LUG Community Blogs

Debian Bits: apt install dpl-candidate: Gergely Nagy

Planet HantsLUG - Sat, 14/03/2015 - 20:35

0. Who are you and what's your history with Debian Project?

I'm a little mouse behind a keyboard, going by the nickname "algernon". I used to be a lot of things: a flaming youth, an application manager, package maintainer, upstream, ftp-assistant, a student, a mentor, a hacker. In the end, however, I am but a simple, albeit sometimes crazy person.

I did a number of things within Debian - mostly small and marginal things, mind you. With a little break, I've been here for over a decade, and am planning to stay for at least another.

1. What's your most proud moment as Debian Developer?

At last year's LinuxTag, I was wandering around a stand where they sold Raspberry Pis (with cases and other accessories). I had a nice chat with one of the staffers there, inquired about the price (including the case, of course), and a few other things. He asked a few things back: what I'll be using it for, and so on. After it turned out that I'm a Debian Developer, and syslog-ng hacker, he went to the back, and emerged a few minutes later with a boxed up Pi, and gave it to me as a gift, for working on Debian.

This was an incredibly touching moment, in many, many ways.

2. In your opinion what is the strongest part of Debian Project?

That's hard to say, to be honest. There are a good number of things Debian is incredibly strong at, and it would be hard to arbitrarily pick one. Quality, responsibility, safety, predictability are all areas we are very good at. But those are the qualities of the OS. As a project, we are remarkably well organised, given the volunteer & distributed nature of the project.

3. And what is the weakest part of Debian Project?

While we can resolve and work with technical issues in a reasonable manner, the project as a whole is rather lacking in all other areas. To grow beyond being the creators of the Universal OS, we, as a project, need to pursue goals beyond the OS.

Being part of GSoC and Outreachy are great steps forward. But we still have a lot of internal issues that need to be resolved. Areas such as innovation, team work, where we're in dire need of improvement.

4. How do you intend to resolve the weakest part?

As explained in my platform, my primary goal is to remove roadblocks. The DPL can do very little alone, his time and powers are better spent on enabling those who have the required skills and desires, to pursue those.

5. DPL term lasts for one year - what would you challenge during that term and what have you learned from previous DPL's?

The most valuable thing I learned from past DPLs is that the expectations are sky-high, yet, a significant portion of what the DPL does is very different than what I imagined in past years.

I'd like to challenge the status quo of the DPL being a nearly full-time job.

6. What motivates you to work in Debian and run for DPL?

I'm in it for the fame and glory, of course! And because my Tamagotchi told me to.

But on a more serious tone, my main motivation to work on Debian is because contributing makes me happy. It satisfies my hunger for doing useful work. Debian is - in my opinion - the perfect platform to give back to the wider Free Software community. Similarly, my motivation to run for DPL is to allow Debian to be a stronger member of that greater

Categories: LUG Community Blogs

Debian Bits: apt install dpl-candidate: Neil McGovern

Planet HantsLUG - Sat, 14/03/2015 - 20:34

0. Who are you and what's your history with Debian Project?

My name's Neil, I've been involved with Debian for over 10 years now. I've held a variety of roles, from the SPI board, writing policy and secure testing team, to being one of the Release Managers for Squeeze and Wheezy.

1. What's your most proud moment as Debian Developer?

Probably the release of Squeeze, my first as RM. It was the end of a great effort to get the release out. I particularly remember at the end of DebConf 10 in New York going to the local Disney store and buying every single small squeeze plush toy they had, so I could send a thank you gift to the rest of the release team! Another perhaps was when I first got my Debian kilt.

2. In your opinion what is the strongest part of Debian Project?

I think this is our social contract. It guides us, and is what we all agree on. This is our promise to ourselves, to the wider open source community and to our users.

3. And what is the weakest part of Debian Project?

At a push, I'd say it's the variety of packages we have in the archive. I'm not sure it's weakness, but it's certainly a challenge. It becomes exponentially harder to ensure that everything integrates well as you add more packages. To have made it do so this far is quite impressive.

4. How do you intend to resolve the weakest part?

Well, see the section in my platform on PPAs, and modernising our build and infrastructure system Wouldn't it be great if you could stage a package against all of stable, testing and unstable, and see what fails to build and where, with live build logs on all architectures?

5. DPL term lasts for one year - what would you challenge during that term and what have you learned from previous DPL's?

I think my primary role as DPL for 2015 would be to get a great start of development for Stretch. The start of a new release cycle is the exact time to implement wide changes that are potentially disruptive. Every couple of years we seem to relax after the release, rather than get geared up for the next one, and then time passes, and plans slip, and before we know it, the freeze is fast approaching. If we start planning /now/, then we can hopefully enter the freeze with fewer RC bugs, which should be great news for everyone! For the second part, I've talked to a lot of the previous DPLs, and worked with them in one role or another. The main thing I was told was that I shouldn't try and do everything I planned on. It's hard work, and all sorts of things pop up that derail your original plans.

6. What motivates you to work in Debian and run for DPL?

The people involved. I've met and worked with some of my greatest friends due to the project. The work, dedication and commitment of those over the years is outstanding. Most of these people are still with us, and unfortunately, a few are not. Whenever I'm feeling disheartened or annoyed, usually due to a giant flame-war then I simply remember that what we're doing is truly remarkable, and the effort that everyone has put in over the years isn't something that should be taken for granted.

Categories: LUG Community Blogs

Steve Kemp: Moving to Newcastle

Planet HantsLUG - Sat, 14/03/2015 - 01:00

Although things are not 100% certain it seems highly likely we'll be moving to Newcastle in five months time.

If I seem distracted/absent/busy over the next month or two this will be a good excuse!

Categories: LUG Community Blogs

Debian Bits: DebConf15: Call for Proposals

Planet HantsLUG - Thu, 12/03/2015 - 22:20

The DebConf Content team is pleased to announce the Call for Proposals for the DebConf15 conference, to be held in Heidelberg, Germany from the 15th through the 22nd of August, 2015.

Submitting an Event

In order to submit an event, you must be registered as an attendee of DebConf15. If you have any questions about the registration process, please check the related information on the conference website.

Once registered, go to "Propose an event" and describe your proposal. Please note, events are not limited to traditional presentations or informal sessions (BoFs). We welcome submissions of tutorials, performances, art installations, debates, or any other format of event that you think would be beneficial to the Debian community.

Please include a short title, suitable for a compact schedule, and an engaging description of the event. You should use the field "Notes for Content Team" to provide us information such as additional speakers, scheduling restrictions, or any special requirements we should consider for your event.

Regular sessions may either be 20 or 45 minutes long (including time for questions) and will be followed by a 10 or 15 minutes break, respectively. Other kinds of sessions (like workshops) could have different durations. Please make sure to choose the most suitable duration for your event and justify any special requests.

Timeline

The first batch of accepted proposals will be announced in May. If you depend on having your proposal accepted in order to attend the conference, please submit it as soon as possible so that it can be considered during this first evaluation period.

All proposals must be submitted before June 15th, 2015 to be evaluated for the official schedule.

Topics and Tracks

Though we invite proposals on any Debian or FLOSS related subject, we will have some broad topics arranged as tracks for which we encourage people to submit proposals. The currently proposed list is:

  • Debian Packaging, Policy, and Infrastructure
  • Security, Safety, and Hacking
  • Debian System Administration, Automation and Orchestration
  • Containers and Cloud Computing with Debian
  • Debian Success Stories
  • Debian in the Social, Ethical, Legal, and Political Context
  • Blends, Subprojects, Derivatives, and Projects using Debian
  • Embedded Debian and Hardware-Level Systems

If you have ideas for further tracks, or would like to volunteer as a track coordinator, please contact content@debconf.org. In order for a track to take place during DebConf15, we must have received a sufficient amount of proposals on that specific theme. Track coordinators will play an important role in inviting people to submit events.

Video Coverage

Providing video of sessions amplifies DebConf achievements and is one of the conference goals. Unless speakers opt-out, official events will be streamed live over the Internet to promote remote participation. Recordings will be published later under the DebConf license, as well as presentation slides and papers whenever available.

Contact and Thanks to Sponsors

DebConf would not be possible without the generous support of all our sponsors, especially our platinum sponsor HP. DebConf15 is still accepting sponsors; if you are interested, please get in touch!

You are welcome to contact the Content Team with any concerns about your event, or with any ideas or questions ambout DebConf events in general. You can reach us at content@debconf.org.

We hope to see you all in Heidelberg!

Categories: LUG Community Blogs

Steve Engledow (stilvoid): Cleaning out my closet

Planet ALUG - Thu, 12/03/2015 - 15:59

Or: Finding out what crud you installed that's eating all of your space in Arch Linux

I started running out of space on one of my Arch boxes and wondered (beyond what was in my home directory) what I'd installed that was eating up all the space.

A little bit of bash-fu does the job:

for pkg in $(pacman -Qq); do size=$(pacman -Qi $pkg | grep "Installed Size" | cut -d ":" -f 2) echo "$size | $pkg" done | sed -e 's/ //g' | sort -h

This outputs a list of packages with those using the most disk space at the bottom:

25.99MiB|llvm-libs 31.68MiB|raspberrypi-firmware-examples 32.69MiB|systemd 32.86MiB|glibc 41.88MiB|perl 54.31MiB|gtk2 62.13MiB|python2 73.27MiB|gcc 77.93MiB|python 84.21MiB|linux-firmware

The above is from my pi; not much I can uninstall there ;)

Categories: LUG Community Blogs

Debian Bits: Debian Project Leader elections 2015

Planet HantsLUG - Thu, 12/03/2015 - 11:00

It's that time of year again for the Debian Project: the elections of its Project Leader! Starting on April 1st, and during the following two weeks, the Debian Developers will vote to choose the person who will guide the project for one year. The results will be published on April 15th and the term for new the project leader will start on April 17th, 2015.

Lucas Nussbaum who has held the office for the last two years won't be seeking reelection this year and Debian Developers will have to choose between three candidates:

Gergely Nagy and Neil McGovern previously ran for DPL in past years; it's the first run for Mehdi Dogguy.

The campaigning period started today and will last until March 31st. The candidates are expected to engage in debates and discussions on the debian-vote mailing list where they'll reply to questions from users and contributors.

Categories: LUG Community Blogs

Steve Engledow (stilvoid): Devicive

Planet ALUG - Thu, 12/03/2015 - 00:53

With all the tech world moving towards the idea that you have a single device that does everything, I've found myself suckered in to the convergence ideal in recent months. I was even genuinely excited by the recent video about Unity 8.

I have an Android phone that I use for a lot of purposes (nothing unusual: music, podcasts, messaging, web, phone calls) and a tablet that I use for more or less the same set of things with a bigger screen.

Yesterday, I managed to break my phone's screen leaving me with the horrifying prospect of a ride to work without being able to catch up on Linux Luddites (cha-ching) so I dug out my old mp3 player and it reminded me how clean and efficient the interface was.

Until a lot more work has happened, I've officially woken up from the convergence dream.

  • Reading

    I have a Kindle Paperwhite. I use it to read books. It's fantastic for that.

    The web browser is dire.

  • Web browsing

    I have a Nexus 7. I use it to surf the information superhighway. The web browser is great.

    It's not so good for reading books - the display is too bright (even on a low setting).

  • On-the-move Music / Podcasts

    I've fallen back in love with the MuVo and I think I'm going to stick with it for a while.

  • Development

    There really is no substitute for a screen and a keyboard. The laptop I have for work is perfect.

    It is, however, much to big to use in bed.

  • Gaming / home media

    I don't do much gaming so that doesn't warrant its own hardware but shares a home in the PC behind the telly which runs a Plex server and Kodi and has a big hard drive attached with all of our media on it.

  • Time

    I have a watch. It's a Pebble so it tells me when things are going on but it's mostly there to tell me what time it is (and relatedly, when I'm about to be late for a meeting).

I'm left feeling a little unsure of what I need a phone for now. Breaking it and subsequently not missing it one iota today speaks volumes. I barely use SMS (I mostly stay in contact through various other means) and I don't make or receive enough phone calls for it to seem worth carting an expensive oblong around.

I'm sure I'll change my mind soon.

Categories: LUG Community Blogs

Anton Piatek: DIY LED cupboard lighting

Planet HantsLUG - Tue, 10/03/2015 - 12:19

When we moved into our new house last year we found a rather large corner cupboard in the kitchen which was rather difficult to see into because it was so dark. The cupboard was a great size for storing food, and would give plenty of space, however we simply had trouble finding anything in it as all the light was blocked by standing in front of it.

A quick look on online and I decided that some strip LED lights and a 12V PSU should do something to change the situation. You can pick up either for a few quid from banggood.

White 12V self-adhesive LED strip

12V LED Power supply

 

Of course I didn’t want to be turning lights on and off by hand, as knowing me I’ll just forget to turn them off, so a spare micro switch on the 12V side seemed the appropriate option

Micro switch to turn off lights when cupboard is closed

 

I think the final result is pretty good, though it does bug me that theres a dead set of LEDs on the top shelf – didn’t notice that before putting them in…

The finished result

 

One piece of advice I do have is that it is worth buying the little self-adhesive cable tidy anchors for this sort of thing. While the LED strips themselves are self-adhesive, there’s a fair bit of wire linking them all together and trying to stick them out of the way with a hot glue gun like I did is just a recipe for getting very hot fingertips and a mess of hot glue everywhere.

Categories: LUG Community Blogs

Bring-A-Box, Saturday 14 March 2015, Lion Brewery, Ash

Surrey LUG - Mon, 09/03/2015 - 17:51
Start: 2015-03-14 11:00 End: 2015-03-14 16:30

We have regular sessions on the second Saturday of each month. Bring a 'box', bring a notebook, bring anything that might run Linux, or just bring yourself and enjoy socialising/learning/teaching or simply chilling out!

This month's meeting is at the Lion Brewery Pub in Ash, Surrey.

New members are very welcome. We're not a cliquey bunch, so you won't feel out of place! Usually between 15 and 30 people come along.

Categories: LUG Community Blogs

Ben Francis: Pinned Apps – An App Model for the Web

Planet ALUG - Mon, 09/03/2015 - 16:54

(re-posted from a page I created on the Mozilla wiki on 17th December 2014)

Problem Statement

The per-OS app store model has resulted in a market where a small number of OS companies have a large amount of control, limiting choice for users and app developers. In order to get things done on mobile devices users are restricted to using apps from a single app store which have to be downloaded and installed on a compatible device in order to be useful.

Design Concept Concept Overview

The idea of pinned apps is to turn the apps model on its head by making apps something you discover simply by searching and browsing the web. Web apps do not have to be installed in order to be useful, “pinning” is an optional step where the user can choose to split an app off from the rest of the web to persist it on their device and use it separately from the browser.

”If you think of the current app store experience as consumers going to a grocery store to buy packaged goods off a shelf, the web is more like a hunter-gatherer exploring a forest and discovering new tools and supplies along their journey.”

App Discovery

A Web App Manifest linked from a web page says “I am part of a web app you can use separately from the browser”. Users can discover web apps simply by searching or browsing the web, and use them instantly without needing to install them first.

”App discovery could be less like shopping, and more like discovering a new piece of inventory while exploring a new level in a computer game.”

App Pinning

If the user finds a web app useful they can choose to split it off from the rest of the web to persist it on their device and use it separately from the browser. Pinned apps can provide a more app-like experience for that part of the web with no browser chrome and get their own icon on the homescreen.

”For the user pinning apps becomes like collecting pin badges for all their favourite apps, rather than cluttering their device with apps from an app store that they tried once but turned out not to be useful.”

Deep Linking

Once a pinned app is registered as managing its own part of the web (defined by URL scope), any time the user navigates to a URL within that scope, it will open in the app. This allows deep linking to a particular page inside an app and seamlessly linking from one app to another.

”The browser is like a catch-all app for pages which don’t belong to a particular pinned app.”

Going Offline

Pinning an app could download its contents to the device to make it work offline, by registering a Service Worker for the app’s URL scope.

”Pinned apps take pinned tabs to the next level by actually persisting an app on the device. An app pin is like an anchor point to tether a collection of web pages to a device.”

Multiple Pages

A web app is a collection of web pages dedicated to a particular task. You should be able to have multiple pages of the app open at the same time. Each app could be represented in the task manager as a collection of sheets, pinned together by the app.

”Exploding apps out into multiple sheets could really differentiate the Firefox OS user experience from all other mobile app platforms which are limited to one window per app.”

Travel Guide

Even in a world without app stores there would still be a need for a curated collection of content. The Marketplace could become less of a grocery store, and more of a crowdsourced travel guide for the web.

”If a user discovers an app which isn’t yet included in the guide, they could be given the opportunity to submit it. The guide could be curated by the community with descriptions, ratings and tags.”

3 Questions

What value (the importance, worth or usefulness of something) does your idea deliver?

The pinned apps concept makes web apps instantly useful by making “installation” optional. It frees users from being tied to a single app store and gives them more choice and control. It makes apps searchable and discoverable like the rest of the web and gives developers the freedom of where to host their apps and how to monetise them. It allows Mozilla to grow a catalogue of apps so large and diverse that no walled garden can compete, by leveraging its user base to discover the apps and its community to curate them.

What technological advantage will your idea deliver and why is this important?

Pinned apps would be implemented with emerging web standards like Web App Manifests and Service Workers which add new layers of functionality to the web to make it a compelling platform for mobile apps. Not just for Firefox OS, but for any user agent which implements the standards.

Why would someone invest time or pay money for this idea?

Users would benefit from a unique new web experience whilst also freeing themselves from vendor lock-in. App developers can reduce their development costs by creating one searchable and discoverable web app for multiple platforms. For Mozilla, pinned apps could leverage the unique properties of the web to differentiate Firefox OS in a way that is difficult for incumbents to follow.

UI Mockups App Search

Pin App

Pin Page

Multiple Pages

App Directory

Implementation Web App Manifest

A manifest is linked from a web page with a link relation:

<link rel=”manifest” href=”/manifest.json”>

A manifest can specify an app name, icon, display mode and orientation:

{ "name": "GMail" "icons": {...}, "display": "standalone", "orientation": “portrait”, ... }

There is a proposal for a manifest to be able to specify an app scope:

{ ... "scope": "/" ... }

Service Worker

There is also a proposal to be able to reference a Service Worker from within the manifest:

{ ... service_worker: { src: "app.js", scope: "/" ... }

A Service Worker has an install method which can populate a cache with a web app’s resources when it is registered:

this.addEventListener('install', function(event) { event.waitUntil( caches.create('v1').then(function(cache) { return cache.add( '/index.html', '/style.css', '/script.js', '/favicon.ico' ); }, function(error) { console.error('error populating cache ' + error); }; ); });

So that the app can then respond to requests for resources when offline:

this.addEventListener('fetch', function(event) { event.respondWith( caches.match(event.request).catch(function() { return event.default(); }) ); });

Categories: LUG Community Blogs

Alan Pope: Awesome Community is Awesome

Planet HantsLUG - Mon, 09/03/2015 - 07:00

While flash sales, conferences and trade shows happen, the Community Core Apps project rolls forward landing updates and fixes to Ubuntu Phone applications. Some are default apps on the devices bq customers will soon receive, others are easily installable from the click store. All are maintained by a community of Free Software developers. I’m incredibly proud of the work these people are doing and wanted to highlight some recent updates.

As with all the applications below, if you’d like to get involved in design, documentation, testing, translation or just plain writing code either get in contact with me, or with any of the developers listed below. They’re all very nice people.

Weather Reboot

Andrew Hayzen, Victor Thompson and Nekhelesh Ramananthan got together to help Martin Borho reboot the Weather App with new designs created in collaboration with the Canonical Design Team. With a cleaner look, easier to use user interface, and fewer poke-your-eyes-out colour gradients, the new Weather app is coming along nicely!

Doc Viewer

Stefano Verzegnassi has been working hard on the usability and performance in the Doc Viewer. It now directly pulls documents from ~/Documents on the device and can receive files via Content-Hub such as those downloaded in the browser. Rendering performance has been improved, using multi-core page rendering to make use of the grunt in powerful phones. It’s also now possible to manage documents directly in the app, so you can delete files from ~/Documents with a long-press and some taps, no file manager required. There’s also a Table of Contents revealed from a bottom edge swipe, and a new document grid view.

While not currently a default app in devices, it’s in the store and works really well on all Ubuntu devices. Upcoming is a refinement of the full screen reading experience to remove the header and some improvements to document zooming. Longer term we’re also investigating and prototyping support for common office file formats.

Terminal

Filippo Scognamiglio recently updated the Terminal app to support configurable keyboard overlays. The overlay is a strip above the default OSK (on screen keyboard) which can be populated with keyboard shortcuts or full commands. These are designed to supplement the OSK and allow fast access to complex keyboard combinations or frequently typed commands. The Terminal app ships with a small number of sample keyboard overlays, but it’s easily user-expandable. Filippo blogged about it, read more there. If you create a cool overlay, do share it, and we may include it in a future update as a default. This update is in the store, available to install on Ubuntu devices.

Upcoming is a user interface change to easily switch on and off the keyboard overlays. So you may have 20 installed, but rarely use some, so can easily switch them off so they don’t clutter the main UI. In addition Filippo is working on breaking up the terminal app into a re-usable component to make it easy to ship click packages containing a command line tool and terminal together. So for example a developer could bundle mutt+terminal in a click package in the store. Clearly not a typical use case for many phone users, but it’ll certainly be useful for our early adopter hacker types

Calendar

Kunal Parmar has updated the Calendar app with some nice UI and performance improvements. If you sync events with the Calendar then they should show up quicker in the app than previously. He also implemented the ability to move events around the calendar with a long press and drag. More recently we’ve noticed a couple of crashers which we’re trying to get to the bottom of. Renato has a patch for EDS which seems promising! The latest Calendar update is in the store and available for testing as always.

Calculator Reboot

Riccardo Padovani and Bartosz Kosiorek have been completing work on the Calculator ‘reboot’. We received a new design a while back which has been almost completed. We have some more design changes to make, but we plan to release this version to the store shortly as the default Calculator. You can currently test it by installing “Calculator Reboot” from the click store on your Ubuntu device. Feedback (and bugs) welcome as always.

Reminders

Michael Zanetti and Riccardo Padovani have been really active with the Reminders app the last few weeks. Many bugs fixed, and a new offline mode for those that don’t want to connect to Evernote. There’s so many improvements which will require some additional QA before we upload to the store which should happen next week. This is a major update which has been a long time coming, and I’ll talk more about that in detail when it’s closer to landing.

Update: This update has landed in the store now!

Dekko

Dan Chapman and Boren Zhang have been implementing designs provided by the Canonical design team in their Dekko Email app. The changes are coming thick and fast, and if you’d like to test some of the new features, then install the “Dekko (beta)” app from the click store.

Clock

Nekhelesh Ramananthan pushed a small but important update to the Clock app recently which makes translatable the cities which are listed in the app. Once that landed we asked the Ubuntu translators if they could kindly translate the 200+ strings. Over night ~30 languages were done with more coming in over the weekend. It never ceases to amaze me how fast and attentive the Ubuntu translation communities are!

A massive thank you to all the developers, designers, testers and translators who have helped improve all of these apps. As always, get in touch if you’d like to get involved!

Categories: LUG Community Blogs

Steve Kemp: Free hosting, and key-signing

Planet HantsLUG - Fri, 06/03/2015 - 01:00

Over the past week I've mailed many of the people who had signed my previous GPG key and who had checked my ID as part of that process. My intention was to ask "Hey you trusted me before, would you sign my new key?".

So far no replies. I may have to be more dedicated and do the local-thing with people.

In other news Bytemark, who have previously donated a blade server, sponsored Debconf, and done other similar things, have now started offering free hosting to Debian-developers.

There is a list of such offers here:

I think that concludes this months blog-posting quota. Although who knows? I turn 39 in a couple of days, and that might allow me to make a new one.

Categories: LUG Community Blogs

Meeting at "The Oddfellows"

Wolverhampton LUG News - Mon, 02/03/2015 - 17:17
Event-Date: Wednesday, 4 March, 2015 - 19:30 to 23:00Body: Giving a new venue a try. http://www.oddfellowshallpub.co.uk Wed 04 Mar 2015/19:30 - 23:00 Compton Wolverhampton West Midlands WV6 8AA Eat, Drink and talk Linux
Categories: LUG Community Blogs

MJ Ray: Rebooting democracy? The case for a citizens constitutional convention.

Planet ALUG - Fri, 20/02/2015 - 05:03

I’m getting increasingly cynical about our largest organisations and their voting-centred approach to democracy. You vote once, for people rather than programmes, then you’re meant to leave them to it for up to three years until they stand for reelection and in most systems, their actions aren’t compared with what they said they’d do in any way.

I have this concern about Cooperatives UK too, but then its CEO publishes http://www.uk.coop/blog/ed-mayo/2015-02-18/rebooting-democracy-case-citizens-constitutional-convention and I think there may be hope for it yet. Well worth a read if you want to organise better groups.

Categories: LUG Community Blogs

Meeting at "The Moon Under Water"

Wolverhampton LUG News - Mon, 16/02/2015 - 09:56
Event-Date: Wednesday, 18 February, 2015 - 19:30 to 23:00Body: 53-55 Lichfield St Wolverhampton West Midlands WV1 1EQ Eat, Drink and talk Linux
Categories: LUG Community Blogs

Adam Trickett: DA.org: DKIM

Planet HantsLUG - Mon, 02/02/2015 - 21:55

Recently a friend asked me about SPF and DKIM. I was vaguely aware of them and their generally perceived uselessness. I've never bothered with them but thought I'd look into them for him. SPF was trivial to set up using my Bytemark DNS, and easy to testing using of many on-line email tools.

The challenge is DKIM, I found several sites that explained what to do - they were all variation around a theme and seemed easy enough. Generate a key pair (check), put the public half into your DNS (check), tweak Exim4 (ARGH!!!).

As far as I tell I followed what the web site said and reloaded the Exim config and it looks like it's all loaded into place, the key is readable by Exim, the path is correct but no matter what I do Exim wont add the DKIM signature to my outgoing emails...!

Tags: spf dkim

Categories: LUG Community Blogs

Meeting at "The Moon Under Water"

Wolverhampton LUG News - Mon, 02/02/2015 - 11:55
Event-Date: Wednesday, 4 February, 2015 - 19:30 to 23:00Body: 53-55 Lichfield St Wolverhampton West Midlands WV1 1EQ Eat, Drink and talk Linux
Categories: LUG Community Blogs

Chris Lamb: Calculating the ETA to zero in shell

Planet ALUG - Fri, 30/01/2015 - 21:49
< Faux> I have a command which emits a number. This number is heading towards zero. I want to know when it will arrive at zero, and how close to zero it has got.

Damn right you can.

eta2zero () { A=$(eval ${@}) while [ ${A} -gt 0 ] do B=$(eval ${@}) printf %$((${A} - ${B}))s A=${B} sleep 1 done | pv -s ${A} >/dev/null }

In action:

$ rm -rf /big/path & [1] 4895 $ eta2zero find /big/path \| wc -l 10 B 0:00:14 [ 0 B/s] [================================> ] 90% ETA 0:00:10

(Sincere apologies for the lack of strace...)

Categories: LUG Community Blogs

Philip Stubbs: Arduino and NRF24L01 for Quad-copter build

Planet HantsLUG - Thu, 29/01/2015 - 17:28
As part of my Quadcopter build, I am using a couple of Arduino's along with some cheap NRF24L01 from Banggood for the radio transmitter and reciever. The idea came from watching the YouTube channel iforce2d.

When I started developing (copying) the code for the NRF modules, I did a quick search for the required library. For no good reason, I opted for the RadioHead version. Part of my thinking was by using a different library from iforce2d, I would have to poke around in the code a bit more and lean something.

All went well with the initial trials. I managed to get the two modules talking to each other, and even had a simple processing script show the stick outputs by reading from the serial port of the receiver.

Things did not look so good when I plugged the flight controller in. For that I am using an Afro Mini32. With that connected to the computer and Baseflight running, the receiver tab showed a lot of fluctuations on the control signals.

Lots of poking , thinking, and even taking it into work to connect to an oscilloscope, it looked like the radio was mucking up with the timing of the PWM signal for the flight controller. Finally, I decided to give an alternative NRF library a try, and from the Arduino playground site, I selected this one. As per iforce2d, I think.

Well that fixed it. Although, at the same time I cleaned up my code and pulled lots debugging stuff out and changed one if loop to a while loop, so there is a chance that changing the Library was not the answer. Anyhow, it works well now. Just need some more bits to turn up and I can start on the actual copter!
Categories: LUG Community Blogs

Daniel Silverstone (Kinnison): Caius -- A heirarchical delegable password safe

Planet ALUG - Thu, 29/01/2015 - 14:08

A long while ago I, Rob Kendrick, Clive Jones (and possibly others) sat down and tried to come up with a way to store passwords a-la Password Safe. However, being us, we wanted to ensure a number of properties which password safes commonly don't have. We wanted to allow the delegation of access to some subset of the passwords. We also wanted for it to be reasonable to deny that there is content which has not been decrypted.

I was reminded of this work when I was discussing the concept of deniable storage of secrets with a colleague (An idea I'll expand upon in another blog post at another time). I am therefore presenting, with little change other than formatting the design from years ago. I would be very interested if anyone knows of software which meets the properties of the Caius system since I would like to have one but simply don't trust myself (see another future posting) to write it right now.

Caius

The following concepts are assumed to be understood:

The 'Caius' system is a password-safe type system sporting hierarchical delegable access to the data it stores. The 'Caius Fob' is the data-store for the system.

The 'Caius Fob' is a file which consists of a header and then three sections. The header identifies it as such a file, the first section lists a number of 'External IDs' which can be used to access portions of the file. The second section lists ACL entries as defined below. The third section of the file is the encrypted data looked after by this file. It is not intended that the holder of a CaiusFob be able to deny it is a CaiusFob, but it is expected that it be possible to deny an ability to decrypt (perhaps by lacking a password) any ACL entries. Given that the structure of the file is known, it is necessary that there be external IDs for which the password or GPG key is not valid or cannot decrypt an ACL entry, and ACL entries which even if decrypted may not be valid, and ACL entries which even if decrypted and valid may not be used to encode any data blocks.

An External ID External ID ::= LENGTH TYPE DATA

Where TYPE is one of: * 0: Unused (ID slot placeholder) * 1: GPG key, where DATA is the keyid of the gpg key * 2: Password, where DATA is some hash of a password which can be used to derive a key for decrypting an ACL entry.

The list of external ids forms a numbered sequence where the index (0-based) into the sequence is the External ID number. (EIDnr)

An ACL Entry ACL Entry ::= LENGTH EIDnr DATA HMAC

The EIDnr is the number of the External ID as explained above. The LENGTH is the length of the DATA section which is a key-pair as explained below, encrypted to the external id. The HMAC uses the authentication key in the key-pair in the DATA section, and authenticates the EIDnr, LENGTH, DATA tuple.

One possibility for increasing deniability is to remove the EIDnr from this part of the file, and assume that for every external ID you try to decrypt all ACLs you've not succeeded in decrypting thus-far. This has the benefit of being able to deny that an ACL entry ought to be decryptable with the credentials you hold, but also an increased inability to know if you have successfully unlocked everything appropriate to being able to fully manipulate a CaiusFob. This tradeoff is currently set in favour of better understanding of the content, but a future design feature might suggest EIDnr should always be -1 to indicate "unknown, try every EID".

A key pair Key Pair ::= ENCRYPTIONKEY AUTHENTICATIONKEY

The ENCRYPTIONKEY is used to initialise the stream cipher for the data section. The AUTHENTICATIONKEY is used to compute HMACs for the appropriate ACL entries or data blocks (as defined below)

The data section

First consider a set of stream ciphers. There exists always one cipher which we will call the NULL cipher. It is defined such that Cipher(Byte, Offset) == Byte and is always available. Then there is a cipher initialised for each key pair we can successfully extract from the ACL entry section of the file.

Each of these ciphers is initialised and made ready such that the data section can be xored with the bytes as they come out of the stream ciphers in an attempt to decrypt the blocks. Essentially this is equivalent to decrypting the entire data section with each cipher in turn to produce N proposed cleartexts which can then be examined to find decrypted blocks.

Whenever a cipher, combined with the data stream in the file, manages to produce a sequence of eight bytes of value zero, we have reached a synchronisation point and what follows is a data block enciphered with which ever cipher managed to reveal the synchronisation sequence.

Since it is vanishingly unlikely that you will find eight zeros in a row when playing about with arbitrary cipher initialisation, we consider this to be an acceptable synchronisation sequence.

Once we have found a sync sequence, we can know the length of this block and thus we do not look for sync markers again until after the block we have just found.

A data block Data block ::= DATALENGTH PADLENGTH TYPE DATA PAD HMAC

Such that each field is the obvious, DATA is DATALENGTH bytes of data, the texture of which is defined by TYPE and PAD is PADLENGTH arbitrary bytes which pad this block. HMAC is keyed using the authentication key associated with the stream cipher managing to decrypt this and is over the DATALENGTH, PADLENGTH, TYPE, DATA, PAD tuple.

If TYPE is zero then this is a ''free-space'' block and will typically contain zero bytes of DATA and some number of padding. This is however arbitrary and not enforced, the free space can be DATA if the implementer prefers and implementations are encouraged if possible to randomise the distribution of the consumed space between the DATA and PAD sections.

A node block TYPE == 1 (Node) DATA ::= MY_ID PARENT_ID NAME NOTES

MY_ID is a unique ID for this node. (generally a random number, probably 64 bits long, perhaps a UUID). PARENT_ID if not all NULLs is the ID for the parent node. If all NULLs then this is the root of a heirarchy. NAME is a NULL terminated byte string of one or more characters which is the name of this node. It may consist only of any characters other than NULL and the forward-slash character. NOTES is a byte string of zero or more characters, NULL terminated. Note that the DATALENGTH of the data block clearly delimits this field but the NULL is present to aid parsing.

A system block TYPE == 2 (System) DATA ::= PARENT_ID USERNAME PASSWORD EXPIRYDATE NOTES

PARENT_ID is the node to which this block belongs. It is required that any system blocks you succeed in decrypting can be placed within a node you succeed in decrypting. If the library encounters a system block which belongs to a node it cannot find then this is considered to be a corrupt system block and will be treated as though it could not be decrypted.

USERNAME is a byte string of one or more characters terminated by a NULL, ditto for PASSWORD and as for a node block, the NOTES are NULL terminated also.

EXPIRYDATE is a byte string of characters in RFC-822 date format.

Implementation notes

It is expected that any implementation of Caius will adhere to the following guidelines in order to enhance the security of content over time.

  1. Any time a block is invalidated (such as by the changing of a password, the obsoleting of an entry, the changing of notes, names, or reparenting a node) anywhere from one to all of the bits in the block can be changed. Trivially, this includes the synchronisation sequence preceeding the block as if the synchronisation sequence isn't present then the block does not exist.

  2. Every time a CaiusFob is altered in any way, some amount of known intra-block padding must be altered in a random way. Ideally this will be done so that it looks like number 1 has happened somewhere else in the file as well. Anywhere from zero to all of the padding can be thusly altered in any given change.

  3. No attempt will be made to write to any part of the file which cannot be positively identified as padding unless the user has explicitly stated that they will accept damage to data they cannot currently decrypt.

  4. No indication will be given to the user if any part of the file was unable to be decrypted or failed an HMAC check. Such data is simply incorrectly decrypted and thus ignored.

  5. Intrablock padding can be positively identified if you have two consecutive blocks in a CaiusFob such that the number of bytes between them could not possibly hold the simplest of free space blocks.

  6. When appending a block to a CaiusFob it is encouraged to place up to 50% of the size of the intrablock spacing before it as random padding, and up to 50% afterwards also. Naturally anywhere between zero and the full amount is acceptable, ideally the implementation would choose at random each time.

Categories: LUG Community Blogs
Syndicate content