When you start with a dentist appointment at 8AM, teaching a MOC at 9.30 and not being able to have lunch, you're in for an interesting day.

Luckily for me things changed at the last minute, as I was able to successfully pass my 117-199 exam (the Ubuntu Certified Professional exam) less than two hours ago.

I've have written some posts (on my old journal) about my interest on LPI certifications, and since I don't plan on taking any Red Hat courses and already have the Linux+ from CompTIA, it was about time to invest some time AND MONEY into it. During the last two weeks I was able to complete the two Level 1 exams and today with the cherry at the top of the cake, the Ubuntu one.

I'm thinking about Level 2 certification, but it will probably not happen soon. And a job before investing more money would be AWESOME!

December 4, 2008 (Computerworld) IBM and Canonical Inc. today announced a virtualized software bundle with Lotus desktop applications running on top of Ubuntu Linux that they say is far cheaper than running Microsoft Corp.’s Office suite on conventional Windows PCs.

From: Computerworld

I think this is pretty exciting news, and with the economic downturn, is likely to find a lot of business/corporate interest.

I’ve been meaning to post a picture of my laptop’s “decoration” for a while, perhaps start another chain reaction…

I think what you put in your laptop tells a bit about who you are or what you do

So here’s my current laptop:

One more thing, I got a zebra-themed vinyl skin applied on the laptop, which protects the machine - the stickers are on that vinyl layer.

Clicking on the image will bring you to Flickr where I added some notes.

What’s on your Ubuntu laptop ?

I have used Ubuntu exclusively for almost 2 years now. In that time I have very rarely had contact with other distros. The only exception being spending about half an hour in Fedora 8 or 9, quite liking it and never getting round to making a partition to dual boot between it and Ubuntu. But with the release of both Fedora 10 and VMWare 6.5, what better time is there to check out the latest release from the Fedora team?

I grabbed the Live CD ISO from the Fedora site, which auto-located the nearest mirror to me and it downloaded pretty quickly. The installation process was incredibly simple. The LiveCD booted straight into a graphical interface, where you could setup things like Language and Keyboard layout. This is a refreshing change from Ubuntu, where you are dumped into a “grub” style keyboard interface to setup keyboard/language by pressing funny key combinations and using ugly text menus. Once I had changed my keyboard/language from US to UK I was presented with a nice (very blue) GNOME desktop. An “Install to hard drive” shortcut was neatly placed on the desktop to get the installation properly started. The actual installer (called Anaconda) is very like Ubuntu’s Ubiquity. It goes through most of the same steps, in roughly the same order (and does the same job). Partitioning was a breeze and it even included an “Encrypt my hard drive” check-box, which was a cool little feature.At the end of the main installation process, it told me to reboot, without giving me a reboot button or telling me how to reboot. It’s just a little cosmetic issue, but it could be quite confusing for new users, who don’t have a clue how the GNOME interface works.

On first boot I was presented with a “Setup Agent”. This tool lets you setup your user account and your timezone (which, quite confusingly, was also done in the first part of the installation). Both of these functions are handled prior to the actual installation in Ubuntu, which seems a bit more “streamlined” and didn’t make you waste time on your first boot.

After exiting the Setup Agent, I was dumped straight into a GNOME desktop. Fedora is often heralded as one of the best looking distros around, but to be honest, I cant really see why. The default background is incredibly blue and looks like it is supposed to be a sun, with some solar flares coming out of it but it looks more like a stock picture of a moon, with some dodgy GIMP effects laid on top of it. The default window theme is OK (it is also very blue), but the buttons on the right hand side just don’t look like they “belong” there and really stick out from the rest of the panel, which is pretty distracting.

Installing software is also very easy. A simple add/remove software tool is included in the System menu which lets you search the repositories, which I found to be quite small and not have some of the software I rely on daily such as Flash, VLC and Terminator (ok, Terminator is quite a small project, but VLC!). You simply search for the package you want to install, hit the installation button and it will go away and do it for you. The package-kit based installation dialog is very simple (it basically just says “I am installing your selected packages now” or “I am resolving dependencies now”), which some people may like, but I like to know what is going on when I am installing stuff. Some people might not notice this, but after using apt-get and synaptic for a few years, you get used to being told absolutely everything that is going on.

The update manager is also very easy to use. Its “these are your updates” screen is brilliant as it groups them into Bug Fixes, Enhancements and Security updates, each with their own big shiny icon, which looks absolutely great. I would be very happy if Ubuntu had something similar.

Generally the distro is very easy to use. The preferences menus are grouped into little sections like “Look and Feel” and “Internet and Networking”, which makes it a lot easier to find a setting dialog than in Ubuntu’s monolithic list. The distro is also mostly bug free, but I did notice that the keyboard options I set during installation were not kept when I rebooted, so I was stuck with a US keyboard until I worked out how to use the (quite confusing) keyboard layout selection dialog.

All in all, I am very impressed with Fedora. I don’t think I will be giving up my Ubuntu yet (being an Ubuntu contributor, I would find it hard to keep up my contributions to Ubuntu while using another distro), but I would be happy to recommend it to people who are thinking of switching from Windows or Mac OS. If Mark Shuttleworth suddenly decided he wanted to invest in something else and Ubuntu fell apart, I would happily make the switch to Fedora.

Launchpod: the Launchpad team podcast!

Hosts: Matthew Revell and Graham Binns.
Theme: Obscurity by Barry Warsaw.

• 01.00: Some of the Launchpad team will be at the Ubuntu Developer Summit starting the 8th December. Graham talks a little about what he’ll be doing.
• 03.42: Announcing the Launchpad bug tracker plugins API! Create your own plugin to enable the bug tracker of your choice to communicate directly with Launchpad. Read more.
• 11.48: Welcome to Michael Nelson, who is the latest member of Launchpad’s Soyuz team. The Soyuz chaps look after PPAs and other packaging in Launchpad.

Download ogg vorbis file.

Podcast feed.

A while ago we announced the beta versions of the Launchpad plugins for Trac and Bugzilla. These allow Launchpad to sync not just bug statuses but also comments and, eventually, whole bug reports with the remote bug trackers that have them installed, bi-directionally. The practical upshot of this is that upstream projects that don’t use Launchpad for bug tracking can install one of these plugins and never again have to worry about not seeing bugs that people file using Launchpad but don’t forward upstream.

We in the Launchpad team realise, of course, that Bugzilla and Trac aren’t the only two bug trackers in the world. A project that uses Mantis, for example, may want its bug tracker to interact with Launchpad in the same way that Bugzilla and Trac now can. Unfortunately we can’t develop a plugin for every bug tracker out there as we don’t have the resources or the in-depth knowledge of those trackers’ internals necessary to be able to do so.

To make it possible for anyone to develop a plugin for any bug tracker, we’ve now opened up our Plugin API spec. The spec details all the APIs that need to be implemented for Launchpad to be able to sync bi-directionally with a remote bug tracker. It’s pretty detailed, and we’ve rolled into it our experiences in developing the Bugzilla and Trac plugins so as to make sure that new plugins don’t repeat the issues that we came across when we started interacting with the first bug trackers to install those plugins.

Once you’ve written an API plugin for your bug tracker of choice you can contact us by filing a question against Launchpad Bugs to let us know about it. We’ll then work to write the code on the Launchpad side that will interact with the API you’ve written. Once that’s done we’ll continue to work with you to iron out any bugs that we may come across.

I’m looking forward to seeing your plugins!

Hate bugs? Want to make it easier for free software projects to fight them? If so, there may be a place on the Launchpad team for you.

We’re looking for a developer to join the team that works on Launchpad’s bug tracker. There are a few things we’re looking for in our new team-mate. Most importantly, you should be passionate both about free software and helping projects find better ways to track bugs.

One of the existing Launchpad Bugs developers — Graham Binns — has a good way of summarising what he’d like to see in his new colleague:

I’d rather work with someone who looks at a feature and says “that’s cool but it will cause these problems for our users” than with someone who says “wow, that must have been complex to code, cool”.

If you live and breath Python, love free software, have strong experience hacking on bug trackers and have a string of successful projects behind you, take a look at the full job description. If you’re successful, you’ll be a joining fun, skilled and highly motivated team. You’ll also get a grilling from me for our Meet the devs feature

If you’re trying to figure out how to recursively download a directory with lftp, the wonderful command-line FTP and SFTP client, this is what you want:

… and that’s that. Hopefully this will be more helpful to someone than the current Google documentation results.

Update: Thanks to molok in the comments, here’s how you upload recursively:

What an exciting week of events ahead!

Firstly, I will be attending FossCamp from the 5th - 6th December. There a variety of upstreams meet together in a number of free form sessions to discuss anything and everything about how we work together. Everyone is welcome, so if you can pop along to the Google offices at 1400 Crittenden Lane, Mountain View, CA 94043 do come and say hello.

Next up, and taking place at the same venue all next week (8th - 12th December) will be our Ubuntu Developer Summit. Over 200 of us will be gathering together to design, discuss and plan our next version of Ubuntu: version 9.04, the Jaunty Jackalope.

UDS is always the highlight of my travel calendar. Five days of sessions spread across seven tracks, every day chock full of brainstorming sessions on a range of topics and planning their implementation. Each track focuses on different elements of the Ubuntu platform and community, and I run the rather unsurprisingly titled Community Track. In our track we will be discussing all manner of governance, process, initiative, collaboration and participation issues. The track will touch on a variety of aspects of our community including MOTU, LoCo Teams, Hall Of Fame, Harvest, Councils, Upstreams, ubuntu.com and more. It is going to be an exhilarating week of discussion; I am chomping at the bit to get started.

But UDS is way more than just sessions. It is about people. UDS brings together a fascinating, inspiring and indelibly social group. There is a fantastic atmosphere at UDS and a very real sense of community. We work hard to try and make UDS feel as welcoming and open to ideas and discussion as we can. It is an opportunity to re-affiirm old friendships and make new ones. Every day we not only work hard together, but we play hard too. Anyone who has been to a UDS will be well aware of just how physically draining it can be: long days full of discussion and long evenings of socialising make for a pretty tiring week. I think my coffee intake increases as the week progresses.

I am particularly excited about this UDS. I am not only excited at the group who we know are coming (many of which we sponsored), but I think Jaunty offers so much opportunity across all Ubuntu editions. This is going to be an important release in the Ubuntu story. Everyone is welcome to be a part of it, and everyone is welcome at UDS.

See you there folks!

This blog is at the request of some Ubuntu users and describes how to restrict users access to applications and/or system files with rbash.

rbash is a “restricted shell” and can be helpful in restricting users. This can be used, for example, to allow limited ssh access in order for a user to perform specific tasks, yet keep the user away from system files and applications.

see  : rbash features / restrictions

But rbash needs to be “hardened”.

Step 1: Install rbash :

rbash is not “installed”, it is a symbolic link to bash. rbash is present by default in Ubuntu but not Fedora (or Centos) for example.

First, add a user to your system, here I will call the user “ruser”. You may use the gui tools or the command line to add this user. Then, if needed “install” rbash and set the users shell to rbash.

sudo ln -s /bin/bash /bin/rbash
sudo bash -c ‘echo “/bin/rbash” > /etc/shells’
sudo chsh -s /bin/rbash ruser

Step 2: Harden rbash

Now we need to harden the home directory a bit.

First, lets change ownership and permissions of ruser’s home

sudo chown root.ruser /home/ruser
sudo chomod 750 /home/ruser

Now let us lock down  rbash a bit. The “critical” files and environmental variables are PATH, .bash_login, .bashrc, .profile, .bash_profile, .bashrc, and .bash_logout.

As root (sudo -i or su -)

cd ~ruser
rm -rf .bash_login .bashrc .profile .bash_profile .bash_logout
touch .bashrc
echo “. .bashrc” > {.bash_login,.bashrc,.profile,.bash_profile,.bash_logout}
echo “export PATH=’/home/rbash/usr/bin’
mkdir -p /home/ruser/usr/bin
chown -R root.ruser .bash* .profile /home/ruser
chmod 640 .bash* .profile
chmod -R 750 usr/bin

Depending on your preference you may wish to lock down additional configuration (. or dot) files as well, such as .vimrc or .nanorc

Now, review the contents of the home directory :

ls -la ~ruser

Step 3: Add access (links) to applications.

We now have a fairly restricted “base”. To add applications to rusers path, use a link :

Again, as root,

ln -s /usr/bin/vim /home/ruser/usr/bin/vim

If you need this use to be able to do a task as root, this is where sudo shines. Add the user to visudo and add the command(s) allowed to run as root. You still need to make a link from the command to /home/ruser/usr/bin .

For remote access, I also advise you use keys, which will allow you to not only increase security for our ssh server, but also restrict users from potentially undesirable actions (running commands, binding ports). See my previous svn+ssh blog for some hints on how to lock down your ssh keys.

Take care to remain diligent, as with all things, there are ways to break out of a rbash shell. This set up can be enhanced further by setting up the user in a chroot jail.

See also : man rbash

For additional informations see : Security Focus ~ Restricting UNIX Users

Over on identi.ca, @chuck (aka Chuck Frain of the Maryland LoCo) pointed out that Micro Center will be holding a Linux Basics class in all stores on Saturday, January 31, 2009!

Canadian politics are frequently very, very dull - according to even most Canadians, never mind anyone else. No charismatic, exciting leaders. No mobs occupying airports and being threatened by the military. Nobody burning cars in the street.

Thankfully.

What we've got instead, currently, is a control-freak Prime Minister desperately attempting to hold onto his minority government's power. CBC quotes PM Harper as wanting to use "every legal means at our disposal to protect our democracy, to protect our economy and to protect Canada," — but what he mostly seems to want to protect is his own power.

A huge number of Canadians (possibly including PM Harper) appear to have taken a basic Canadian PolSci course... Westminister-style democracies (this would include Canada...) do not, repeat not elect "governments" as Mr. Harper claims. We elect Parliaments, which then form governments. When one party has a clear majority in Parliament (which hasn't happened in Canada for several Parliaments in a row now) that party forms the government. When you have a minority, generally the largest party gets to be the government — but if a coalition of other parties can make a government work, that is just as legitimate and democratic as a simple minority single-party government.

Seriously, this is very, very basic Canuckistani political science, folks. Why does it seem to be so broadly mis-understood?

For the record, no, I don't like Mr. Harper. I don't like any of the current four big-party leaders very much, though. Harper has been trying to run his minority government as if he had a majority, though, and he needs a good, sharp reminder of the other options available under Canada's system. Which also have the side-effect of removing him from the Prime MInister's office, to his obvious distress...

The CBC has a good overview article on the current state of the mess. Making Light has a thread on the basic discussion and a spinoff, awesomely geeky thread attempting to express Westminister-style democracy in pseudo-code. Planet Ubuntu readers - go check that last one out, it really is a hoot.

In the meantime, no, we aren't having a coup up here in the Frozen North. No great anti-democratic seizure of power, really, despite Mr. Harper's ranting and much confusion at many levels. More people need to take first-year university Political Science courses...

Just a quickie note to let everyone know that Nate is hosting a meeting of the Ubuntu Maryland Loco team in Salisbury, MD. It will be at the Red Door Sub Shop December 6th at 10am. Power outlets and wifi will be provided and the management has been warned (or they gave permission as Nate phrased it:)

So if you’re interested in talking with other enthusists make your way there and they’ll be glad to have you. If you have any questions drop an email to the newly established easternshore at ubuntu-maryland.org address and someone will be in touch.

I have utter, unparalleled love and adulation for the song Braindead by Exodus. The intro that song makes me want to jump around the room. It is the pure, unfiltered essence of thrash metal.

The album version is stunning, but I really love the insane live version on Good Friendly Violent Fun. You can just hear the intensity of that performance coming through. Magic.

Any other recommendations for music to leap around your living room to?

I am a bit of a statistics junkie. I could spend months reading my blogs Google Analytics or Wordpress.com Stats (even though I don’t get too many hits, I’d still spend ages reading them). A couple of weeks ago I was idling in #ubuntu-uk, watching a conversation about someone on a dodgy broadband connection, with a really low monthly cap. Someone suggested he used “vnstat” to check up on how much bandwidth he was using. So, with nothing else to do, I though I’d check it out too. And wow its awesome. It can basically tell you everything you will ever need to know about your bandwidth usage.

It is a little console app that keeps a database of your bandwidth usage. You can then query this in a whole pile of different ways. The default output (just run “vnstat” in a terminal) is a little table, summarizing your traffic usage in total and over the last few days. It looks a little bit like this:

There are loads more ways to query your data. It can even draw little text based histograms

Setting it up is really easy. On an Ubuntu system run this:

Surf the internet or download something for 15 minutes then drop back into a terminal and run “vnstat” to get your first set of results. Read the manpage or http://humdi.net/vnstat/ for more shiny ways to get some statistics.

Care of Mike Owens and Dustin Kirkland, bogosec has been uploaded to Jaunty (in the NEW queue at the moment). It is a source-code analyzer framework with plugins for lintian, rats, and flawfinder. Out of curiousity, I ran it on all of Intrepid main. Highest 5 scores were:

1. 0.717338929043293 lsscsi
2. 0.612729234088457 nevow
3. 0.561151781356762 powertop
4. 0.431034482758621 language-pack-tk-base
5. 0.431034482758621 language-pack-se-base

As Dustin reminded me, bogosec seems biased against smaller code bases. In the case of the lang packs, the score is entirely from lintian. Both lsscsi and powertop deal mostly with input from kernel strings, so while they scored highly, I doubt either is actually vulnerable to very much. I haven’t looked at nevow yet. Also, both rats and flawfinder yell about things that are mitigated by compiler flags (e.g. -D_FORTIFY_SOURCE=2) so those warnings are less interesting too.

Really, this all boils down to “we need better code analyzers”. The best tool will be one that predicts CVE counts (I would expect the Linux kernel to be at the top, since it has the all-time highest number of CVEs filed against it).

To get closer to reality, I think just doing a normal package build and scanning for stderr output would be meaningful (gcc has plenty of built-in checks already). Steve Beattie suggested writing a plugin for sparse, too.

When I was a kid, I owned a Sega Megadrive (Sega Genesis for my American friends). I spent hours on that thing. Sonic The Hedgehog. Streets Of Rage. Desert Strike. Toejam And Earl. I loved it.

One game that was released was Where In The World Is Carmen Sandiego? Back then it was marketed as edutainment: essentially a sneaky way for parents to infiltrate their kid’s leisure time with learning under the premise of it being “fun”. Of course, kids are smarter than parents give them credit for. Kids were wise to this and often avoided games like that like the plague. The mind of a 12 year-old concluded that enough time is spent in front of teachers, workbooks and exams without it invading precious Sega time. I was one such kid. I hated the idea of edutainment. I didnt want to learn with my Megadrive, I wanted to shoot things with very large, very loud, deeply pixelated guns.

Things change when you grow up (yes, I have grown up, smart arses). I now love learning. I love reading. I spend hours drowning in Wikipedia and exploring our world, our history and our patchwork of cultures. I love learning about people’s experiences, perspectives and attitudes. I no longer have the 12 year-old mentality that learning is for school time. Learning really is genuinely fun.

Naturally, there are some subjects I like to learn about in more detail. Community (zing!). Computers. Free Software. Free Culture. Music. There are however some subjects that I develop a curiosity about and feel an urge to investigate. These subjects are not part of my daily interests and hobbies, but are temporary avenues of curiosity.

One recent example for me is Historical Jesus. A few days ago I read everything Wikipedia had to offer about about the subject. This was triggered originally by a history TV show which in turn inspired me to buy a book about significant events in human history. In this book I read about Jesus’s Crucifixion and decided to further refresh my knowledge of the subject by hitting up Wikipedia. In this example we see two distinctive concepts: Passive Education and Content Aggregation and Linking:

• Passive Education - in my example of Historical Jesus, my primary focus was gathering the facts and the story. I was happy for this subject’s learning to be passive. I was happy to merely consume the content and not interact with it much more than selecting what to learn.
• Content Aggregation and Linking - learning has links and connections. I first watched a show about history. This intrigued me to buy the book on historical events. A section in that book inspired me to access specific content on Wikipedia. The thread that connected these different resources together was the subject of Historical Jesus and I aggregated the different pieces of knowledge together in my brain. My current knowledge of Historical Jesus draws from these different resources.

When we learn about our primary interests, learning is different. Our desire is often for Active Learning. We not only want to know the subject, but we want to immerse ourselves in the execution and debate of it too. Much of this is not only collating general knowledge, as I did with Historical Jesus, but learning about more localised information too. When I learn about music, I want to know about local bands. I want to know when my favourite bands are coming to my area. I want to hear about music groups, gigs, and conventions near to me. I want to know about special offers in local music stores. In a nutshell, I don’t just want to consume, I want to participate.

In recent years, computers and the Internet have made both Active and Passive Learning incredibly accessible. The web has bolstered passive learning resources, and active learning has been thrusted towards us with online communities, social networking, community groups and discussion boards. No matter what you want to know about, the Internet can help you in both Passive and Active ways

But lets get back to Where In The World Is Carmen Sandiego?. Although I could not stand the concept of edutainment at the time, what that game did do that intrigues me is that it delivered education to people automatically. The education was associative: topics and concepts were delivered to you as you played the game.

I find this really interesting. I find the concept of linking and associating different types of education and resources fascinating. This also holds huge opportunity for the desktop.

A great example is Banshee. For those who have been living under a rock for the last three years, Banshee is a media player. I have it open all day, delivering a fresh dose of metal to me all day long. Banshee not only plays music, but it brings many diverse music related activities together under the same roof: digital music, Internet radio, CD playing and ripping, meta-data editing etc. The Banshee bods have done a great job.

But the most interesting feature to me is its Last.fm integration. When I listen to a song (such as Hammerfall right now). The artist and track is posted to my Last.fm account. This in itself is not all that exciting. But what Banshee does that is exciting is look up the artist of my current playing song and use Last.fm to make recommendations. It delivers those recommendations to me inside Banshee itself. That is wicked cool. Sure, I could go and look up these recommendations on the Last.fm website, but I am unlikely to do that: Banshee does the work for me. The result is that this simple feature has helped me discover literally hundreds of new bands. Banshee linked and aggregated the data, and this resulted in better learning for this important part of my interests.

Yesterday I installed the new 1.0.0 release of Songbird. Songbird is an iTunes like Open Source media player that holds some stunning promise. They have used Mozilla technologies and GStreamer to build a cross-platform media player. I know some of the guys who work on Songbird and wanted to give it a try: I had last used an early snapshot. While I don’t want to turn this into a review (if you folks want a review, let me know and I will write one up), it ships with some interesting features that build on some of the concepts seen in Banshee. Oh, and Amarok folks, I know your media player has probably been doing all of this for years, so hold fire.

When listening to an song in Songbird, it will go and look up data for the current artist from a number of resources and bring it all together. It grabs a summary blurb, discography, members, tags and links of the artist from Last.fm, a photo slideshow from Flickr, videos from YouTube, and News from Google News. Again, I could find this information separately without ever installing Songbird, but Songbird not only aggregated this content, but it linked it to an opportunity of curiosity (what I am listening to). I might never typically go and look for more details about Hammerfall, but when I am listening to them, it often triggers curiosity. Songbird satisfies that curiosity before I even know I have it.

Another great feature of Songbird that builds on active learning is that it uses Songkick to look up all of the artists in my playlist to see if there are concerts and shows in my area. With this feature I now have a list of all the up and coming shows for the artists I like (including all those obscure metal bands). This provides me with direct access to the local community and opportunities. That is one stunningly helpful and outrageously cool feature. My media player is stopping being a place to merely consume music, and instead becoming a place to aggregate everything there is about the music I listen to and the artists that make it.

This is an even more valuable proposition for a desktop. Just think of the range of types of media we consume and the applications that we use to consume it. Now mix this with the range of online sources of education and content we have open to us. It could be really interesting to pull together these threads into one cohesive experience. I love that Totem in Ubuntu can stream BBC content to me, but I would love it to show me some information and products about that content too. I would love Evolution to provide me with an ability to easily look up terms, acronyms and products in my emails with a single click. When I look at photos in F-Spot I want to see pricing for prints and frames to put my pictures in.

It would also be fascinating to identify the work-flow of education in a computer. From sourcing content in Wikipedia, how does it flow through text editors, communications tools, online services and publishing mediums? How can we identify these links in the chain and optimise them?

Big subject. I know. But huge potential.

As I wrote earlier today, I’m looking for a tool to make machine part CAD drawings on Linux. I now tried Art Of Illusion and VariCad. Here’re some results.

Simple enough to use, Open Source. Works nice if you need to create nice 3D objects but I didn’t feel it’d be good for serious high precision design. Following a tutorial here I was able to create this nice hour glass - I was surpriced to see that yes, I was actually able to do it and to me the result looks very good! If I ever need to create something like this I’ll run it again (unless I have the patience to learn Blender).

Hour glass with Art Of Illusion

Starting from 499€ for Linux - a commercial software. I tried the test version (DEB and RPM available) and I must say, it works! It took me some hours again to go through the first 8 tutorial pages from here but as you can see, the result is something what you’d need to design machine parts. Too bad it isn’t Open Source - now I need to try to convince someone to buy it for me.

I think I also noticed some bugs there when selecting lines/objects, maybe reporting those they’ll give me a free version And too bad it is only able to export BMP bitmaps, not PNG for example..

VariCad practice

While my laptop was under the knife during the past week or so, I was using my Linode to get my Ubuntu fix.  Although I have quite a bit of space free, I wanted to avoid installing extra packages that I would only end up using while my other computer was out of commission.

One such package was devscripts; I make heavy use of the rmadison command when doing support in #ubuntu.  While I could probably have easily just used the basic interface for searching, I wanted something a bit nicer.  I settled for using Mozilla’s Mycroft to create a SearchPlugin that could be added to Firefox’s search bar.

The plugin itself can be found here.

I just read Aarons post about his sad situation and that just so close to christmas...(I wonder who that north american enterprise linux vendor is? I wonder if the headquarter is near durham/raleigh in NC ;))

Anyways...Aaron was using shred for his task.

But I think you want to delete the data on those disk much more intensive.

My advise for those tasks (even in enterprise environments, at the old company ComBOTS, we used DBAN to wipe more then 600 supermicro 7TB servers in one go...we took the 7-pass method, it took a week, really ;)) is Darik's Boot and Nuke Linux Live Media.

With the 7 Pass method it's as clean as NSA wants...with 3 Pass method it's clean as the german BSI wants :)

I’m very excited to be at FOSSCamp on Friday! Are you going to be there as well?

We should have a Packaging Jam there - who of you will join in?

–
My 5 today: #304570 (swfdec-mozilla), #304538 (gucharmap), #304606 (memcachedb), #304642 (gnotime)
Do 5 a day - every day! https://wiki.ubuntu.com/5-A-Day

1. Pick an application you love/like/use/previously reported a bug in+/want to succeed
   
2. List all the bugs it has
3. Do Something (based on ability/time):

• Look for obvious duplicates*
• Ask more questions*
• Look for duplicates on the upstream bug tracker*
• Fix a bug and attach a patch
  

What I like best about the Hall of Fame is definitely the “featured contributor”. There’s so many people in our project that do awesome work in so many different ways. Some of them are not very vocal about the awesomeness they put into Ubuntu and don’t get the credits they deserve, being it as a developer, artist, forum person, wiki writer, documenter, LoCo organiser, system administrator, etc. etc.

The “featured contributor” helps to give an insight into what people are doing in the Ubuntu project and gives us all a chance to stop for a moment and thank them.

I just added a “Nominate somebody!” link to the HoF where you can nominate your favourite Unsung Hero just by sending in their Launchpad ID and adding a short explanation of why they should on there.

Please make good use of this feature and join us celebrating our Unsung Heroes.

–
My 5 today: #304570 (swfdec-mozilla), #304538 (gucharmap), #304606 (memcachedb), #304642 (gnotime)
Do 5 a day - every day! https://wiki.ubuntu.com/5-A-Day

Laura Cowen, Alan Pope and Tony Whitmore present the nineteenth Ubuntu Podcast from the UK Local Community Support Team.

In this episode:-

• Yet more upgrade woes from Tony
• The news
• Adobe release Flash for 64-bit platform
• Handbrake now available with a Linux GUI
• Pinax hold a competition to promote their platform
• Ubuntu Jaunty Alpha available
• SCO still suck
• Crunchbang relaunches with a new website
• Human powered protien folding app Fold It
• Fedora 10 released
• Mozilla announces end-of-life of Firefox 2.x

• Encryption by default: encrypted-home-directory, encrypted-swap-by-default
• Power: power-capping
• Boot Speed: jaunty-boot-performance, jaunty-boot-performance-kernel, boot-profiling, boot-io-efficiency

• Plenty about what people do post-install. Alan mentions his blog post where he outlines what he does
• Friend of the show Andy Stanford-Clark sends us photos of his low power setup including a Viglen MPC-L and what it replaces.

Comments and suggestions are welcomed to: podcast@ubuntu-uk.org
Up to 30 seconds of voicemail can be left at +44 (0) 845 508 1986
Follow our twitter feed http://twitter.com/uupc
Follow us on Identi.ca http://identi.ca/uupc
Discuss this episode in the Forums

I’m in a need for a Linux-based 3D CAD software based on GPL or other free license to design small machine parts. I have no previous experience so I’ll have to learn something new anyway. I hope that after I’ve learned one it’ll be easier for me to learn and understand another one, if needed.

Can you recommend me any of those I list below (or any other) to start with. I’ll try to run a short test on all but it’d be nice if someone more experienced could give some advices. Animation support would be good but not a requirement. I also had a look at Blender but I feel that it’s not meant for CAD-type work and that there must be some better tools to do what I need although I must admit that I would like to master blender to be able to create some nice 3D animations.

http://gcad3d.org/
Doesn’t look too good: writing the coordinates in a text file doesn’t work..

http://www.artofillusion.org/
Actually looks pretty simple and promising.. Will check more closely..

http://autoq3d.ecuadra.com/
I tried both QT3 and QT4 versions: the toolbar buttons were not visible -> not usable..

http://www.ar-cad.com/
The UI is not the very friendly but looks like you could be able to do some nice physics simulations. Might be worth a closer look.

http://www.opencascade.org/
Weird license and if I understood correctly, is not an application but a framework/something.

http://www.salome-platform.org
Requires registration to download, 500+MB.. But I’ll give it a try..

http://brlcad.org/
Wasn’t able to install it properly.. should check what’s wrong. The documentation didn’t look very good..

Source: wikipedia

So, due to the bad shape of the economy I was let go from my position as a Linux instructor and guru. As unfortunate as it is, I have to press forward looking for the best job that fits my skill set.

However, the point of this post isn’t to complain about being laid off, or the bad shape of the economy. Rather, while employed, I was given a 120 GB LaCie Rugged hard drive that was called the “gurudisk” (being a “Linux Guru” from “Guru Labs”. Get it?). The gurudisk had everything on it necessary for easing the installation of Linux on computers. Kickstart and AutoYast files were used for automating the install of the instructor machine, while scripts and RPMs were used to automate the configuration and additional software installation of the instructor machine, and DHCP, DNS, TFTP and PXE, along with Kickstart and AutoYast files, were used for automating student machines. Using the gurudisk, I could do a full classroom install, complete with instructor machine and 20 student machines, in under an hour. The gurudisk held RHEL 5, RHEL 5.1, Fedora 6, SLES 10, SUSE Linux 10.1 and Oracle 4.5 disk ISOs and software, as well as RPMs, scripts and config files. It was truly a welcomed companion.

However, all of that can easily fit in 40 GB of space, so what to do with the rest of the 80 GB? Well, most of us began using that space for personal data. Music, videos, scripts, documents and so forth. I’m not one to carry music or movies with me, so that didn’t interest me much. Rather, I wanted the ability to take the gurudisk further with using Ubuntu and Debian. So, I had an “isos” directory on my gurudisk, where I kept more updated ISOs, including RHEL 5.2, Fedora 9 and 10, Ubuntu 8.04 LTS, Debian 4.0, openSUSE 11, OpenSolaris, FreeBSD, OpenBSD, and others. At one point, I had an entire Ubuntu repository mirroring 8.04 and 8.10 on the gurudisk. Lastly, if that’s not enough, I had VMWare, KVM, Xen and VirtualBox virtual machines with clean, vanilla installations of a few of the major distributions. I took advantage of my space, and it also came to the welcome approval of many students.

When news came yesterday that I had lost my job, and that I would need to turn in my gurudisk, I wanted to first get my Ubuntu mirror, virtual machines and ISOs off the disk. Then, I wanted to experience, first hand, “shredding” the data on the disk. Thus, we have now reached the topic of this post- GNU shred.

I had heard from students over and over again that zeroing out the drive using /dev/zero is not sufficient for secure data deletion. I full heartedly disagree, and I’m sure I’ll bring out the emotion of many of you in the comments. Here’s why I think /dev/zero is more than sufficient for secure data destruction:

• On older dive encoding schemes, mainly RLL and MFM, data was not written in exactly the same spot every time. As such, there was left over charge from the previous write, and expensive data recovery hardware could use math and averages to discover what the data once was. As such, a method known as the “Gutmann Method” became the standard of destroying data. Patters of ones and zeros would be written to the disk, in such a way that maximizing flipping the bits, minimizing the average left over charge. After seven passes, the residual charge would be so minute, that it would be virtually impossible to recover the data. Do 35 passes, and the data is gone for sure.
• Drives today do not use RLL or MFM encoding, and also, the bits are much more close together then they were in days gone by. The data has to be written in exactly the same spot, or data destruction is likely on other data existing on the disk. As such, there is no left over residual charge from rewriting the data. A single pass over existing data removes any existence of that data.
• Supposedly, top secret, mega government, super computers administered my corporations with endless amounts of cash flow can recover data on ATA drives, even after seven passes. However, there has been no academic study, no scientific evidence, no hard cold proof. All we have is hearsay and rumors of people we know claimed to recover the data using these killer machines or algorithms on ATA drives.

So, with that in mind, after backing up my data, a single zeroing of the entire drive would be more than sufficient for a couple reasons. First, my bosses and company don’t have the resources, the time and money, or the care to recover any data off of my gurudisk. Second, the data I was deleting wasn’t necessarily personal, as no passwords or private keys or information was stored on the disk. So, even if the data could be recovered, of what use would it be to anyone? Little, if any. Chances are good that the drive will sit on a shelf, unattended and unused, and when it does make it back into commission, it will just be formatted with ext3, files put on, and used as any other drive. So, /dev/zero it is.

Or not.

I’m a mathematician at heart. I love math and logic puzzles as well as cryptography and many an algorithm. If I had the time and money, I would finish college, and get a Doctorate in Mathematics. However, that’s a dream that just isn’t realistic at this point in my life, but I still enjoy pulling out my HP49G+, and crunching the numbers. So, the algorithm used in Gutmann’s Method is interesting. More interesting are the pseudo-random number generators used in cryptographic applications. So, I decided to give GNU shred a try, seeing as though it’s part of coreutils, and see what the result is. I ran the following command:

This means that GNU shred will make 26 total passes, with the 26th pass being straight zeros to hide the fact that the disk has been shredded. Once finished, I’ll add one final pass as an easter egg to the next person who gets the gurudisk. So, 27 total passes to the disk. What I’m mostly interested in, is the time it will take to finish. From my understanding, it will write pseudo-random numbers to the disk on the first, middle and second-to-last passes, due to passing ‘-z’ to zero the shred. Writing random data to 120 GB of disk is going to take some time. In fact, I timed it, and it took 5 hours and 20 minutes. Which means it will last at least 16 hours to run to completion. But then there is the one and zero pattern writing that will take place in between. I would expect this to go substantially faster than writing random data, and it does- about three times as fast. Three passes can be completed in 5 hours and 20 minutes, give or take, based on the pattern. There are 23 final passes at this rate, which is approximately 41 hours. Add the 16 on top of that, and it’s going to take 58 total hours to complete all 26 passes. That’s almost 2 and a half days! In fact, as I’m writing this, it’s 18:00 the next day, and I’m only on pass 11, writing the pattern “333333″ in hexadecimal to the disk. The next pass will be my second random data pass. When I get out of bet tomorrow, I expect to be on pass 18, give or take.

I figure, even though I’m long past any possible data retrieval, it’s fun to watch. Even more entertaining is the heat emanating off of the disk- it’s fairly warm, which I guess makes sense, as the disks have been going non-stop for almost 24 hours. Would I recommend GNU shred for wiping your data? No. Again, /dev/zero will be more than sufficient, and fast too, at roughly 30 MB per second on a SATA or USB 2.0 disk. Which, by the way, this disk is connected via FireWire 400 (I’m not a fan of the USB speed burst). I’d love to see this run to completion, but I’ll probably cancel it sometime tomorrow morning, install my easter egg, then be on my way to return the disk.

Long live hacking!

One thing I am most proud of about jonobacon.org is that there is some great discussion in the comments. It seems the most magical aspect of blogging is that no matter what I babble on about, it invariably results in some interesting discussion in the comments. Thanks to everyone who has participated over the years.

Anyway, today I was thinking that it would be nice to say thanks! to some of the regulars who bring so much to the discussion. To kick this off, today I would like to thank the current top three commentators by buying them a DVD or CD:

• Adam Williamson
• Vadim P.
• ethana2

Just drop me an email with what you would like (preferably with a link to Amazon) and your postal address and I will get it in the post.

I generally don’t particularly like most-posts-wins competitions, but these three have all contributed some great comments, many of which disagree with me, which is always healthy. In the future I will probably hand pick people who have also brought something special to the discussions.

Anyway, thanks folks.

A nice little story for those of you who may have missed it.

Last week Larry Lessig blogged about how the new change.gov site for Obama included the following at the bottom of the page:

CONTENT COPYRIGHT © 2008. ALL RIGHTS RESERVED

Larry pointed to Chris Messina’s post asking why a Creative Commons license was not used. When I read the post, I agreed with both of their sentiments.

Well, it seems Obama’s staff are pretty responsive: they have switched the content to a CC-BY license, the freest of CC licenses. Larry has the details here. Gobama!

It seems that the positioning of the question regarding government content is skewed. Instead of the question being “why should we license this content under a free license?” it should be “why should we NOT license this content under a free license?“. Of course, this change in approach is a mindset change. It requires participants to adjust their expectations of the norm to be a Free Culture society as opposed to a restricted society.

To me this is the most important goal for members of the Free Culture community to seek. We have the licenses, we have publishing systems, and we have a growing catalogue of content, but what we don’t have is a change in mindset (yet). This change will happen, but it will take time and many more examples such as this one.

I used to be quite involved in (UK) government use and policy attitudes towards Free Software back when I worked at OpenAdvantage and have since stepped back from it quite a bit. I wonder what kind of policy changes and persuasions need to occur for the policy to be justification for NOT publishing free content as opposed to the current norm. Anyone have any insights into this?

At first I wondered what was the point of twitter. Today I found it:

johnleach introduced his cats to squirty cream. one was terrified of it. years of trust building, gone in one short hilarious squirt.

You are an amusing man, Mr Leach.