Filters

Over the past week I’ve built my own OpenRadio prototype, using the construction notes Mark has put together as a guide.

To help others I measured a few DC voltages and recorded them. I found one small bug in my assembly: one of the flip-flop pins was not soldered correctly, leading to erratic signals. After that I set the LO to receive a 14 MHz signal and managed to receive a carrier from my FT-817, via about 60dB of in-line attenuation. At the moment I am using SpectraView running under Wine as the SDR software, however we really should get a Linux/Open Source SDR program running for the mini-conf. I only have a mono input sound card in my laptop so I’m getting a mirror image of the received spectrum. Still, good enough to get started.

I connected the radio to an external antenna and tuned to a local AM station on 1310 kHz. This sounded very strong but distorted. When I tuned to 7.150 MHz I could still hear AM radio signals, which suggests very strong local signals overloading the mixer. I tested this idea by inserting a 20dB attenuator in line with the antenna and sure enough the AM signal on 1310 kHz became clear and I could no longer hear AM stations on 7.150 MHz.

I could even see the AM signal on my oscilloscope – it measures 1Vrms (20mW) on the antenna terminals! That’s enough to light a LED (10mA at 2V).

However an attenuator is not ideal, so using the tables from my trusty copy of RF Circuit Design I built a simple High Pass Filter to attenuate broadcast signals by about 20dB, but pass other HF signals above 3 MHz. This consists of a 1nF capacitor and two 4.5uH inductors (21 turns on a 7mm diameter pencil) in a “Pi” arrangement. This worked well, the AM signals sound fine and no break through on other HF frequencies.

I also tested Mark’s 27 MHz Low Pass transmit filter, this cleaned up the PSK31 tx signal nicely, 2nd harmonic at least 30dB down with about 1Vrms into 50 ohms (20mW) transmit power. Here is a photo of my OpenRadio with both filters on the right. The larger coils at the top are part of the 3 element 3MHz high pass filter, which then connects to the 7 element 27MHz low pass filter.

Mark and I even had a OpenRadio to OpenRadio PSK31 QSO on the 40m Ham Band! I had about 40mW transmit power on 40m. This was actually NVIS propagation so 100km up and down to the ionosphere and 10km across Adelaide!

So our #2 prototype helps us confirm that the design is working. I’ve followed Mark’s construction notes and made some of my own, and obtained experience in setting up the Arduino and Spectraview software. The broadcast HPF design may be useful for others who experinece strong local interference.

Well done Mark on a fine job designing OpenRadio and writing the support Arduino software. He has put in a tremendous amount of work to develop and test the hardware, written a lot of software, and carefully documented everything on the OpenRadio Wiki. This is a great resource that will be useful to many others. Next step is the kit production. Right on schedule for in January.


TEDMeet the family that’s translated 2,000 talks

Between the two of them, Tal and Ido Dekker have translated 2,000 TED Talks into Hebrew. Photo: Courtesy of the Dekkers

Between the two of them, Tal and Ido Dekkers have translated 2,000 TED Talks into Hebrew. Photo: Courtesy of the Dekkers

The Open Translation Project has a global family of over 18,000 volunteers. But for the Dekkers — living in Sde Warburg, Israel — the OTP family isn’t a figure of speech. They’ve made translating TED Talks into Hebrew a true family affair.

Husband and wife Ido and Tal Dekkers have worked on more than 2,000 translations between them. Ido, the most prolific translator in the OTP program, has brought 1,800 talks into Hebrew and Tal has worked on 200. And while their two daughters, May and Adi, are still improving their English enough to do their own translations, they’ve caught their parents’ TED mania too, and help review their translations. May, who’s older, has also helped her father work on several TED-Ed lessons.

TED-Ed lessons are a particular favorite for the Dekkers. “I like translating everything, but especially TED-Ed lessons,” says Ido. “I think they’re very important, because I’m able to use them [with my daughters].”

In fact, it was his daughters’ education that first inspired Ido to start translating TED Talks in 2009, in hopes of getting both talks and lessons into May and Adi’s classrooms. The girls have introduced many of their teachers to TED, and talks and lessons are now used regularly throughout their school. While some teachers already watched talks on their own, it hadn’t been a part of the classroom experience until the Dekkers advocated for it.

The Dekkers have spread their fandom beyond school as well. “We like to tell everybody about TED,” says Tal. This is important for friends and neighbors, but not so much at work. Tal has a graphic design studio and Ido is a web developer — so they estimate that 90% of their colleagues are already familiar with TED.

They’re a couple who has watched an astonishing number of TED Talks, and the Dekkers call some of the most popular talks of all time their favorites. Topping the list: Sir Ken Robinson’s “How schools kill creativity” and Jill Bolte Taylor’s “My stroke of insight.” Tal also felt hugely inspired recently by Chris Hadfield’s “What I learned from going blind in space.” But for them, the ultimate joy is translating talks that are on-topic for their fields. Tal loves to translate talks on art and design, while Ido says, “I like the technology stuff.”

And the Dekkers hope to someday help translate pages, so that they are available beyond the English-speaking world. (They’re waiting on the technology to do this bit, and we’re working hard to build it.)

With all the time and dedication that the Dekkers give to the OTP, the question pops to mind: Do they sometimes need to take a break from translating?

Tal says that, on the contrary, especially living in Israel — where the political situation this summer was all-consuming for many — translating TED Talks is a welcome reprieve. “The translating thing is a bit like a pause in our real-life situation,” she says. “It is like a break. We like doing this.”

Krebs on SecuritySpam Nation Book Tour Highlights

Greetings from sunny Austin, Texas, where I’m getting ready to wrap up a week-long book tour that began in New York City, then blazed through Chicago, San Francisco, and Seattle. I’ve been trying to tweet links to various media interviews about Spam Nation over the past week, but wanted to offer a more comprehensive account and to share some highlights of the tour.

For three days starting last Sunday, I was in New York City — doing a series of back-to-back television and radio interviews. Prior to leaving for New York, I taped television interviews with Jeffrey Brown at the PBS NewsHour; the first segment delves into some of the points touched on in the book, and the second piece is titled “Why it’s harder than you think to go ‘off the grid’.”


On Monday, I was fortunate to once again be a guest on Terri Gross‘s show Fresh Air, which you can hear at this link. Tuesday morning began with a five-minute appearance on CBS This Morning, which included a sit-down with Charlie Rose, Gayle King and Norah O’Donnell. Later in the day, I was interviewed by the MarketPlace Tech ReportMSNBC’s The Cycle, as well as the Tavis Smiley show. Wednesday was a mercifully light day, with just two interviews: KGO-AM and the Jim Bohannon Radio Show.

Thursday’s round of media appearances began at around sunrise in the single-digit temperature Chicago suburbs. My driver from the hotel to all of these events took me aback at first. Roxanna was a petite blonde from Romania who could have just as easily been a supermodel. I thought for a moment someone was playing a practical joke when I first heard her “Gud mornink Meester Krebs” in a Eastern European accent upon stepping into her Town Car, but Roxanna was a knowledgeable driver who got us everywhere on time and didn’t take any crap from anyone on the road.

wcl-ji The first of those interviews was a television segment for WGN News and a taped interview with TouchVision, followed by my first interview in front of a studio audience at Windy City Live.  The guest who went on right before me was none other than the motivational speaker/life coach Tony Robbins, who is a tough act to follow and was also on the show to promote his new book. At six feet seven inches, Robbins is a larger-than-life guy whose mere presence almost took up half the green room. Anyway Mr. Robbins had quite the security detail, so I took this stealthie of Tony as he was confined to the makeup chair prior to his appearance.

On Thursday afternoon, after an obligatory lunch at the infamous Billy Goat burger joint (the inspiration for the “Cheezborger, cheezborger, cheezborger” Saturday Night Live skit) I visited the Sourcebooks office in Naperville, met many of the folks who worked on Spam Nation, signed a metric ton of books and the company’s author wall.

The Spam Nation signing in Naperville, IL.

The Spam Nation signing in Naperville, IL.

After an amazing dinner with my sister and the CEO of Sourcebooks, we headed to my first book signing event just down the street. It was a well-attended event with some passionate readers and fans, including quite a few folks from @BurbsecWest with whom I had beers afterwards.

On Friday, I hopped a plane to San Francisco and sat down for taped interviews with USA Today and Bloomberg News. The book signing that night at Books Inc. drew a nice crowd and also was followed by some after-event celebration.

Departed for Seattle the next morning, and sat down for a studio interview with longtime newsman (and general mensch) Herb Weisbaum at KOMO-AM. The signing in Seattle, at Third Place Books, was the largest turnout of all, and included a very inquisitive crowd that bought up all of the copies of Spam Nation that the store had on hand.

Yours Truly at a book signing in Seattle's Third Place Books.

Book signing at Seattle’s Third Place Books.

If you’re planning to be in Austin tonight — Nov. 24 — consider stopping by B&N Arboretum at 7:00 p.m. and get your copy of Spam Nation signed. I’ll be holding one more signing — 7:00 p.m. in Washington, D.C.’s Politics & Prose on Dec. 4.

For those on the fence about buying Spam Nation, Slate and LinkedIn both ran excerpts of the book. Other reviews and interviews are available at, Yahoo News, and Also, I was interviewed at length several times over the past month by CBS’s 60 Minutes, which is doing a segment on retail data breaches. That interview could air as early as Nov. 30. On that note, the Minneapolis Star Tribune ran a lengthy story on Sunday that followed up on some information I first reported a year ago about a Ukrainian man thought to be tied to the Target breach, among others.

CryptogramThe Security Underpinnnings of Cryptography

Nice article on some of the security assumptions we rely on in cryptographic algorithms.

TED7 StoryCorps stories that Dave Isay just can’t get out of his head


StoryCorps brings together individuals for in-depth interviews. Some of Dave Isay’s favorite pairings: (from left) Kirk and Ryan Sharp, a father and his veteran son; Mary Johnson and Oshea Israel, a mother and the man who murdered her child; Lyle Link and Carly Dreher, grandfather and granddaughter. Photo: StoryCorps

By Dave Isay

I can’t tell you how completely shocked I am to win the TED Prize. For those of you who haven’t heard of StoryCorps, it’s a Brooklyn-based nonprofit I founded 11 years ago that, so far, has given 100,000 Americans the chance to record audio interviews about their lives. Participating in StoryCorps couldn’t be easier: you invite a loved one (or, really, anyone you choose) to a StoryCorps recording site. A trained facilitator greets you and explains the interview process. You’re then brought into a quiet recording room and seated across from your interview partner, each of you in front of a microphone. The facilitator hits “record,” and you share a 40-minute conversation. At the end of the session, you get a copy of the recording, and another copy goes to the American Folklife Center at the Library of Congress in Washington, D.C., where it will be preserved for generations to come. StoryCorps is about passing wisdom from one generation to the next: someday your great-great-great-grandchildren will be able to meet your grandfather, your mother, your best friend, or whomever it is you chose to honor with an interview.

Of course, some of these stories are heard in the present moment too. We share short excerpts from interviews every Friday on NPR’s Morning Edition and in podcasts, animations and books. We hope that these edited stories illustrate our shared humanity and show how much we all have in common.

On March 17—during TED2015—I’ll share my wish for where to go from here. But in the meantime, I picked some favorite stories to give you a sense of the work we do. Enjoy these stories, half animated and half audio.

<iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="360" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="586"></iframe>

1. Danny and Annie. This husband-and-wife duo of 27 years recorded their interview at our first booth in New York City in the days after we launched. We fell in love with them instantly.  Watch and you’ll see why.

2. Oshea Israel and Mary Johnson. An example of the kind of remarkable conversations that can happen in a StoryCorps booths—a mother speaks to the young man who murdered her only child.

<iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="360" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="586"></iframe>

3. Eyes on the Stars. For the 25th anniversary of the Challenger Space Shuttle disaster, our team went searching in our archive to see if anyone had ever talked about the disaster.  It turned out that the brother of one of the astronauts had come to a booth to record.

4. Lyle Link and Carly Dreher. Just a simple StoryCorps interview between a granddaughter and her grandfather.

<iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="360" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="586"></iframe>

5. John and Joe. We’ve launched about 10 big national initiatives focusing on particular groups of Americans, from veterans to those facing memory loss. Our first was with families who lost loved ones on 9/11. This is one of those stories.

6. Ryan and Kirk Sharp. An interview we aired this past week from our work with post-9/11 military veterans and their families.

<iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="360" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="586"></iframe>

7. Miss Devine. One of my favorite animations, to close out this list.

We have an amazing team of about 100 people who are working body and soul to build StoryCorps into a sustaining institution that recognizes that every life and story matters equally. We’re so excited to work with the TED community to further our mission and spread this message. See you at TED2015 in March!!!

Dave Isay

Dave Isay hard at work in a booth. Photo: StoryCorps

Dave Isay hard at work in a recording booth. Photo: StoryCorps


TEDTED@StateStreet offers words to inspire leaders at every level

Patrice Thompson speaks at TED@State Street salon at Troxy, November 18, 2014, London, England.

At TED@StateStreet, Patrice Thompson shares how two generations with very different ideals can work together effectively. Photo: Paul Sanders/TED

From anti-jargon campaigns to how Gen X and Gen Y can collaborate, TED@StateStreet highlighted ideas to inspire leaders at every level. This TED Institute event, held in London on November 18, showcased speakers from both inside and outside the financial services company. Throughout, the focus was on innovative thinking in work culture.

Below, quotes worth sharing from each of the TED@StateStreet talks:

“The quality of our conversations matter. Great achievements only come after great conversations.” —John O’Leary, communications advocate 

“We don’t need to reinvent the wheel. We have the rim, the hub and the spokes — we just need to put them together.” —Paul O’Connell, economist

“Big social changes can start with seemingly small, mundane actions.” —Christina Balch, selfie artist

“Imagine if your life were defined by the thing you were most ashamed of. What skills and talents would the world miss out on?” —Alexander McLean, TED Fellow

“What I’d always thought was simply a personal matter, I now see has a ripple effect out into the workplace and community. If I don’t share who I really am, I may be inadvertently contributing to an atmosphere of discrimination.” —Morgana Bailey, Human Resources activist

“Here are three ways to improve your communication: 1) Know your audience. 2) Know what you’re trying to say. 3) Get to the point, and do it quickly.” —Thea Knight, anti-jargon crusader

“No one is denying there’s a global education problem. How can we fix it?” —Todd Gershkowitz, education disruptor

What's in a name? More than you think, says Cynthia Win at TED@StateStreet. Photo: Paul Sanders/TED

What’s in a name? More than you think, says Cynthia Win at TED@StateStreet. Photo: Paul Sanders/TED

“We have to change the dialogue on immigration. Immigration is a catalyst, a vital force. It is a social good that makes communities more interesting.” —Tim Graf, global soul

“It took me 32 interviews to get one job. The most important thing I learned? Persistence, persistence, persistence.” —Ashwini Mrinal Bhagat, company culturist

“How can companies improve employee engagement across generations? Three ways: 1) Encourage more collaborative projects, 2) Cross-train staff on different roles, and 3) Recognize and reward valuable ideas.” —Patrice Thompson, generational diplomat

“I am drawn to ghost towns. I always wonder, how many ghost towns are we in the process of creating today?” —Abbey Williams, ghost town explorer

“Shakespeare — financier, poet, playwright — should be our inspiration today.” —John Bolton, business imaginist 

“In some parts of Asia, more and more people are adopting Western names for convenience. If we don’t put in the effort to learn the names from other cultures today, will we still see traditionally meaningful names in the next generation?”  —Cynthia Win, name decoder 

“When professional footballers transfer teams, their original team receives a fee. What if companies did the same thing with employees?” —Yusuf Nurbhai, management innovator

“I started off studying to be a doctor. Then I became a poet. Poetry is a less quantifiable way of saving lives.” —Harry Baker, slam poet

TEDHow a model of mentorship is helping TEDx grow throughout Iran

Speaker Reza Pakravan gives a talk about TK at TEDxTehran 2014, themed "On the Verge of Breakthrough." Photo: Ali Taheri

Reza Pakravan talks about cycling at TEDxTehran 2014, themed “On the Verge of Breakthrough.” Photo: Ali Taheri

It’s not every day that you see a desert cyclist, a Tanbour virtuoso, a Persian literature professor and a health systems expert in the same room together. But at the second TEDxTehran, held in September, they all took the stage, sharing stories of their “breakthroughs.” In the audience, representatives from TEDx events in all corners of Iran — from the coastal city of Kish to the Gholhak neighborhood in Northern Tehran to the Northwest province of Qazvin — took notes on the ideas presented, while absorbing the ingredients of a memorable, inspirational and substantive TEDx event.

By next year, 12 TEDx events will have taken place in Iran. But when Sara Mohammadi first applied for a license in 2012, there had been none. In fact, Tehran was the only major urban city in the Middle East that had not hosted a TEDx event. “It felt like a piece of TEDx was missing,” she says, “like there was a hole in the idea map of TEDx.”

Mohammadi admits she never planned to apply to organize a TEDx. She first got her feet wet when she responded to a tweet from the organizers of TEDxKish requesting volunteer help. But when the event was cancelled, she wasn’t sure where to channel her energy. She contacted TEDx organizer Giorgio Ungania, who she had met at TEDxAbuDhabi, and asked if she could be part of that team. Under his mentorship, Mohammadi mastered the art of pulling off a great TEDx event. She decided to plan her own. 

“I always saw TEDx as a constructive non-political and non-polemic platform to bridge Iranians with the rest of the world and vice versa,” she explains. “Thirty years of alienation means a lot of lost opportunities to have synergy of ideas with the world, to come up with collaborative innovative solutions and to truly contribute to the global community.” 

TEDxTehran’s current licensee, Reza Ghiabi, agrees that TEDx is the perfect platform to “stimulate the exchange of ideas in the city” and a great way to unearth the ideas nestled in the urban epicenter of Iran.

Inside Vahdat Hall, where TEDxTehran was held. Photo: Ali Taheri

Inside Vahdat Hall, where TEDxTehran was held. Photo: Ali Taheri

Ghiabi’s TED journey started when he first stumbled across the talk, “The Paradox of Choice” by Barry Schwartz. From that point on, he was hooked. He began volunteering to help translate TED Talks from English to Persian, and then heard about TEDxTehran on social media, in the same way Mohammadi had been first drawn into the TEDx world too. Ghiabi wrote an email to Mohammadi asking to contribute, and she brought him onto the team. He became a volunteer, and then a co-host for the very first TEDxTehran.

On February 14, 2013, Mohammadi, Ghiabi and an army of passionate volunteers launched TEDxTehran, with the theme “En Route.” Both Mohammadi and Ghiabi believe that Iran could help them lead global conversations, as well as tackle major environmental and societal challenges. “With a population of 8 million and rising, Tehran’s biggest and most valuable resource is human capital,” explains Ghiabi. “We wanted to create a way to nurture local talent and ideas, and feed them back into our community.” 

After their first successful event, Mohammadi shifted over into a new role as an advisor with Ghiabi stepping into her original position. “It’s like a passing of the torch,” says Ghiabi, “like the spreading of great ideas.” For the second event, Ghiabi and the team decided on the theme of “Verge of Breakthrough” to build on of the journey already set into motion. “Tehran was already en route towards a new future after the first event,” says Ghiabi, “One year later, we are ready for a breakthrough.” 

The event was a major success, “an absolutely great TED-like experience,” according to Ghiabi.

And it was also an opportunity for TEDx organizers in other parts of Iran to exchange best practices and share experiences, he says. “I truly hope people experienced a breakthrough, in the truest sense,” Mohammadi adds, “be it in their relationships, personal choices, ideas they are conceptualizing, technologies they are creating, or careers they are building.”

The TEDx letters, proudly displayed. Photo: Nooshafarin Movaffagh

The TEDx letters, proudly displayed. Photo: Nooshafarin Movaffagh

TEDxTehran, itself, was a breakthrough for Iran, paving the way for eleven more TEDx events. Mohammadi remembers that when she was preparing the first TEDxTehran event, one of the organizations she approached for a partnership warned her that others would reject the idea of a TEDx in Iran. She pushed on, and saw no resistance from the government or religious groups. Instead, she was surprised to discover they had the full support of partners, universities and the press.

Ghiabi believes that the reason for TEDxTehran’s success is simple: “We understand the culture of TEDx and the Iranian environment, and find the points they share.”

The TEDxTehran team works hard to balance the rules of TEDx with the current cultural climate in Iran. By beginning TEDx small, and at the local level, it helped the event proliferate in the long run, Ghiabi adds. “You get the best experience for the community, crafted by the community,” he says

Two years in, TEDxTehran’s community is no small pond: 7,000 fans cheer on TEDxTehran over Facebook, in addition to their 1,000 Twitter followers. “Keep in mind this is in a country where Facebook is banned,” says Ghiabi.

Ghiabi says that hundreds of Tehranians are interested in volunteering at future events. And in this way, the cycle of passing on the torch continues, with leaders growing future leaders and events spawning new events. Which is a good thing. “There is still a lot of room for positive impact,” says Mohammadi.

The audience at TEDxTehran finds its seats. Photo: Ali Taheri

The audience at TEDxTehran finds its seats. Photo: Ali Taheri

TEDWhy we need to build the stuff of science fiction: A teen reporter talks to a music technologist

Engineer and musician Gil Weinberg creates robots that are able to improvise. This robotic drum prosthetic can play beats no human can. Photo: Courtesy of Gil Weinberg

Engineer and musician Gil Weinberg builds musical robots that improvise. This robotic drumming prosthesis can play beats no human can. Photo: Courtesy of Gil Weinberg

Gil Weinberg creates musically included robots so good they can improvise. The founder of the Music Technology program at Georgia Tech, he also creates innovative music apps and has contributed his technologies to many a band and ensemble.

Sam Roth, an 11th grader in New York City, was excited to interview Weinberg about his experience speaking at TEDYouth 2014. Below, an edited transcript of their conversation.

How did you get involved with music technology?

I was a musician first — I played piano until college. Only when I got to college did I start to get interested in computation and computer science. Then I thought that it could be an interesting idea to combine both of them. I was playing with a jazz band and, at some point, I thought maybe I could write software to listen to my music and improvise. I thought it could be something new and unique. So I started to write software that actually analyzed music, that complements and improvises.

It went from music to computation. When I got to Georgia Tech after I finished my PhD studies, I started to get interested in robotics. I just grew tired of the electronic sound that comes from speakers. Since everything I did was software and all the music came from speakers, it wasn’t rich. It didn’t have the expression that acoustic sound has. It was the same kind of idea — let the computer inspire me to create something interesting — but this time with acoustic sound.

You came to the U.S. from Israel. How was your work impacted by both the American and Israeli tech scenes?

I believe that we’re global citizens. My inspiration actually came at places here in the States — places that were full of people from all over the world. The MIT Media Lab and Georgia Tech are very international. My horizons were opened more by having more nationalities around — and people with different ways of thinking — than by any single national culture.

Roboticist Gil Weinberg (left) is interviewed by 11th grade reporter TK.

Here, roboticist Gil Weinberg (left) is interviewed by 11th-grade reporter Sam Roth (right).

What is your favorite part of what you do?

Unfortunately, since I became a professor and started teaching, I haven’t been coding as much as I used to. You find yourself less connected to the wires, so to speak. Whenever I do, I enjoy it very much. One way I do stay connected is in actually playing music. I try to have a set point, when the robot is ready, where I can play. So at least I get to be connected to the low-level mechanism with the music.

What I spend the most time on is thinking. Designing with my eyes. Then I take out a pencil and start brainstorming. I come up with ideas on what’s missing in the current state of the project, to take it as far as possible — but also to have it be buildable. We’re working on brain waves controlling a robotic prosthetic arm, which sounds impossible. The trick is to take something that sounds a little bit science fiction-y and find ways in which you can actually do it.

What made you decide to speak at TEDYouth this year?

I was very excited about interacting with teenagers. I think it’s a very cool idea to have an event with kids who are willing to think about big ideas. I had read the list of speakers, which was very interesting. And I wanted to meet all of them. But mostly I was excited about the interactions before and after my talk. I wanted to see what the kids had to say.

Since a big theme of the conference was changing the future, what would be your one message to the next generation?

Keep on creating and building. Keep on questioning what you have and what’s around you. Always ask yourself if there’s something else that you can create or make better. I’m not a religious guy, and some people relate not believing in some kind of higher power with not being a believer. But I’m a very big believer. My belief is in being creative and coming up with new ideas.

TEDAmanda Palmer on expanding her TED Talk into a book and getting a lesson in vulnerability from Brené Brown


Amanda Palmer’s new book grew out of a simple fact: that she couldn’t cram every relevant story into her 14-minute TED Talk. So she has expanded her talk, “The art of asking,” which focuses on how artists can (and should) ask those who love their work for help, into the book The Art of Asking: How I Learned to Stop Worrying and Let People Help, about the need to ask for help more generally. And in another interesting twist for TED fans, the foreword to the book was written by one Brené Brown, who gave the fourth most-watched talk of all time, “The power of vulnerability.”

We asked Palmer a few questions about the process of turning her talk into a book and about the experience of working with Brown. Below, an edited transcript.

Would you rather have give your TED Talk 10 times in a row to an audience of clowns, or have to write one more chapter of your book with a deadline of tomorrow morning?

Oh my god. Great. Well, I love clowns. So as long as I didn’t have to actually memorize that sucker word for word and could just kind of summarize it. Or maybe I could mime the TED talk for the clowns? Maybe this could become a multi-media interactive performance in which the clowns responded to my TED mime-talk? Maybe all the clowns could be wearing Google Glass and we could webcast this?

Wait, forget it. I’ll just write another chapter of the book. Easier.

What was the biggest challenge of bringing your idea from a talk to the written page?

Funny enough, it was a challenge to try to capture the beautiful economy of the talk in 300 pages. That 14-minute time limit was the greatest gift: I’m very glad my talk wasn’t longer, because I don’t think it would have been quite so effective, emotionally, and I don’t think it would have gone viral.

Art of Asking book coverWhen I was working on the talk with Jamy Ian Swiss, a friend who became my default coach, he kept saying, “Cut that part, Amanda, you can put it in the book. Cut this too — save it for the book.” At the time, there was no book. We just had the assumption that maybe someday, there’d be an outlet for these other stories. The pieces I cut would probably be surprising to some. They might seem off-topic. But to me, these are essential riffs on the same theme as my talk: my job as a stripper, my marriage difficulties around the topic of money and help, my experiences with abortion and having to deal with certain kinds of pain in isolation, my best friend’s cancer battle leading to a cancelled tour. All of these things had a lot to do with “the art of asking,” but they weren’t going to fit neatly into a 14-minute talk.

So I cut a lot of stories from the TED talk, and they’d been lying there fallow on the cutting room floor, waiting to be threaded in. The book happened much faster than I thought, but I’m also glad it happened fast, before all those tethered balls in the air had a chance to land and disconnect. And when I got my book advance, I hired Jamy for an actual salary this time to be my book doula. It all worked out pretty beautifully.

What types of help did you find are the hardest for you to ask for? How do you push through that?

I’ve found that everybody has an Achilles’ heel when it comes to asking. I know a lot of people who can boldly ask for a raise, but they can’t ask for a hug. And I know a lot of people with the opposite problem. My personal kryptonite, and I detail it painfully in the book, is taking financial help from my husband. I’m happy taking millions of dollars from strangers, but it’s taken me a long time to get used to taking help from him. My life finally hit a point where I saw the bigger picture — it took my friend getting fatally ill, but this is all part of the journey. I noticed that I ask too much of myself. Letting myself off the hook is one of my biggest projects.

Speaking of your husband, he is quite a well-known writer. Did you let him edit your manuscript or were you hesitant to ask for help on that?

I wasn’t at all hesitant: I utilized the hell out of Neil Gaiman with this book. But the first ask wasn’t about editing or shaping or writing: it was about letting go of his wife for two months so I could write in solitude. That was difficult to do. And the minute I finished my first, hulking 150,000 word manuscript, I handed it over to him, squeezed my eyes shut and said, “Cut out 50,000 words.” And he sat down for two days, and cut away the fat. That was a massive act of trust. I trusted his writer’s eye so greatly that I didn’t even read his cut manuscript. We started with Neil’s edit as a fresh draft. And in the final days of last-minute editing, Neil suggested a fantastic order-switch with the pieces of the book that wound up unlocking a problem. The guy can write, but he’s also a fantastic editor. I owe him one.

And Brené Brown also helped by writing the foreword of the book. How did you two meet?

I found Brené’s talk when I was on a TED-watching marathon while writing my own talk back in 2013. For about the week before cracking down to write my first draft, I immersed myself on and watched about 50 talks — focusing on the most-viewed — to see how people were getting their ideas across most effectively. I found a few heroes during that week, some of whom have come into my life since as real heroes, like Amy Cuddy and Jill Bolte Taylor, both of whom I got to meet and hug in the flesh at TED itself and both of whom I now treasure as friends. But Brené’s talk especially moved me. A few weeks before leaving for Australia, where I wrote the book, I was in the Trident Bookstore in Boston, and saw Daring Greatly lying on the staff picks table. I picked it up and started reading it. I was floored: she’d basically written the same book that I had in mind. Hers was academic and anecdotal and mine was pure memoir, but still the threads were exactly the same. She even used a Velveteen Rabbit story, which I couldn’t believe — I’d been planning on quoting the exact same passage. So I sent Brené a DM on Twitter, asking her to write the intro. I was so honored when she said yes, and I think what she wrote is absolutely perfect.

What did she write in her foreword that most surprised you?

I loved, most of all, that Brené was reaching out to the rest of the world in a way that I couldn’t. She works at a university, lives a domestic life, goes to church; but she sees her life reflected directly in my weird rock-and-roll couchsurfing existence. This is what made Brené’s book so great, in itself: our situations are different, but our emotional experiences give us all a common ground. We all feel shame, vulnerability, fear. I’m so incredibly proud to be a small voice in what feels like a zeitgeist of women writers lately, including Amy Cuddy — who’s about to bust out with her own book — and Laurie Penny and Caitlin Moran, who are embracing these commonalities we humans have and casting our own stories into the net of understanding. I think it’s a beautiful time to be alive: it’s like we’re all doing our little bit to shine our teeny personal flashlights into the wide, big, dark. With enough of us, the dark is receding and things are taking shape. I can’t wait to see what we find there.


TEDTEDYouth 2014, in pictures

TEDYouth 2014 was an explosion of “Worlds Imagined.” On Saturday, November 15, New York students gathered for a day of punchy, inspiring talks that brought them to the Sahara Desert when it was a river wonderland for dinosaurs, to the surface of Mars as the Curiosity Rover makes its way up a mountain, and into the kitchen of a tiny house built by a 14-year-old. Below, photos from the event.

At the Brooklyn Museum in New York City, 550 middle and high school students came together for TEDYouth 2014. Photo: Ryan Lash/TED

At the Brooklyn Museum in New York City, 550 middle and high school students came together for TEDYouth 2014. Photo: Ryan Lash/TED

Paleontologist Nizar Ibrahim tells the story of how he discovered the Spinosaurus, which may have been the largest carnivorous dinosaur to ever live. Oh, and it lived in the water. Photo: Ryan Lash/TED

Paleontologist Nizar Ibrahim tells the story of how he discovered Spinosaurus, which may have been the largest carnivorous dinosaur to ever live. It likely lived in the water. Read a recap of Ibrahim’s session. Photo: Ryan Lash/TED

Assistant host -- and high schooler -- Evan pumps up the crowd before introducing the next TEDYouth speaker. Photo: Ryan Lash/TED

Assistant host — and high schooler — Evan pumps up the crowd before introducing the next TEDYouth speaker. Photo: Ryan Lash/TED

During a break, an attendee meets a monarch butterfly at Jaap de Roode's activity table. Photo: Ryan Lash/TED

During a break, an attendee meets a monarch butterfly at Jaap de Roode’s activity table. Read about de Roode’s talk. Photo: Ryan Lash/TED

Super Smash Bros. Melee champion Lilian Chen, also known as Milktea, plays against an attendee. Who actually lasted pretty long before being beat. Photo: Dian Lofton/TED

Super Smash Bros. Melee superstar Lilian Chen, also known as Milktea, plays a TEDYouth attendee. Read about Chen’s talk. Photo: Dian Lofton/TED

Tahir Hemphill created the Hip Hop Word count to study the lyrics of 50,000 hip hop songs. Photo: Ryan Lash/TED

Tahir Hemphill created the Hip Hop Word count to study the lyrics of 50,000 hip hop songs. Read a recap of Hemphill’s session. Photo: Ryan Lash/TED

An attendee holds one of Sarah Bergbreiter's tiny, tiny robots in the palm of her hand. Photo: Ryan Lash/TED

An attendee holds one of Sarah Bergbreiter’s tiny, tiny robots in the palm of her hand. Read about Bergbreiter’s talk. Photo: Ryan Lash/TED

Attendees spiff up a bike with Hickies shoelaces. Photo: Dian Lofton/TED

Attendees spiff up a bike with Hickies shoelaces. Photo: Dian Lofton/TED

Nineteen-year-old Carol Brown performs her spoken-word poem about New York City, "Foundations." Photo: Ryan Lash/TED

Nineteen-year-old Carol Brown performs her spoken word poem about New York City, “Foundations.” Read a recap of Brown’s session. Photo: Ryan Lash/TED

TED-Ed animators give attendees a lesson in how to create animation. Photo: Dian Lofton/TED

TED-Ed animators give attendees a lesson in how to create animation. Photo: Dian Lofton/TED

Hosts Kelly Stoetzel and Rives pump up the crowd. Photo: Ryan Lash/TED

Hosts Kelly Stoetzel and Rives pump up the crowd. Photo: Ryan Lash/TED

Attendees snap a photo under a piece of art at the Brooklyn Museum. Photo: Ryan Lash/TED

Attendees snap a photo under a piece of art at the Brooklyn Museum. Photo: Ryan Lash/TED

Two attendees (and hip hop enthusiasts) introduce the next speaker, Tahir Hempill of the Hip Hop Word Count. Photo: Ryan Lash/TED

Two attendees (and hip hop enthusiasts) introduce the next speaker, Tahir Hempill of the Hip Hop Word Count. Photo: Ryan Lash/TED

Jennifer Mascia, the daughter of a convicted Mafia gunman, explains the importance of reporting on—and stopping—gun violence. Photo: Ryan Lash/TED

Jennifer Mascia, the daughter of a convicted Mafia gunman, explains the importance of reporting on—and stopping—gun violence. Read a youth reporter Q&A with Mascia. Photo: Ryan Lash/TED

Attendees share some of their ideas worth spreading. Photo: Ryan Lash/TED

Attendees share some of their ideas worth spreading. Photo: Ryan Lash/TED

Teenage chef Flynn McGarry talks about his beets, which taste as good as meat. Photo: Dian Lofton/TED

Teenage chef Flynn McGarry talks about his beets, which taste as good as meat. Read about McGarry’s talk. Photo: Dian Lofton/TED

During an open mic, attendees share what they would take with them on a trip to Mars. Most popular answer: their parents. Photo: Ryan Lash/TED

During an open mic, attendees share what they would take with them on a trip to Mars. Most popular answer: their parents. Photo: Ryan Lash/TED

An attendee creates an LED light with magnetic littleBits blocks. Photo: Ryan Lash/TED

An attendee creates an LED light with magnetic littleBits blocks. Photo: Ryan Lash/TED

Old National Geographics become art, at a station run by Brian Dettmer. Photo: Dian Lofton/TED

Old National Geographics become art, at a station run by Brian Dettmer. Read about Dettmer’s talk. Photo: Dian Lofton/TED

TEDA mobster’s daughter wants to talk to teens about guns. A young reporter finds out why

Journalist Jennifer Mascia is interviewed by 11th grade youth reporter, Olivia Shaw.

Journalist Jennifer Mascia (left) wrote “The Gun Report” for The New York Times. Here, she is interviewed by 11th grade youth reporter, Olivia Shaw (right).

Jennifer Mascia reports on gun violence in America. For more than a year, at The New York Times, she and Joe Nocera wrote “The Gun Report,” a daily series telling the stories of people killed by gunfire in the US. The series was personal for her; one of the people she wrote about was a friend, Ali Eskandarian. But it turns out the subject hits even closer to home: Mascia’s own father was convicted of murder. She writes about discovering this disturbing information in her memoir, Never Tell Our Business to Strangers.

Olivia Shaw, an 11th-grade reporter, read Mascia’s memoir and asked for the chance to interview her in the week before TEDYouth. Below, an edited transcript of their conversation.

What made you decide to write Never Tell Our Business to Strangers?

It was not long after my mom died, and I was really consumed with the fact that my parents were just going to fade from existence and nobody was going to remember them. So I decided that I wanted to get to know who they were, even if that meant writing the bad parts of our history. It was just a desperate feeling of wanting to keep my parents alive somehow.

What was it like to discover your father and mother’s background with the mafia?

The second I found out that my father killed people, I just had to completely reevaluate my family in this new light. My mom wasn’t exactly involved with the mafia, but she was involved with cleaning up my father’s crimes — finding him lawyers and acting as his advocate. She knew about murders that no one else knew about. She was, in the classic sense, a codependent. I started to wonder if I was raised by a psychopath and his willing accomplice, but I just kept coming back to the point that they loved me a lot. I had a very nurturing childhood, strangely.

Can you describe how the memoir went from idea to actual book?

I wrote it as a “Modern Love” column — a couple thousand words — and then a literary agent said, “Why don’t you expand this into a book?” I started with a timeline: I wanted to recount everything in my childhood– like how we lived as fugitives when I was a kid — and I wanted to look at that with an adult’s eye. Then I found all these court records, and suddenly everything started making sense. I gave myself a year, because the second half is all reported. I did the reporting part first, because that was the part I didn’t know, and then I sat down and wrote the part I did know, which was my life until my parents died. It was like a time machine. The writing process was more amazing than anything.

I turned in the first draft, which was way too long. My editor and I went back and forth — she would cut, I would uncut some things. Ultimately I was the last word, which was nice because in journalism, you don’t have the last word; your editor does. We got a copy editor and fact checker, we added pictures, I gave proofs to my friends — believe it or not, not all your friends will read your book — and then it was published. When the first box of books came, I just couldn’t believe it! And then we had a book party.

Jennifer Mascia and her father on Easter in 1987.

Jennifer Mascia and her father on Easter in 1987.

What does it feel like to know that your life story is accessible to thousands?

It’s weird. The last time I read the book I got a stomachache. But because my parents passed away, it was easier because I didn’t have to worry about what they would think.

You covered gun violence in “The Gun Report” for The New York Times. How did that project come to be?

I was working for op-ed columnist Joe Nocera. He has a young child, and after Sandy Hook, he got really upset. He and his wife said, “Oh my God, that could have been our child.” So Joe wanted to know who gets shot in America every day. Everyone focuses on the mass shootings, which are horrific and awful, but there are a lot of people getting shot every day that nobody writes about. So he said, “Let’s just do this every day and devote a blog to it.” Nobody else was doing this. I liked it because it was just the facts. We’re not telling you what to think about it — and that riled people more than putting out an opinion.

I’ve now joined up with Everytown for Gun Safety, which was started by Michael Bloomberg. We’re launching a news blog in December, which is just gun news. Like “The Gun Report,” but much bigger. I’m working on telling the stories of survivors and will continue to tell the story of who gets shot in America every day.

Do you prefer memoir writing or the style of journalism that you write in the column?

In terms of memoir writing, I only have one story in me — and that was it. So journalism is really my thing. The best stories are nonfiction. I really respect fiction writers, but there are so many stories already out there.

What made you want to speak at this year’s TEDYouth conference?

I really just wanted people, especially young people, to understand what it’s like out there — how we don’t always have laws to protect us from violence. It’s such a divisive issue. And gun violence is taking on new trends: It’s really flourishing in the suburbs as opposed to the cities, and the reason is that the suburbs are suffering financially. I want to introduce you guys to this new reality. It’s a tough subject.

Do you have any advice for young writers and journalists?

My advice is become a multimedia reporter. Reporters now are expected to be videographers, photographers, writers and reporters. It’s almost like a self-contained reporting unit. That’s the future of digital reporting. As soon as you can start web producing your own stuff, photographing your own stuff, videoing your own stuff, it will make you much more marketable.

Journalism’s a tough career. I didn’t think I could do writing for a living until after I graduated college. But I realized that this writer in me was bursting out. I think writing is a way of thinking, in a way. I always had this narrative in my head and I was always telling stories even if I wasn’t putting them down on paper. I was always a writer even when I wasn’t writing.

Planet DebianRogério Brito: Problems with Emacs 24.4

This is, essentially, a call for help, as I don't really know which program is at a fault here.

Given that Emacs's upstream converted their repository from bzr to git, all the commits in mirror repositories became "invalid" in relation to the official repository.

What does this mean in practical terms, in my case? Well, bear with me while I try to report my steps.

Noticing a regression and reporting a bug

There is a regression with Emacs 24.4 relative to 24.3, which I discovered after Emacs 24.4 became available in Debian's sid.

The regression in particular is that Emacs 24.4 doesn't seem to respect my Xresources, while 24.3 does (and this is 100% reproducible: I kept the binary packages of version 24.3 of emacs24 and I can install and reinstall things).

When I reported this to upstream, I received a reply that it worked fine with another person that was using XFCE with unstable.

Testing various Desktop environments

As I am using the MATE desktop environment, I proceeded to test this assertion by installing XFCE. Emacs 24.4 read my Xresources. I went ahead and installed LXDE. It worked again. I tried once more with GNOME 3, but "regular" GNOME 3 just crashed. I tried with GNOME 3 Classic and Emacs 24.4 just worked again.

Going deep into the rabbit's hole

Then, I got more curious and I tried to see why things worked the way that they did and given that there was a mirror of the Emacs repo on github, I cloned it and started to git bisect to find the first problematic commit (I have no idea if bzr even offers something like git's bisect and I wouldn't really know how to do it as quickly as I do with git).

To cut short a long story, after many recompiles, many wasted hours, a lot of wasted electrical energy, I found a bad commit and reported it.

I received no response after that.

The new repo enters in action

Of course, all my hard work bisecting things was completely invalidated after the transition to the new repository went live.

To make things relevant again, I used the awesome powers of git, restricting the changes of the newly cloned repository to the e-mail of the committer in question (Chong Yidong) and, from there, I proceeded to another painful process of git bisects.

And, sure enough, the first bad commit was the same one that I found with the previous tree.

Semi-blindly reverting this commit, and also semi-blindly resolving the conflicts make Emacs's from master work again on my system, but I highly suspect that (given the way that I did it), it would not really be appropriate for upstream.

But given also that I failed to receive feedback after my original report, I am not too confident that this bug can be solved soon (even if it doesn't qualify for being fixed in Debian 8).

After all this, I don't really know what else to do. I even filed a bug report (more like a request for help) to the Debian MATE maintainers.

As a side note, I would have filed a bug to upstream MATE, but it is not really clear what the proper procedure to report bugs to them is---they seem to use github's issues system, but given that they have separate repositories for each component of the project, and that I don't know precisely what repository to report to (or even if it applies to MATE after all), I am more or less paralyzed.

A side note

I must say that the conversion was well done by Eric Raymond, because the whole .git repository of the new repo is only about 200MB, with history going back to 1985, while the other repository had about 800GB.

Sociological ImagesU.S. Schools Teach Children That Native Americans Are History

“They were coming to college believing that all Indians are dead,” said education professor Sarah Shear of her experience in the classroom.

Her students’ seeming ignorance to the fact that American Indians are a part of the contemporary U.S., not just the historical one, led her to take a closer look at what they were learning. She examined the academic standards for elementary and secondary school education in all 50 states, these are the guidelines that educators use to plan curricula and write textbooks. The results are summarized at Indian Country.

Shear found that the vast majority of references to American Indians — 87 percent — portrayed them as a population that existed only prior to 1900.  There was “nothing,” she said, about contemporary issues for American Indian populations or the ongoing conflicts over land and water rights or sovereignty. Only one state, New Mexico, even mentions the name of a single member of the American Indian Movement.


Meanwhile, the genocidal war against American Indians is portrayed as an inevitable conflict that colonizers handled reasonably.  “All of the states are teaching that there were civil ways to end problems,” she said, “and that the Indian problem was dealt with nicely.”  Only one state, Washington, uses the word genocide. Only four states mention Indian boarding schools, institutions that represent the removal of children from their families and forced re-socialization into a Euro-American way of life.

The fact that so many people absorb the idea that Native Americans are a thing of the past — and a thing that we don’t have to feel too badly about — may help explain why they feel so comfortable dressing up like them on Halloween, throwing “Conquistabros and Navahos” parties, persisting in using Indian mascots, leaving their reservations off of Google maps, and failing to include them in our media. It might also explain why we expect Indian-themed art to always feature a pre-modern world.

Curricular choices matter. So long as young people learn to think of Indians no differently than they do Vikings and Ancient Romans, they will overwhelmingly fail to notice or care about ongoing interpersonal and institutional discrimination against American Indians who are here now.

Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

(View original at

RacialiciousNew Fundraising Campaign Seeks To Preserve Sacred Land Of Pe’ Sla

Just over two years after the first fight to save sacred Native land in South Dakota, a new fundraising drive seeks to complete the drive to keep Pe’Sla — “the Heart of everything” — in indigenous hands.

The campaign, organized by the Indian Land Tenure Foundation, seeks to raise $500,000 by Nov. 30 for the purposes of buying the last 438 acres of Pe’Sla land under outside ownership. The foundation, a 501(c)(3) non-profit organization, is working with the Oceti Sakowin Nations for the fundraiser, and this video is a quick introduction to its mission:

<iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="420"></iframe>

In 2012, the Oceti Sakowin Nations, working together with the foundation and Last Real Indians, successfully raised enough money to purchase more than 1,900 acres of Pe’Sla land after they were put up for auction.

From the current fundraiser’s Indiegogo page:

If this purchase falls through, the opportunity to save these sacred lands could be lost forever.

The Black Hills, including the sacred site of Pe’ Sla, were reserved for the exclusive use and occupation by the Oceti Sakowin (Great Sioux Nation) by the Fort Laramie Treaty of 1868 with the U.S. government. But once gold was found in the Black Hills (by an illegal expedition into these sacred Native American lands) the U.S. illegally seized the lands despite the treaty agreement.

The U.S. government has yet to give these lands back to the Lakota, Dakota and Nakota nations. Even though the gold is gone, they still hold great natural, cultural and spiritual value to us. Now, we have no choice, but to buy our sacred lands at Pe’ Sla back from the current occupants. There’s no time for further contesting the illegal taking of these lands. We need to raise the money by November 30, 2014 or Pe’ Sla may be lost forever to Indian people.

Donations can be made at the link above, or the embed below.

<iframe frameborder="0" height="445px" scrolling="no" src="" width="222px"></iframe>

The post New Fundraising Campaign Seeks To Preserve Sacred Land Of Pe’ Sla appeared first on Racialicious - the intersection of race and pop culture.

CryptogramNew Kryptos Clue

Jim Sanborn has given the world another clue to the fourth cyphertext in his Kryptos sculpture at the CIA headquarters.

Older posts on Kryptos.

Planet Linux AustraliaPeter Hardy: Building an arduino-based video game controller

I play a lot of Kerbal Space Program because sandbox games in space is pretty much the greatest idea ever. So in an attempt to enhance the game and build something pretty cool, I’ve spent the last several months working towards building a console to control the game and display telemetry.

My final design is going to be fairly large, but to start with, I wanted to knock up a few of the simpler panels. That gave me a chance to work out how to make the panel hardware, and get the basics sorted out for interfacing with the game through the KSPSerialIO plugin. It’s taken quite a few months on and off to get this far, but this week I finally got the first few panels finished and working.

ksp control interfaceBasically, you take an Arduino Mega2560, a Mux Shield, and a bunch of switches and knobs and buttons. And then you wire it all up and write some code to make it talk a simple serial protocol over USB. And then, honestly, you giggle gleefully while sliding a throttle lever up and down and watching your rocket change speed like magic.

Now that I’ve sorted out most of the major obstacles for this, I’ve started working on additional panels. There’s still a lot of important controls missing. I’ve got some ideas for translational RCS controls, in addition to the Logitech joystick I usually use. And I’m almost ready to get some PCBs manufactured for a number of seven segment LED displays. In the meantime, this is already pretty fun to mess around with.

I’ve got a few more pictures of the current setup in imgur. And, of course, everything is open source. My ksky repository has all of the source code, panel design files, and a bunch of notes on how it’s put together.

Planet Linux AustraliaAndrew Pollock: [life] Day 299: Kindergarten and a demo

We had another bad night's sleep last night, with Zoe waking up at 1:30am. Her bedroom was 27-28°C all night. I've got a pretty good amount of data on her sleep habits now, and it's pretty safe to say that if her room is over 25°C, she's going to wake up between 1:30am and 3am. Time to get some more quotes for air-conditioning I think.

Zoe did have a bit of a sleep in this morning, which allowed me to get ready for the day before she got up. Given I had a Thermomix demonstration to get to, that worked out well.

I half-packed the car for the demo and dropped Zoe to Kindergarten by car, and returned home to finish preparing and practice before I headed over.

I was fairly happy with my delivery, given it's been a little while since I've done one. My main goal today if not a sale was to get a booking for another demo, as I've been weak in that area, and I was successful in the latter, so that was good.

Timing worked out well that I got to Kindergarten right for pick up time. We drove home, and I unpacked the car and got changed into something cooler, and we headed out to try and get some more whole wheat grains from the Indian supermarket that Anshu had shown me. As luck would have it, they were out of stock, so it was a bit of a wasted trip.

We headed home and Zoe watched a bit of TV until Sarah picked her up.

Worse Than FailureCodeSOD: An Interesting Way to Find Even

While combing the server logs for clues as to what might have caused the latest incident in staging, Steve was startled to find that the box he was looking at hadn't logged anything for months.

Was logging disabled? No, it all looked fine. He accessed the box directly and the site came right up, complete with an entry in the access logs. So where were the logs for the past three months?

On a hunch, he checked the proxy.pac:

function FindProxyForURL(url, host) {
	var myip=myIpAddress(); 
	var ipbits=myip.split("."); 
	var myseg=parseInt(ipbits[3]); 
		return "PROXY; PROXY; DIRECT"; 
	else { 
		return "PROXY; PROXY; DIRECT"; 

Not only was the file missing the third staging server, but every calculation was redundant since it always returned the same string. He replaced it with a one-liner, added the third server, and tossed another item onto the ever-growing backlog of technical debt to look into someday. Someday...


Photo credit: creativegaz / Foter / CC BY

Planet Linux AustraliaBinh Nguyen: Memorable Quotes - Part 4

A follow on from:

- Alan Shore: My, uh, best friend has Alzheimer's, in the, uh, very early stages, it hasn't... He is a grand lover of life, and will be for some time. I believe even when his mind starts to really go, he'll still fish he'll laugh and love, and as it progresses he'll still want to live because there will be value for him, in a friendship, in a cigar... The truth is I don't think he will ever come to me and say, this is the day I want to die, but the day is coming and he won't know it... This is perhaps the, the most insidious thing about Alzheimer's... but you see he trusts me to know when that day has arrive, he trusts me... to safe guard his dignity, his legacy, and self respect. He trusts me to prevent his end from becoming a mindless piece of mush and I will. It will be an unbearably painful... thing for me, but I will do it, because I love him. I will end his suffering, because it is the only decent humane and loving thing a person can do.
- "We are strategic but we stop at number crunching, we plan but we don't over manage, we inspire but we don't preach, we code but we're not monkeys." 
- It was either Otto von Bismarck or Claud Cockburn who said, "Never believe anything until it has been officially denied." Whoever it was, and the internet seems a little confused on the matter, they were on to something. 
- "Change is a big word that everyone is using. (United States President Barack) Obama uses it, but you have to actually feel it."
- Sandschneider agrees that personal relations have an impact on political relations: "International politics is not a dehumanized process. It is about people coming together. And it is true that it is easier for two people who get along well to negotiate and solve problems than two people who can't stand each other."
- "Skeptics don't make history"
- "Germany won," said Glasman at the debate. "We have a Champions League final between two supporter-owned and democratically governed football clubs. Tradition and the preservation of institutional virtue are a source of energy and modernisation precisely because change and continuity work together; a balance of power is the best system; a negotiated settlement is better than one that is imposed, the domination of any interest violates the demand of what is good; the discovery of the common good between forces that are estranged is the best good of all. It takes longer to get there but the benefits are more enduring."
- Secondly, for web site owners. Assume the entire world is out to get you. All of it; and everyone living there. It's easier that way! Do whatever you feel necessary to keep your name out of the press. Then do everything that isn't necessary, because it may-well prove to be necessary in the future. And if you're not sure what I mean, get advice, urgently.
- In his seminal 1931 book, Equality, R H Tawney lamented that the public did not seem resentful of the rich so much as fascinated by their goings-on. Little has changed. For most Brits, stupendous wealth has always been something that is aspired to more than resented. The post-crash fuss about the 1 per cent often seemed to be a civil dispute between its members: well-heeled activists, journalists and union chiefs castigating those who nabbed the best tables in restaurants or pushed up prices of Tuscan villas. And as successive prime ministers have realised, no government anywhere has helped the low-paid by railing against high wages.

The rich, to adapt Jesus in St Matthew's Gospel, will always be with us; the 1 per cent are likely to pull ever further away. But this has its compensations. The lower-paid half of the British populace have never had to pay a smaller share of income tax than today, because the wealthy have never forked out more. And while there is not much David Cameron can do about the rich, there is still plenty he can do about the poor. He doesn't shout about it. But he has rightly concluded that this is where his attention is best focused.
- "The problem is not ammunition, it's experience," one said, adding: "If we were fighting Americans we would all have been killed by now. They would have killed us with their drone without even needing to send a tank.

"The rebels are brave but they don't even know the difference between a Kalashnikov bullet and a sniper bullet. That weakens the morale of the men," he said.
- Obama said that "at a time when anyone with a cellphone can spread offensive views around the world with the click of a button," the notion that governments can control the flow of information is obsolete.Obama said that "at a time when anyone with a cellphone can spread offensive views around the world with the click of a button," the notion that governments can control the flow of information is obsolete.
- Only about 1 in 1,000 Web readers clicks on the average display ad. On Facebook, that number is closer to 1 in 2,000, according to Webtrends. Even ads sent by unsolicited postal mail generate a response rate that is many times higher, according to published industry numbers.,0,4871607.story
- Famous night owls include Winston Churchill, President Obama, Charles Darwin, James Joyce, Marcel Proust, Keith Richards and Elvis Presley. Famous early risers include Napoleon, Ernest Hemingway and George W. Bush.

Professor Jim Horne, of Loughborough University, said: "Evening types tend to be the more extrovert creative types, the poets, artists and inventors, while the morning types are the deducers, as often seen with civil servants and accountants.
- Every gun that is made, every warship launched, every rocket fired signifies, in the final sense, a theft from those who hunger and are not fed, those who are cold and are not clothed.

This world in arms is not spending money alone. It is spending the sweat of its laborers, the genius of its scientists, the hopes of its children. The cost of one modern heavy bomber is this: a modern brick school in more than 30 cities. It is two electric power plants, each serving a town of 60,000 population. It is two fine, fully equipped hospitals. It is some fifty miles of concrete pavement. We pay for a single fighter with a half-million bushels of wheat. We pay for a single destroyer with new homes that could have housed more than 8,000 people. . . . This is not a way of life at all, in any true sense. Under the cloud of threatening war, it is humanity hanging from a cross of iron.[1][4]
- Decades of reform. Globalisation, and the global financial crisis. The uncertainties of the post-September 11 world. Eric Knight: "Those circumstances are ripe for misinterpretation, for populist interpretation, interpretation that focuses on the surface of things and often misses the deeper logic of what's happening."
- "Falling in love is very real, but I used to shake my head when people talked about soul mates, poor deluded individuals grasping at some supernatural ideal not intended for mortals but sounded pretty in a poetry book. Then, we met, and everything changed, the cynic has become the converted, the sceptic, an ardent zealot."
E.A. Bucchianeri, Brushstrokes of a Gadfly
- "No one ever fell in love gracefully."
Connie Brockway, The Bridal Season
- "Have you ever longed for someone so much, so deeply that you thought you would die? That your heart would just stop beating? I am longing now, but for whom I don't know. My whole body craves to be held. I am desperate to love and be loved. I want my mind to float into another's. I want to be set free from despair by the love I feel for another. I want to be physically part of someone else. I want to be joined. I want to be open and free to explore every part of them, as though I were exploring myself."
Tracey Emin, Strangeland 
- "Martin's dream is a vision not yet to be realized, a dream yet unfilled, and we have much to do before we can celebrate the dream as reality, as the suppression of voting rights and horrific violence...has so painfully demonstrated."
- Love is more easily experienced than defined. As a theological virtue, by which we love God above all things and our neighbours as ourselves for his sake, it seems remote until we encounter it enfleshed, so to say, in the life of another - in acts of kindness, generosity and self-sacrifice. Love's the one thing that can never hurt anyone, although it may cost dearly. The paradox of love is that it is supremely free yet attaches us with bonds stronger than death. It cannot be bought or sold; there is nothing it cannot face; love is life's greatest blessing.

Planet Linux AustraliaDavid Rowe: Robust FreeDV Part 1

I’m working on increasing the robustness of FreeDV over HF radio channels, in particular compared to analog SSB.

Why HF Digital Voice so Hard

HF radio channels are bad news for digital data. Here is a plot of the Bit Error Rate (BER) versus Eb/No for two different modems (DQPSK and QPSK) and two different channels (AWGN and HF). Four curves in total, click for a larger version.

Think of Eb/No as the SNR of one bit. It turns out that for a given bit rate, SNR = Eb/No plus a fixed scaling factor. So if you raise SNR by 1 dB. Eb/No goes up by 1 dB. The “CCIR poor” HF channel model I used is from data extracted from the very handy PathSim channel simulator. An AWGN channel is typical for a line of sight VHF: just noise without frequency selective fading.

Curves for two types of modems are illustrated: Differential QPSK (DQPSK), and Coherent QPSK (QPSK). DQPSK is commonly used on HF as it greatly simplifies the demodulator design. However if it can be made to work, QPSK is better. Less power for a given BER.

A couple of things to note:

  1. You need a lot of Eb/No on HF to get a low bit error rate. This explains why reliable HF data needs lots of transmit power. Or you can use a very low bit rate, so each bit has more energy in it. This also makes Digital Voice (DV) on HF hard. For example the FreeDV 1600 mode needs a BER of 2% for an “armchair” copy. Using a 1600 bit/s (800 symbols/s) DQPSK modem that’s an Eb/No of 15dB or a SNR (3kHz noise bandwidth) of SNR = Eb/No – 10log10(3000/800) = 9.2dB.
  2. HF channels are much tougher than AWGN. Looking at the 2% BER line AWGN DQPSK only requires about 6dB, which is 9dB less than the HF fading channel (or 12.5% of the power).
  3. The slope of the HF curve is nearly flat. Adding power doesn’t make much difference to the BER. So you need to add a lot of power to significantly reduce BER. Curiously, it also tells us that the “digital cliff” is more like a lightly sloping hill. As we reduce power the BER doesn’t change much. This suggests that HF DV will gradually get less intelligible as we lower the SNR.
  4. As the HF curves are so flat, a useful approximation is: “Your bit error rate is 10%. The Universe doesn’t care how much power you have. Deal with it”.
  5. Small changes in the AWGN demodulator performance can have a huge effect on BER for HF channels. For example the difference between coherent and differential QPSK is 4-5dB, that’s like increasing power by a factor of 3! You really don’t want an inefficient demodulator on HF.

New FreeDV Mode Concept

I’ve learnt some lessons from thinking about analog SSB. At low SNRs, analog SSB still gets through, however the quality is pretty bad. Lots of noise, words lost in fades, and we tend to yell, repeat things, and use the phonetic alphabet. In other words, the “information rate” slows, there is delay, but we get the message through using “Human” error correction. Eventually.

The digital voice equivalent is a low bit rate speech codec. So in an inspired two hours I quickly hacked up a 450 bit/s Codec 2 mode. Here it is compared to the 1300 bit/s mode used for FreeDV 1600.

1300 bit/s Codec 2
450 bit/s Codec 2

This is a good example of the 450 bit/s mode. It makes a bigger mess of other samples. But hey, it’s preliminary, not the best we can do at 450 bit/s. I was shooting for something right on the edge of intelligibility, as that’s where SSB is at low SNRs.

As the bit rate is so low, we have a lot of options. For a start we are 10log10(1600/450) = 5.5dB better off in SNR than the FreeDV 1600 mode. Secondly it frees up bandwidth to apply FEC. So I’m experimenting with a powerful LDPC code from the CML library suggested to me by Bill Cowley, VK5DSP. The Peak to Average Power Ratio (PAPR), or crest factor, is also reduced as we have less FDM carriers.

For this new mode I’m trying coherent QPSK rather than differential QPSK. This is unusual for FDM modems on HF, but has big gains as shown above. Coherent QPSK requires much less power than differential QPSK for the same bit error rate. It does require some overhead, in the form of “pilot symbols”. These are known symbols we transmit in order to estimate or probe the channel phase and amplitude.

I’m using a half rate LDPC code, so the bit rate over the channel is 900 bit/s. There are 9 carriers at a symbol rate of 62.5 baud, and every 5th symbol is a pilot. No high power BPSK pilot tones are required, the pilot symbols can be used instead to estimate the frequency offset and provide frame synchronisation.

OK, so that takes care of low SNR performance – i.e. getting poor quality, but intelligible speech through a HF channel.

Lets now try to extend that to obtain higher voice quality on high SNR channels:

  1. The uncoded error rate will be less than 1% so we disable the LDPC decoder. Now we don’t have to wait for the LDPC parity bits, therefore the decoding delay will be small (similar to FreeDV 1600). On poor channels we click on the “FEC” check box and the delay increases to about 1 second but the system works on low SNR channels. Remember with low SNR analog SSB you are already repeating yourself and using phonetics, so the effective delay is also in the order of seconds compared to an armchair SSB copy.
  2. We can send auxillary carriers to add to the 450 bit/s Codec 2 information and improve the speech quality. For example extra LSP vectors, or gain and pitch bits. If these carriers are 6dB lower than the core information, the total power will only increase by 10*log10(1+0.25)= 0.5dB. So if we get a few s-points above the system “floor” – quality will increase – just like SSB.


For the past year I’ve had several attempts at an improved FreeDV mode, hitting several dead ends. “Research and Disappointment” at it’s finest. However it’s started coming together over the last few months.

A key assumption is that low quality at low SNR is OK. This assumption has yet to be tested in real time conversations. The other biggie is coherent demodulation, this works much better than differential PSK. However it’s unusual, and might break with very fast fading. We shall see.

My current ideas are complex and may be wrong. So I want the “minimum effort” path to test them. This still meant writing a bunch of high-level Octave simulations over the course of several months, each building on the next. For now I’m ignoring issues like delay, real time operation, and many other details. The focus is on getting a digital voice signal through poor HF channels. That’s the toughest problem we face. Everything else can be refined later.

To make the modem work on real channels I had to develop new frequency offset and coarse timing estimation (frame sync) code. Just recently I made it to the point where I have wave files that can be played over real HF channels, then processed with off-line Octave simulations.


Thanks to Tony VK3JED, Mel K0PFX, Gerry N4DV, and Michael DL2FW for helping me collect off air samples. This is tricky, as there is no real time feedback. The guys would send me a sample, I would process it, then I would get back to them with feedback. I had to ask Mel and Gerry (located 800 miles apart) to reduce their tx power as I was getting zero bit errors all the time. Eventually they settled on a few watts of tx power, and pointing their beams in the wrong direction. That way I could actually see some bit errors and get a real feel for the “floor” in the new waveform.

Let work through the results for one example that had an average SNR of -5dB:

Off Air FreeDV modem signal
Reference (Error free) Codec 2 at 450 bit/s
-5dB Average SNR Decoded 450 bit/s Codec 2
SSB over same channel

The off air signal has a strong high frequency interfering SSB signal that makes our modem signal hard to hear, it’s lower down coming in and out of the noise. The demodulator filters that out that SSB signal OK. The modem signal decodes successfully about 50% of the time, there is a big chunk in the middle missing as it disappears into the noise. Not much I can do about that. The SSB signal is at about the same peak power. I can make out the phonetics and a few words in the SSB.

I’ve been using the FreeDV GUI program to visualise the off air signal:

You can see the spectrum shows zilch at the moment the screen shot was captured, our poor little modem signal has “submerged”! The waterfall below shows the signal over time. It’s not pretty.

The next few plots show the modem at work:

Note the diagonal lines in the “Estimated HF channel phase”. This indicates a small frequency offset. They take about 100 frames (2 seconds) to wrap around so that’s a 0.5Hz frequency offset. You can see the “channel amp” and “SNR est (dB)” diving in the middle of the sample, and the bit errors going crazy at the same time.

The FEC frames are 576 bits long. The FEC breaks down at about 10% errors or 60 bit errors in a single frame. You can see that quite clearly in the bit error plots. The “Coded Errors” (output from the FEC decoder) are zero until we hit about about 60 un-coded errors/frame.

Further Work and How You Can Help

Lots more to go however this is looking promising. The rest is engineering. I’d like some help with this, from people with skills like C programming, basic statistics (like understanding what variance is), and Octave.

Without any help, this is what my lonely future looks like for the next 6 months!

  1. Improve the speech quality of the 450 bit/s Codec 2 mode, e.g. better vector quantisation, adaptive equalisation and filtering of the input speech.
  2. Add auxiliary carriers to improve speech quality in high SNR channels, and heuristics to know when this information is safe to use.
  3. Refine the modem algorithms to reduce delay. Re factor Octave code. Port Octave code to C.
  4. Tune LDPC decoding.
  5. Experiment with clipping/compression to improve PAPR, and interleaving to improve performance in fast fades.
  6. Integrate into the FreeDV GUI program and the SM1000. For example will the LDPC decoder run on the STM32F4?
  7. FreeDV maintenance, re-factoring.

Some more blue sky ideas for further R&D:

  1. Given the relatively short block length, is an LDPC code the best choice?
  2. Investigate the possibility that 8PSK may perform close to QPSK on fading channels (unlike AWGN channels). This would have fewer carriers so better PAPR, so may out perform QPSK. Thanks John Gibbs NN7F for this idea.
  3. Investigate FDM using continuous phase modulation like GMSK that can use non-linear power amplification. This will use at least twice the bandwidth of QPSK, however given our low bit rate this is still quite feasible in a standard 2000 Hz SSB channel. This would be a mode that can drop “straight in” to FM VHF radios. Thanks again John for pointing this possibility out.
  4. Investigate FEC codes that can be configured to reduce PAPR, thanks Gregory for reminding me about this.

If you can’t code you can also donate to the this project via PayPal (which also allows credit card donations):

Donation in US$:

Or you can buy a SM1000 when they become available at the end of this year. Commercial sponsorship is very welcome but everything I write must be LGPL or equivalent.

I do this work full time and don’t have much other income right now. What did you spend on your last piece of radio gear? How does it compare to a project than will bring you a new, 21st century voice mode? Does it support free and open radio or were you paying license fees for the software in that radio?

BTW I also need a second hand ThinkPad X220/X230 laptop if anyone is feeling especially generous! They can be had on for around AUD$400. Simulations are a bit slow on my 2008 vintage X200 model and I think the fan is dying!

Planet DebianJohn Goerzen: My boys love 1986 computing

Yesterday, Jacob (age 8) asked to help me put together a 30-year-old computer from parts in my basement. Meanwhile, Oliver (age 5) asked Laura to help him learn cursive. Somehow, this doesn’t seem odd for a Saturday at our place.

2014-11-22 18.58.36

Let me tell you how this came about.

I’ve had a project going on for a while now to load data from old floppies. It’s been fun, and had a surprise twist the other day: my parents gave me an old TRS-80 Color Computer II (aka “CoCo 2″). It was, in fact, my first computer, one they got for me when I was in Kindergarten. It is nearly 30 years old.

I have been musing lately about the great disservice Apple did the world by making computers easy to learn — namely the fact that few people ever bother to learn about them. Who bothers to learn about them when, on the iPhone for instance, the case is sealed shut, the lifespan is 1 or 2 years for many purchasers, and the platform is closed in lots of ways?

I had forgotten how finicky computers used to be. But after some days struggling with IDE incompatibilities, booting issues, etc., when I actually managed to get data off a machine that had last booted in 1999, I had quite the sense of accomplishment, which I rarely have lately. I did something that was hard to do in a world where most of the interfaces don’t work with equipment that old (even if nominally they are supposed to.)

The CoCo is one of those computers normally used with a floppy drive or cassette recorder to store programs. You type DIR, and you feel the clack of the drive heads through the desk. You type CLOAD and you hear the relay click closed to turn on the tape motor. You wiggle cables around until they make contact just right. You power-cycle for the times when the reset button doesn’t quite do the job. The details of how it works aren’t abstracted away by innumerable layers of controllers, interfaces, operating system modules, etc. It’s all right there, literally vibrating your desk.

So I thought this could be a great opportunity for Jacob to learn a few more computing concepts, such as the difference between mass storage and RAM, plus a great way to encourage him to practice critical thinking. So we trekked down to the basement and came up with handfulls of parts. We brought up the computer, some joysticks, all sorts of tangled cables. We needed adapters, an old TV. Jacob helped me hook everything up, and then the moment of truth: success! A green BASIC screen!

I added more parts, but struck out when I tried to connect the floppy drive. The thing just wouldn’t start up right whenever the floppy controller cartridge was installed. I cleaned the cartridge. I took it apart, scrubbed the contacts, even did a re-seat of the chips. No dice.

So I fired up my CoCo emulator (xroar), and virtually “saved” some programs to cassette (a .wav file). I then burned those .wav files to an audio CD, brought up an old CD player from the basement, connected the “cassette in” plug to the CD player’s headphone jack, and presto — instant programs. (Well, almost. It takes a couple of minutes to load a program from audio codes.)

The picture above is Oliver cackling at one of the very simplest BASIC programs there is: “number find.” The computer picks a random number between 1 and 2000, and asks the user to guess it, giving a “too low” or “too high” clue with each incorrect guess. Oliver delighted in giving invalid input (way too high numbers, or things that weren’t numbers at all) and cackled at the sarcastic error messages built into the program. During Jacob’s turn, he got very serious about it, and is probably going to be learning about how to calculate halfway points before too long.

But imagine my pride when this morning, Jacob found the new CD I had made last night (correcting a couple recordings), found my one-line instruction on just part of how to load a program, and correctly figured out by himself all the steps to do in order (type CLOAD on the CoCo, advance the CD to the proper track, press play on the player, wait for it to load on the CoCo, then type RUN).

I ordered a replacement floppy controller off eBay tonight, and paid $5 for a coax adapter that should fix some video quality issues. I rescued some 5.25″ floppies from my trash can from another project, so they should have plenty of tools for exploration.

It is so much easier for them to learn how a disk drive works, and even what the heck a track is, when you can look at a floppy drive with the cover off and see the heads move. There are other things we can do with more modern equipment — Jacob has shown a lot of interest in Arduino projects — but I have so far drawn a blank on ways to really let kids discover how a modern PC (let alone a modern phone or tablet) works.

Update Nov. 24: Every so often, the world surprises me by deciding to, well, read one of my random blog posts. For the benefit of those of you that don’t already know my boys, you might want to know that among their common play activites are turning trees into pretend trains, typing at a manual typewriter, reading, writing their own books, using a cassette recorder, building a PC and learning to use bash or xmonad, making long paper tapes with an adding machine, playing records on a record player, building electric gizmos, and even making mud balls.

I am often asked about the role of the computer in the lives, given that my hobby and profession involves computers. The answer: less than that of most of their peers. I look for opportunities for them to learn by doing, discovering, playing, or imagining. I make no presumption that they will develop the passion for computers that I did. What I want is for them to have the curiosity and drive to learn everything there is to know about whatever they do develop a passion for, so they will be great at it.


Planet DebianDimitri John Ledkov: Analyzing public OpenPGP keys

OpenPGP Message Format (RFC 4880) well defines key structure and wire formats (openpgp packets). Thus when I looked for public key network (SKS) server setup, I quickly found pointers to dump files in said format for bootstrapping a key server.

I did not feel like experimenting with Python and instead opted for Go and found library that has comprehensive support for parsing openpgp low level structures. I've downloaded the SKS dump, verified it's MD5SUM hashes (lolz), and went ahead to process them in Go.

With help from and database/sql, I've written a small program to churn through all the dump files, filter for primary RSA keys (not subkeys) and inject them into a database table. The things that I have chosen to inject are fingerprint, N, E. N & E are the modulus of the RSA key pair and the public exponent. Together they form a public part of an RSA keypair. So far, nothing fancy.

Next I've run an SQL query to see how unique things are... and found 92 unique N & E pairs that have from two and up to fifteen duplicates. In total it is 231 unique fingerprints, which use key material with a known duplicate in the public key network. That didn't sound good. And also odd - given that over 940 000 other RSA keys managed to get unique enough entropy to pull out a unique key out of the keyspace haystack (which is humongously huge by the way).

Having the list of the keys, I've fetched them and they do not look like regular keys - their UIDs do not have names & emails, instead they look like something from the monkeysphere. The keys look like they are originally used for TLS and/or SSH authentication, but were converted into OpenPGP format and uploaded into the public key server. This reminded me of the Debian's SSL key generation vulnerability CVE-2008-0166. So these keys might have been generated with bad entropy due to affected tools by that CVE and later converted to OpenPGP.

Looking at the openssl-blacklist package, it should be relatively easy for me to generate all possible RSA key-pairs and I believe all other material that is hashed to generate the fingerprint are also available (RFC 4880#12.2). Thus it should be reasonably possible to generate matching private keys, generate revocation certificates and publish the revocation certificate with pointers to CVE-2008-0166. (Or email it to the people who have signed given monkeysphered keys). When I have a minute I will work on generating openpgp-blacklist type of scripts to address this.

If anyone is interested in the Go source code I've written to process openpgp packets, please drop me a line and I'll publish it on github or something.

Planet DebianSteinar H. Gunderson: Scaling

As I previously mentioned, I've been running live chess analysis during the Carlsen–Anand World Chess Championship match. Now it's all over (congratulations to Magnus!), so I thought I should write a few words about scaling, as we ended up peaking at (I think) 1527 simultaneous users, much more than the system was originally designed for (2–3 or so :-) ).

Let me explain first the requirements. Generally the backend system outputs analysis as soon as it comes in from the two chess engines (although rate-limited so that it doesn't output more than once a second), and we want to push this out to the clients as soon as possible. The clients are regular web browsers (both on mobile and on desktop; I haven't checked the ratio) running a fair amount of JavaScript; they generally request an URL in a loop, and whenever something comes in, they display it on the chessboard, wait 100 ms (just as a safeguard) and then go fetch again.

Of course, I could have just had the clients ask every second, but it seems inelegant and a bit wasteful, especially for mobile. If the analysis has come far, or even has stopped entirely since e.g. the game is over, there's no need to go fetch the same data over and over again. Instead, what I want it a system where the, if the client already has the latest data, the HTTP request hangs until there's more data, and then gets it immediately. Together with this, there's also a special header that says how many people are connected (which is also shown to the viewers). If a client has been hanging/sleeping for more than 30 seconds, I just re-send the latest analysis; in this world of NATs, transparent proxies and other unpredictable network conditions, I don't want to have connections hanging for minutes with no idea of whether I can actually answer them when the time comes.

The client tells the server (in a CGI parameter, again for simplicity so that I don't have to deal with caching proxies etc. on the way) in the request the timestamp of the latest data it has. This leads to the following different scenarios:

  1. A client comes in and has no existing data. They should get the latest data, immediately.
  2. A client has old data, and re-asks. They should also get the latest data, immediately.
  3. A client already has the newest data, which causes it to hang, and no new data is ready within 30 seconds. They should get the latest data anew (or I could have returned some other HTTP code, but I decided not to get fancy).
  4. A client already has the newest data, but new data comes in underway. They should get the new data.

Unsurprisingly, this leads to a lot of clients being in the “hanging” state at the same time, and then when new analysis comes in, there's a thundering herd of clients that should have it at the same time (and then come back for more soon after).

Like I wrote earlier, Node.js was pretty much the ideal case model-wise for this; there's only one process to handle all of them, which means the extra memory overhead per hanging client is very low, and when there's new data, we can just send to all of them after each other. Furthermore, since there's only one process, it is also easy to find the viewer count: Simply count all the hanging clients, plus the ones that I think are simply processing the latest data and should come back with a new request soon (the limit was five seconds or so).

However, around 6–700 clients, I started getting issues with requests not coming through. It turns out that the single Node.js process just couldn't handle all that many clients and started hitting the roof CPU-wise. Everyone who's done a bit of performance work in nontrivial systems know that you can't really optimize anything without profiling it first, but unfortunately, Node.js was extremely limited here. There were some systems sending lots of data to externals, which I didn't really feel like. Then, there were some systems to try to interpret V8's debug output logs, and they simply gave out bogus answers.

In particular, they claimed 93% of my time was spent in glibc, but couldn't say where in glibc, and when I pointed perf at them, it was pretty clear that most of the time was actually spent in JavaScript and V8 support functions. I took a guess at my viewer count functions, optimized so I didn't have to count as often, and it helped—but I still wasn't really confident it would scale very far. Usually people start up more Node.js workers and then have some load balancer in front, but it would make the viewer counting much more complicated, and the CPU would need to be shared with the chess engine itself, so I wasn't happy with the “just give it more cores” approach either.

So I turned to everyone's favorite website scaling tool, Varnish. With lots of help from Lasse (Varnish Software) and Tollef (ex-Varnish Software, now Fastly), I got things working; it was a sort of bumpy road, though, especially as I hit two different crash bugs in Varnish 4.0.2 that only manifested themselves under actual production load. Here's what I ended up with (running on git master):

The first thing to realize is that we're not trying to keep backend traffic entirely minimal, just cut it significantly. For instance, if Varnish sees #1 (no existing data) and #2 (old existing data) as different and fire off two different backend requests for them, it doesn't really matter. However, we really want all the hanging clients to get the same backend connection; thankfully, Varnish gives us this entirely by itself with its backend coalescing; if it has a backend request going and another one comes in for the same URL, it simply puts the second one on the sleep list and gives both the same response when it comes back. Also, if a slow or new client doesn't manage to get onto the hanging request (ie., it comes in after the backend response came), it should simply be served entirely out of Varnish' cache.

A lot of this comes automatically, and some of it comes with some cooperation between the backend and the VCL. In particular, we can let the client tag the response with the timestamp of the data, and once something comes in, simply purge/ban every object with a different timestamp header, causing us to never give out stale data from the Varnish cache. Varnish bans can be a bit tricky since they're checked lazily, and if you're not entirely careful, you can end up with a very long ban list, but it seems to work well in practice.

However, the distinction between #3 and #4 gives us a problem. We now have a situation where people ask for an URL, it times out after 30 seconds and gives us a response... which we then should give out to everybody, but the next time they ask, we should hang again! This was incredibly tricky to get right; the combination of TTL, Expires headers, grace, and the problem of clock skew for long-running requests (what exactly is the Date timestamp supposed to mean; request received, first byte of backend response, or something else?) and so on was just too much for me. Eventually I got tired of reading the Varnish source code (which, frankly, I find quite opaque) and decided to just sidestep the problem. Now, instead of the 30-second timeout, the backend simply just touches the data file every 30 seconds if it hasn't been changed, so it gets a new timestamp every time. Problem solved.

Finally, there's the counting problem; the backend doesn't see all the requests anymore, so we need a different way of counting. I solve this by tailing the access logs (using varnishncsa) in a separate process, comparing to the updates of the analysis file, and then trying to figure out if they've fallen out or not. Then I simply inject the viewer count into the backend every second. Problem solved, again. (Well, at low traffic numbers, seemingly there's some sort of buffering somewhere, causing me to see the requests way too late, and this causes the count to oscillate down between 1 and the real number somehow. But I don't care too much right now.)

So, there you have it. Varnish' threaded architecture isn't super for this kind of thing; in a sense, much less than Node.js. However, even in this day and age, optimized C beats JavaScript any day of the week; seemingly by a factor five or so. In the end, the 1500 clients were handled with CPU usage of about 40% of one core. I don't really like the fact that it needs ~1500 worker threads for those 1500 clients (I had to increase it from the default of 1024 in order to keep the HTTP errors away), but I used taskset to restrict it to two physical cores in order not to disturb the chess worker threads too much (they are already rather sensitive to the kernel's scheduling decisions).

So, how far can it go? Well, those 1500 clients needed about 33 Mbit/sec, so we can go to ~45k based on bandwidth (the server is on gigabit). At that point, though, I sincerely doubt I can sustain both Varnish and the chess engine can keep going, so I'd either move it externally. So next up, maybe Fastly? Well, at least if they start supporting IPv6.

You can find all the code, including the Varnish snippets, in the git repository. Until next time—perhaps WCC 2016! Waiting for Carlsen–Caruana. :-)

Final bonus: Munin graphs. Everyone loves Munin graphs; it's the Comic Sans of system administration.

Daily analysis Weekly analysis

Geek FeminismThe Desolation of Linkspam

  • Men Explain Technology to Me: On Gender, Ed-Tech, and the Refusal to Be Silent: Hack Education (November 18th): “There’s a problem with the Internet. Largely designed by men from the developed world, it is built for men of the developed world. Men of science. Men of industry. Military men. Venture capitalists. Despite all the hype and hope about revolution and access and opportunity that these new technologies will provide us, they do not negate hierarchy, history, privilege, power. They reflect those. They channel it. They concentrate it, in new ways and in old.”
  • Uber Executive Suggests Digging Up Dirt on Journalists | BuzzFeed (November 17th): “A senior executive at Uber suggested that the company should consider hiring a team of opposition researchers to dig up dirt on its critics in the media — and specifically to spread details of the personal life of a female journalist who has criticized the company.”
  • The moment I learned just how far Uber will go to silence journalists and attack women | PandoDaily (November 17th):  “I have known many of Uber’s key investors and founders personally for six to ten years. Over that time I’ve seen an ever-worsening frat culture where sexist jokes and a blind eye here-or-there have developed into a company where the worst kind of smearing and objectification of women is A-ok.”
  • Gender, Race, and the Supernatural: Appreciating Sleepy Hollow’s Abbie Mills | Ms. Magazine Blog (October 29th): “Still, it’s one of the few shows featuring a black woman character who is not only kicking butt and taking names in her various encounters with demons, sorcerers, ghosts and zombies, but is constantly saving our white male hero and acculturating him into our 21st-century era: including driving automobiles, learning which mobile phone devices are the most up-to-date, and more recently, practicing yoga.”
  • Sweden Considers Special Labels for Sexist Video Games | Time (November 16th): “A government-funded innovation agency in Sweden is considering creating specials label for video games based on whether or not the games’ portrayals of women are sexist.”
  • Update: the following two links criticize Sweet Peach as described by Austen Heinz and Gilad Gome. Founder Audrey Hutchinson says her company, aiming to produce individualised probiotic mixes for vaginal use, was seriously misrepresented (November 23).
    • These Startup Dudes Want to Make Women’s Private Parts Smell Like Fresh Fruit | Inc (November 21): “At the DEMO conference in San Jose, California, on Wednesday afternoon, Heinz and Gome outlined their shared vision and previewed plans for a new probiotic supplement that will enable women to change the way their vaginas smell. Called Sweet Peach, it will be made using Cambrian Genomics’ DNA printing technology and financed through a campaign on the crowdfunding platform Tilt.”
    • How Not to Disrupt Women’s Bodies | Inc (November 21st): “Since time immemorial, beauty and feminine hygiene companies have used the promise of personal empowerment to help sell equally reprehensible, if much more subtle, campaigns based around negging women and then offering the solution to all of their bodily imperfections. Or smells. Especially smells. Poor Sweet Peach, trying to put a “probiotic supplement” gloss on what’s essentially the boring old douche market.”
  • Three Tactics that Block Women from Getting Ahead | Accidentally in Code (November 19th): “There are different kinds of gendered experiences. The outright sexual harassment, versions of “get back in the kitchen” is one, but another is patterns of behaviour that happen over, and over again to women, but much more rarely to men. It’s behaviour that men feel more OK with exhibiting towards women, because subconsciously they know they are much more likely to get away with it.”
  • Meet the Women Challenging the Media and Tech Establishments | Fast Company (November 17): “Not many journalists would leave a high-profile job at one of America’s most storied newspapers to create their own startup. But that’s exactly what former Wall Street Journal reporter Jessica Lessin did last year when she founded the tech news site The Information.”
  • Tech Freedom vs. Feminism | On the Left (November 19): “Several prominent tech freedom organisations choose to align themselves with and refuse to depose these kinds of men, no matter how horrible the shit against them is. The men themselves get away with harassing and abusing women because they are seen as being ‘valuable’ to the movement. Once you’re up on a tech freedom pedestal, it seems like it’s impossible for someone to bring you down.”


We link to a variety of sources, some of which are personal blogs.  If you visit other sites linked herein, we ask that you respect the commenting policy and individual culture of those sites.

You can suggest links for future linkspams in comments here, or by using the “geekfeminism” tag on Pinboard, Delicious or Diigo; or the “#geekfeminism” tag on Twitter. Please note that we tend to stick to publishing recent links (from the last month or so).

Thanks to everyone who suggested links.

Planet Linux AustraliaSridhar Dhanapalan: Twitter posts: 2014-11-17 to 2014-11-23

Sociological ImagesJust for Fun: Super Mario and the Communist Utopia

A four minute introduction to Marxism, featuring Super Mario Bros., by Wisecrack:

<object height="315" width="560"><param name="movie" value="//;version=3"/><param name="allowFullScreen" value="true"/><param name="allowscriptaccess" value="always"/><embed allowfullscreen="true" allowscriptaccess="always" height="315" src="//;version=3" type="application/x-shockwave-flash" width="560"></object>

Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

(View original at

Planet DebianIustin Pop: Debian, Debian…

Due to some technical issues, I've been without access to my lists subscription email for a bit more than a week. Once I regained access and proceeded to read the batch of emails, I was - once again - shocked. Shocked at the amount of emails spent on the systemd issue, shocked at the number of people resigning, shocked at the amount of mud thrown.

I just hope that the GR results finally will mean silence and getting over the last 3-6 months.

For the record:

  • I seconded the GR because I believed we were moving too fast (I wanted one full release as a transition period, even if that's a long time)
  • I am quite happy with the result of the GR!
  • I am not happy with the amount of people leaving (I hope they're just taking a break)
  • I am, as usual, behind on my Debian packaging ☹

However, some of the more recent emails on -private give me more hope, so I'm looking forward to the next 6 months. I wonder how this will all look in two years?

(Side-note: emacs-nox shows me the italic word above as italic in text mode: I never saw that before, and didn't know, that it's possible to have italic fonts in xterm! What is this trickery⁈ … it seems to be related to the font I use, fun!)

Planet DebianIustin Pop: Debian, Debian…

Due to some technical issues, I've been without access to my lists subscription email for a bit more than a week. Once I regained access and proceeded to read the batch of emails, I was - once again - shocked. Shocked at the amount of emails spent on the systemd issue, shocked at the number of people resigning, shocked at the amount of mud thrown.

I just hope that the GR results finally will mean silence and getting over the last 3-6 months.

For the record:

  • I seconded the GR because I believed we were moving too fast (I wanted one full release as a transition period, even if that's a long time)
  • I am quite happy with the result of the GR!
  • I am not happy with the amount of people leaving (I hope they're just taking a break)
  • I am, as usual, behind on my Debian packaging ☹

However, some of the more recent emails on -private give me more hope, so I'm looking forward to the next 6 months. I wonder how this will all look in two years?

(Side-note: emacs-nox shows me the italic word above as italic in text mode: I never saw that before, and didn't know, that it's possible to have italic fonts in xterm! What is this trickery⁈ … it seems to be related to the font I use, fun!)

Planet Linux AustraliaBen Martin: Terry: Updated Top Shelf

The Kinect is now connected much closer to the tilt axis, giving a much better torque to hold ratio from the servo gearbox. I used some self tapping screws to attach the channel to the bottom of the Kinect. Probably not the cleanest solution but it appears to mount solidly and then you get to bolt that channel to the rest of the assembly. For a closer look the Logitech 1080 webcam is mounted offset from the Kinect. This should give an enjoyable time using the 1080 RGB data and combining the VGA depth mask from the Kinect into a point cloud.

The camera pan/tilt is now at the front of the top shelf and a robot arm is mounted at the back of the shelf. The temptation is high to move the arm onto a platform that is mounted using threaded rod to the back of Terry. All sorts of fun and games to be had with automated "pick up" and move tasks! Also handy for some folks who no longer enjoy having to pick items up from the ground. The camera pan/tilt can rotate around to see first hand what the arm is doing, so to speak.

The wheel assembly is one area that I'm fairly happy with. The yumo rotary encoder runs 1024 P/R and it is attached using an 8:1 down ratio to give an effective "ideal world" 13 bit precision. Yes, there are HAL effect ICs that give better precision, though they don't look as cool ;) The shaft of the motor is the axle for the wheel. It is handy that the shaft is not right in the centre of the motor because you can rotate the motor to move the wheel through an arc, and thus adjust the large alloy gear until it nicely mates with the brass gear on the rotary encoder.

Lower down near the wheels is a second distance sensor which is good for up to around 80cm distance. The scan rate is much slower than the Kinect however.

Things are getting very interesting now. A BeagleBone Black, many Atmel 328s on board, and an Intel j1900 motherboard to run the SLAM software.

Planet Linux AustraliaPeter Hardy: Making laser-cut backlit control panels

Most of my current arduino projects have had pretty ad-hoc enclosures. You can go a long way with a Jiffy box and a Dremel. Then I bought an embossing label maker to add some text to my boxes (and, OK, everything else — when you have an embossing label maker everything starts to look like an unlabeled thing). My most recent work though has been a pure human interface device. There’s a lot of buttons and switches and displays, and one of my goals for it was to create an enclosure that looked absolutely stunning.

I’ve eventually settled on building backlit panels from laser-etched acrylic, based on a technique I picked up from the MyCockpit forum for simpit builders. Flight sim geek communities are a great resource for learning how to build nice control panels, who knew? I’ve been refining my process to get decent results with a single pass through the laser cutter in my local maker space.


  • Acrylic sheet. I use 3mm opal translucent sheet. A square metre cost me $80, and now I have more acrylic than I’ll ever need. At current estimates, including all the failed panels I’ve cut, a half metre is still very generous.
  • Spray paint. I’m using a matt grey primer that claimed to be suitable for plastics. It’s been working well so far.

It’ll also need very fine grit sandpaper and masking tape.

Prepare the acrylic

Freshly painted panels, ready to cut.

Freshly painted panels, ready to cut.

I cut my sheets in to 250mm square sections. For each section, remove the backing paper from one side and spend a minute or so sanding the face very fine wet and dry paper to give the paint a surface to adhere to. Then apply three coats of paint. At the end you’ll have finished panels ready to cut. And, if you’re like me, some freshly painted furniture to boot.

Design your panel

This part was pretty incredibly frustrating for me. I started out working with LibreCAD, a reasonably full-featured 2D CAD drawing program. That made drawing precise outlines and holes for cutting a breeze, but it’s not particularly good at working with text. I wanted real truetype fonts on my panels, and getting LibreCAD to import font faces in a form it can work with ended up beyond me.

My current workflow is to draw text that I want added in Inkscape. Then convert the text to paths, and export it as a DXF file. That file can then be imported to LibreCAD as a block and placed in my etching layer. The software driving my laser cutter doesn’t like the DXF generated by LibreCAD though, so there’s another step importing the final file in to Inkscape to collapse layers, remove dimensions and save a file that can be downloaded to the laser.

That… mostly works. Sometimes the text paths LibreCAD saves just don’t generate easily filled objects and the laser gets confused and it all goes pearshaped. Right now I’m still loading the text blocks in to LibreCAD but only using them as a visual guide. When doing final prep for cutting I still replace the text on the panel in Inkscape, to ensure a happy etching experience.

Cut the panel

Tuning etching settings for good clear lettering

Tuning etching settings for good clear lettering

I did a dummy cut with holes and a combination of angular and round lettering in all of the sizes I needed. I was using a couple of different sized fonts, and it took me a little while tweaking settings to get a result that looked sharp across the board.

When cutting panels, I order the job so that all of the engraving is first, and the cut for the outline is last. Even though the cutting bed is stationary, warps in the perspex can lead to the panel shifting slightly after the outline is cut.

I learned the hard way that getting excited and removing the paper from the back of the perspex at this point is not a great idea.

Final painting

The panel is finished, but now has raw edges that look ugly and leak light when it’s backlit. Apply masking tape to the front side, along the edges (leaving it overhang but not stuck to the side of the panel), and covering holes. Then place it face down and apply another couple of coats of paint along the edges.

I’m still working on getting this part right. Previous attempts without the masking tape led to paint bleeding under the edge, leading to visible paint drops or the newspaper I had under the panel sticking to the face. Initial tests with the tape look pretty good though.

Once the paint has dried, the backing paper for the panel can be removed and components mounted.

My most recent finished panel.

My most recent finished panel.

Next steps

I’m still working on the best way to backlight these panels. Simply lighting up the inside of the enclosure looks good, but seems a bit bland to my mind. I want to start experimenting with with individually lit panels, possibly by countersinking LEDs in to the back of the panel. Mostly because I’m keen on flickering panels, and changing panel backlight colour. But pretty pleased with the overall look so far.


Planet DebianMatthew Palmer: You stay classy, Uber

You may have heard that Uber has been under a bit of fire lately for its desires to hire private investigators to dig up “dirt” on journalists who are critical of Uber. From using users’ ride data for party entertainment, putting the assistance dogs of blind passengers in the trunk, adding a surcharge to reduce the number of dodgy drivers, or even booking rides with competitors and then cancelling, or using the ride to try and convince the driver to change teams, it’s pretty clear that Uber is a pretty good example of how companies are inherently sociopathic.

However, most of those examples are internal stupidities that happened to be made public. It’s a very rare company that doesn’t do all sorts of shady things, on the assumption that the world will never find out about them. Uber goes quite a bit further, though, and is so out-of-touch with the world that it blogs about analysing people’s sexual activity for amusement.

You’ll note that if you follow the above link, it sends you to the Wayback Machine, and not Uber’s own site. That’s because the original page has recently turned into a 404. Why? Probably because someone at Uber realised that bragging about how Uber employees can amuse themselves by perving on your one night stands might not be a great idea. That still leaves the question open of what sort of a corporate culture makes anyone ever think that inspecting user data for amusement would be a good thing, let alone publicising it? It’s horrific.

Thankfully, despite Uber’s fairly transparent attempt at whitewashing (“clearwashing”?), the good ol’ Wayback Machine helps us to remember what really went on. It would be amusing if Uber tried to pressure the Internet Archive to remove their copies of this blog post (don’t bother, Uber; I’ve got a “Save As” button and I’m not afraid to use it).

In any event, I’ve never used Uber (not that I’ve got one-night stands to analyse, anyway), and I’ll certainly not be patronising them in the future. If you’re not keen on companies amusing themselves with your private data, I suggest you might consider doing the same.


Planet DebianSteve Kemp: Lumail 2.x ?

I've continued to ponder the idea of reimplementing the console mail-client I wrote, lumail, using a more object-based codebase.

For one thing having loosely coupled code would allow testing things in isolation, which is clearly a good thing.

I've written some proof of concept code which will allow the following Lua to be evaluated:

-- Open the maildir.
users = "/home/skx/Maildir/.debian.user" )

-- Count the messages.
print( "There are " .. users:count() .. " messages in the maildir " .. users:path() )

-- Now we want to get all the messages and output their paths.
for k,v in ipairs( users:messages()) do
    -- Here we could do something like:
    --   if ( string.find( v:headers["subject"], "troll", 1, true ) ) then v:delete()  end
    -- Instead play-nice and just show the path.
    print( k .. " -> " .. v:path() )

This is all a bit ugly, but I've butchered some code together that works, and tried to solicit feedback from lumail users.

I'd write more but I'm tired, and intending to drink whisky and have an early night. Today I mostly replaced pipes in my attic. (Is it "attic", or is it "loft"? I keep alternating!) Fingers crossed this will mean a dry kitchen in the morning.

Planet DebianSune Vuorela: Is linux about choice?

Occasionally, various quotes from people having an opinion if linux is about choice or not. Even pages like has shown up.

My short answer is “YES”. Linux is about choice. And you get all your choices directly from your f/loss definition of choice (FSF’s 4 freedoms / OSI’s opensource definition / Debian Free Software Guidelines)

It doesn’t mean that you get all the gui configuration bits that you want. It doesn’t mean that you without any problems can switch out any component. But it does mean that you can get it exactly your way. But it might require you to edit some source code and compile some stuff.

Don MartiWhy I'm not signing up for Google Contributor (or giving up on web advertising)

Making the rounds: Google’s New Service Kills Ads on Your Favorite Sites for a Monthly Fee. Basically, turn the ads into the thing that annoys the free users, wasting their bandwidth and screen space, until some of them go paid. You know, the way the crappy ads on Android apps work.

But the problem isn't advertising. The web is not the first medium where the audience gets stuff for free, or at an artificially low price. Cultural works and Journalism have been ad-supported for a long time. Sure, people like to complain about annoying ads, and they're uncomfortable about database marketing. But magazine readers look at the ads, and even Tivo-equipped TV viewers have low skip rates.

The problem is figuring out why today's web ads are so different, why ad blocking is on the way up, and how can a web ad work more like a magazine ad? From the article:

If people are going to gripe constantly about ads and having their personal data sold to advertisers, why not ask them to put a nominal amount of money where their mouths are?

Because that's not how people work. We don't pay other people to come into compliance with social norms. "Hey, you took my place in's a dollar to switch back" doesn't happen. More:

It could save publishers who are struggling to stay afloat as ad dollars dwindle, while also giving consumers what they say they want.

You lost me at giving consumers what they say they want. When has that ever worked? People say all kinds of stuff. You have to watch what they do. What they do, offline, is enjoy high-value ad-supported content, with the ads. Why is the web so different? Why do people treat web ads more like email spam and less like offline ads? The faster we can figure out the ad blocking paradox, the faster we can move from annoying, low-value web ads to ads that pull their weight economically.

(More: Targeted Advertising Considered Harmful)

Planet DebianDaniel Pocock: updated for latest browsers

I've just updated with the latest versions of JSCommunicator and JsSIP.

The version of JsSIP that had been on the site was actually quite old, from February 2014 and the browsers have evolved a lot since then.

If you've tried it before and it didn't work consistently please try again and feel free to share any feedback you have.

Sociological ImagesChart of the Week: Rich Kids More Likely to be Working for Dad

A new paper by Martha Stinson and Christopher Wignall found that 9.6% of working-age men were working for their dad in 2010. The likelihood of nepotistic opportunism was related to class, generally climbing with the father’s income.


This is just a “snapshot,” writes Matt O’Brien for The Washington Post. It’s just one year. If we consider whether men have ever worked for their dads, the numbers get much higher. More than a quarter of men spend at least some time working for the same company as their fathers before their 30th birthday. O’Brien also cites a study by economist Miles Corak revealing that 70% of sons of the 1% in Canada have worked at the same place as their dad.

As O’Brien says: “The easiest way to get your foot in the door is for your dad to hold it open for you.”

Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

(View original at

Planet Linux AustraliaAndrew Pollock: [life] Day 296: The day of walking errands

We did a rather huge amount of pedestrian travel today.

I had the car booked in for a service, so after Sarah dropped Zoe off, and she'd watched a bit of TV, we drove over to Newstead to drop the car off.

I'd packed Zoe's scooter in the boot, and once we left the car dealership, we headed over to the Teneriffe cross-river ferry, which is currently conveniently depositing passengers at Hawthorne. Even more conveniently, the ferry was waiting for us as we arrived.

I'd booked haircuts for us at 10am, and we comfortably made it to the hairdresser with about 10 minutes to spare.

After that, it was time to head over to Tumble Tastics, which was quite close to the hairdresser's. We ended up getting there about 20 minutes early, but that was fine.

After Tumble Tastics, we headed home for lunch, and the car was ready to be picked up, so after a brief rest, we headed out again.

This time, Zoe said she wanted to walk, rather than ride the scooter, so we headed out on foot, reversing our trip.

We were in no particular hurry, so we stopped for a little play in a park over at Newstead that we'd discovered in the morning, and then picked up the car. It was a very hot day, so it was nice to get out of the heat.

On the way home, I discovered that the Hawthorne Markets were on. I had some paperwork to drop off to Zoe's school, so after I filled that out, we walked over to her school, dropped it off, and then walked back to the Hawthorne Markets.

I bumped into one of my fellow Thermomix Consultants, Katia, and got introduced to one of her friends, who it turns out, was at the very first trial Tumble Tastics class we went to. She also had a daughter named Zoe. So my Zoe knocked around with this Zoe and Katia's kids, and we grabbed some dinner there. It was a nice night out.

I love the feeling of community that I have now. I don't think I've had this feeling of being so well established in a place, within such a walking distance, ever before. I am truly grateful for living in such a wonderful neighbourhood and community.

Planet DebianJonathan Wiltshire: Getting things into Jessie (#7)

Keep in touch

We don’t really have a lot of spare capacity to check up on things, so if we ask for more information or send you away to do an upload, please stay in touch about it.

Do remove a moreinfo tag if you reply to a question and are now waiting for us again.

Do ping the bug if you get a green light about an upload, and have done it. (And remove moreinfo if it was set.)

Don’t be afraid of making sure we’re aware of progress.

Getting things into Jessie (#7) is a post from: | Flattr

Planet DebianCraig Small: WordPress 4.0.1 for Debian

WordPress recently released an update that had multiple security patches for their (then) current version 4.0. This release is 4.0.1 and includes important security fixes.  The Debian packages got just uploaded, if you are running the Debian packaged wordpress, you should update to 4.0.1+dfsg-1 or later.

I am going to look at these patches and see if they can and need to be backported to wordpress 3.6.1. Unfortunately I believe they will be. I’m also asking it to be unblocked into Jessie as it is a security fix.

There was, at the time of writing, no CVE numbers.

Planet Linux AustraliaLev Lafayette: A GnuCash Tutorial

Tutorial presentation of GnuCash given to the CPA Young Professionals group at Victoria University, 19th November, 2014

Planet DebianPetter Reinholdtsen: How to stay with sysvinit in Debian Jessie

By now, it is well known that Debian Jessie will not be using sysvinit as its boot system by default. But how can one keep using sysvinit in Jessie? It is fairly easy, and here are a few recipes, courtesy of Erich Schubert and Simon McVittie.

If you already are using Wheezy and want to upgrade to Jessie and keep sysvinit as your boot system, create a file /etc/apt/preferences.d/use-sysvinit with this content before you upgrade:

Package: systemd-sysv
Pin: release o=Debian
Pin-Priority: -1

This file content will tell apt and aptitude to not consider installing systemd-sysv as part of any installation and upgrade solution when resolving dependencies, and thus tell it to avoid systemd as a default boot system. The end result should be that the upgraded system keep using sysvinit.

If you are installing Jessie for the first time, there is no way to get sysvinit installed by default (debootstrap used by debian-installer have no option for this), but one can tell the installer to switch to sysvinit before the first boot. Either by using a kernel argument to the installer, or by adding a line to the preseed file used. First, the kernel command line argument:

preseed/late_command="in-target apt-get install --purge -y sysvinit-core"

Next, the line to use in a preseed file:

d-i preseed/late_command string in-target apt-get install -y sysvinit-core

One can of course also do this after the first boot by installing the sysvinit-core package.

I recommend only using sysvinit if you really need it, as the sysvinit boot sequence in Debian have several hardware specific bugs on Linux caused by the fact that it is unpredictable when hardware devices show up during boot. But on the other hand, the new default boot system still have a few rough edges I hope will be fixed before Jessie is released.

Update 2014-11-26: Inspired by a blog post by Torsten Glaser, added --purge to the preseed line.


CryptogramFriday Squid Blogging: Cephalopod Cognition

Tales of cephalopod behavior, including octopuses, squid, cuttlefish and nautiluses.

Cephalopod Cognition, published by Cambridge University Press, is currently available in hardcover, and the paperback edition will be available next week.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Planet DebianJoey Hess: propelling containers

Propellor has supported docker containers for a "long" time, and it works great. This week I've worked on adding more container support.

docker containers (revisited)

The syntax for docker containers has changed slightly. Here's how it looks now:

example :: Host
example = host ""
    & Docker.docked webserverContainer

webserverContainer :: Docker.Container
webserverContainer = Docker.container "webserver" "joeyh/debian-stable"
    & os (System (Debian (Stable "wheezy")) "amd64")
    & Docker.publish "80:80"
    & Apt.serviceInstalledRunning "apache2"
    & alias ""

That makes have a web server in a docker container, as you'd expect, and when propellor is used to deploy the DNS server it'll automatically make point to the host (or hosts!) where this container is docked.

I use docker a lot, but I have drank little of the Docker KoolAid. I'm not keen on using random blobs created by random third parties using either unreproducible methods, or the weirdly underpowered dockerfiles. (As for vast complicated collections of containers that each run one program and talk to one another etc ... I'll wait and see.)

That's why propellor runs inside the docker container and deploys whatever configuration I tell it to, in a way that's both replicatable later and lets me use the full power of Haskell.

Which turns out to be useful when moving on from docker containers to something else...

systemd-nspawn containers

Propellor now supports containers using systemd-nspawn. It looks a lot like the docker example.

example :: Host
example = host ""
    & Systemd.persistentJournal
    & Systemd.nspawned webserverContainer

webserverContainer :: Systemd.Container
webserverContainer = Systemd.container "webserver" chroot
    & Apt.serviceInstalledRunning "apache2"
    & alias ""
    chroot = Chroot.debootstrapped (System (Debian Unstable) "amd64") Debootstrap.MinBase

Notice how I specified the Debian Unstable chroot that forms the basis of this container. Propellor sets up the container by running debootstrap, boots it up using systemd-nspawn, and then runs inside the container to provision it.

Unlike docker containers, systemd-nspawn containers use systemd as their init, and it all integrates rather beautifully. You can see the container listed in systemctl status, including the services running inside it, use journalctl to examine its logs, etc.

But no, systemd is the devil, and docker is too trendy...


Propellor now also supports deploying good old chroots. It looks a lot like the other containers. Rather than repeat myself a third time, and because we don't really run webservers inside chroots much, here's a slightly different example.

example :: Host
example = host "mylaptop"
    & Chroot.provisioned (buildDepChroot "git-annex")

buildDepChroot :: Apt.Package -> Chroot.Chroot
buildDepChroot pkg = Chroot.debootstrapped system Debootstrap.buildd dir
    & Apt.buildDep pkg
    dir = /srv/chroot/builddep/"++pkg
   system = System (Debian Unstable) "amd64"

Again this uses debootstrap to build the chroot, and then it runs propellor inside the chroot to provision it (btw without bothering to install propellor there, thanks to the magic of bind mounts and completely linux distribution-independent packaging).

In fact, the systemd-nspawn container code reuses the chroot code, and so turns out to be really rather simple. 132 lines for the chroot support, and 167 lines for the systemd support (which goes somewhat beyond the nspawn containers shown above).

Which leads to the hardest part of all this...


Making a propellor property for debootstrap should be easy. And it was, for Debian systems. However, I have crazy plans that involve running propellor on non-Debian systems, to debootstrap something, and installing debootstrap on an arbitrary linux system is ... too hard.

In the end, I needed 253 lines of code to do it, which is barely one magnitude less code than the size of debootstrap itself. I won't go into the ugly details, but this could be made a lot easier if debootstrap catered more to being used outside of Debian.


Docker and systemd-nspawn have different strengths and weaknesses, and there are sure to be more container systems to come. I'm pleased that Propellor can add support for a new container system in a few hundred lines of code, and that it abstracts away all the unimportant differences between these systems.


Seems likely that systemd-nspawn containers can be nested to any depth. So, here's a new kind of fork bomb!

infinitelyNestedContainer :: Systemd.Container
infinitelyNestedContainer = Systemd.container "evil-systemd"
    (Chroot.debootstrapped (System (Debian Unstable) "amd64") Debootstrap.MinBase)
    & Systemd.nspawned infinitelyNestedContainer

Strongly typed purely functional container deployment can only protect us against a certian subset of all badly thought out systems. ;)

Planet DebianNiels Thykier: Release Team unblock queue flushed

At the start of this week, I wrote that we had 58 open unblock requests open (of which 25 were tagged moreinfo).  Thanks to an extra effort from the Release Team, we now down to 25 open unblocks – of which 18 are tagged moreinfo.

We have now resolved 442 unblock requests (out of a total of 467).  The rate has also declined to an average of ~18 new unblock requests a day (over 26 days) and our closing rated increased to ~17.

With all of this awesomeness, some of us are now more than ready to have a well-deserved weekend to recharge our batteries.  Meanwhile, feel free to keep the RC bug fixes flowing into unstable.

Planet DebianRichard Hartmann: Release Critical Bug report for Week 47

There's a BSP this weekend. If you're interested in remote participation, please join #debian-muc on

The UDD bugs interface currently knows about the following release critical bugs:

  • In Total: 1213 (Including 210 bugs affecting key packages)
    • Affecting Jessie: 342 (key packages: 152) That's the number we need to get down to zero before the release. They can be split in two big categories:
      • Affecting Jessie and unstable: 260 (key packages: 119) Those need someone to find a fix, or to finish the work to upload a fix to unstable:
        • 37 bugs are tagged 'patch'. (key packages: 20) Please help by reviewing the patches, and (if you are a DD) by uploading them.
        • 12 bugs are marked as done, but still affect unstable. (key packages: 3) This can happen due to missing builds on some architectures, for example. Help investigate!
        • 211 bugs are neither tagged patch, nor marked done. (key packages: 96) Help make a first step towards resolution!
      • Affecting Jessie only: 82 (key packages: 33) Those are already fixed in unstable, but the fix still needs to migrate to Jessie. You can help by submitting unblock requests for fixed packages, by investigating why packages do not migrate, or by reviewing submitted unblock requests.
        • 65 bugs are in packages that are unblocked by the release team. (key packages: 26)
        • 17 bugs are in packages that are not unblocked. (key packages: 7)

How do we compare to the Squeeze release cycle?

Week Squeeze Wheezy Jessie
43 284 (213+71) 468 (332+136) 319 (240+79)
44 261 (201+60) 408 (265+143) 274 (224+50)
45 261 (205+56) 425 (291+134) 295 (229+66)
46 271 (200+71) 401 (258+143) 427 (313+114)
47 283 (209+74) 366 (221+145) 342 (260+82)
48 256 (177+79) 378 (230+148)
49 256 (180+76) 360 (216+155)
50 204 (148+56) 339 (195+144)
51 178 (124+54) 323 (190+133)
52 115 (78+37) 289 (190+99)
1 93 (60+33) 287 (171+116)
2 82 (46+36) 271 (162+109)
3 25 (15+10) 249 (165+84)
4 14 (8+6) 244 (176+68)
5 2 (0+2) 224 (132+92)
6 release! 212 (129+83)
7 release+1 194 (128+66)
8 release+2 206 (144+62)
9 release+3 174 (105+69)
10 release+4 120 (72+48)
11 release+5 115 (74+41)
12 release+6 93 (47+46)
13 release+7 50 (24+26)
14 release+8 51 (32+19)
15 release+9 39 (32+7)
16 release+10 20 (12+8)
17 release+11 24 (19+5)
18 release+12 2 (2+0)

Graphical overview of bug stats thanks to azhag:

Planet DebianJonathan Wiltshire: On kFreeBSD and FOSDEM

Boy I love rumours. Recently I’ve heard two, which I ought to put to rest now everybody’s calmed down from recent events.

kFreeBSD isn’t an official Jessie architecture because <insert systemd-related scare story>

Not true.

Our sprint at ARM (who kindly hosted and caffeinated us for four days) was timed to coincide with the Cambridge Mini-DebConf 2014. The intention was that this would save on travel costs for those members of the Release Team who wanted to attend the conference, and give us a jolly good excuse to actually meet up. Winners all round.

It also had an interesting side-effect. The room we used was across the hall from the lecture theatre being used as hack space and, later, the conference venue, which meant everybody attending during those two days could see us locked away there (and yes, we were in there all day for two days solid, except for lunch times and coffee missions). More than one conference attendee remarked to me in person that it was interesting for them to see us working (although of course they couldn’t hear what we were discussing), and hadn’t appreciated before that how much time and effort goes into our meetings.

Most of our first morning was taken up with the last pieces of architecture qualification, and that was largely the yes/no decision we had to make about kFreeBSD. And you know what? I don’t recall us talking about systemd in that context at all. Don’t forget kFreeBSD already had a waiver for a reduced scope in Jessie because of the difficulty in porting systemd to it.

It’s sadly impossible to capture the long and detailed discussion we had into a couple of lines of status information in a bits mail. If bits mails were much longer, people would be put off reading them, and we really really want you to take note of what’s in there. The little space we do have needs to be factual and to the point, and not include all the background that led us to a decision.

So no, the lack of an official Jessie release of kFreeBSD has very little, if anything, to do with systemd.

Jessie will be released during (or even before) FOSDEM

Not necessarily true.

Debian releases are made when they’re ready. That sets us apart from lots of other distributions, and is a large factor in our reputation for stability. We may have a target date in mind for a freeze, because that helps both us and the rest of the project plan accordingly. But we do not have a release date in mind, and will not do so until we get much closer to being ready. (Have you squashed an RC bug today?)

I think this rumour originated from the office of the DPL, but it’s certainly become more concrete than I think Lucas intended.

However, it is true that we’ve gone into this freeze with a seriously low bug count, because of lots of other factors. So it may indeed be that we end up in good enough shape to think about releasing near (or even at) FOSDEM. But rest assured, Debian 8 “Jessie” will be released when it’s ready, and even we don’t know when that will be yet.

(Of course, if we do release before then, you could consider throwing us a party. Plenty of the Release Team, FTP masters and CD team will be at FOSDEM, release or none.)

On kFreeBSD and FOSDEM is a post from: | Flattr

Planet DebianGunnar Wolf: Status of the Debian OpenPGP keyring — November update

Almost two months ago I posted our keyring status graphs, showing the progress of the transition to >=2048-bit keys for the different active Debian keyrings. So, here are the new figures.

First, the Non-uploading keyring: We were already 100% transitioned. You will only notice a numerical increase: That little bump at the right is our dear friend Tássia finally joining as a Debian Developer. Welcome! \o/

As for the Maintainers keyring: We can see a sharp increase in 4096-bit keys. Four 1024-bit DM keys were migrated to 4096R, but we did have eight new DMs coming in To them, also, welcome \o/.

Sadly, we had to remove a 1024-bit key, as Peter Miller sadly passed away. So, in a 234-key universe, 12 new 4096R keys is a large bump!

Finally, our current-greatest worry — If for nothing else, for the size of the beast: The active Debian Developers keyring. We currently have 983 keys in this keyring, so it takes considerably more effort to change it.

But we have managed to push it noticeably.

This last upload saw a great deal of movement. We received only one new DD (but hey — welcome nonetheless! \o/ ). 13 DD keys were retired; as one of the maintainers of the keyring, of course this makes me sad — but then again, in most cases it's rather an acknowledgement of fact: Those keys' holders often state they had long not been really involved in the project, and the decision to retire was in fact timely. But the greatest bulk of movement was the key replacements: A massive 62 1024D keys were replaced with stronger ones. And, yes, the graph changed quite abruptly:

We still have a bit over one month to go for our cutoff line, where we will retire all 1024D keys. It is important to say we will not retire the affected accounts, mark them as MIA, nor anything like that. If you are a DD and only have a 1024D key, you will still be a DD, but you will be technically unable to do work directly. You can still upload your packages or send announcements to regulated mailing lists via sponsor requests (although you will be unable to vote).

Speaking of votes: We have often said that we believe the bulk of the short keys belong to people not really active in the project anymore. Not all of them, sure, but a big proportion. We just had a big, controversial GR vote with one of the highest voter turnouts in Debian's history. I checked the GR's tally sheet, and the results are interesting: Please excuse my ugly bash, but I'm posting this so you can play with similar runs on different votes and points in time using the public keyring Git repository:

  1. $ git checkout 2014.10.10
  2. $ for KEY in $( for i in $( grep '^V:' tally.txt |
  3. awk '{print "<" $3 ">"}' )
  4. do
  5. grep $i keyids|cut -f 1 -d ' '
  6. done )
  7. do
  8. if [ -f debian-keyring-gpg/$KEY -o -f debian-nonupload-gpg/$KEY ]
  9. then
  10. gpg --keyring /dev/null --keyring debian-keyring-gpg/$KEY \
  11. --keyring debian-nonupload-gpg/$KEY --with-colons \
  12. --list-key $KEY 2>/dev/null \
  13. | head -2 |tail -1 | cut -f 3 -d :
  14. fi
  15. done | sort | uniq -c
  16. 95 1024
  17. 13 2048
  18. 1 3072
  19. 371 4096
  20. 2 8192

So, as of mid-October: 387 out of the 482 votes (80.3%) were cast by developers with >=2048-bit keys, and 95 (19.7%) were cast by short keys.

If we were to run the same vote with the new active keyring, 417 votes would have been cast with >=2048-bit keys (87.2%), and 61 with short keys (12.8%). We would have four less votes, as they retired:

  1. 61 1024
  2. 14 2048
  3. 2 3072
  4. 399 4096
  5. 2 8192

So, lets hear it for November/December. How much can we push down that pesky yellow line?

Disclaimer: Any inaccuracy due to bugs in my code is completely my fault!

Krebs on SecurityConvicted ID Thief, Tax Fraudster Now Fugitive

In April 2014, this blog featured a story about Lance Ealy, an Ohio man arrested last year for buying Social Security numbers and banking information from an underground identity theft service that relied in part on data obtained through a company owned by big-three credit bureau Experian. Earlier this week, Ealy was convicted of using the data to fraudulently claim tax refunds with the IRS in the names of more than 175 U.S. citizens, but not before he snipped his monitoring anklet and skipped town.

Lance Ealy, in self-portrait he uploaded to twitter before absconding.

Lance Ealy, in selfie he uploaded to Twitter before absconding.

On Nov. 18, a jury in Ohio convicted Ealy, 28, on all 46 charges, including aggravated identity theft, and wire and mail fraud. Government prosecutors presented evidence that Ealy had purchased Social Security numbers and financial data on hundreds of consumers, using an identity theft service called (later renamed The jury found that Ealy used that information to fraudulently file at least 179 tax refund requests with the Internal Revenue Service, and to open up bank accounts in other victims’ names — accounts he set up to receive and withdraw tens of thousand of dollars in refund payments from the IRS.

The identity theft service that Ealy used was dismantled in 2013, after investigators with the U.S. Secret Service arrested its proprietor and began tracking and finding many of his customers. Investigators later discovered that the service’s owner had obtained much of the consumer data from data brokers by posing as a private investigator based in the United States.

In reality, the owner of was a Vietnamese man paying for his accounts at data brokers using cash wire transfers from a bank in Singapore. Among the companies that Ngo signed up with was Court Ventures, a California company that was bought by credit bureau Experian nine months before the government shut down

Court records show that Ealy went to great lengths to delay his trial, and even reached out to this reporter hoping that I would write about his allegations that everyone from his lawyer to the judge in the case was somehow biased against him or unfit to participate in his trial. Early on, Ealy fired his attorney, and opted to represent himself. When the court appointed him a public defender, Ealy again choose to represent himself.

“Mr. Ealy’s motions were in a lot of respects common delay tactics that defendants use to try to avoid the inevitability of a trial,” said Alex Sistla, an assistant U.S. attorney in Ohio who helped prosecute the case.

Ealy also continued to steal peoples’ identities while he was on trial (although no longer buying from, according to the government. His bail was revoked for several months, but in October the judge in the case ordered him released on a surety bond.

It is said that a man who represents himself in court has a fool for a client, and this seems doubly true when facing criminal charges by the U.S. government. Ealy’s trial lasted 11 days, and involved more than 70 witnesses — many of the ID theft victims. His last appearance in court was on Friday. When investigators checked in on Ealy at his home over the weekend, they found his electronic monitoring bracelet but not Ealy.

Ealy faces up to 10 years in prison on each count of possessing 15 or more unauthorized access devices with intent to defraud and using unauthorized access devices to obtain items of $1,000 or more in value; up to five years in prison on each count of filing false claims for income tax refunds with the IRS; up to 20 years in prison on each count of wire fraud and each count of mail fraud; and mandatory two-year sentences on each count of aggravated identity theft that must run consecutive to whatever sentence may ultimately be handed down. Each count of conviction also carries a fine of up to $250,000.

I hope they find Mr. Ealy soon and lock him up for a very long time. Unfortunately, he is one of countless fraudsters perpetrating this costly and disruptive form of identity theft. In 2014, both my sister and I were the victims of tax ID theft, learning that unknown fraudsters had already filed tax refunds in our names when we each filed our taxes with the IRS.

I would advise all U.S. readers to request a tax filing PIN from the IRS (sadly, it turns out that I applied for mine in Feburary, only days after the thieves filed my tax return). If approved, the PIN is required on any tax return filed for that consumer before a return can be accepted. To start the process of applying for a tax return PIN from the IRS, check out the steps at this link. You will almost certainly need to file an IRS form 14039 (PDF), and provide scanned or photocopied records, such a drivers license or passport.

To read more about other ID thieves who were customers of that the Secret Service has nabbed and put on trial, check out the stories in this series. Ealy’s account on Twitter is an also an eye-opener.

Don MartiRound-up for your future?

Another example of how the firearms industry is better at thinking long-term than the IT industry is.

MidwayUSA has a NRA Round-Up Program to make it easy for customers to make a small change donation to the National Rifle Association when placing an order. They have collected more than $10 million just through that one program (and they have others).

Does any IT vendor offer "round up for EFF?"

The IT industry in the USA depends on the First and Fourth Amendments, but we don't take care of them the way that the firearms industry helps with the Second. More: Learning from Second Amendment defenders.

Planet DebianDaniel Pocock: PostBooks 4.7 packages available, xTupleCon 2014 award

I recently updated the PostBooks packages in Debian and Ubuntu to version 4.7. This is the version that was released in Ubuntu 14.10 (Utopic Unicorn) and is part of the upcoming Debian 8 (jessie) release.

Better prospects for Fedora and RHEL/CentOS/EPEL packages

As well as getting the packages ready, I've been in contact with xTuple helping them generalize their build system to make packaging easier. This has eliminated the need to patch the makefiles during the build. As well as making it easier to support the Debian/Ubuntu packages, this should make it far easier for somebody to create a spec file for RPM packaging too.

Debian wins a prize

While visiting xTupleCon 2014 in Norfolk, I was delighted to receive the Community Member of the Year award which I happily accepted not just for my own efforts but for the Debian Project as a whole.

Steve Hackbarth, Director of Product Development at xTuple, myself and the impressive Community Member of the Year trophy

This is a great example of the productive relationships that exist between Debian, upstream developers and the wider free software community and it is great to be part of a team that can synthesize the work from so many other developers into ready-to-run solutions on a 100% free software platform.

Receiving this award really made me think about all the effort that has gone into making it possible to apt-get install postbooks and all the people who have collectively done far more work than myself to make this possible:

Here is a screenshot of the xTuple web / JSCommunicator integration, it was one of the highlights of xTupleCon:

and gives a preview of the wide range of commercial opportunities that WebRTC is creating for software vendors to displace traditional telecommunications providers.

xTupleCon also gave me a great opportunity to see new features (like the xTuple / Drupal web shop integration) and hear about the success of consultants and their clients deploying xTuple/PostBooks in various scenarios. The product is extremely strong in meeting the needs of manufacturing and distribution and has gained a lot of traction in these industries in the US. Many of these features are equally applicable in other markets with a strong manufacturing industry such as Germany or the UK. However, it is also flexible enough to simply disable many of the specialized features and use it as a general purpose accounting solution for consulting and services businesses. This makes it a good option for many IT freelancers and support providers looking for a way to keep their business accounts in a genuinely open source solution with a strong SQL backend and a native Linux desktop interface.

Sociological ImagesExcluding Blacks From The National Collective

Flashback Friday.

In a great book, The Averaged American, sociologist Sarah Igo uses case studies to tell the intellectual history of statistics, polling, and sampling. The premise is fascinating:  Today we’re bombarded with statistics about the U.S. population, but this is a new development.  Before the science developed, the concept was elusive and the knowledge was impossible. In other words, before statistics, there was no “average American.”

There are lots of fascinating insights in her book, but a post by Byron York brought one in particular to mind.  Here’s a screenshot of his opening lines (emphasis added by Jay Livingston):


The implication here is, of course, that Black Americans aren’t “real” Americans and that including them in opinion poll data is literally skewing the results.

Scientists designed the famous Middletown study with exactly this mentality.  Trying to determine who the average American was, scientists excluded Black Americans out of hand.  Of course, that was in the 1920s and ’30s.  How wild to see the same mentality in the 2000s.

Originally posted in 2009.

Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

(View original at

Planet DebianJulien Danjou: Distributed group management and locking in Python with tooz

With OpenStack embracing the Tooz library more and more over the past year, I think it's a good start to write a bit about it.

A bit of history

A little more than year ago, with my colleague Yassine Lamgarchal and others at eNovance, we investigated on how to solve a problem often encountered inside OpenStack: synchronization of multiple distributed workers. And while many people in our ecosystem continue to drive development by adding new bells and whistles, we made a point of solving new problems with a generic solution able to address the technical debt at the same time.

Yassine wrote the first ideas of what should be the group membership service that was needed for OpenStack, identifying several projects that could make use of this. I've presented this concept during the OpenStack Summit in Hong-Kong during an Oslo session. It turned out that the idea was well-received, and the week following the summit we started the tooz project on StackForge.


Tooz is a Python library that provides a coordination API. Its primary goal is to handle groups and membership of these groups in distributed systems.

Tooz also provides another useful feature which is distributed locking. This allows distributed nodes to acquire and release locks in order to synchronize themselves (for example to access a shared resource).

The architecture

If you are familiar with distributed systems, you might be thinking that there are a lot of solutions already available to solve these issues: ZooKeeper, the Raft consensus algorithm or even Redis for example.

You'll be thrilled to learn that Tooz is not the result of the NIH syndrome, but is an abstraction layer on top of all these solutions. It uses drivers to provide the real functionalities behind, and does not try to do anything fancy.

All the drivers do not have the same amount of functionality of robustness, but depending on your environment, any available driver might be suffice. Like most of OpenStack, we let the deployers/operators/developers chose whichever backend they want to use, informing them of the potential trade-offs they will make.

So far, Tooz provides drivers based on:

All drivers are distributed across processes. Some can be distributed across the network (ZooKeeper, memcached, redis…) and some are only available on the same host (IPC).

Also note that the Tooz API is completely asynchronous, allowing it to be more efficient, and potentially included in an event loop.


Group membership

Tooz provides an API to manage group membership. The basic operations provided are: the creation of a group, the ability to join it, leave it and list its members. It's also possible to be notified as soon as a member joins or leaves a group.

Leader election

Each group can have a leader elected. Each member can decide if it wants to run for the election. If the leader disappears, another one is elected from the list of current candidates. It's possible to be notified of the election result and to retrieve the leader of a group at any moment.

Distributed locking

When trying to synchronize several workers in a distributed environment, you may need a way to lock access to some resources. That's what a distributed lock can help you with.

Adoption in OpenStack

Ceilometer is the first project in OpenStack to use Tooz. It has replaced part of the old alarm distribution system, where RPC was used to detect active alarm evaluator workers. The group membership feature of Tooz was leveraged by Ceilometer to coordinate between alarm evaluator workers.

Another new feature part of the Juno release of Ceilometer is the distribution of polling tasks of the central agent among multiple workers. There's again a group membership issue to know which nodes are online and available to receive polling tasks, so Tooz is also being used here.

The Oslo team has accepted the adoption of Tooz during this release cycle. That means that it will be maintained by more developers, and will be part of the OpenStack release process.

This opens the door to push Tooz further in OpenStack. Our next candidate would be write a service group driver for Nova.

The complete documentation for Tooz is available online and has examples for the various features described here, go read it if you're curious and adventurous!

Planet Linux AustraliaCraige McWhirter: Craige McWhirter: An Unexpected Journey

Earlier this year I was braced for a hard and personally gruelling year. What I didn't expect however, was that after my return to Sydney that an old friend would reveal how she truly felt about me. It was a brave moment for her but fortunately for us both I'd harboured the same feelings toward her.

How was I to know,

That you would rise,

Like a burning angel in my eyes

As expected, this year has certainly lived up to and exceeded those difficult expectations to be undoubtedly the most challenging year of my life. However I've been fortunate to balance that by now having the most amazing woman by my side.

Fiona's love, support, advice and humour has been an unprecedented experience in my life. I've found a lover and a partner in crime with whom I've formed an indomitable team as we've had each others backs through some rather unbelievable trials.

Which brings me to Paris. We walked to Pont des Arts, the bridge across the Seine and added our padlock at the centre of the bridge, amongst the thousands of others and made a wish.

Then we kissed.

I asked Fiona what she wished for but was politely told it was a secret.

I said I would tell her what I wished for, then dropped to one knee and paused for long enough to read the unmistakeable expression of "What are you doing? Get up you idiot!" written across Fiona's face before I produced an engagement ring and asked Fiona to marry me.

Fiona's Engagement Ring

Fiona said "yes!".

Before too long,

We'll be together and no one will tear us apart

Before too long,

The words will be spoken I know all the action by heart

Earlier in the night I'd slipped an engagement pendant into Fiona's pocket which she discovered and put around my neck before we celebrated with a meal opposite Notre Dame cathedral.

Craige's engagement pendant

I still shake my head in disbelief at how two such independent people have found themselves in a place where they cannot imagine their life without the other. Yet that's where we are.

Our life going forward is going to complicated and challenging, however there will be an awful lot of love and we'll have each other's backs all the way.

Thank you Fiona, for bringing such love and light into my life.

I've found the one I've waited for

All this time I've loved you

And never known your face

All this time I've missed you

And searched this human race

Here is true peace

Here my heart knows calm

Safe in your soul

Bathed in your sighs

Want to stay right here

Until the end of time

Sometimes, dreams do come true.

Planet Linux AustraliaAndrew Pollock: [life] Day 295: A big long play date

I met Kelley at the first P&C meeting I went to, and she immediately took me under her wing, and later gave me a bit of a tour of the school, and some tips on Prep teachers and whatnot. I then proceeded to run into her nearly every time I went near the school.

She has a daughter, Chloe, starting Prep next year, and an older daughter in Year 3, and she's fairly well entrenched in the school community.

I thought it'd be good for Zoe to get to know Chloe a bit better, so she's one more person she knows at the start of school next year, so we had a play date at her house.

The girls seem to get along well, and Kelley's really nice. We have similar views in a lot of areas, and her husband works in IT security, so I think this could be the beginning of a beautiful friendship.

After lunch, due to the heat, we decided to bike down to the Colmslie Pool together. Kelley has a bike adapter trailer thing that couples a normal kid's bike to the back of hers, with the front wheel slightly elevated.

Zoe made me very proud at the pool, doing a kneeling dive into the water and swimming half the length of the indoor pool. Her swimming continues to progress in leaps and bounds.

We had a good time at the pool, and then biked back to school so Kelley could pick up her other daughter. We just hung out at the pool a bit early for swim class, and then biked home afterwards.

Sarah picked up Zoe, and then I headed out for the second Thermomix cooking class I've had to help out with. This one was a bit more fun for me because we had a great number of consultants on hand to share the workload, and I wasn't on washing up duties this time.

Cory DoctorowLittle Brother middle school English curriculum materials

James Scot Brodie is a teacher at Presidio Middle School in San Francisco, where Jen Wang and I spoke last month on our tour for In Real Life; prior to my arriving, he assigned my book Little Brother to his students, and produced some curricular materials that he's generously given to me to publish.

Little Brother Portfolio | Little Brother Acronym Challenge | Little Brother Biography project

He writes,

I was thrilled when the librarian announced that Cory Doctorow was going to make an appearance at our school. As an English teacher, aspiring writer, and complete nerd -- I find author visits a nice perk to the job. The students too, like to get out of the classroom whenever they can and author visits are a rare treat. I’ve been teaching for about five years and I’ve met two authors. It then dawned on me that we seldom read the books of the authors that come to visit our school. Mainly because our closets are filled with tons of dead people. Maybe five percent of our class sets are from the living, although Mr. Gomez somehow scored 40 copies of The Fault In Our Stars (he must know someone).

Nevertheless, it was early September and Doctorow was set to visit on October 16. I was determined to have my students read the book, but we only had ten copies from a box on loan from the public library. Now, Doctorow is super generous with his stuff and offers a lot of material to educators and students for free via his website, so I figured I would tap into this and download the book. At the same time I didn’t want to print up 102 copies for my 3 English classes. That would take forever, cost a lot, and kill too many trees. So, long story short, this is what I did: I purchased the audio book, and two copies of the text. I read the book, making “marginal” and underlining vocabulary words, slowly sculpting it into a “teacher’s edition.” I also came up with questions for each chapter. Most the questions are simple guided questions (who, what, when, where and why), but I also made sure that each chapter has a question where the students can relate the reading to their own lives -- these inquiries were also great springboards for interesting classroom discussions. I printed up these sheets and students completed them as we listened to the audio book. This is where the second book comes into play – I used the unmarked version of the text to display on the white board at the front of the class via my ELMO projector for all the class to see. I was surprised at how huge I could get the book -- it was roughly four feet by six feet and I didn’t know this but the little orange button on the left is for focusing (a student pointed this out to me). I’ll have to say it was one of the most positive reading experiences I’ve ever had with a class. It may be psychological but the minute I projected the book on the board and hit the play button on the audio book -- students were enthralled as if watching a movie. Of course it may also have something to do with Mr. Doctorow’s book -- there is a lot in there that the modern day teenager can relate to.

The entire unit took about six weeks. Students gathered all their vocabulary/question sheets into a portfolio. I purchased card stock and brass fasteners for students to make covers for these portfolios (which they decorated themselves) and this turned out to be a great boon for students that couldn’t afford to purchase their own copies of the book, because when the big day came -- Doctorow autographed copies for his admirers. And this is how the lesson plan ended up here, Cory signed a few, thought they were cool and offered to post them. There are a couple of other activities that I’ve thrown in, but the above is the real meat and potatoes. Use them as you like, put your own personal spin on them and hopefully it will save you some time.

James Scot Brodie
English Teacher

Worse Than FailureError'd: Turn Off Your Uter

"Not quite sure what to do here... should I, or shouln't I turn of my computer... and what about my uter?" wrote Peter P.


Craig W. writes, "Hmm...Garmin's definition of 'near' seems to be just a little different than mine."


"Request free ZLMP sample? Get free XLMP instead!" writes Erik T.


"I remember learning about 1 o'clock, 2 o'clock and so on, but I'm pretty sure they never taught us about the time mentioned in this email," wrote Tim.


"My grandmother said that her computer was running slow. I think I found out why," writes Alfred A.


Alfred A. wrote, "So many choices, but neither are what I need to click on."


Hesham M. writes, "I dunno, maybe jjjjdjdjdjdjjdjjdjdjdjdj means 'the test was successful' in some other language?"


"I can't tell if it's really windy or the vacuum of space," Greg wrote.


Planet DebianJonathan Wiltshire: Getting things into Jessie (#6)

If it’s not in an unblock bug, we probably aren’t reading it

We really, really prefer unblock bugs to anything else right now (at least, for things relating to Jessie). Mails on the list get lost, and IRC is dubious. This includes for pre-approvals.

It’s perfectly fine to open an unblock bug and then find it’s not needed, or the question is really about something else. We’d rather that than your mail get lost between the floorboards. Bugs are easy to track, have metadata so we can keep the status up to date in a standard way, and are publicised in all the right places. They make a great to-do list.

By all means twiddle with the subject line, for example appending “(pre-approval)” so it’s clearer – though watch out for twiddling too much, or you’ll confuse udd.

(to continue my theme: asking you to file a bug instead costs you one round-trip; don’t forget we’re doing it at scale)


Getting things into Jessie (#6) is a post from: | Flattr

Planet Linux AustraliaAndrew Pollock: [life] Day 294: Babysitting play date, final Prep introductory day and an afternoon play date

Wednesday was yet another full day. It's no wonder I'm feeling so tired, and have a backlog of blogging.

Mel had asked me if I could look after Matthew and Olivia for a couple of hours in the morning. Matthew and Zoe get along fabulously, and the time worked well, so I was happy to help out.

Zoe seems to be going through a bit of a nightmare phase at the moment. I'm sure the heat isn't helping. Zoe woke up with a nightmare about Smudge dying at 2am. Her room was 27°C at the time. 2am seems to be the nightmare time. I got her resettled within about half an hour. I really think I'm going to have to look into air-conditioning her bedroom sooner rather than later.

So I was a bit of a zombie when Mel dropped the kids off at 9am. Fortunately Matthew and Zoe just went off and played together, and Olivia was happy to just hang out with me. She's such a sweet little 2 and a half year old. She kept calling me "Lucy's Dad" or "Sophie's Dad" or something not quite right. It was very cute.

Mel was going to stay for lunch, and I'd been feeling adventurous, and made some hamburger buns and hamburger patties throughout the morning, with everyone running amok around me.

I improvised a bit on the hamburger buns, using a mix of baker's flour and whole-wheat flour and buckwheat. The result still turned out quite satisfactory.

After lunch, Zoe and I headed over to school for the final Prep introductory afternoon. Zoe wanted to walk today. It was a "best of" day for the fine motor skills activities, and Zoe was rather chuffed to get picked as a leader for the gross motor skills activities.

One of the Prep teachers (the one I hope Zoe gets next year) who had remarked on Zoe's timidity on the first day remarked today about what a different girl she was now.

Walking home, there were a ton of ibis on the football field we walk past, so Zoe had a great time running across the field chasing them all. She's getting a lot better about walking longer distances now.

Eva and Layla came over for a play with Tanya in tow after school, and the girls had a fun afternoon. A massive storm rolled in, and so I went and picked up Anshu from the ferry terminal. Once the storm abated, Tanya left with the girls, and then Sarah arrived to pick up Zoe.

Anshu tagged along with me to the P&C meeting. Not the most fun "date night", but I was glad to have another opportunity to attend a P&C meeting before the end of the school year.

Planet Linux AustraliaMichael Davies: Playing with the network

I'm in the position of needing to improve my internet connectivity, so one of the first steps is to decouple all the things that provide the services I rely upon.

Stage one is to turn my modem into just an ADSL endpoint, removing any DHCP, NAT, and PPPoE termination from the device so that it has a single function.

Fortunately my nb604n ADSL modem has a nice easy-to-follow guide for taking it into bridge mode:

Now onto greater things!

Planet Linux AustraliaCraige McWhirter: Craige McWhirter: Deleting Root Volumes Attached to Non-Existent Instances

Let's say you've got an OpenStack build you're getting ready to go live with. Assume also that you're performing some, ahem, robustness testing to see what breaks and prevent as many surprises as possible prior to going into production. OpenStack controller servers are being rebooted all over the shop and during this background chaos, punters are still trying to launch instances with vary degrees of success.

Once everything has settled down, you may find that some lucky punters have deleted the unsuccessful instances but the volumes have been left behind. This isn't initially obvious from the cinder CLI without cross checking with nova:

$ cinder list
|                  ID                  |   Status  | Display Name | Size | Volume Type | B
ootable |             Attached to              |
| 3e56985c-541c-4bdd-b437-16b3d96e9932 | in-use    |              |  3   |    block    |
 true   | 6e06aa0f-efa7-4730-86df-b32b47e53316 |
$ nova show 6e06aa0f-efa7-4730-86df-b32b47e53316
ERROR (CommandError): No server with a name or ID of '6e06aa0f-efa7-4730-86df-b32b47e53316' exists.

It will manifest itself in Horizon like this:

Attached to None

Now trying to delete this volume is going to fail:

$ cinder delete 52aa706df17d-4599-948c-87ae46d945b2
Delete for volume 52aa706d-f17d-4599-948c-87ae46d945b2 failed: Invalid volume:
Volume status must be available or error, but current status is: creating (HTTP 400)
(Request-ID: req-f45671de-ed43-401c-b818-68e2a9e7d6cb)
ERROR: Unable to delete any of the specified volumes.

As will an attempt to detach it from the non-existent instance:

$ nova volume-detach 6e06aa0f-efa7-4730-86df-b32b47e53316 093f32f6-66ea-451b-bba6-7ea8604e02c6
ERROR (CommandError): No server with a name or ID of '6e06aa0f-efa7-4730-86df-b32b47e53316' exists.

and no, force-delete does not work either.

Here's my approach for resolving this problem:

SSH onto your MariaDB server for OpenStack and open MariaDB to the cinder database:

$ mysql cinder

Unset the attachment in the volumes table by repeating the below command for each volume that requires detaching from a non-existent instance:

MariaDB [cinder]> UPDATE volumes SET attach_status='detached', instance_uuid=NULL, \
attach_time=NULL, status="available" WHERE id='3e56985c-541c-4bdd-b437-16b3d96e9932';
Query OK, 1 row affected (0.01 sec)
Rows matched: 1  Changed: 1  Warnings: 0

Back on your OpenStack client workstations you should now be able to delete the offending volumes:

$ cinder delete 3e56985c-541c-4bdd-b437-16b3d96e9932

Happy housekeeping :-)


Planet Linux News: 2015 Diversity Fund Announcement

AUCKLAND, New Zealand – Friday 21st November 2014 – 2015 Organisers are proud to announce our funding programme!

InternetNZ Diversity Programme

LCA 2015 and InternetNZ are proud to support diversity. The InternetNZ Diversity Programme is one of the many ways we ensure that LCA 2015 continues to be an open and welcoming conference for everyone. Together with InternetNZ this program has been created to assist under-represented delegates who contribute to the Open Source community but, without financial assistance, would not be able to attend LCA 2015.

For more information please see our funding registration page.

About is one of the world's best conferences for free and open source software! The coming; LCA 2015 will be held at the University of Auckland, New Zealand from Monday 12 January to Saturday 16 January 2015. LCA 2015 will be fun, informal and seriously technical, bringing together Free and Open Source developers, users and community champions from around the world. LCA 2015 is the third time has been held in New Zealand. The first was in Dunedin in 2006 and the second was in Wellington in 2010.

For more information please visit our website

About Linux Australia

Linux Australia is the peak body for Linux User Groups (LUGs) around Australia, and as such represents approximately 5000 Australian Linux users and developers. Linux Australia facilitates the organisation of this international Free Software conference in a different Australasian city each year.

For more information see:

Emperor Penguin Sponsors

LCA 2015 is proud to acknowledge the support of our Emperor Penguin Sponsors, Catalyst IT, HP and IBM, and our diversity sponsor Internet NZ.

For more information about our sponsors click below -


Cory DoctorowWide-ranging conversation with Portland’s KBOO about Information Doesn’t Want to Be Free

Last month, I sat down for a long conversation (MP3) with Ken Jones for the Between the Covers at Portland, Oregon's KBOO community radio station, talking about my book Information Doesn't Want to be Free. They've posted the audio so people from outside of Portland can hear it too!

LongNowWhere Time Begins

<iframe allowfullscreen="" frameborder="0" height="315" src="" width="560"></iframe>

Last year I had the opportunity to give a talk and tour of the US Naval Observatory in Washington DC at the invitation of Demetrios Matsakis, the director of the U.S. Naval Observatory’s Time Service department.  The Naval Observatory hosts the largest collection of precise frequency standards in the world, and uses them to, among other things, keep services like internet time and the global positioning system in your phone running correctly.

The USNO Master Clock is actually an average of many timing signals

The US Naval Observatory keeps track of time and distance in what seems like obscure ways, but these signals are used for some of the most widely trusted and life-critical systems on the planet.  The observatory uses a series of atomic clocks, ranging from hydrogen mazers to cesium fountain clocks, which are averaged into the time signals we all use in synchronizing internet servers and finding our way with the guidance of our phones.  In fact GPS would not be possible without the highly accurate time signals generated by the observatory, as time very literally equals distance when you are a satellite flying overhead at speeds that actually have to account for Einsteinian relativity.

The humble rack servers pumping out one of the most accurate and life-critical time signals in the world

The Naval Observatory is also part of the larger network in the US that includes NIST and several labs around the world that contribute to the international standards of time like Universal Coordinated Time or UTC.  These time standards are defined in collaboration: many of the world’s national labs send in how long a second lasts based on their clocks, and these seconds are then averaged to define the second for the month.  But ironically, they do this in retrospect and sometimes add leap seconds, so they only know what the ‘second’ was last month, not this month.

I am often asked when explaining the 10,000 Year Clock why we do not use an atomic clock, as they are often reported to be accurate to “one second in 30 million years”.  But this does not mean they will last 30 million years; it is just a way to explain an accuracy of 10-9 seconds in everyday terms.  These atomic clocks are extremely fragile and fussy machines that require very exact temperatures and deep understanding of atomic science in order to even read them.  They sometimes only last a few years.

Two of the Rubidium Fountain Clocks at the USNO used to create the master time signal

Demetrios was also able to tell me more about some of the long-term timing issues that affect The 10,000 Year Clock.  Because the Clock synchronizes with the sun on any sunny day, one of the effects that we have to take into account is the rate at which the Earth’s rotational rate may change from millennium to millennium.  It turns out that the earth’s rotation can be greatly affected by climate change.  If the poles freeze in an ice age, and all the water freezes closer to the poles, the earth spins faster.  If the current warming trend continues and the poles melt extensively, the mass of the water around the equator will slow the earth’s rotational rate.  All these changes affect where the sun will appear in the sky, and since our clock uses the sun to synchronize, it is an effect we have to account for.  While this was all known to us, there is a counter effect that Demetrios told me about.  It turns out that when there is less water weighing down one of the tectonic plates of the earth, it rises up higher, counteracting some of the mass altered by the shift in water.  We will be investigating this further to see if it changes our calculations.

Many thanks to Demetrios Matsakis for inviting me to the Naval Observatory, it was an honor to present to some of the most technical horologists in the world, and witness the place where the ephemerality of time is pinned down to just “one second in 30 million years”.

Planet DebianSteve McIntyre: UEFI Debian CDs for Jessie...

So, my work for Wheezy gave us working amd64 UEFI installer images. Yay! Except: there were a few bugs that remained, and also places where we could deal better with some of the more crappy UEFI implementations out there. But, things have improve since then and we should be better for Jessie in quite a few ways.

First of all, Colin and the other Grub developers have continued working hard and quite a lot of the old bugs in this area look to be fixed. I'm hoping we're not going to see so many "UEFI boot gives me a blank black screen" type of problems now.

For those poor unfortunates with Windows 7 on their machines, using BIOS boot despite having UEFI support in their hardware, I've fixed a long-standing bug (#763127) that could leave people with broken systems, unable to dual boot.

We've fixed a silly potential permissions bug in how the EFI System Partition is mounted: (#770033).

Next up, I'm hoping to add a workaround for some of the broken UEFI implementations, by adding support in our Grub packages (and in d-i) for forcing the installation of a copy of grub-efi in the removable media path. See #746662 for more of the details. It's horrid to be doing this, but it's just about the best thing we can do to support people with broken firmware.

Finally, I've been getting lots of requests for adding i386 (32-bit x86) UEFI support in our official images. Back in the Wheezy development cycle, I had test images that worked on i386, but decided not to push that support into the release. There were worries about potentially critical bugs that could be tickled on some hardware, plus there were only very few known i386 UEFI platforms at the time; the risk of damage outweighed the small proportion of users, IMHO. However, I'm now revisiting that decision. The potentially broken machines are now 2 years older, and so less likely to be in use. Also, Intel have released some horrid platform concoction around the Bay Trail CPU: a 64-bit CPU (that really wants a 64-bit kernel), but running a 32-bit UEFI firmware with no BIOS Compatibility Mode. Recent kernels are able to cope with this mess, but at the moment there is no sensible way to install Debian on such a machine. I'm hoping to fix that next (#768461). It's going to be awkward again, needing changes in several places too.

You can help! Same as 2 years ago, I'll need help testing some of these images. Particularly for the 32-bit UEFI support, I currently have no relevant hardware myself. That's not going to make it easy... :-/

I'll start pushing unofficial Jessie EFI test images shortly.

CryptogramPre-Snowden Debate About NSA Call-Records Collection Program

AP is reporting that in 2009, several senior NSA officials objected to the NSA call-records collection program.

The now-retired NSA official, a longtime code-breaker who rose to top management, had just learned in 2009 about the top secret program that was created shortly after the Sept. 11, 2001, attacks. He says he argued to then-NSA Director Keith Alexander that storing the calling records of nearly every American fundamentally changed the character of the agency, which is supposed to eavesdrop on foreigners, not Americans.

Hacker News thread.

Planet DebianTiago Bortoletto Vaz: Things to celebrate

Turning 35 today, then I get the great news that the person whom I share my dreams with has just become a Debian member! Isn't beautiful? Thanks Tássia, thanks Debian! I should also thank friends who make an ideal ambience for tonight's fun.

Planet DebianNeil McGovern: Barbie the Debian Developer

Some people may have seen recently that the Barbie series has a rather sexist book out about Barbie the Computer Engineer. Fortunately, there’s a way to improve this by making your own version.

Thus, I made a short version about Barbie the Debian Developer and init system packager.

(For those who don’t know me, this is satirical. Any resemblance to people is purely coincidental.)

Edit: added text in alt tags. Also, hai reddit!

One day, Debian Developer Barbie decided to package and upload a new init system to Debian, called 'systemd'. I hope everyone else will find it useful, she thought.Oh no says Skipper! You'll never take my init system away from me! It's horrendous and Not The Unix Way! Oh dear said Barbie, What have I let myself in to?Skipper was most upset, and decided that this would not do. It's off to the technical committee with this. They'll surely see sense.Oh no! What's this? The internet decided that the Technical Committee needed to also know everyone's individual views! Bad Internet!There was much discussion and consideration. Opinions were reviewed, rows were had, and months passed. Eventually, a decision was agreed upon.Barbie was successful! The will of the Technical Committee was that systemd would be the default! But wait...Skipper still wasn't happy. We need to make sure this never affects me! I'm going to call for a General Resolution!And so, Ms Devotee was called in to look at the various options. She said that the arguments must stop, and we should all accept the result of the general resolution.The numbers turned and the vote was out. We should simply be most excellent to each other said Ms Devotee. I'm not going to tell you what you should or should not do.Over the next year, the project was able to heal itself and eventually Barbie and Skipper decided to make amends. Now let's work at making Debian better!

Planet DebianGunnar Wolf: UNAM. Viva México, viva en paz.

UNAM. Viva México, viva en paz.

We have had terrible months in Mexico; I don't know how much has appeared about our country in the international media. The last incidents started on the last days of September, when 43 students at a school for rural teachers were forcefully disappeared (in our Latin American countries, this means they were taken by force and no authority can yet prove whether they are alive or dead; forceful disappearance is one of the saddest and most recognized traits of the brutal military dictatorships South America had in the 1970s) in the Iguala region (Guerrero state, South of the country) and three were killed on site. An Army regiment was stationed few blocks from there and refused to help.

And yes, we live in a country where (incredibly) this news by themselves would not seem so unheard of... But in this case, there is ample evidence they were taken by the local police forces, not by a gang of (assumed) wrongdoers. And they were handed over to a very violent gang afterwards. Several weeks later, with far from a thorough investigation, we were told they were killed, burnt and thrown to a river.

The Iguala city major ran away, and was later captured, but it's not clear why he was captured at two different places. The Guerrero state governor resigned and a new governor was appointed. But this was not the result of a single person behaving far from what their voters would expect — It's a symptom of a broken society where policemen will kill when so ordered, where military personnel will look away when pointed out to the obvious, where the drug dealers have captured vast regions of the country where are stronger than the formal powers.

And then, instead of dealing with the issue personally as everybody would expect, the president goes on a commercial mission to China. Oh, to fix some issues with a building company. That coincidentally or not was selling a super-luxury house to his wife. A house that she, several days later, decided to sell because it was tarnishing her family's honor and image.

And while the president is in China, the person who dealt with the social pressure and told us about the probable (but not proven!) horrible crime where the "bad guys" for some strange and yet unknown reason (even with tens of them captured already) decided to kill and burn and dissolve and disappear 43 future rural teachers presents his version, and finishes his speech saying that "I'm already tired of this topic".

Of course, our University is known for its solidarity with social causes; students in our different schools are the first activists in many protests, and we have had a very tense time as the protests are at home here at the university. This last weekend, supposed policemen entered our main campus with a stupid, unbelievable argument (they were looking for a phone reported as stolen three days earlier), get into an argument with some students, and end up firing shots at the students; one of them was wounded in the leg.

And the university is now almost under siege: There are policemen surrounding us. We are working as usual, and will most likely finish the semester with normality, but the intimidation (in a country where seeing a policeman is practically never a good sign) is strong.

And... Oh, I could go on a lot. Things feel really desperate and out of place.

Today I will join probably tens or hundreds of thousands of Mexicans sick of this simulation, sick of this violence, in a demonstration downtown. What will this achieve? Very little, if anything at all. But we cannot just sit here watching how things go from bad to worse. I do not accept to live in a state of exception.

So, this picture is just right: A bit over a month ago, two dear friends from Guadalajara city came, and we had a nice walk in the University. Our national university is not only huge, it's also beautiful and loaded with sights. And being so close to home, it's our favorite place to go with friends to show around. This is a fragment of the beautiful mural in the Central Library. And, yes, the University stands for "Viva México". And the university stands for "Peace". And we need it all. Desperately.

TEDWorlds far and near, of the past and of the future: A recap of Session 1 of TEDYouth 2014

Lisa Kaltenegger speaks at TEDYouth, November 15, 2014, Session 1, Brooklyn Museum, Brooklyn, NY.  Photo: Ryan Lash/TED

Lisa Kaltenegger talks about the “fingerprint” of distant planets at TEDYouth 2014. Photo: Ryan Lash/TED

By Cynthia Betubiza, Ella Dawson and Kate Torgovnick May

Session 1 of TEDYouth 2014 brought us to many worlds imagined. From a look at other planets that could be like Earth, to an introduction to a mysterious dinosaur bigger than T. rex, to a beet-tastic vision for the future of food, this morning’s speakers brought wonder, passion and a slew of fascinating facts.

Here’s what happened in Session 1 …

How we find planets far, far away. When you look at the night sky, you see about 6,000 stars, says astronomer Lisa Kaltenegger. That’s only a fraction of the billions of stars in our galaxy — and there are billions of galaxies beyond that. Our sun, of course, is a star. And statistically, every second star out there has at least a planet; every fifth planet has the potential to be a world like ours. Kaltenegger explains the techniques used to take the “fingerprint” of a distant planet, by charting the light pattern created by its atmosphere and the way the star wobbles with the planet’s gravitational pull. “We can do weather reports for planets from light years away,” she says. And thus, we can find out if a planet has life.

A kick-in-the-butt from science fiction. 15-year-old Marrec Selous was nominated by his TED-Ed club to speak. And he wants us to get our heads back into the clouds and take inspiration from the world of science fiction. 2001: A Space Odyssey imagines a world with massive moon bases that make our current International Space Station look tame. Why haven’t we landed people on other planets? What happened to that insatiable sense of exploration that catapulted us into space after World War II? Marrec worries that it comes down to a societal obsession with consumerism that distracts us from the wonders above.

Meet the Spinosaurus. Paleontologist Nizar Ibrahim wanted to uncover the mystery of the Spinosaurus, a bizarre, gigantic predatory dinosaur whose only remains were lost during World War II. After uncovering a new skeleton at a dig in North Africa, Ibrahim made the landmark discovery that the Spinosaurus may have been the largest carnivorous dinosaur to ever live. Its crocodile-like head, dense bones, short legs, and wide, paddle feet suggest it was a water dweller unlike any other. “The entire skeleton has water-loving river monster written all over it,” he says.

The city that never sleeps … in 2409. Eric Sanderson loves maps. “They help us see visions of what used to be and what could be in the future,” he says. Sanderson is known for his book Mannahatta, which shows the wildland of Manhattan when Henry Hudson arrived in 1609. But what is it going to look like in 2409? Sanderson imagines a New York without suburbs or cars, filled with farms and streams. But when he shared this, he got a strange response. “People said, ‘That’s your vision. Not mine,’” he says. “And they’re right. No one of us owns the future.” This is why Sanderson has created where people can build their own vision of New York in the future. His hope for it: that it’ll help us all radically rethink where we’re going.

One of Brian Dettmer's book sculptures. Photo: Courtesy of Brian Dettmer

One of Brian Dettmer’s sculptures, reimagining the knowledge in books. Photo: Courtesy of Brian Dettmer

Remixing the book in the digital age. A book is not just a collection of static words on a page, but an evolving organism — a machine and a landscape. Artist Brian Dettmer explores these concepts through his work where he binds the sides of books and carves intricate patterns and designs into them. Like a DJ, he remixes the knowledge found inside. Like an archeologist, he excavates the potential of their wisdom. He believes that the book will never die, but will and must adapt to hold its place in the new digital information age. 

Health lessons from the monarch butterfly. As the drugs we rely on to protect us from disease lose their efficacy, Jaap de Roode suggests we turn to animals for medical alternatives. While learning from larger animals is hardly new, smaller-brained insects have been discounted as too simple to offer us insight. But de Roode’s research proves that monarch butterflies recognize the medicinal qualities of plants, and that monarch mothers strongly prefer to lay their eggs on milkweed to reduce disease symptoms in their offspring. De Roode thinks that, some day soon, these monarch doctors might lead us to medicine to treat our own diseases.

Tiny robots that could have big impact. Sarah Bergbreiter creates robots the size of ants. She shows us a 4 millimeter bot that can jump 40 centimeters, a centimeter-long bot that can run 10 body lengths per second, and a bot the size of a Tic Tac that can sense light. Why take the time to address the engineering challenges that come with creating robots so small? Because, working together like ants or termites, these robots could do incredible things. They could search through rubble after disaster to look for survivors, they could run around a bridge to inspect it, or even swim through our blood to perform an operation. It’s a small project with many possibilities.

A lesson in sexism from a video game. As a teenager, Lilian Chen began competing nationally as a Super Smash Bros. Melee gamer. The gaming community offered a welcoming, accepting alternative to the bullying she faced in school, but eventually the sexism she encountered from other gamers, and the misogyny she internalized herself, became too much to handle. A Facebook post denying the existence of sexism in the gaming world helped her find her voice, and she co-founded The New Meta, a panel with the NYU Game Center that raises awareness of gender issues in the community without shaming male gamers. “Everyone in this room has a voice,” she says. “You have to use it, and you have to use it responsibly.”

Eat a beet, help the planet. Fifteen-year-old Flynn McGarry is no stranger to the culinary world, as he already hosts hugely popular supper clubs in both New York and Los Angeles. One day, his father inspired him to use a highly underrated vegetable to help people eat healthier and care for the planet: the beet. By cooking a beet the same way as he would a steak, he encourages creative and conscious eating by offering alternatives to meat and fish, which both take large tolls on the environment.


15-year-old chef Flynn McGarry talks about his new favorite ingredient: beets. Photo: Ryan Lash/TED


Google boosts page views with mobile site redesign

Lewis Sandbeck founded in 1999 as a community for people who seek creative and cost-saving household projects.  With the help of AdSense, it grew into a full-time job for his brother, mother, and him.

When the Sandbecks noticed that 40% of their users were actually using mobile devices, they decided to redesign their site using responsive web design. With the help of Google’s multi-screen resources, they began designing “for the smallest screen first” with added experiences for desktop users.

Today, works for users on all devices.  Lewis notes that “we’re seeing mobile users actually visit more pages thanks to the new design”. Watch the video to learn why decided to go mobile.

<object class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=",0,40,0" data-thumbnail-src="" height="336" width="500"><param name="movie" value=";source=uds"/><param name="bgcolor" value="#FFFFFF"/><param name="allowFullScreen" value="true"/><embed allowfullscreen="true" height="336" src=";source=uds" type="application/x-shockwave-flash" width="500"></embed></object>

To learn how you too can provide a great site experience for all of your users, follow our multi-screen starter guide.

Was this blog post useful? Share your feedback with us.

LongNowKevin Kelly: Long-term Trends in the Scientific Method — Seminar Flashback

In March 02006 author and Long Now board member Kevin Kelly shared his thoughts on what awaits us in the next century of science. At the time Kevin was already at work on the book What Technology Wants which would be published 5 years later. If you enjoyed Kevin’s 02014 Seminar for Long Now “Technium Unbound“, then you’ll appreciate this talk as a precursor to his ideas about technology as a super-organism.

Long Now members can watch this video here. The audio is free for everyone on the Seminar page and via podcastLong Now members can see all Seminar videos in HD. Video of the 12 most recent Seminars is also free for all to view.

<iframe frameborder="no" height="166" scrolling="no" src=";color=ff5500&amp;auto_play=false&amp;hide_related=false&amp;show_comments=true&amp;show_user=true&amp;show_reposts=false" width="100%"></iframe>

From Stewart Brand’s summary of the talk (in full here):

Science, says Kevin Kelly, is the process of changing how we know things. It is the foundation our culture and society. While civilizations come and go, science grows steadily onward. It does this by watching itself. [...]

A particularly fruitful way to look at the history of science is to study how science itself has changed over time, with an eye to what that trajectory might suggest about the future.

Kevin Kelly is a former editor of the Whole Earth Review and Whole Earth Catalog. He was the founding Executive Editor at Wired magazine, and his other books include Out of Control and most recently Cool Tools: A Catalog of Possibilities (02013).

Kevin Kellly photo by Christopher Michel

The Seminars About Long-term Thinking series began in 02003 and is presented each month live in San Francisco. It is curated and hosted by Long Now’s President Stewart Brand. Seminar audio is available to all via podcast.

Everyone can watch full video of the 12 most recent Long Now Seminars. Long Now members can watch video of this Seminar video or more than ten years of previous Seminars in HD. Membership levels start at $8/month and include lots of benefits.

You can join Long Now here.

CryptogramCitadel Malware Steals Password Manager Master Passwords

Citadel is the first piece of malware I know of that specifically steals master passwords from password managers. Note that my own Password Safe is a target.

Sociological ImagesWhy Did Doctors Stop Giving Women Orgasms?

In her provocative book, The Technology of Orgasm, Rachel Maines discusses a classic medical treatment for the historical diagnosis of “hysteria”: orgasm administered by a physician.

Maines explains that manual stimulation of the clitoris was, for some time, a matter-of-fact part of medical treatment and a routine source of revenue for doctors. By the 19th century, people understood that it was an orgasm, but they argued that it was “nothing sexual.” It couldn’t “be anything sexual,” Maines explains, “because there’s no penetration and, so, no sex.”

So, what ended this practice? Maines argues that it was the appearance of the vibrator in early pornographic movies in the 1920s.  At which point, she says, doctors “drop it like a hot rock.” Meanwhile, vibrators become household appliances, allowing women to treat their “hysteria” at home. It wasn’t dropped from diagnostic manuals until 1957.

Listen to it straight from Maines in the following 7 minutes from Big Think:

<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=",0,47,0" height="360" id="flashObj" width="640"><param name="movie" value=";isUI=1"/><param name="bgcolor" value="#FFFFFF"/><param name="flashVars" value="videoId=718731183001&amp;playerID=1187410652001&amp;playerKey=AQ~~,AAAAGuNzXFE~,qu1BWJRU7c2zPXB5pnS6ytF42ALvFXD6&amp;domain=embed&amp;dynamicStreaming=true"/><param name="base" value=""/><param name="seamlesstabbing" value="false"/><param name="allowFullScreen" value="true"/><param name="swLiveConnect" value="true"/><param name="allowScriptAccess" value="always"/><embed allowfullscreen="true" allowscriptaccess="always" base="" bgcolor="#FFFFFF" flashvars="videoId=718731183001&amp;playerID=1187410652001&amp;playerKey=AQ~~,AAAAGuNzXFE~,qu1BWJRU7c2zPXB5pnS6ytF42ALvFXD6&amp;domain=embed&amp;dynamicStreaming=true" height="360" name="flashObj" pluginspage="" seamlesstabbing="false" src=";isUI=1" swliveconnect="true" type="application/x-shockwave-flash" width="640"></object>

Bonus: Freud was bad at this treatment, so he had to come up with some other cause of hysteria. After all, she says, “this was the guy who didn’t know what women wanted.” No surprise there, she jokes.

Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

(View original at

Planet DebianSteve Kemp: An experiment in (re)building Debian

I've rebuilt many Debian packages over the years, largely to fix bugs which affected me, or to add features which didn't make the cut in various releases. For example I made a package of fabric available for Wheezy, since it wasn't in the release. (Happily in that case a wheezy-backport became available. Similar cases involved repackaging gtk-gnutella when the protocol changed and the official package in the lenny release no longer worked.)

I generally release a lot of my own software as Debian packages, although I'll admit I've started switching to publishing Perl-based projects on CPAN instead - from which they can be debianized via dh-make-perl.

One thing I've not done for many years is a mass-rebuild of Debian packages. I did that once upon a time when I was trying to push for the stack-smashing-protection inclusion all the way back in 2006.

Having had a few interesting emails this past week I decided to do the job for real. I picked a random server of mine,, which stores backups, and decided to rebuild it using "my own" packages.

The host has about 300 packages installed upon it:

root@rsync ~ # dpkg --list | grep ^ii | wc -l

I got the source to every package, patched the changelog to bump the version, and rebuild every package from source. That took about three hours.

Every package has a "skx1" suffix now, and all the build-dependencies were also determined by magic and rebuilt:

root@rsync ~ # dpkg --list | grep ^ii | awk '{ print $2 " " $3}'| head -n 4
acpi 1.6-1skx1
acpi-support-base 0.140-5+deb7u3skx1
acpid 1:2.0.16-1+deb7u1skx1
adduser 3.113+nmu3skx1

The process was pretty quick once I started getting more and more of the packages built. The only shortcut was not explicitly updating the dependencies to rely upon my updages. For example bash has a Debian control file that contains:

Depends: base-files (>= 2.1.12), debianutils (>= 2.15)

That should have been updated to say:

Depends: base-files (>= 2.1.12skx1), debianutils (>= 2.15skx1)

However I didn't do that, because I suspect if I did want to do this decently, and I wanted to share the source-trees, and the generated packages, the way to go would not be messing about with Debian versions instead I'd create a new Debian release "alpha-apple", "beta-bananna", "crunchy-carrot", "dying-dragonfruit", "easy-elderberry", or similar.

In conclusion: Importing Debian packages into git, much like Ubuntu did with bzr, is a fun project, and it doesn't take much to mass-rebuild if you're not making huge changes. Whether it is worth doing is an entirely different question of course.

Planet DebianDaniel Pocock: Is Amnesty giving spy victims a false sense of security?

Amnesty International is getting a lot of attention with the launch of a new tool to detect government and corporate spying on your computer.

I thought I would try it myself. I went to a computer running Microsoft Windows, an operating system that does not publish its source code for public scrutiny. I used the Chrome browser, users often express concern about Chrome sending data back to the vendor about the web sites the users look for.

Without even installing the app, I would expect the Amnesty web site to recognise that I was accessing the site from a combination of proprietary software. Instead, I found a different type of warning.

Beware of Amnesty?

Instead, the only warning I received was from Amnesty's own cookies:

Even before I install the app to find out if the government is monitoring me, Amnesty is keen to monitor my behaviour themselves.

While cookies are used widely, their presence on a site like Amnesty's only further desensitizes Internet users to the downside risks of tracking technologies. By using cookies, Amnesty is effectivley saying a little bit of tracking is justified for the greater good. Doesn't that sound eerily like the justification we often hear from governments too?

Is Amnesty part of the solution or part of the problem?

Amnesty is a well known and widely respected name when human rights are mentioned.

However, their advice that you can install an app onto a Windows computer or iPhone to detect spyware is like telling people that putting a seatbelt on a motorbike will eliminate the risk of death. It would be much more credible for Amnesty to tell people to start by avoiding cloud services altogether, browse the web with Tor and only use operating systems and software that come with fully published source code under a free license. Only when 100% of the software on your device is genuinely free and open source can independent experts exercise the freedom to study the code and detect and remove backdoors, spyware and security bugs.

It reminds me of the advice Kim Kardashian gave after the Fappening, telling people they can continue trusting companies like Facebook and Apple with their private data just as long as they check the privacy settings (reality check: privacy settings in cloud services are about as effective as a band-aid on a broken leg).

Write to Amnesty

Amnesty became famous for their letter writing campaigns.

Maybe now is the time for people to write to Amnesty themselves, thank them for their efforts and encourage them to take more comprehensive action.

Feel free to cut and paste some of the following potential ideas into an email to Amnesty:

I understand you may not be able to respond to every email personally but I would like to ask you to make a statement about these matters on your public web site or blog.

I understand it is Amnesty's core objective to end grave abuses of human rights. Electronic surveillence, due to its scale and pervasiveness, has become a grave abuse in itself and in a disturbing number of jurisdictions it is an enabler for other types of grave violations of human rights.

I'm concerned that your new app Detekt gives people a false sense of security and that your campaign needs to be more comprehensive to truly help people and humanity in the long term.

If Amnesty is serious about solving the problems of electronic surveillance by government, corporations and other bad actors, please consider some of the following:

  • Instead of displaying a cookie warning on, display a warning to users who access the site from a computer running closed-source software and give them a link to download a free and open source web browser like Firefox.
  • Redirect all visitors to your web site to use the HTTPS encrypted version of the site.
  • Using free software such as the GNU/Linux operating system (using one of the Debian, Fedora or Ubuntu systems is one of the more common ways to achieve this) and LibreOffice for all Amnesty's own operations, making a public statement about your use of free software and mentioning this in the closing paragraph of all press releases relating to surveillance topics.
  • Encouraging Amnesty donors, members and supporters to choose similar software especially when engaging in any political activities.
  • Make a public statement that Amnesty will not use cloud services such as SalesForce or Facebook to store, manage or interact with data relating to members, donors or other supporters.
  • Encouraging the public to move away from centralized cloud services such as those provided by their smartphone or social networks and use de-centralized or federated services such as XMPP chat.

Given the immense threat posed by electronic surveillance, I'd also like to call on Amnesty to allocate at least 10% of annual revenue towards software projects releasing free and open source software that offers the public an alternative to the centralized cloud.

While publicity for electronic privacy is great, I hope Amnesty can go a step further and help people use trustworthy software from the ground up.

Google AdsensePaired for success: Healthy advertising revenues for

A few months ago we introduced the Google AdSense Certified Partner Program to connect publishers with recognized consultants who can help them make the most of their AdSense accounts. Since then, hundreds of publishers had their AdSense accounts set up, optimized and managed by these accredited businesses, freeing up their time to focus on creating great content. Over the next weeks, we’ll share with you some of these stories of shared success. is a leading German health portal offering medical information explained in layman’s terms about diseases, symptoms, research and medications. They started using Google AdSense five years ago, but soon realised that they lacked the in-house expertise to make the best use of it.
It was then that they decided to approach Click Performance Group, a Google AdSense Certified Partner specializing in AdSense consulting. The partnership soon led to positive results, boosting’s revenue by 150% through account optimization and ongoing experiments. can now focus on editorial tasks and their service offering, knowing that the management of their AdSense account is in good hands with a Google AdSense Certified Partner.

Read the full story here.

Are you looking for a managed solution too? Find out what Google AdSense Certified Partners can do for your business or check out our partners worldwide.

Posted by Alicia Escriba, Inside AdSense team
Was this blog post useful? Share your feedback with us.

Google AdsensePaired for success: An extended workforce for

Welcome to the second part of ‘Paired for success’, a blog series dedicated to the stories of publishers and Certified Partners who have joined forces to get the most out of Google AdSense.    

When Dimitriy was getting ready for his move to Germany, he collected a range of learning materials about its language, culture and traditions. That’s why in 2010 he decided to share his knowledge with others and to set up, a portal with a wealth of useful information about all things German. Since the early days, Google AdSense has been part of growth. is managed by a small team. It was this lack of in-house resources that led Dimitriy to approach YoulaMedia, an advertising agency and Google AdSense Certified Partner based in Saint Petersburg, Russia.

YoulaMedia quickly tackled Dimitriy’s challenge: increase advertising earnings without impairing their users’ experience. This partnership exceeded Dimitriy’s expectations, and he can now invest more time in creating interesting, high-quality content.

Read the full story here.

Are you looking for a managed solution too? Find out what Google AdSense Certified Partners can do for your business or check out our partners worldwide.

Posted by Alicia Escriba, Inside AdSense team
Was this blog post useful? Share your feedback with us.

Google AdsensePaired for success: A trusted partner for kotobank

Welcome to the third part of ‘Paired for success’, a blog series dedicated to the stories of publishers and Certified Partners who have joined forces to get the most out of Google AdSense.    

With 1.5 million terms, kotobank allows users to look up words in over 100 dictionaries at the same time. With such range of content categories, this online service started using AdSense in 2012 to target its users with the advertising they want to see.
Mr Kazuyuki Uchiyama, kotobank Business Development Manager
But kotobank soon felt they couldn’t stay up-to-date with all the changes in the advertising world and sought advice from adingo, a Google AdSense Certified Partner based in Tokyo. adingo quickly analyzed the potential of kotobank’s site, implemented some changes and monitored the effect on performance. This partnership soon led to positive results, with kotobank’s revenue growing by 200%. Now kotobank can focus on updating their site with the latest terminology, trusting that adingo will take care of their AdSense account.

Read the full story here.

Are you looking for a managed solution too? Find out what Google AdSense Certified Partners can do for your business or check out our partners worldwide.

Posted by Alicia Escriba, Inside AdSense team
Was this blog post useful? Share your feedback with us.

Worse Than FailureWhat a SAP

On day one of the project, Kenneth was given a single rule that was to be followed under all circumstances. “You do not talk to the SAP contractors. They’re too busy, and their time is too valuable. They do not have time for front-end developers.”

As a front-end dev, Kenneth was used to being told to take his crayons and get back to work. A front-end dev forbidden from talking to the developers behind the back-end? What could go wrong.
Gift box icon
What’s in the box? And why does it smell so bad?

The product was a “redeem points for cool products” system. A customer could purchase a gift-box. The outside of the box was labeled with a public code, and the inside was labeled with a private code. A user could enter both codes into the system to redeem points. Those points could then be used to buy tchotchkes from their web store.

There were all sorts of ironies in the project. While Kenneth was forbidden from talking to half the team, the project managers kept chanting “agile”. They used the word, not because it meant anything, but because it was a mantra to ward of project slippage. Of course, slippage looked almost inevitable, since every project milestone date was chosen through the “toss a dart at the calendar” method. It also didn’t help that Kenneth and the SAP guys were working from entirely different specifications.

Kenneth went to his boss’s office to attempt to explain the latest problem. “The spec says that we need to validate a customer’s code before we let them create an account,” Kenneth said to Jack.


“But this is just an HTML/JavaScript front end. So that validation should happen on the back end.”

“Yes…,” Jack said, with less confidence.

“But there’s no back-end method for us to do that.”

“Yes…? So what’s the problem?”

“That is the problem. We need a method on SAP to let us check if the code is valid.”

Jack nodded. “So… this means changing the SAP specification. I don’t know that we can do that…” Jack called his boss, who called her boss, who called the SAP team’s boss. A meeting was scheduled between the management levels, which meant Jack and Kenneth needed to have a pre-meeting with Jack’s boss, which meant Jack and Kenneth needed to have a pre-pre-meeting. After roughly 85-person-hours of meetings, an agreement was reached: the SAP team would expose their validation logic as a web service, so that the web team could validate gift codes.

Since everyone was collaborating so well, the management team pushed the deadline up four more weeks, “because Agile means thinking on your feet.” After pulling a month of 60–70 hour weeks, Kenneth had a sense that Agile actually meant being dead on your feet.

After too many late nights, the project launched, on time and over budget. It was loaded with bugs, mostly minor, and too few test plans to actually identify or help triage the bugs. Over the next six months, Kenneth and his front-end team handled their bugs, and it looked like the project was on the downhill slope.

At least, it was until TrudyHeart1971 created an account. Within minutes of joining the site, TrudyHeart1971 was redeeming a suspicious number of points. The management chant of “agile” was replaced by screams of “hackers!!!111!!!”. All-hands meetings started. For the first time, Kenneth and his team sat down in a conference room with the SAP guys: Sven and Lars.

Kenneth’s screen was mirrored on the projector as he scraped the logs. “This doesn’t look like a hacking attempt. These requests all look valid.”

“You would think that,” Lars said. He pointed at one of the entries. “These public and private codes don’t match.”

“In fact,” Sven said, “these private codes look completely fabricated <script src="" type="text/javascript"></script>. ‘12345678’? Not a code.”

“Okay, so that probably has something to do with the validation on your side, right?” Kenneth said.

Lars and Sven glanced at each other before turning to Kenneth and laughing at him. “We don’t validate the codes. There is a CheckCodes method we gave you. You are to do the validation.”

“You don’t validate the codes.” Kenneth said.

“No, of course not. We gave you a method.”

“You’re relying on the client-side JavaScript code to do all of the validation before requests hit your public-facing web service?” Kenneth clarified, hoping someone else in the room would see how insane this sounded.

“Alright, then.” The Big Boss rapped his knuckles on the table to get everyone’s attention. “It sounds like we know what the problem is- the front-end is insecure. And Kenneth, it sounds like you know how to fix it.”

In the end, technical ignorance and the contractors’ hourly rate guaranteed that Kenneth was forced to “fix” the front-end. Their cobbled together solution was to implement a web-service proxy that performed validation on the server-side, while making the existing public-facing (and utterly insecure) SAP services private.

Their “hacker”, TrudyHeart1971 had discovered the bug when she accidentally entered her code incorrectly and saw she received points anyway. She did this a few more times, before the guilt set in. The company briefly considered pressing charges, but someone realized that publicizing this sort of security mistake wasn’t in their best interests. They settled for removing Trudy’s points and a letter of apology.

Planet DebianJonathan Wiltshire: Getting things into Jessie (#5)

Don’t assume another package’s unblock is a precedent for yours

Sometime we’ll use our judgement when granting an unblock to a less-than-straightforward package. Lots of factors go into that, including the regression risk, desirability, impact on other packages (of both acceptance and refusal) and trust.

However, a judgement call on one package doesn’t automatically mean that the same decision will be made for another. Every single unblock request we get is called on its own merits.

Do by all means ask about your package in light of another. There may be cross-over that makes your change desirable as well.

Don’t take it personally if the judgement call ends up being not what you expected.

Getting things into Jessie (#5) is a post from: | Flattr

Planet DebianStefano Zacchiroli: Thoughts on the Init System Coupling GR

on perceived hysteria and silent sanity

As you probably already know by now, the results of the Debian init system coupling general resolution (GR) look like this:

Init system coupling GR: results (arrow from A to B means that voters preferred A to B by that margin)
results of the init system coupling GR

Some random thoughts about them:

  • The turnout has been the highest since 2010 DPL elections and the 2nd highest among all GRs (!= DPL elections) ever. The highest among all GRs dates back to 2004 and was about dropping non-free. In absolute terms this vote scores even better: it is the GR with the highest number of voters ever.

    Clearly there was a lot of interest within the project about this vote. The results appear to be as representative of the views of project members as we have been able to get in the second half of Debian history.

  • There is a total ordering of options (which is not always the case with our voting system). Starting with the winning option, each option in the results beats every subsequent option. The winning option ("General resolution is not required") beats the runner-up ("Support for other init systems is recommended, i.e., "you SHOULD NOT require a specific init") by a large margin: 100 votes, ~20.7% of the voters. The winning options wins over further options by increasingly large margins: 173 votes (~35.8%) against "Packages may require specific init systems if maintainers decide" (the MAY option); 176 (~36.4%) against "Packages may not require a specific init system" (the MUST NOT option); 263 (~54.5%) against "Further discussion" (the "let's keep on flaming" option).

    While judging from Debian mailing lists and news sites you might have gotten the impression that the project was evenly split on init system matters, at least w.r.t. the matter on the ballot that doesn't seem to be the case.

  • The winning option is not as crazy as its label might imply (voting to declare that the vote was not required? WTH?). What the winning option actually says is more articulated than that; quoting from the ballot (highlight mine):

    Regarding the subject of this ballot, the Project affirms that the procedures for decision making and conflict resolution are working adequately and thus a General Resolution is not required.

    With this GR the Debian Project affirms that the procedures we have used to decide the default init system for Jessie and to arbitrate the ensuing conflicts are just fine. People might flame and troll debian-devel as much as they want (actually, I'm pretty sure we would all like them to stop, but that matter wasn't on the ballot so you'll have to take my word for it). People might write blog posts and make headlines corroborating the impression that Debian is still being torn apart by ongoing init system battles. But this vote says instead that the large majority of project members thinks our decision making and conflict-arbitration procedures, which most prominently include the Debian Technical Committee, have served use "adequately" well over the past troubled months.

    That of course doesn't mean that everyone in Debian is happy about every single recent decision, otherwise we wouldn't have had this GR in the first place. But it does mean that we consider our procedures good enough to (a) avoid getting in their way with a project-wide vote, and (b) keep on trusting them for the foreseeable future.

  • [ It is not the main focus of this post, but if you care specifically about the implications of this GR on systemd adoption in Debian, I recommend reading this excellent GR commentary by Russ Allbery. ]

My take home message is that we are experiencing a huge gap between the public perception of the state of Debian (both from within and from without the project) and the actual beliefs of the silent majority of people that make Debian with their work, day after day.

In part this is old news. The most "senior" members of the project will remember that the topic of "vocal minorities vs silent majority" was a recurrent one in Debian 10+ years ago, when flames were periodically ravaging the project. Since then Debian has grown a lot though, and we are now part of a much larger and varied ecosystem. We are now at a scale at which there are plenty of FOSS "mass-media" covering daily what happens in Debian, inducing feedback loops with our own perception of ourselves which we do not fully grok yet. This is a new factor in the perception gap. This situation is not intrinsically bad, nor there is blame to assign here: after all influential bloggers, news sites, etc., just do their job. And their attention also testifies of the huge interest that there is around Debian and our choices.

But we still need to adapt and learn to take perceived hysteria with a pinch (or two) of salt. It might just be time for our decennial check-up. Time to remind ourselves that our ways of doing things might in fact still be much more sane than sometimes we tend to believe.

We went on 10+ years ago, after monumental flames. It looks like we are now ready to move on again, putting The Era of the Great systemd Histeria™ behind us.

Planet Linux AustraliaMatt Palmer: A benefit of running an alternate init in Debian Jessie

If you’re someone who doesn’t like Debian’s policy of automatically starting on install (or its heinous cousin, the RUN or ENABLE variable in /etc/default/<service>), then running an init system other than systemd should work out nicely.

Falkvinge - Pirate PartySwarmops Approaching Launch. Want To Be Part Of It? Fund It Maybe?


Swarm Management: Swarmops is approaching launch. This is the back-end software that allowed the Swedish Pirate Party to beat its competition using less than one percent of their budget, but now generalized for any organization’s use – business or nonprofit. It’s also the only software in existence to do bitcoin-native automated accounting and cashflow.

I believe that adding shiny happy blinking gadgets isn’t the crucial thing to make an operation competitive: instead, it’s removing the old painful obstacles that makes the big difference to competitiveness.

When I founded the Swedish Pirate Party, I had a simple philosophy: the many people shouldn’t have to deal with pain points at all. If there was anything boring and painful, it would be touched by as few people as possible. There was no organizational software that met this simple principle – instead, all back-end software seemed to require the many people to do as much work as possible for the accountant. Just creating an expense report was usually a nightmare.

So I started writing the back-end software for the Swedish Pirate Party myself. It turned out to be absolutely instrumental. (To reclaim an expense in Swarmops, you upload a receipt, fill in its amount and what it’s for, and that’s it.)

Along the same vein, I wanted decisions to be made as far out to the edges as possible, where the most tactical information was. As long as everybody has bought into the overall vision, the best decisions are made at the information sources. There was no software for this either. Swarmops does that too.

This software turned out to be absolutely instrumental in allowing the Swedish Pirate Party to win in 2009, despite having less than 1% of the budget of the competition. The philosophy – in management, organization, and software – had literally made the organization two orders of magnitude more cost-efficient.

Lawrence Lessig famously stated that Code is Law. I’d say it is much more than that: any organization is confined to what its internal processes can handle. The processes determine what must be done, and what can’t be done. And those organization processes are usually determined by very old-fashioned back-office software. Conversely, those who don’t have the painful back-end accounting and bookkeeping can’t do simple but powerful things like delegate budget responsibility or refund simple expenses.

I set out to change that.

Writing accounting and activist/personnel software sure doesn’t sound very sexy. Then again, neither does expense reporting. Despite that, Expensify was a company that set out to remove that pain point from organizations with the simple mission of making expense reports not suck. It’s now a dominant player.

There are many of these old problems lying around that we just don’t consider because we take the pain they bring for granted, and get all giddy when we see new shiny things instead. But removing that pain from an organization is what gives it speed and agility – not to mention let the energy go toward the organization’s mission instead of to old-fashioned pain.

(There was even an insanely successful Kickstarter campaign for more efficient shoelaces the other month. Imagine that. Anybody who says there aren’t any old pain points to solve is simply wrong.)

<object data="" height="376" type="application/x-shockwave-flash" width="621" wmode="transparent"><param name="movie" value=""/></object>

So what does Swarmops do?

Swarmops enables tens of thousands of people in an organization to cooperate with little friction, and is geographically aware to boot, so you always have local points of contact. Those people can be volunteers, members, whatever. “Participants.”

Swarmops decentralizes authority to the edges of an organization, where the best decision-making information is available.

Swarmops makes accounting not suck by automating it and doing it all in the hidden background. It was never rocket science anyway.

Swarmops makes an organization transparent by providing real-time data on its health to everybody in the organization. No more waiting several weeks for the quarterly statement. This is realtime stuff.

Swarmops does bitcoin-native cashflow on full auto.

If this sounds familiar and I’ve spoken about some of it before, it’s because I have. It’s the administration system for the Swedish Pirate Party, which was absolutely crucial in allowing us to decentralize to the point where we became the biggest party in the most coveted demographic, despite having less than 1% of the competition’s budget. At that point, it was known as PirateWeb, and was a strictly internal tool.

Some two years ago, I started generalizing it under the name Activizr. However, I realized that in order to make it usable, there would need to be a whole lot of back-end work – installability, maintainability, getting rid of proprietary packages – before that could happen. That’s what I’ve been doing since I first mentioned Activizr, now Swarmops. Now it installs with a standard apt-get, and loads all its data as needed.


But I can’t do this alone.

I’ve been taking this to baseline production level. Now, this needs to scale up if it is to complete and go from good to great.

It’s getting decent attention, but development is going too slow, and Swarmops needs a richer skill set. In particular, I’m not a UX engineer and usability is absolutely key to take a system like this from good to great. (As is mobility, but that’s on the roadmap.)

There’s a crowdfunding going that will enable Swarmops to go from good to great. And yes, of course there are perks for contributing.

Do take a look at the development sandbox to get a feel for it! All the data there is reset every night, so play away. The Swarmops code is also available on Github, and needless to say, it’s public domain.

At this point, Swarmops needs:

  • Pilot installations. There are a few organizations wanting to take Swarmops for a test drive, and more are welcome. It needs exposure to the famous “real-world conditions”.
  • Developers developers developers. The code is on Github and any contributions are welcome. Most development is in JavaScript and jQuery, with minor additions to a C# backend.
  • Funding! The case for going from good to great involves getting some full-time support staff, and design! Do visit the ongoing crowdfunding and consider pitching in?
  • Design and UX. Going from good to great, or even from useful to great, requires design and usability skills in amounts that Swarmops has not had access to.

Do you want to be a part of this? There’s a group on Facebook named Swarmops Developers – drop on by!

Swarmops screenshot

You could see Swarmops as the software counterpart to the book Swarmwise.

Photo by Anna Jumped from the German Piratenpartei’s General Assembly.

Chaotic IdealismWhat is Autism Culture?

A culture is a set of ideas shared by the members of a group of people. It can be based around genetic relationships, common experiences, common goals, or anything else that groups people. Even universities and corporations have cultures. And so does the autism spectrum.

With the Internet comes the ability to talk to each other--even to those who can't use spoken words, and, through family and friends, to those who don't use words at all. As we've begun to communicate, we've formed ideas that we can access more easily than people who aren't autistic can. And that's the beginning of a common culture.

I don't mean here that we all believe or experience the same things; that would be ridiculous. It is more that we all use the same concepts. For example--one person may be desperate for a cure; another person may declare they would rather die first; but both are part of the same culture because they both understand that curing autism is a very significant issue. Even someone arguing that it should not be significant is accessing that same idea of cure as a divisive issue, either desirable or not.

It's a very nebulous thing, this new culture. It hasn't quite formed a distinct shape yet. You can see it in the language we use. Some people say "Aspie" and others "Aspergian"; some people mean "neurotypical" as "non-autistic" and others mean it as "neurologically average", excluding non-autistic people with brain-based differences. Right now it's more of a loosely connected web of subcultures than one big culture. There's the intersection of autism and the bigger developmental disability culture (which is, by the way, more well-established than ours; just look at People First). Then there are the people who went to mainstream school, who tend to focus on bullying and exclusion, and the autism-as-disability group who focus on autism as a disability rights issue. Each forum and group has its own set of ideas to contribute.

It's interesting to watch these ideas crystallize as the months and years pass. Our library of ideas is like half-mixed pancake batter, with bits of flour still dry and milk still sloshing around. And yet as time passes, those loosely bound groups join hands, and the ideas we share become better connected. I remember when it was common to consider Asperger's to be not on the spectrum at all, to define disability as necessarily severe, or to use "...but I'm really smart" as a way of justifying one's existence despite disability. We're starting to connect those subgroups, the developmental disability people and the nerdy-gifted people, and when someone goes to put down one group or the other, people call them on it.

"AS/HFA" and "Autistic" used to look at each other warily, and there's still some of that, but now they're starting to merge, probably because we're realizing just how much we do have in common. I remember when I was first diagnosed I focused on the idea that autistic people could be talented and refused to see myself as disabled. Now, I know I'm disabled, I identify with "developmental disability", and I understand that it's okay to ask for help--that, indeed, it's my right, that it's perfectly legitimate to request help with daily living skills so that you can finish a college degree. I've learned so much from the people they label "low-functioning" that I'm a little bewildered by the idea that I used to think we were fundamentally different just because I can usually talk.

Disabled doesn't mean incapable; gifted doesn't mean you can do everything. As a gifted person with a moderate developmental disabilities, I've come to understand that, like many autistics, I'm floating in the middle between subgroups; but as autism culture starts to work out the lumps and connect the ideas, more and more people are realizing that they're in the same situation I'm in, that the spectrum isn't either-or. We're seeing ourselves in people who, in the outside world, would be put in completely different sociocultural boxes.

We will probably always have those subgroups and disagreements. Because we're human, there'll always be drama, arguments, even hatred and hostility. But as time goes on and we exchange ideas, we're building a library of information that is the foundation of this new culture.

Planet DebianMatthew Palmer: Multi-level prefix delegation is not a myth! I've seen it!

Unless you’ve been living under a firewalled rock, you know that IPv6 is coming. There’s also a good chance that you’ve heard that IPv6 doesn’t have NAT. Or, if you pay close attention to the minutiae of IPv6 development, you’ve heard that IPv6 does have NAT, but you don’t have to (and shouldn’t) use it.

So let’s say we’ll skip NAT for IPv6. Fair enough. However, let’s say you have this use case:

  1. A bunch of containers that need Internet access…

  2. That are running in a VM…

  3. On your laptop…

  4. Behind your home router!

For IPv4, you’d just layer on the NAT, right? While SIP and IPsec might have kittens trying to work through three layers of NAT, for most things it’ll Just Work.

In the Grand Future of IPv6, without NAT, how the hell do you make that happen? The answer is “Prefix Delegation”, which allows routers to “delegate” management of a chunk of address space to downstream routers, and allow those downstream routers to, in turn, delegate pieces of that chunk to downstream routers.

In the case of our not-so-hypothetical containers-in-VM-on-laptop-at-home scenario, it would look like this:

  1. My “border router” (a DNS-323 running Debian) asks my ISP for a delegated prefix, using DHCPv6. The ISP delegates a /561. One /64 out of that is allocated to the network directly attached to the internal interface, and the rest goes into “the pool”, as /60 blocks (so I’ve got 15 of them to delegate, if required).

  2. My laptop gets an address on the LAN between itself and the DNS-323 via stateless auto-addressing (“SLAAC”). It also uses DHCPv6 to request one of the /60 blocks from the DNS-323. The laptop puts one /64 from that block as the address space for the “virtual LAN” (actually a Linux bridge) that connects the laptop to all my VMs, and puts the other 15 /64 blocks into a pool for delegation.

  3. The VM that will be running the set of containers under test gets an address on the “all VMs virtual LAN” via SLAAC, and then requests a delegated /64 to use for the “all containers virtual LAN” (another bridge, this one running on the VM itself) that the containers will each connect to themselves.

Now, almost all of this Just Works. The current releases of ISC DHCP support prefix delegation just fine, and a bit of shell script plumbing between the client and server seals the deal – the client needs to rewrite the server’s config file to tell it the netblock from which it can delegate.

Except for one teensy, tiny problem – routing. When the DHCP server delegates a netblock to a particular machine, the routing table needs to get updated so that packets going to that netblock actually get sent to the machine the netblock was delegated to. Without that, traffic destined for the containers (or the VM) won’t actually make it to its destination, and a one-way Internet connection isn’t a whole lot of use.

I cannot understand why this problem hasn’t been tripped over before. It’s absolutely fundamental to the correct operation of the delegation system. Some people advocate running a dynamic routing protocol, but that’s a sledgehammer to crack a nut if ever I saw one.

Actually, I know this problem has been tripped over before, by OpenWrt. Their solution, however, was to use a PHP script to scan logfiles and add routes. Suffice it to say, that wasn’t an option I was keen on exploring.

Instead, I decided to patch ISC DHCP so that the server can run an external script to add the necessary routes, and perhaps modify firewall rules – and also to reverse the process when the delegation is released (or expired). If anyone else wants to play around with it, I’ve put it up on Github. I don’t make any promises that it’s the right way to do it, necessarily, but it works, and the script I’ve added in contrib/prefix-delegation-routing.rb shows how it can be used to good effect. By the way, if anyone knows how pull requests work over at ISC, drop me a line. From the look of their website, they don’t appear to accept (or at least encourage) external contributions.

So, that’s one small patch for DHCP, one giant leap for my home network.

  1. The standard recommendation is for ISPs to delegate each end-user customer a /48 (giving 65,536 /64 networks); my ISP is being a little conservative in “only” giving me 256 /64s. It works fine for my purposes, but if you’re an ISP getting set for deploying IPv6, make life easy on your customers and give them a /48.

Planet DebianRuss Allbery: Interpreting the Debian init system GR

I originally posted this in a thread on debian-private, but on further reflection it seems appropriate for a broader audience. So I'm posting it here, as well as on debian-project.

There is quite a lot of discussion in various places about what the recent GR result means. Some are concluding that systemd won in some way that implies Debian is not going to support other init systems, or at least that support for other init systems is in immediate danger. A lot of that analysis concludes that the pro-systemd "side" in Debian won some sort of conclusive victory.

I have a different perspective.

I think we just had a GR in which the Debian developer community said that we, as a community, would like to work through all of the issues around init systems together, as a community, rather than having any one side of the argument win unambiguously and impose its views on those who disagree.

There were options on the ballot that clearly required loose coupling and that clearly required tight coupling. The top two options did neither of those things. The second-highest option said, effectively, that we should feel free to exercise our technical judgement for our own packages, but should do so with an eye to enabling people to make different choices, and should merge their changes and contributions where possible. The highest option said that we don't even want to say that, and would instead prefer to work this whole thing out through discussion, respect, consensus, and mutual support, without giving *anyone* a clear mandate or project-wide blessing for their approach.

In other words, the way I choose to look at this GR is that the project as a whole just voted to take away the sticks that we were using to beat each other with.

In a way, we just chose the *hardest* option. We didn't make a simplifying technical decision that provides clear guidance to everyone. Instead, we made a complicating social decision that says that, sorry, there's no short cut to avoid having to talk to each other, respect each other's views, and try to reach workable collaborative compromises. Even though it's really hard, even though everyone is raw and upset, that's what the project as a whole is asking us to do.

Are we up to the challenge?


Planet DebianThomas Goirand: Rotten tomatoes

There’s many ways to interpret the last GR. The way I see it is how Joey hoped Debian was: the outcome of the poll shows that we don’t want to do technical decisions by voting. At the beginning of this GR, I was supportive of it, and though it was a good thing to enforce the rule that we care for non-systemd setups. Though I have slowly changed my mind. I still think it was a good idea to see what the community thought after a so long debate. I now think that this final outcome is awesome and couldn’t have been better. Science (and computer science) has never been about voting, otherwise the earth would be flat, without drifting continents.

So my hope is that the Debian project as a whole, will allow itself to do mistakes, iterative trials, errors, and go back on any technical decision if they don’t make sense anymore. When being asked something, it’s ok to reply: “I don’t know”, and it should be ok for the Debian project to have this alternative as one of the possible answers. I’m convince that refusing to take a drastic choice in this point in time was exactly what we needed to do. And my hope is that Joey comes back after he realizes that we’ve all understood and embarrassed his position that science cannot be governed by polls.

For Stretch, I’m sure there’s going to be a lot of new alternatives. Maybe uselessd, eudev and others. Maybe I’ll have a bit of time to work on OpenRC Debian integration myself (hum… I’m dreaming here…). Maybe something else. Let’s just wait. We have more than 300 bugs to fix before Jessie can be released. Let’s happilly work on that together, and forget about the init systems for a while…

P.S: Just to be on the safe side: the rotten tomatoes image was not about criticizing the persons who started the poll, who I respect a lot, especially Ian, who I am convinced is trying to do his best for Debian (hug).

Planet Linux AustraliaDonna Benjamin: DrupalSouth - Call for sessions open!! (closes 30 Nov 2014)

DrupalSouth is the biggest Drupal gathering in the Antipodes.

We'll be at the Melbourne Convention and Exhibition Centre over three days in early March 2015. March 5-7 to be exact.

Find out more at the website

The call for sessions is open, and we're trying hard to get the word out wide and far, to whisper in new ears, and encourage people of all sorts to share their ideas for sessions so we can create a truly wonderful, inspiring, engaging and fun program for this conference!

For those who may not know, Drupal is an open source content management system. It's used by people and organisations all around the world, for all sorts of web sites. It's also being used as back end application framework for mobile apps! It's amazing what Drupal can do.

Drupal events are the heart and soul of the community that makes Drupal. Bringing people together drives the project forward, and forges friendships.

But we're also part of the wider web. So we want to hear from all sorts of web specialists, not just Drupalists.

Please, submit a session, or simply help us spread the word. The deadline is looming and won't be extended. Get that proposal in by 30 November 2014.

Planet DebianJonathan Dowland: Moving to Red Hat

I'm changing jobs!

From February 2015, I will be joining Red Hat as a Senior Software Engineer. I'll be based in Newcastle and working with the Middleware team. I'm going to be working with virtualisation, containers and Docker in particular. I know a few of the folks in the Newcastle office already, thanks to their relationship with the School of Computing Science, and I'm very excited to work with them, as well as the wider company. It's also going to be great to be contributing to the free software community as part of my day job.

This October marked my tenth year working for Newcastle University. I've had a great time, learned a huge amount, and made some great friends. It's going to be sad to leave, especially the School of Computing Science where I've spent the last four years, but it's the right time to move on, It's an area that I've been personally interested in for a long time and I'm very excited to be trying something new.

LongNowStewart Brand Keynote Video from 02014 Evernote Conference

<iframe allowfullscreen="" frameborder="0" height="315" src="" width="560"></iframe>

On October 3rd 02014, Stewart Brand delivered the keynote address for the Evernote EC4 conference. Evernote is a service that allows people to collect information, notes, bookmarks, and create a personal searchable database with this collection.

Phil Libin, CEO of Evernote, has been a fan of Long Now for years, which inspired him to introduce a “100-year data guarantee” for all Evernote customers, a rare promise in the rapidly changing tech industry. The company is also known for having a long-term view and intends to be a “100-year startup”.

In the video above, Libin introduces Stewart while explaining how influential he and Long Now have been on Evernote’s philosophy. Stewart proceeds to give an update on our Revive & Restore project and the de-extinction of the Wooly Mammoth.

Evernote also gave out free copies of Stewart’s book The Clock of the Long Now: Time and Responsibility to attendees of EC4.

<script async="async" charset="utf-8" src=""></script>

Planet Linux News: Speaker Feature: Andrew McDonnell, Jim Cheetham

Andrew McDonnell

Andrew McDonnell

Reverse engineering embedded software using Radare2

1:20pm Thursday 15th January 2015

Andrew McDonnell is a professional software engineer with two decades experience, having spent many years before that hacking code after receiving a Commodore 64 for Christmas at age 12. He has significant experience programming in C++, Java and Python and a multitude of scripting languages. Outside of family and work he sometimes has time to play with his collection of 8-bit and PC/XT-vintage computers; computing and electronics has always been his passion. He intermittently maintains a blog at sometimes posting how he solved a problem in the hope it may be useful to someone else.

For more information on Andrew and his presentation, see here. You can follow him as @pastcompute and don’t forget to mention #lca2015.

Jim Cheetham

Jim Cheetham

OneRNG - An Open and Verifiable hardware random number generator

1:20pm Thursday 15th January 2015

Jim works in Information Security, and has a long background in Unix/Linux and Open Source/Free software systems.

For more information on Jim and his presentation, see here. You can follow him as @onerng and don’t forget to mention #lca2015.

Sociological ImagesTheories of the First Topsy-Turvy Doll

Lisa Hix has written a really nice story, “Why Black Dolls Matter,” for Collectors Weekly. The history of the topsy-turvy doll really caught my interest. The one below is characteristic. Believed to be from the 1870s, it is the head and torso of a black and a white doll, sewed together in the middle with a long skirt. The doll can be flipped from one side to the other.


The general consensus seems to be that these dolls were primarily for enslaved children, but the purpose of the dolls isn’t clearly understood.

Hix quotes one of the founders of the National Black Doll Museum, Debra Britt, who says that the dolls enabled enslave children to have something forbidden: a doll that looked like them. “When the slave master was gone,” she explained, “the kids would have the black side, but when the slave master was around, they would have the white side.”

At wikipedia, though, the entry for the dolls cites the author of American Folk Dolls, who makes the opposite claim.

It has recently been suggested that these dolls were often made for Black children who desired a forbidden white doll (a baby like the ones their mothers cared for); they would flip the doll to the black side when an overseer passed them at play.

Kimberly Wallace-Sanders, author of Mammy: A Century of Race, Gender, and Southern Memory, suggests that the dolls might not have been disallowed at all. Since enslaved black women often cared for their own children and the children of their white captors, perhaps the doll was designed to socialize young enslaved girls into their future roles as mothers to children of both races. According to Historical Folk Toys, the black doll sometimes was dressed in a headscarf and the white doll in antebellum-style dress, supporting Wallace-Sanders’ theory that the idea was to socialize girls into their role.

And, of course, we have even less of an idea of how the children themselves thought of these dolls or where their imagination led them.

Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

(View original at

Sociological ImagesHappy Birthday, Zygmunt Bauman!

Zygmunt Bauman (1925- ) is a Polish sociologist. Although his work on postmodern capitalism has been very influential, he is arguably most famous for his analysis of modernity and the Holocaust. Rather than a return to barbarism, Bauman argued the Holocaust was not possible without modernity. By modernity he meant the modern concern with ordering, cataloging, creating and following rules, and the division of labor.

Sociological Cinema

1Art by David Moore. H/t Sociological Cinema.

(View original at

Worse Than FailureCodeSOD: WTF from A to Z

Alex's customers were having issues with a web project management console developed by a coworker. Upon opening the code to see what was causing all the JavaScript errors, he learned that the original developer was clearly an expert in web development standards. The code file itself was JavaScript. The use of the .css() function definitely proved his mastery of Cascading Style Sheets. Hard-coded tags demonstrated his deep knowledge of HTML. Finally, his variable naming scheme is essential to maintaining the coveted "Now I Know My ABC's" certification.

var i = "DivContainer";
var j = "DEFAULT";
var k = "DEFAULT";
var l = a(document.createElement("select")).css("min-width", "200px").append(a(document.createElement("option")).val(""));
var m = a(document.createElement("select")).css("min-width", "200px").append(a(document.createElement("option")).val(""));
var n = a(document.createElement("select")).css("min-width", "200px").append(a(document.createElement("option")).val(""));
var o = a(document.createElement("input")).attr("name", "group1").attr("id", "RessRadio").attr("type", "radio");
var p = a(document.createElement("input")).css("width", "250px").attr("type", "text");
var q = a(document.createElement("input")).attr("id", "HiddenRessID").attr("type", "hidden");
var r = a(document.createElement("input")).attr("name", "group1").attr("type", "radio");
var s = a(document.createElement("input")).css("width", "250px").attr("type", "text");
var t = a(document.createElement("input")).attr("type", "hidden");
var u = a(document.createElement("a")).addClass("JButton").text("Display");
var v = a(document.createElement("label")).css("color", "Red");
var w = a(document.createElement("label")).text(" Display all employees assigned to a project: ");
var x = a(document.createElement("label")).text(" Display all projects assigned to an employee: ");
var y = a(a(this)[0]);

f = a(document.createElement("div"));
f.css("border-top", "1px solid Gray").css("width", "450px").css("padding", "5px");

Of course, since there are only 26 letters in the alphabet, sometimes they need to be redefined. Sometimes they even need to be redefined within the same function.

var k = function(a, b, c, d) {
  var e = false;
    source: b,
    minLength: 2,
    select: function(a, b) {
      a = true;

Alex's coworker is no longer with the company, which may be the safest thing for everyone.


Photo credit: Filter Forge / Foter / CC BY

Planet Linux AustraliaJonathan Adamczewski: Unquestionably bad

Question 5:

Consider the following 6 data structures:

  • Stack
  • Queue
  • Hash table
  • Doubly-linked list
  • Binary search tree
  • Directed acyclic graph

Using these as the subject matter, construct 6 really good puns.



After receiving a range of questions from different sources, I was unsure which to answer first — I was stack as to where to begin. And so because this was the last question that I received, it became the first that I answered.

Don’t get me wrong — I did appreciate the question. The capacity of my gratitude is, theoretically, unbounded. Thanqueue.

We have a cuckoo aviary. I keyp a record of each birth in a hatch table.

I noticed that I was leaning to one side. I spoke to a physician about it — he told me I was overweight because I was eating too much bread. My list, it seems, is linked to my dough-belly.

On a school trip to a pickle factory, my daughter went missing. I was able to climb the brinery search tree and spot her, though it took longer than I had hoped due to my poor balance.

While out walking, I deflected a cyclist’s gaffe, knocking him aside as he rode the wrong way down a one-way street. I looked down my nose at him and gave a topological snort to help him on his way.


The reader may decide whether the answers satisfy the requirements of the question.

Geek FeminismComfort me with links, for I am sick of spam (18 November 2014)

  • 55 works of iconic Indian writer released on Wikisource under a free licence | Wikimedia blog: “A total of 55 Kannada books by Niranjana are re-licensed. “This is the single largest and most comprehensive individual collection of a writer to be released under CC-BY-SA 4.0 in any of the Indian languages so far,” says Kannada Wikimedian Omshivaprakash.”
  • Over 9000: A game about visibility online when you’re a woman, made by Maddy Myers
  • Job Listings That Don’t Alienate (with images, tweets) · kissane | Storify: “I asked for people from communities that are underrepresented in their fields to talk about language in job descriptions that makes them back away, and the reverse—wording or specification that feel inviting. I got a lot of replies. If you make listings/do hiring, you should probably read them.
  • Barbie book about programming tells girls they need boys to code for them | The Daily Dot: “The latest affront to basic decency in gendered toy marketing comes from a Barbie book that tells girls they can’t be game developers or programmers…  Despite its encouraging title, Marenco’s book actually tells preteen girls that Barbie can only contribute to the design of the game she’s building.”
  • What a Huge Difference Those Little Actions Make | Medium: “I’m looking for more examples of positive stories from women in tech. I want to publish a collection of them — a LOT of them — in the hopes that reading them will make more people take that extra step to be welcoming and encouraging. To take that little step that costs nothing but might mean everything to a new, tired, or discouraged coworker.”
  • Night Witches by Bully Pulpit Games | Kickstarter: “Night Witches is a tabletop RPG about Soviet airwomen during World War Two, flying daring night time bombing missions in biplanes.”
  • How It Feels to Land a Spacecraft on a Comet | New York Times: Physicist, woman, person of color Claudia Alexander on landing a spacecraft on a comet: “Once we started getting the data, we are getting what we expected to get, and we know that the field is going to benefit from having made the effort to get this accomplished. It’s a wonderful feeling.”
  • Not All Nerds | The New Inquiry: “Silicon Valley monopolizes our national ideas about the future, aided by a presumption that the industry is exceptionally progressive when it comes to race. It’s this monopoly that turns the idea of putting iPads in the hands of every child into an urgent need. If we are to challenge Silicon Valley as the shining embodiment and most aggressive promulgator of a neoliberal future, then we need to attack its futurity. We can start by emphasizing how woefully retrograde it is—how 19th century its economics are, certainly, but especially its racial politics.”
  • Weather forecasters predict better services for women | Thomson Reuters Foundation: “Michel Jarraud, secretary-general of the World Meteorological Organization (WMO), said progress had been made in improving weather forecasts and climate services to protect lives and livelihoods. ‘But if we are to help communities cope with long-term climate change and the anticipated increase in hazards like floods and heat waves, then we need to do more to reach out to women with gender-sensitive services,’ he said.”
  • Pandora Releases Its Staff Diversity Statistics | Complex: “Are we supposed to believe that there are no black, Asian, or Latino people out there that have expertise in music? This is especially strange if you consider that most of the Pandora consumer base is minorities.”
  • Sartorial Misogyny, Feminist Concern Trolling, and the “Little Things”  | Shakesville: “When feminist concern trolls like Dawkins whine about the misuse of feminism, talking about feminism like it’s meant to be kept under glass, broken only in case of a ‘real’ and ‘serious’ emergency, they’re deliberately ignoring how culture works. The ‘little things’ don’t happen in a vacuum, but are part of a spectrum of expressed misogyny that forms a systemic oppression of women.”

We link to a variety of sources, some of which are personal blogs.  If you visit other sites linked herein, we ask that you respect the commenting policy and individual culture of those sites.

You can suggest links for future linkspams in comments here, or by using the “geekfeminism” tag on Pinboard, Delicious or Diigo; or the “#geekfeminism” tag on Twitter. Please note that we tend to stick to publishing recent links (from the last month or so).

Thanks to everyone who suggested links.

TEDAnnouncing our TED Prize 2015 winner: Dave Isay of StoryCorps

Dave Isay of StoryCorps is the winner of the 2015 TED Prize. On March 17, he'll reveal his wish. Photo: StoryCorps

Dave Isay of StoryCorps is the winner of the 2015 TED Prize. On March 17, he’ll reveal his wish. Photo: StoryCorps

“I’m a storyteller.”

It’s a sentence that can be found in a wide variety of TED Talks — because, really, it is the heart of what we do.

This is why, for the 10th anniversary of the TED Prize in 2015, we are thrilled to award the million-dollar prize to Dave Isay, the founder of StoryCorps. A large-scale oral history project, StoryCorps puts two people who know each other well — a husband and wife, a father and son, longtime co-workers — in a recording booth, giving them 40 minutes to have a real conversation, the kind that digs beyond the mundanities of life to unlock the powerful stories we each hold inside. So far, 100,000 Americans have participated in StoryCorps. All the digital audio files go to the Library of Congress; some are made available on the StoryCorps website, others are broadcast on NPR and still others are animated into shorts. While StoryCorps began in a small soundproof booth in New York’s Grand Central Station in 2003, it has grown into the largest single collection of human voices ever recorded.

But interestingly, while “story” is in the name, Isay sees StoryCorps as primarily about listening. “Listening is generosity,” he tells us. “Listening to someone else closely is one of the most valuable gifts we can give to another human being.”

On March 17, at the TED2015 conference, Isay will share an audacious wish for StoryCorps in a TED Talk. The wish will build on the success the platform has had in its first decade and take it in new directions. Isay’s TED Talk will be livestreamed for free to the world, and posted on soon after. From there, TED’s global community of innovators, entrepreneurs and TEDx organizers will hop in, helping the wish come true.

Isay says that he is “thrilled, honored and, frankly, floored,” to be working with TED and says he sees the two platforms dovetailing well. “I think we are both about inspiring people, helping people focus on what’s important,” he says. “About creating connections that ultimately help us all recognize our shared humanity.”

TED Curator Chris Anderson says that this is a special TED Prize for him too. “On the tenth anniversary of the prize, it seems fitting that we’re honoring a storytelling pioneer,” he says. “I’m excited to see how TED and StoryCorps will collaborate, and eager to see how we can pair an incredible idea with a global community.”

Check out some of Dave Isay’s favorite StoryCorps stories »

Reaction: Read more about Dave Isay’s TED prize win in the New York Times »

Reaction: Hear an NPR segment about Dave Isay and the TED Prize »

TEDFunky words and photos from Mars: A recap of Session 3 from TEDYouth 2014

A great way to see how a jellyfish moves? Luminescent dye, as shown by Kakani Katija. Photo: Ryan Lash/TED

A great way to see how a jellyfish moves? Luminescent dye, as shown by Kakani Katija. Photo: Ryan Lash/TED

The final session of TEDYouth 2014 focuses on what makes us human — the way we talk, the way we walk, the words we sing, the waves we surf. 

How jellyfish swim. On land, animals leave footprints that tell us a lot about their size, form and capabilities. Marine organisms do too—their footprints are “wake structures,” but they are hard to see since water is translucent. Bioengineer Kakani Katija finds ways to make them visible—using dyes, lasers and more—and measurable. Through this research, she and her intrepid collaborators can understand how sea organisms move, and the complex interplay between how they deal with currents (and contribute to them too). So why do people risk their lives for this kind of research? Because airplanes were engineered based on how a bird flies. “How will marine organisms inspire us?” she asks.

Catching Europe’s biggest waves. Chasing storms isn’t just for tornadoes, but also for catching major waves. Professional surfer Andrew Cotton shares how he started with small waves and felt perpetually behind his peers but finally hit his stride when he started chasing the massive ones, despite the danger involved. The mindblowing slides of waves bigger than one could imagine do not detract from his talk’s main focus: how harnessing an unshakable belief in himself allowed him to conquer the sea, even in the face of uncertainty.

A poetry break. Nineteen-year-old poet Carol Brown seriously throws down when she performs her rapid-fire ode to a rushed and calloused New York City. Her poem “Foundations” skips the cliché, instead honoring the exhaust and 24-hour bodegas that make New York her city —and  a city that belongs to no one. Brown is just one of the artists involved with Urban Word NYC, a nonprofit program bringing writing workshops and poetry slams to New York youngsters.

The daughter of a hitman investigates gun violence. “My father killed people,” says Jennifer Mascia as she steps to the TEDYouth stage. “It’s been 14 years since I discovered this fact and, the second I did, it cast a shadow over my entire childhood.” Mascia is the daughter of a Mafia gunman, convicted of one murder but who may have committed several more. And yet, “Even though my father was a murderer, he was a good father to me,” she says. In the days after the Sandy Hook massacre, Joe Nocera — the op-ed columnist she worked for at The New York Times — asked her to find out who is getting shot every day in America. It became “The Gun Report.” 350 posts and 60,000 deaths later, she shares what she learned: that in the summer, there’s an uptick in murders and that half of gun shot fatalities are fueled by alcohol. She stresses that urgent action is needed because saving one life is better than saving none.


This is a visualization of all the locations Drake has mentioned in songs throughout his career. Photo: Courtesy of Tahir Hemphill


Hip hop, visualized. Tahir Hemphill managed to find a career that fuses his loves of hip-hop, science and design; he’s the creator of Hip Hop Word Count, a database of the lyrics of 50,000 hip-hop songs. Using this raw data, he creates visualizations that make it meaningful—like a chart of the mentions of Cristal, which shows a huge dip since Jay-Z’s boycott. On a tour of a university while brainstorming a new project, Hemphill saw a 15-foot robotic arm. He thought, “Whatever I’m going to do, I’m going to do it with that.” He ended up putting a light pen in the arm, and having it plot all the locations 12 artists mentioned throughout their career, in order. The result: swirling circles of light that reveal both worldliness and local allegiance. Hemphill has recently opened the Rap Research Lab in New York, and invites all attendees to stop by to see what they can discover in the hip-hop data.

Stay in your (sidewalk) lane. Nathan Pyle is making etiquette cool again. He breaks down how to not be a jerk when visiting New York City, sharing the tips and tricks about how to deal with strangers that local New Yorkers already know. His mantra? “Act like a car.” That means: keep your eyes on the road and not on your cellphone, and don’t stop abruptly. This will help you avoid bumping into strangers… and keep you from missing your soulmate when you pass him or her on the sidewalk.

Invent your own words. Who knew that “friend” wasn’t always a noun and a verb? Erin McKean is a lexicographer, which means that she makes dictionaries. And thus, she knows the evolution of words well. That being said, she is no grammar snob, especially if grammar rules stifle creativity. She encourages the audience to make up their own words, and shares six ways for them to create a lexicon all their own. “We always tell young people to be creative and invent things when it comes to science and technology, but then when it comes to inventing new words we say, ‘No, you can’t do that,’” she says. “I think you should make up all the words that you want … Every word is a chance to express an idea and get your meaning across.”

Dispatches from Mars. Why does our planet have life, while Mars doesn’t? Well, it’s very dry and very cold, with temperatures up to 100 degrees below zero. But it wasn’t always. Over the first billion years of its existence, Mars had rivers, lakes and soil. Scientists, of course, want to know what happened. This is one of the purposes of the Curiosity Mars Rover, which landed two years ago. Ehlman explains how rocks found by the Rover prove that water once flowed there, and that streaks of salt found in laser drillings are like a bathtub ring left by a lake. From here, the Rover is headed up a mountain where lots more can be learned. “We’ve already brought our Curiosity to Mars and it’s a proxy til we can go there ourselves,” she says.

Nathan W. Pyle's motto for New York City sidewalks: "Act like a car." Photo: Ryan Lash/TED

Nathan W. Pyle’s motto for New York City sidewalks: “Act like a car.” Photo: Ryan Lash/TED

TEDRhythmic robots, tiny houses, healing leeches: A recap of Session 2 of TEDYouth 2014

Kenneth Shinozuka and that sock model at TEDYouth. Photo: Ryan Lash/TED

Kenneth Shinozuka shows his very cool invention, with the help of a sock model. Photo: Ryan Lash/TED

By Cynthia Betubiza, Ella Dawson and Kate Torgovnick May

Session 2 of TEDYouth 2014 offered talks to rouse the spirit and a few to gross you out. Below, recaps of these fascinating talks.

Robots with rhythm. Nothing adds to a musical crescendo more than a skillful improvisation. Gil Weinberg, an engineer and musician from Georgia Tech, brings this creativity to new heights. He builds musically intelligent robots that can improvise along with humans. This technology isn’t just about amusing audiences—Weinberg shows us robots that play rhythms impossible for humans. “We could be musical cyborgs,” he says, showing a clip of a drummer with a prosthetic limb who plays at incredible speed.

A talk with a “sock model.” When Kenneth Shinozuka’s grandfather started to show symptoms of Alzheimer’s, there was one fact that especially troubled his family: the fact that he often wandered at night. His aunt couldn’t sleep, she was so worried about him getting lost. So Shinozuka had an idea: he created a heel-attaching sensor that would send an audible alert if his grandfather so much as placed a foot on the floor. He talks us through the challenges of designing such a thing, and reveals that in its first year of use, it detected 900 cases of his grandfather getting out of bed. It’s one small, smart solution for a growing problem. “As the number of people diagnosed with Alzheimer’s triples by the year 2050, caring for them will become an overwhelming societal challenge,” he says.

Mucus mania. Biochemist Katharine Ribbeck loves mucus, more commonly known as snot. Despite its gross reputation, mucus plays an important role in protecting our cells from infection-causing pathogens, she says. Our cells are coated in mucus to preserve moisture, help us digest food, and neutralize the toxins secreted by harmful microbes. In fact, our bodies produce a gallon of mucus a day in all. Ribbeck is researching the potential of synthetic mucus, called “mucin,” which could be used in eye drops, nose sprays, skin cream, food and more.

A culture of compost. Pashon Murray went to General Motors and Ford with an unusual request: would you give me your food waste? A Detroit native who you might know from this brilliant spoof of a Cadillac commercial, Murray wanted their food waste to help start a composting movement in her city. She takes food waste from local companies and manure from the local zoo and uses it to turn forgotten tracts of land into thriving gardens. “Detroit gets a lot of news coverage that talks about the negative things—the vacant land, dilapidated properties, buildings that have been pretty much abandoned,” says Murray. “That exists. But to me, Detroit is a gem.”

14-year-old Sicily Kolbeck built this tiny house. Photo: Courtesy of Sicily Kolbeck

14-year-old Sicily Kolbeck built a tiny house and shared what she was doing . Photo: Courtesy of Sicily Kolbeck

A tiny house, and a lesson in self-sufficiency. Teenage crafter Sicily Kolbeck built a 128-square-foot house in less than a year. With the help of instructional YouTube videos on everything from plumbing to installing electricity (plus a whole lot of guess work), the 14-year-old completed her tiny house in April of this year. The project was life changing: she went from a self-conscious introvert to speaking at the White House’s first ever Maker Faire. She says, “I’ve been prepared for not only high school, but real life as well.”

Truths buried in mass graves. In any murder case, finding a body confirms the crime. But in the aftermath of a state-sponsored genocide, says Fredy Peccerelli, finding such evidence requires a mix or archeology, anthropology and genetics. Peccerelli talks to families who lost loved ones in Guatemala’s 36-year-long conflict. He then uses DNA samples that they volunteer and compares them to bodies he exhumes from mass graves. He tells the story of a group of women and children who were taken away by helicopter and never seen again — until his team was able to locate their bodies. In this way, Peccerelli helps give families peace of mind and a voice to the voiceless, as well as collects evidence for use in genocide trials.

Flex fantastic. Storyboard P specializes in movements that look like they should be impossible. A break-dancer featured in Jay-Z’s “Picasso Baby” video, he is a master of ‘flex’: a style that uses pantomime, contortions and complex footwork. He glides across the stage, his legs undulating slowly to Nas’ “I Know I Can (Be What I Wanna Be)” as if they have no bones, his feet flipping over each other in rapid swishes. It’s an eerie performance that gets the audience clapping.

Instagram for understanding. Photographer Ruddy Roye grew up in Jamaica, where class was an issue, but race simply wasn’t. When he moved to the United States, he was surprised to find the color of his skin noticed in strange ways. He turned to photography as a way to work out his complex feelings over this. Now, Roye uses Instagram to tell the stories of his neighbors in Bed-Stuy, Brooklyn. “For the first time in my life, I could bring my world of invisibility to an audience that had no editors,” he says. Showing us his beautiful images, he explains how he sees his work as a humanist project.

No love for the leech? Leeches don’t get enough credit, mostly thanks to old Hollywood depictions of them as blood thirsty, ferocious creatures. As the self-titled “Leech Guy,” Mark Siddall, a curator at the American Museum of Natural History, sees value in studying these highly diverse animals that have been used for a variety of useful medical endeavours, such as the first human dialysis ever. In a presentation not for the squeamish, he talks us about some of what leeches can do—and ends by having a leech suck on the hand of host Kelly Stoetzel.

Mark Siddall shows how harmless leeches are, demonstrating on host Kelly Stoetzel. Photo: Ryan Lash/TED

Mark Siddall shows how harmless leeches are by demonstrating on host Kelly Stoetzel. Photo: Ryan Lash/TED

TEDA youth reporter finds out why it’s important to be nice in New York City from etiquette GIFer Nathan W. Pyle

New York etiquette master Nathan W. Pyle is interviewed by 11th grader Lubna Batool.

New York etiquette master Nathan W. Pyle is interviewed by 11th grader Lubna Batool.

Writer, cartoonist and New York City transplant Nathan W. Pyle is the creator of the street-savvy, GIFed-out NYC Basic Tips and Etiquette. Lubna Batool, an 11th-grade New Yorker, is a big admirer of his work, which gives newcomers to the city the little tips no one else will—like that one $20 umbrella will outlast four $5 umbrellas and that one should be wary of an empty subway car.

In the week before Pyle steps on the TEDYouth 2014 stage, we asked Batool to interview him. Here’s an edited transcript of their conversation. 

What is it about the subway and the sidewalks of New York City that you find interesting?

People. That’s the short answer: people are very interesting, and there are so many different kinds of people here. The excitement of New York is that you’re constantly surrounded by strangers. It challenges the way you think, because, even just overhearing conversations, you realize we all think very, very differently. I love that about New York. But one of the interesting things about the city is that we can all agree on a lot of these rules — about the way a line is supposed to work, or how an escalator should be walked on. We agree on these things even though we disagree on a lot too.

What do you do in your spare time?

I live in Manhattan and my girlfriend lives in Brooklyn, so I spend a lot of time on the subway. That’s where I do a lot of my best thinking. My best ideas come from just looking at other people and thinking about what to write.

What is the most difficult decision you had to make in the last two years?

My most difficult decision was whether or not to stop freelancing. For many New Yorkers, the question is: should I freelance or should I take a salary job? As a freelancer you have a lot more risk, but there’s more freedom. With a salary job you have stability, but it also means that you have to turn down a lot of opportunities. Freelancing is less attractive as you get a bit older because you start to think about maybe marrying someone or having a family. In my case, I ended up taking a salary job. I work for BuzzFeed full-time and I haven’t regretted that, because they treat their employees very well. Some companies don’t treat their employees well and some companies do.

What do you do at BuzzFeed?

I just published a quiz right before I got on the phone with you. A lot of people don’t understand that there are people who write these things — so I’m one of those people. Today it was about breakfast cereal, but then I also wrote a post about dogs. These are things that I can write about. I also write about my faith sometimes, or about advertising, or about philosophy.

One of the things I write about most is: What if I were born in a different country and I came to America — what would that be like? I did an exchange program in Kenya and, the people I lived with, they grew their own food. I learned that many people in the world are much closer to the source of their food. If I were from somewhere else, I would probably not be working on a computer as much because I might actually, say, tend to my own land.


Where would you like to be in your career five years from now?

I definitely want to write more books. I’ve written one so far — about the city. I might write a second that’s about church. I grew up in the Protestant Christian church, and there are a lot of awkward social interactions that happen at church. It would be nice for people to understand the kind of cultural phenomenon that happens. I came from a place in Ohio where a lot of people were accustomed to having churches on every corner. In New York, it’s a lot more multicultural and there are more religions represented. I am in that in-between ground where I can help people understand: here’s what pluralism looks like.

What made you want to work here in New York?

I really like the fact that, in New York, you’re competing against the best of the best. I think that’s what draws so many people here.

If you could travel to one place, where would you go?

I would love to go to Jerusalem. When I was in college, I studied Bible and Theology, so you read about all these places in Israel. It’s another example of where you get a first-hand look at people of many different religions in the same city. I would be very interested to see all of that.

Who is one person that inspires you?

People who think outside the box are some of the most interesting, like Frank Lloyd Wright. One of my favorite stories about him is that he created a complex of buildings, but he didn’t put any sidewalks in. Instead, what he did is let people use the buildings for a while and they walked in the grass between the buildings. They ended up wearing these paths where people would naturally walk. He waited to see what people would do before he put the sidewalks in.

It’s very tempting just to do things the way everyone always does them, but I think the Internet has given rise to so many people who say, “Hey wait, what if I did things this way?” Then they do a Kickstarter and everyone says, “Hey, this may be a really great way to do things.”

Have you had any difficult times in your life? What was your motivation to get through it?

One of my struggles is I that have some mild anxiety. It’s something that millions of Americans have, so if I’m able to talk about my anxiety and tell people, “Here’s what I’ve gone through,” and that I’m dealing with these things, that actually helps other people, too. It teaches you to be more vulnerable and willing to open up about those things—that it’s okay.

And what is the greatest achievement that you’ve had in your life?

That my book was on the New York Times bestseller list. That’s an achievement that was half work and half luck. I think that’s where a lot of achievements come from—you’re just in the right place at the right time. I always tell people that you work hard and you be nice to everyone. It might turn out really well, it might turn out just okay, but, at the end of the day, you can be proud. You don’t want to look back and think, “I stepped on everyone on my way to the top.” Being nice to people is more sustainable in the end.

survive nyc 3 anigif_enhanced-12826-1410192213-22

TEDHow live interpreters will bring TEDYouth into Spanish and Arabic, in real time

Spanish interpreter Kelly Kelly A.K. in the booth at TEDYouth 2012. She and four others will interpret Saturday's TEDYouth in Spanish and Arabic in real time. Photo: Mike Femia/TED

Spanish interpreter Kelly A.K. in the booth at TEDYouth 2012. She and four others will interpret Saturday’s TEDYouth into Spanish and Arabic in real time. Photo: Mike Femia/TED

TEDYouth will be livestreamed on Saturday, November 15, for free — and not just in English. This event, meant for students and, well, anyone sparked by general curiosity, will be translated on the spot into both Spanish and Arabic, to make it watchable by more people around the world.

Five intrepid live interpreters will make this happen. They’ll sit in soundproof booths, watching on monitors and listening through headphones as the event proceeds in English. In real time, they’ll transpose the words into their target language by speaking into a microphone. It’s a task that takes intense concentration, so they’ll trade off every 20 to 30 minutes for a rest. Each team has an electronic dictionary at the ready. 

Live interpreters prepare by reading up as much as they can on the speakers, to make sure that they’re familiar with their subjects and know the kinds of terms that might pop up in each talk. But still, no amount of studying is foolproof.

“Interpreting requires understanding someone else’s speech — the structure, the speaker’s viewpoint, the intention. You often have to anticipate what the speaker will say,” says Sarah Edelman, who has lived in four countries and will be live interpreting in Spanish. “Although there is a lot of preparation, there are always moments of uncertainty due to last moments changes … You need some training in order to not fall off your chair under that kind of pressure.”

For her fellow Spanish interpreter Kelly A.K., the hardest part is having to juggle multiple tasks. “You’re listening to something new and difficult to grasp, translating it into another language in your head and then speaking it out in the other language,” she says. “The hardest part is to listen, think, translate and speak all at the same time.”

Maged Mikhail, who’ll help bring the event into Arabic, says that the difficulty varies wildly by talk. “When speakers are talking fast or using jargon, it is hard. Or when the speakers are not organized enough in their train of thought,” he says. “It’s easiest when the speakers talk slowly and are organized.”

So what happens when the live interpreters get tripped up? Edelman explains, “When you interpret, you are not interpreting words so much as concepts. If you don’t remember a word, you go around it, and find an explanation or a synonym. The most important thing is for the people in the audience to understand.”

A.K. agrees. “If you stop for a word you can’t find in your head, you will miss a lot of the talk. So you just have to move on and sometimes you can come back,” she says.

To her, this isn’t so scary as it is part and parcel of the task. “‘To translate,’ in its etymology, means ‘to betray,’” she says. “Even the best translations in the world are betrayals to the original text, because no two words in different languages have the same exact meaning … I love the challenge. I am always learning new things.”

Mikhail hears that. “I always do my best to translate to the closest meaning based on my comprehension,” he says. “I do it because of my passion for both the source language and the target language.”


Krebs on SecurityMicrosoft Releases Emergency Security Update

Microsoft today deviated from its regular pattern of releasing security updates on the second Tuesday of each month, pushing out an emergency patch to plug a security hole in all supported versions of Windows. The company urged Windows users to install the update as quickly as possible, noting that miscreants already are exploiting the weaknesses to launch targeted attacks.

brokenwindowsThe update (MS14-068) addresses a bug in a Windows component called Microsoft Windows Kerberos KDC, which handles authenticating Windows PCs on a local network. It is somewhat less of a problem for Windows home users (it is only rated critical for server versions of Windows) but it poses a serious threat to organizations. According to security vendor Shavlik, the flaw allows an attacker to elevate domain user account privileges to those of the domain administrator account.

“The attacker could forge a Kerberos Ticket and send that to the Kerberos KDC which claims the user is a domain administrator,” writes Chris Goettl, product manager with Shavlik. “From there the attacker can impersonate any domain accounts, add themselves to any group, install programs, view\change\delete date, or create any new accounts they wish.  This could allow the attacker to then compromise any computer in the domain, including domain controllers.  If there is a silver lining in this one it is in the fact that the attacker must have a valid domain user account to exploit the vulnerability, but once they have done so, they have the keys to the kingdom.”

The patch is one of two that Microsoft had expected to release on Patch Tuesday earlier this month, but unexpectedly pulled at the last moment.  “This is pretty severe and definitely explains why Microsoft only delayed the release and did not pull it from the November Patch Tuesday release all together,” Goettl said.

On a separate note, security experts are warning those who haven’t yet fully applied the updates from Patch Tuesday to get on with it already. Researchers with vulnerability exploit development firm Immunity have been detailing their work in devising reliable ways to exploit a critical flaw in Microsoft Secure Channel (a.k.a. “Schannel”), a security package in Windows that handles SSL/TLS encryption — which protects the privacy and security of Web browsing for Windows users. More importantly, there are signs that malicious hackers are devising their own methods of exploiting the flaw to seize control over unpatched Windows systems.

Wolfgang Kandek, chief technology officer at Qualys, said security researchers were immediately driven to this bulletin as it updates Microsoft’s SSL/TLS implementation fixing Remote Code Execution and Information Leakage that were found internally at Microsoft during a code audit.

“More information has not been made available, but in theory this sounds quite similar in scope to April’s Heartbleed problem in OpenSSL, which was widely publicized and had a number of documented abuse cases,” Kandek wrote in a blog post today. “The dark side is certainly making progress in finding an exploit for these vulnerabilities. It is now high time to patch.”

CryptogramA New Free CA

Announcing Let's Encrypt, a new free certificate authority. This is a joint project of EFF, Mozilla, Cisco, Akamai, and the University of Michigan.

This is an absolutely fantastic idea.

The anchor for any TLS-protected communication is a public-key certificate which demonstrates that the server you're actually talking to is the server you intended to talk to. For many server operators, getting even a basic server certificate is just too much of a hassle. The application process can be confusing. It usually costs money. It's tricky to install correctly. It's a pain to update.

Let's Encrypt is a new free certificate authority, built on a foundation of cooperation and openness, that lets everyone be up and running with basic server certificates for their domains through a simple one-click process.


The key principles behind Let's Encrypt are:

  • Free: Anyone who owns a domain can get a certificate validated for that domain at zero cost.

  • Automatic: The entire enrollment process for certificates occurs painlessly during the server's native installation or configuration process, while renewal occurs automatically in the background.

  • Secure: Let's Encrypt will serve as a platform for implementing modern security techniques and best practices.

  • Transparent: All records of certificate issuance and revocation will be available to anyone who wishes to inspect them.

  • Open: The automated issuance and renewal protocol will be an open standard and as much of the software as possible will be open source.

  • Cooperative: Much like the underlying Internet protocols themselves, Let's Encrypt is a joint effort to benefit the entire community, beyond the control of any one organization.

SlashDot thread. Hacker News thread.

EDITED TO ADD (11/19): Good post. And EFF's blog post.

CryptogramWhatsapp Is Now End-to-End Encrypted

Whatapp is now offering end-to-end message encryption:

Whatsapp will integrate the open-source software Textsecure, created by privacy-focused non-profit Open Whisper Systems, which scrambles messages with a cryptographic key that only the user can access and never leaves his or her device.

I don't know the details, but the article talks about perfect forward secrecy. Moxie Marlinspike is involved, which gives me some confidence that it's a robust implementation.

EDITED TO ADD (11/20): SlashDot thread.

Planet Linux News: Speaker Feature: Katie McLaughlin, Andrew Bartlett

Katie McLaughlin

Katie McLaughlin

Before All Else, Be Graphed

3:40pm Wednesday 14th January 2015

Katie is a part of the Engineering team at Anchor Systems, working to improve *all* the things. She has a history of enterprise development and Windows system administration, but has been successfully converted to the ways of the penguin in recent years.

When she's not changing the world, she enjoys making tapestries, cooking, and yelling at JavaScript and it's attempts at global variables.

For more information on Katie and her presentation, see here. You can follow her as @glasnt and don’t forget to mention #lca2015.

Andrew Bartlett

Andrew Bartlett

Pushing users into the pit of success - stories from the Samba 3 -> Samba 4 transition

3:40pm Thursday 15th January 2015

Andrew Bartlett is a Samba Developer currently employed by Catalyst in Wellington, NZ. Andrew has been developing Samba since 2001, and has had a strong focus on the Active Directory DC project for the past decade or so. He is passionate about authentication systems and making Samba a great, interoperable alternative to the dominant implementation from Microsoft.

For more information on Andrew and his presentation, see here.

Worse Than FailureAnnouncements: Selling Out Again… with Puppet Labs!

Several years back, I confessed to selling out. But there was a catch: instead of running those rubbish Google ads, we would run hand-picked ads from relevant tech companies.

This worked out wonderfully and, as many of you commented, you first heard about some really cool tools and services, here on the site. So, to commemorate the site relaunch, we wanted to do something really special and work with a select group of tools/companies in the industry to sponsor some entertaining content for you, our readers. You know, things like Radio WTF's Make It Work, OMGWTF Contest, or even Mandatory Fun Day.

That said, we're thrilled to roll out the red carpet for our friends at Puppet Labs as the first of our sponsors for 2015. If you're not already familiar with Puppet Labs, you really should be!

If you're not already familiar, Puppet is all about automating the configuration and management of servers and the software running on them, whether on physical or virtual machines, on prem or in the cloud (and if you have 2 minutes to spare, their intro video gives a pretty good overview of how they help their customers get things done).

They’ve also expanded to integrating with network devices, and that’s going to continue through their relationships with many data center hardware vendors.  It's all about infrastructure as code, and so Puppet used by everyone from start-ups to Google. Be on the lookout for a more in-depth article this year where we deep-dive into their technology as well.

We're all pretty excited about this. Thanks to their support, we'll be able to create some exciting new content, do more meet-ups, and have a lot more fun all-around.

Oh, and it’s definitely worth mentioning they also backed my Release! game. Puppet Labs is one of those for-techies-by-techies companies that loves to be a part of the happenings and provide opportunities in the community.  Please make sure to check them out!

CryptogramSnarky 1992 NSA Report on Academic Cryptography

The NSA recently declassified a report on the Eurocrypt '92 conference. Honestly, I share some of the writer's opinions on the more theoretical stuff. I know it's important, but it's not something I care all that much about.