LUG Community Blogs

Aq: Bad Voltage, apps, and generic components for Ubuntu

Planet WolvesLUG - Sat, 15/02/2014 - 21:19

I wrote a very simple app for Ubuntu for Bad Voltage, the finest podcast in the land. It shows you the list of shows, and lets you play them. Simple. Streaming: there’s no downloading for offline use here, no notifications of new shows; it’s a little app, only. So the first thing you should do is go search for it on your Ubuntu phone and install it.

More interestingly, though, I tried to make this a generic app. That is: the actual code which defines this as a Bad Voltage app looks like this:

import QtQuick 2.0 import Ubuntu.Components 0.1 import "components" MainView { objectName: "mainView" applicationName: "org.kryogenix.badvoltage" automaticOrientation: false width: units.gu(40) height: units.gu(71) id: root backgroundColor: "black" GenericPodcastApp { name: "Bad Voltage" squareLogo: "http://farm4.staticflickr.com/3794/10457827766_59715d2694_o.jpg" author: "Stuart Langridge, Jono Bacon, Jeremy Garcia, and Bryan Lunduke" category: "Technology" feed: "http://www.badvoltage.org/feed/ogg/" description: "Every two weeks Bad Voltage " + "delivers an amusing take on technology, " + "Open Source, politics, music, and anything " + "else we think is interesting." } }

To make a similar app for your podcast, just fetch the GenericPodcastApp.qml file from the Bad Voltage app source, include it in your project, and then use the GenericPodcastApp component. Define a name, squareLogo, author, category, feed, and description, and that’s it; you’re done.

I’d love there to be a whole bunch of generic components like this. Something where I don’t really have to mind how it works, I just grab it from somewhere, drop it into my project, and use it. A QR code scanner, a QR code generator, a circular dial widget, an online high-score table. Obviously it’s possible to make reusable components right now, but there’s no market in them; what I want is something almost like the Ubuntu app store but for developers, where I can look for components, grab one, and insert it into my project, right from the Ubuntu SDK editor. One button-push should update any of these components that I have in my project; that way, if someone fixes a component I can rebuild my app to include it with ease. What I really want is the Ubuntu component equivalent of npm install, I think. The ultimate destiny of any such component is to be so useful to so many people that the Ubuntu core team lift it out of the component store and into the SDK, but it’d be great if it were easier to do this before things get to that stage, and the SDK can’t contain everything. I see no reason why some of these components couldn’t be open source and some sold for money, so there’s potentially an income stream there for Ubuntu developers who make reusable things. GenericPodcastApp is hugely trivial, but an example of the sort of thing that I think could develop. Any component which doesn’t use anything very Ubuntu-specific would work on other QML platforms too, and vice-versa, so the market could even be usable by developers across many platforms.

Categories: LUG Community Blogs

Laura Cowen: Monkigras 2014: Sharing craft

Planet HantsLUG - Fri, 14/02/2014 - 17:06

After Monkigras 2013, I was really looking forward to Monkigras 2014. The great talks about developer culture and creating usable software, the amazing buzz and friendliness of the event, the wonderful lack of choice over which talks to go to (there’s just one track!!), and (of course) the catering:


The talks at Monkigras 2014

The talks were pretty much all great so I’m just going to mention the talks that were particularly relevant to me.

Rafe Colburn from Etsy talked about how to motivate developers to fix bugs (IBMers, read ‘defects’) when there’s a big backlog of bugs to fix. They’d tried many strategies, including bug rotation, but none worked. The answer, they found, was to ask their support team to help prioritise the bugs based on the problems that users actually cared about. That way, the developers fixing the bugs weren’t overwhelmed by the sheer numbers to choose from. Also, when they’d done a fix, the developers could feel that they’d made a difference to the user experience of the software.

Rafe Colburn from Etsy

While I’m not responsible for motivating developers to fix bugs, my job does involve persuading developers to write articles or sample code for WASdev.net. So I figure I could learn a few tricks.

A couple of talks that were directly applicable to me were Steve Pousty‘s talk on how to be a developer evangelist and Dawn Foster‘s on taking lessons on community from science fiction. The latter was a quick look through various science fiction themes and novels applied to developer communities, which was a neat idea though I wished I’d read more of the novels she cited. I was particularly interested in Steve’s talk because I’d seen him speak last year about how his PhD in Ecology had helped him understand communities as ecosystems in which there are sometimes surprising dependencies. This year, he ran through a checklist of attributes to look for when hiring a developer evangelist. Although I’m not strictly a developer evangelist, there’s enough overlap with my role to make me pay attention and check myself against each one.

Dawn Foster from PuppetLabs

One of the risks of TED Talk-style talks is that if you don’t quite match up to the ‘right answers’ espoused by the speakers, you could come away from the event feeling inadequate. The friendly atmosphere of Monkigras, and the fact that some speakers directly contradicted each other, meant that this was unlikely to happen.

It was still refreshing, however, to listen to Theo Schlossnagle basically telling people to do what they find works in their context. Companies are different and different things work for different companies. Similarly, developers are people and people learn in different ways so developers learn in different ways. He focused on how to tell stories about your own failures to help people learn and to save them from having to make the same mistakes.

Again, this was refreshing to hear because speakers often tell you how you should do something and how it worked for them. They skim over the things that went wrong and end up convincing you that if only you immediately start doing things their way, you’ll have instant success. Or that inadequacy just kicks in like when you read certain people’s Facebook statuses. Theo’s point was that it’s far more useful from a learning perspective to hear about the things that went wrong for them. Not in a morbid, defeatist way (that way lies only self-pity and fear) but as a story in which things go wrong but are righted by the end. I liked that.

Theo Schlossnagle from Circonus

Ana Nelson (geek conference buddy and friend) also talked about storytelling. Her point was more about telling the right story well so that people believe it rather than believing lies, which are often much more intuitive and fun to believe. She impressively wove together an argument built on various fields of research including Psychology, Philosophy, and Statistics. In a nutshell, the kind of simplistic headlines newspapers often publish are much more intuitive and attractive because they fit in with our existing beliefs more easily than the usually more complicated story behind the headlines.

Ana Nelson from Brick Alloy

The Gentle Author spoke just before lunch about his daily blog in which he documents stories from local people. I was lucky enough to win one of his signed books, which is beautiful and engrossing. Here it is with my swagbag:

My swag bag from #monkigras – I was a lucky recipient of a beautiful, signed London Album by @thegentleauthor pic.twitter.com/6BaqBdtXP5

— Laura Cowen (@lauracowen) February 1, 2014

After his popular talk last year, Phil Gilbert of IBM returned to give an update on how things are going with Design@IBM. Theo’s point about context of a company being important is so relevant when trying to change the culture of such a large company. He introduced a new card game that you can use to help teach people what it’s like to be a designer working within the constraints of a real software project. I heard a fair amount of interest from non-IBMers who were keen for a copy of the cards to be made available outside IBM.

Phil Gilbert’s Wild Ducks card game

On the UX theme, I loved Leisa Reichelt‘s talk about introducing user research to the development teams at GDS. While all areas of UX can struggle to get taken seriously, user research (eg interviewing participants and usability testing) is often overlooked because it doesn’t produce visual designs or code. Leisa’s talk was wonderfully practical in how she related her experiences at GDS of proving the worth of user research to the extent that the number of user researchers has greatly increased.

And lastly I must mention Project Andiamo, which was born at Monkigras 2013 after watching a talk about laser scanning and 3D printing old railway trains. The project aims to produce medical orthotics, like splints and braces, by laser scanning the patient’s body and then 3D printing the part. This not only makes the whole process much quicker and more comfortable, it is at a fraction of the cost of the way that orthotics are currently made.

Samiya Parvez & Naveed Parvez of Project Andiamo

If you can help in any way, take a look at their website and get in touch with them. Samiya and Naveed’s talk was an amazing example of how a well-constructed story can get a powerful message across to its listeners:

"This is supposed to be a compliment, but your talk made me cry" – @monkigras

— Charlotte Spencer (@Charlotteis) January 31, 2014

After Monkigras 2014, I’m now really looking forward to Monkigras 2015.

My 11yr old just said that #monkigras could be translated as "fat monkey" … not sure what to make of that @monkchips

— Paul Johnston (@PaulDJohnston) February 12, 2014

 

The post Monkigras 2014: Sharing craft appeared first on LauraCowen.co.uk.

Categories: LUG Community Blogs

Dick Turpin: If its four it must be less?

Planet WolvesLUG - Fri, 14/02/2014 - 15:03
Customer: "I can't send this email?"
Me: "That's because you have a 50mb attachment! You can't send attachments that size you'll need to split that zip file into four separate ones."

A little later.

Customer: "I still cannot send this email!"
Me: "What the...... You've attached the four zip files to the same email! That's still 50mb."

#facepalm
Categories: LUG Community Blogs

Jono Bacon: Bad Voltage Season 1 Episode 9 ‘The Starting Pitstop’ Is Out

Planet WolvesLUG - Thu, 13/02/2014 - 22:44

Stuart Langridge, Jeremy Garcia, Bryan Lunduke, and myself wend our troublesome ways down the road of:

  • We weigh in on the upstart/systemd brouhaha in Debian and discuss what happened, why it happened, and whether it was a good thing or not.
  • Bryan reviews the Lenovo Miix 2 tablet and we get into the nitty gritty of what you can do with it.
  • We take a trip down memory lane about how we each got started with Linux, which distributions we used, and who helped us get on our journey.
  • We take a recap and look at community feedback about guns, 3D printing, predictions, Bad Voltage gaming, the Bad Voltage Selfie Competition and more, all making an appearance.

Go and listen or download it here

Be sure to go and share your feedback, ideas, and other comments on the community discussion thread for this show!

Also, be sure to join in the Bad Voltage Selfie Competition to win some free O’Reilly books!

Finally, many thanks to Microsoft for helping us get the Bad Voltage Community Forum up and running, and thanks to A2 Hosting for now hosting it. Thanks also to Bytemark for their long-standing support and helping us actually ship shows.

Categories: LUG Community Blogs

Steve Kemp: Secure your rsync shares, please.

Planet HantsLUG - Thu, 13/02/2014 - 17:38

Recently I started doing a internet-wide scan for rsync servers, thinking it might be fun to write a toy search-engine/indexer.

Even the basics such as searching against the names of exported shares would be interesting, I thought.

Today I abandoned that after exploring some of the results, (created with zmap), because there's just too much private data out there, wide open

IP redacted for obvious reason:

shelob ~ $ rsync rsync://xx.xx.xx.xx/ ginevra Ginevra backup krsna Alberto Laptop Backup franziska Franz Laptop Backup genoveffa Franz Laptop Backup 2

Some nice shares there. Lets see if they're as open as they appear to be:

shelob ~ $ rsync rsync://xx.xx.xx.xx/ginevra/home/ drwxrwsr-x 4096 2013/10/30 13:42:29 . drwxr-sr-x 4096 2009/02/03 10:32:27 abl drwxr-s--- 12288 2014/02/12 20:05:22 alberto drwxr-xr-x 4096 2011/12/13 17:12:46 alessandra drwxr-sr-x 20480 2014/02/12 22:55:01 backup drwxr-xr-x 4096 2008/10/03 14:51:29 bertacci ..

Yup. Backups of /home, /etc/, and more.

I found numerous examples of this, along with a significant number of hosts that exported "www" + "sql", as a pair, and a large number of hosts that just exported "squid/". I assume they must be some cpanel-like system, because I can't understand why thousands of people would export the same shares with the same comments otherwise.

I still would like to run the indexer, but with so much easy content to steal, well I think the liability would kill me.

I considered not posting this, but I suspect "bad people" already know..,

Categories: LUG Community Blogs

Aq: Static electricity

Planet WolvesLUG - Thu, 13/02/2014 - 12:51

So here I am with a static blog.

I was on Wordpress. I like Wordpress; in particular, I like the vitality of it. There’s a large community of people using it and working on it and making plugins and making themes, and it’s become apparent to me over the years that one of the things I care about quite a lot, when using software which is not a core part of what I do, is that I do not have to solve every problem that I have myself. That is: I would like there to be the problem-solving method of “1. google for desired outcome; 2. find someone else has written a plugin to do it”, rather than “1. google; 2. find nothing; 3. write code”. What this means is using some project with a largeish community. So I settled on Pelican, because it’s one of the more popular static blog engines out there, and hence vibrant community.

At this point there will be questions.

If you wanted a vibrant popular community why didn’t you use Jekyll?

I couldn’t work out how to install it.

It says: gem install jekyll. I did that and it says Permission denied - /var/lib/gems/1.9.1. So for some reason a command run as me wants to install things in a system-level folder. No. System level belongs to apt. Let the word go throughout the land.

I’m sure that it’s entirely possible to configure RubyGems so that it installs things in a ~/gems folder or something. But I don’t want that either: I want this stuff to be self-contained, inside the project folder. Node’s npm gets this completely right and I am impressed down to the very tips of my toes with it. Python gets it rightish: you have to use a virtualenv, which I am doing. Is there a virtualenv-equivalent for Ruby and RubyGems? Almost certainly. But I’m not trying to learn about Ruby, I’m trying to set up a blog. Reading up about how to configure Ruby package installation to be in the project folder when you’re trying to set up a blog isn’t just yak-shaving, it’s like an example you’d tell a child to explain what yak-shaving is. So no Jekyll for me, which is a bit annoying, but not too much since Pelican looks good. And I know Python pretty well, and don’t like Ruby very much, so that’s also indicative.

Why are you using a static blog engine at all? What was wrong with Wordpress?

It got owned. I got an email from a friend of mine saying “hey, did you know that if you look at your blog in an old browser, such as Dillo, there’s a bunch of spam at the top of it?”

I did not know. But it was the case. Sigh.

There are plenty of guides around about how to fix this: dump the DB, reinstall Wordpress, restore the DB, then look for fixes, etc, etc, etc. And I thought: wow, that’s a bunch of effort and what do I get for it? I’m still vulnerable to exactly the same problem, which is that an upgrade to WP happens, it notifies me, I notice thirty nanoseconds later, and in that thirty nanoseconds some script bot somewhere 0wns the blog. I could, in theory, fix this by spending much more time setting up something to auto-update WP, but in practice that’s hard: what do I do, svn update every fifteen seconds in a cron job? Nightmare.

So, what am I getting from Wordpress that I’ll lose if I go static?

My list of plugins contains a bunch of stuff which is only relevant because it is Wordpress and thus dynamic: caching, spam, that sort of thing. Static sites don’t need any of that. I like Jetpack a lot; it gives me a nice mobile theme and stats, and I’ll lose that (as well as comment moderation from a mobile app, which I don’t care about if I don’t have comments; see below). I have a bunch of nice little plugins which throw in features that I like, such as adding footnotes, which I’ll lose. Counterbalance that with how it’s basically impossible to put a <script> element in a Wordpress post, which is incredibly annoying. I won’t be able to create posts if I’m away from my computer (without doing a bunch of setup), but in practice I don’t do that, it turns out. And finally, comments.

Hm, comments. On the one hand, I like my commenters; there have been interesting discussions there, and normally informative. On the other hand, there’s a lot less commenting on blogs going on these days; you get much more real-time discussion on Twitter or G+ about a post than you do on the post itself. That’s a bit worrying — you’re losing the in-one-place nature of the conversation, and their bit of the conversation might vanish from the public discourse if G+ shuts down, which is why I don’t like Disqus — but that’s happening anyway and can’t be stopped. So maybe I can live with it.

Also, themes, but Pelican has a bunch, including rather excellently the same theme I was using on Wordpress! So it looks like nothing changed! Rawk.

So, let’s see how it goes. Possibly I’ll find something else critical that I’m missing and migrate back… and I do still have to write a footnotes plugin… but so far we’re feeling good about it.

Categories: LUG Community Blogs

Jono Bacon: Forward Momentum in the Ubuntu App Developer Platform

Planet WolvesLUG - Thu, 13/02/2014 - 07:14

Last week I was in Orlando sprinting with my team as well as the platform, SDK, and security teams and some desktop and design folks. As usual after a sprint, I have been slammed catching up with email, but I wanted to provide a summary of some work going that you can expect to see soon in the Ubuntu app developer platform.

HTML5

In the last few months we have been working to refine our HTML5 support in the Ubuntu SDK.

Today we have full HTML5 support in the SDK but we are working to make HTML5 apps more integrated than ever. This work will land in the next week and will include the following improvements:

  • Consolidating everything into a single template and container. This means that when you create a new app in the SDK you have a single template to get started with that runs in a single container.
  • Updating our Cordova support to access all the devices and sensors on the device (e.g. camera, accelerometer).
  • Adding full Ubuntu platform API access via Javascript. With this you will be able to access Online Accounts, the Content Hub, the App Lifecycle support etc and more.
  • Adding a series of refinements to the look and feel of the HTML5 Ubuntu components. Before the components looked a little different to the QML ones and we are closing the loop.
  • Full API documentation for the Cordova and Platform APIs as well as a number of tutorials for getting started with HTML5.
  • On a side note, there has been some tremendous speed improvements in Oxide which will benefit all HTML5 apps. Thanks to Chris Coulson for his efforts here.

With these refinements you will be able use the Ubuntu SDK to create a new HTML5 app from a single template, follow a tutorial to make a truly native look and feel HTML5 app utilizing the Cordova and Platform APIs, then click one button to generate a click package and fill in a simple form and get your app in the store.

I want to offer many thanks to David Barth’s team for being so responsive when I asked them to refine our HTML5 support ready for MWC. They have worked tirelessly, and thanks also to Daniel Holbach for coordinating the many moving pieces here.

SDK

Our SDK is the jewel in the crown of our app development story. Our goal is that the SDK gets you on your Ubuntu app development adventure and provides all the tools you need to be creative and productive.

Fortunately there are a number of improvements coming here too. This includes:

  • We will be including a full emulator. This makes it easy for those of you without a device to test that your app will work well within the context of Ubuntu for smartphones or tablets. This is just a click away in the SDK.
  • We are also making a series of user interface refinements to simplify how the SDK works overall. This will include uncluttering some parts of the UI as well as tidying up some of the Ubuntu-specific pieces.
  • Device support has been enhanced. This makes it easier than ever to run your app on your Ubuntu phone or tablet with just a click.
  • We have looked at some of the common issues people have experienced when publishing their apps to the store and included automatic checks in the SDK to notify the developer before they submit them to the store. This will speed up the submissions process.
  • Support for “fat” packages is being added. This means you can ship cross-compiled pieces with your app (e.g. a C++ plugin).
  • Last but certainly not least, we are going to be adding preliminary support for Go and QML to the Ubuntu SDK in the next month. We want our app developers to be able to harness Go and with the excellent Go/QML work Gustavo has done, we will be landing this soon.

As ever, you can download the latest Ubuntu SDK by following the instructions on developer.ubuntu.com. Thanks to Zoltan and his team for his efforts

developer.ubuntu.com

An awesome SDK and a fantastic platform is only as good as the people who know how to use it. With this in mind we are continuing to expand and improve developer.ubuntu.com to be a world-class developer portal.

With this we have many pieces coming:

  • A refinement of the navigational structure of the site to make it easier to get around for new users.
  • Our refined HTML5 support will also get full Cordova and Platform API documentation on the site. Michael Hall did a tremendous job integrating Ubuntu and upstream API docs in the same site with a single search engine.
  • A library of primers that explain how key parts of our platform work (e.g. Online Accounts, Content Hub, App Lifecycle, App Insulation etc). This will help developers understand how to utilize those parts of the platform.
  • Refining our overview pages to explain how the platform works, what is in the SDK etc.
  • A refreshed set of cookbook questions, all sourced from our standard support resource, Ask Ubuntu.
  • We will also be announcing Ubuntu Pioneers soon. I don’t want to spoil the surprise, so more on this later.

Thanks to David, Michael, and Kyle on my team for all of their wonderful efforts here.

Desktop Integration

In the Ubuntu 14.04 cycle we are also making some enhancements to how Ubuntu SDK apps can run on the desktop.

As many of you will know we are planning on shipping a preview session of Unity8 running on Mir. This means that you can open Unity8 from the normal Ubuntu login screen so you can play with it and test it. This will not look like the desktop; that work is on-going to converge Unity 8 into the desktop form-factor and will come later. It will however provide a base in which developers can try the new codebase and hack on it to converge it to the desktop more quickly. We are refreshing our Unity8 developer docs to make this on-ramp easier.

We are also going to make some changes to make running Ubuntu SDK apps on Unity 7 more comfortable. This will include things such as displaying scrollbars, right-click menus etc. More on this will be confirmed as we get closer to release.

All in all, lots of exciting work going on. We are at the beginning of a new revolution in Ubuntu where beautifully designed, integrated, and powerful apps can drive a new generation of Ubuntu, all build on the principles of Open Source, collaboration, and community.

Categories: LUG Community Blogs

Mick Morgan: checking client-side ssl/tls

Planet ALUG - Wed, 12/02/2014 - 21:06

At the tail end of last year I mentioned a couple of tools I had used in my testing of SSL/TLS certificates used for trivia itself and my mail server. However, that post concentrated on the server side certificates and ignored the security, or otherwise, offered by the browser’s configuration. It is important to know the client side capability because without proper support there for the more secure ciphers it is pointless the server offering them in the handshake – the client-server interaction will simply negotiate downwards until both sides reach agreement on a capability. That capability may be sub-optimal.

A recent post to the Tor stackexchange site posed a question about the client side security offered by the TorBrowser Bundle v. 3.5 (which uses Firefox). The questioner had used the “howsmyssl” site to check the cipher suites which would be used by firefox in a TLS/SSL exchange and been disturbed to discover that it reportedly offered an insecure cipher (SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA). Sam Whited responded with a pointer to his blog post about improving FF’s use of TLS.

From that post, it appears that TLS 1.1 and 1.2 were off by default in FF versions prior to 27. Hence they would have been off in the TorBrowser Bundle as well.

Categories: LUG Community Blogs

Mick Morgan: policy update

Planet ALUG - Wed, 12/02/2014 - 18:39

An exchange of emails with Mark over at bsdbox.co a day or so ago made me realise that my privacy policy needed updating. Not, I hasten to add, for any fundamental reason, but simply because a couple of the references in that policy were out of date. I have therefore amended it and version 0.2.0 is now in place. As promised in the policy, this post draws attention to the changes.

The amendments I have made are as follows:

I have amended my reference to geo-locating IP addresses because I stopped using the off-site “clustrmaps” tool some time ago. I now point out that I collect aggregate IP address geo-location data incidentally through my use of Counterize. However, as I note in the policy, I may drop Counterize shortly because it is becoming a drain on the site. Unlike static web log analysis tools, Counterize runs a script in real time to update its database. That database is now getting too large for my liking and some of the (automatic) queries it runs are not well optimised. I haven’t spent any long time investigating this, largely because my MySQL DB skills are woefully inadequate, but it looks to me as if some of the fields are not properly indexed to allow fast queries.

As an aside, readers may care to note that Counterize reports that I get between 30,000 and 40,000 hits on trivia each month and the top visiting countries are: the US at 57.8%, China at 13.6%, the EU at 6.8% and the Russian Federation at 4.5%. The dear old UK is eighth at 2.4% just ahead of Canada and the Ukraine. Those stats might look odd until you realise that I have allowed Counterize to include known webcrawlers. The biggest of these of course are based in the US, but Baidu in China is not far behind in its activity.

I have changed my references to the captcha and contact forms I use on trivia because I have stopped using Mike Challis’s plugins. I did this because Mike seems to like to update his plugins every other week or so and, much as that is to be applauded if there are real gains to be made, I found the maintenance overhead to be too high for what I was getting. Stability is good too.

Incidentally, for anyone interested in FreeBSD, particularly in its use on a server running Tor, or a website it is well worth paying a visit to Mark’s blog. He writes well and it is always worth looking at alternatives to Linux.

Categories: LUG Community Blogs

Dick Turpin: White space.

Planet WolvesLUG - Wed, 12/02/2014 - 17:00
Customer: "The download URL generated by our website is not working."
Me: "TBH it has never worked."
Customer: "Yes it has!"
Me: "OK, see the plus signs in this+is+my+file.pdf that is not a legal character in a URL it should be %20"
Customer: "OK?"
Me: "I've turned on directory listing on on your website. Can you see all the documents now?"
Customer: "Oh yeah."
Me: "So you would have got myfile.pdf but not my file.pdf you would have got anotherfile.pdf but not yet another file.pdf"
Customer: "Oh, that explains why sometimes it worked and sometimes it didn't."

#facepalm
Categories: LUG Community Blogs

Jonathan McDowell: Choosing a new laptop

Planet ALUG - Tue, 11/02/2014 - 23:31

Recently I've been thinking about getting a new laptop. I have this rule that a laptop should last me at least 3 years (ideally more) and my old laptop was bought in September 2010. So for the past few months I've been trying to work out if there's something suitable on the market that is a good replacement (last time I didn't manage to find something that ticked all the boxes, but did pretty well for the price I paid).

To start with I decided to track my laptops over time - largely because one of my concerns was about the size of a replacement, because I have a significant leaning towards subnotebooks. In the end the reason I decided to upgrade was for some extra CPU grunt; my old machine had a tendency to get pretty hot under any sort of load.

DateModelCPUScreenRAMStorageW (mm)H (mm)D (mm)WeightCost 1991Amstrad PPC 640DNEC V30 8MHz9" 640x200 non-backlit green LCD640k2 x 3.5" FDD45023010010kg??? August 1997Compaq Aero 4/33c486sx337.8" 640x480 CSTN LCD4MB80MB260190431.6kg??? July 2002Compaq Evo N200P-III 700MHz10.4" 1024x768 TFT192MB20GB251198201.1kg£939.99 August 2005Toshiba Portege R200Pentium M 753 1.2GHz12.1" 1024x768 TFT1280MB60GB286229201.29kg£1313.58 September 2008Asus EEE 901Atom N270 1.6GHz8.9" 1024x600 TFT2GB4GB + 16GB SSD248175231.1kg£299.99 September 2010Acer Aspire 1830TCore-i5 470UM 1.33GHz11.6" 1366x768 TFT8GB500GB284203281.4kg$699.99 (~ £480)

The EEE didn't actually replace the Toshiba, but I mention it for completeness. It was actually the only machine I moved to the US with, but after about a month of it as my primary machine I realized it wasn't an option for day to day use - though it was fantastic as a machine to throw in an overnight bag, especially when coupled with a 3G dongle.

I wasn't keen on significantly increasing the size of my laptop. There are a number of decent 13" Ultrabook options out there, and I looked at a few of them, but nothing grabbed me as being worth the increase in size. Also I wanted something better than the Acer - one of the major problems was finding something smaller than 13" that had 8G RAM, let alone more. There's a significant trend towards everything soldered in for the smaller/slimmer notebooks, which makes some sense but means that the base spec had better be right.

Much to my surprise the Microsoft Surface Pro 2 looked like an option. It comes with an i5-4300U processor (at least since around Christmas 2013), and the 256/512G SSD models have 8G RAM. Screen resolution is an attractive true HD (1920x1080) and the 10" display means it's smaller than the Aspire. Unfortunately the keyboard lets it down. It's fine given a flat surface, but not great if you want to support the whole thing on your lap. Which is something I tend to do with my laptop, whether that's on the sofa, or in bed, or on a bus/train.

Another option was the Sony Vaio Pro 11. This is a pretty sweet laptop (I managed to get to play with one at a Sony store in the US). Super slim and light. 8GB RAM. True HD screen. However I have bad memories of the build quality of the older Vaios and the fact that there was /no/ user replaceable parts put me off - it's a safe bet that a laptop battery is going to need replaced in a 3 year lifespan.

What I managed to find, and purchase, was a Dell Latitude E7240. I admit that the Dell brand made me wary - while I've not had any issue with their desktops I didn't associated their laptops as being particularly high quality. Mind you, I could say the same for Acer and I've been very pleased with the Aspire (if they'd had a more up to date model I'd have bought it). I bought the E7240 with the Core-i5 4300U (so the same as the Surface Pro 2) and True HD touch screen. It has a replaceable battery, expandable RAM (up to 16G) and the storage is an mSATA SSD. It also came with a built in 3G card. At 12.5" it's a little bigger than my old machine, but I decided that was a reasonable idea given the higher resolution. I'm typing this article on it now, having finally completed the setup and migration of the data from the old laptop to it this evening. More details once I've been using it for a little bit I think.

Categories: LUG Community Blogs

Wayne Stallwood (DrJeep): AWS EC2 Tricks

Planet ALUG - Tue, 11/02/2014 - 22:14
Storage

PIOS are expensive but EBS optimisation isn't. If your application is storage bound then setting the “EBS optimised” flag should always be your first step to improving performance.

The benefit is actually two-fold, setting this option essentially adds a dedicated network link for the EBS volumes. So as well as improving data throughput for your storage it also stops it competing with regular network traffic so your overall network performance improves as well.

Instance sizing

Firstly, if you are on first generation instance types such as M1 and C1 then you need to check out the newer generation machines now. In almost all cases the M1 and C1 instances have a direct replacement in M3 or C3 which will almost certainly be better value in terms of price

performance.

ECU's I used to assume had a bit of marketing adjustment. The truth is that in my testing and on CPU bound workloads I find they are pretty spot on (twice the ECU's really does tend to give you twice the performance)

As with hardware sizing generally, look at your workload and choose appropriate instance classes. Don't just default to the general purpose classes.

Reserved Instances

I'd recommend against 3 year reservations. You can't take advantage of new instance classes unless you manage to sell your old reservations (not so easy on the older generations) also discounts on reservations when AWS drop EC2 prices are entirely at Amazon's discretion. 3 years is way too long to be contracted in to a current instance class at current pricing.

I'd also think very carefully before reserving at Heavy Utilisation. It's not that much cheaper than Medium, the upfront cost is higher and you are billed the hourly rate whether you are using it or not. If you lose funding for your environment then you can't escape the costs until your reservation contract is up.

EBS

Volumes are thin provisioned. So new writes to previously unused space tend to be very slow. If you have the time, pre-fill your volumes for maximum performance in production.

Snapshots may be inconsistent if there are writes to the volume in the the initial pending phase. Avoid writes for the first 10 minutes of requesting a snap. Snapshots of Raided volumes however will most likely be inconsistent unless the instance is stopped for the duration of the snap.

PIOPS (Provisioned IO) can “currently” only be changed when provisioning the volume.

Work hard to optimise IO in your application and then use cloudwatch or on OS tools to determine what you really need before reserving IO. Tricks such as aligning block sizes to access (MS-SQL) can pay dividends, though be aware that PIOPS count for block sizes not larger than 16KB. So optimising above that has limited benefit because accessing a 64KB block will occupy 4 PIOPS.

Categories: LUG Community Blogs

Mick Morgan: privacy matters

Planet ALUG - Tue, 11/02/2014 - 17:54

The Open Rights Group here in the UK has been campaigning against mass, umwarranted surveillance by GCHQ since the Snowden revelations first emerged in summer of last year. Two of its current campaigns are: “don’t spy on us” and “the day we fight back“.

I have signed both of them.

I have also written to my MP in the following terms:

I have today signed the on-line petition for the “don’t spy on us” campaign. That campaign calls for an inquiry into the mass, unwarranted, surveillance of the UK population by GCHQ.

I call upon you, as my elected representative, to support my rights under Article 8 and 10 of the European Convention on Human Rights to a private life with full, unfettered freedom of expression.

I ask that you support the campaign both on-line, and in Parliament. Parliament has been completely ineffective in its oversight of GCHQ. That must end. You, along with all other Parliamentarians must do a much better job of holding them to account.

Yours sincerely

Mick Morgan

I’ll let you know what he says (though I can guess the reply. In fact I could probably write it myself.)

Categories: LUG Community Blogs

Dick Turpin: Not new?

Planet WolvesLUG - Tue, 11/02/2014 - 17:08
So I was offering some generation 1 iPads for sale.

Prospect: "Ello mate, you've got some iPad's for sale, what does iPad 1 mean?"
Me: "It means they are first generation, the first iPad's they made."
Prospect: "Oh, so they're old then?
Me: "Well as I say they are the first ones released."
Prospect: "They're not the latest ones then?"
Me: "Not for £150 they're not!"

If only I had more hair to pull out.
Categories: LUG Community Blogs

Dick Turpin: Anything cheaper?

Planet WolvesLUG - Tue, 11/02/2014 - 14:25
I'm sorry but you've really fecked me off! You time waster.

*Day 1*  "Thanks for the email on the refurbed base unit for £200 leave it with me."

*Day 2* "These refubed ipads for £150 do you have them? Oh, you order them in. Let me think about it."

*Day 3* "How much for a Samsung 10.1?"

Why do I say time waster? £200 is clearly too much for him, £150 was probably too much for him and now he's taking the piss by asking about something that is clearly double the price of second hand equipment.
Categories: LUG Community Blogs

Aq: Building a (PhoneGap) iOS app from Ubuntu entirely without Mac OS X

Planet WolvesLUG - Tue, 11/02/2014 - 12:11

The Major: But, Fawlty, how did the starling get in the bar?
Basil: No, no, no. You were in the bar.
The Major: I was in the bar? Yes! Yes, I was!
Basil: And the starling was in the garden, and the rat was nowhere at all.

It is possible, with the aid of PhoneGap and Adobe’s PhoneGap Build service, to make an app for iOS, get it signed, and deploy it to an iPhone without having a Mac involved at all. Up until yesterday I would have sworn up and down that this was not possible, and I told a bunch of people that; making a PhoneGap app isn’t a problem from Ubuntu, but getting the necessary keys to get it signed is. However, thanks to a writeup from BreezeJS I now know that this is not the truth. It’s possible to make an iOS app in Ubuntu and get it signed, I’ve done it, and now I’ll walk through that process. This description owes a lot to the Breeze writeup without which I’d be nowhere, but exactly what the screens look like has changed a little. Links and instructions correct as of 11th February 2014.

Make a PhoneGap app

No instructions for this bit. Read the PhoneGap documentation. Once you’ve built that, you’ll have a www/ folder with the HTML, CSS, and JavaScript of your app in it.

Get a PhoneGap Build account and add your app

Also no instructions for this bit, other than to say this: the app bundle that you upload or pull from Github does not have to contain just the contents of your www folder. I pointed PGB at a Github repos which had the www/ folder at top level and other things in the repos too, and it worked fine. Remember that your config.xml file which configures PGB needs to be in the same folder as index.html.

Get an iOS developer account

Sign up for the Apple Developer Programme. To build iOS apps this will cost you sixty quid. Once you get an email saying that you have access to iTunes Connect, you’ve been approved. Do what it tells you and fill out a bunch of forms about your bank account and address and so on.

Set up certificates

Go to the Apple Developer Member Centre and choose Certificates, Identifiers & Profiles, then under iOS Apps choose Certificates. You’ll probably see a screen saying “What type of certificate do you need?”; if you don’t, there’s a [+] button to add a new certificate.

The first thing you need is the Apple intermediate signing certificate, available from this screen. At the bottom it says Worldwide Developer Relations Certificate Authority; download this AppleWWDRCA.cer file and keep it around somewhere.

Development p12 key

Now, set yourself up a development p12 key as follows.

# Generate your private key openssl genrsa -out private.key 2048 # Generate a certificate signing request. Use your own email address! openssl req -new -key private.key -out CertificateSigningRequest.certSigningRequest -subj '/emailAddress=joe@example.com, CN=Joe Example, C=UK'

On the “What type of certificate do you need?” Apple page, say “iOS App Development”. Go through its little wizard and upload your CertificateSigningRequest.certSigningRequest file. It will give you back a ios_development.cer file.

# Convert ios_development.cer to ios_development.pem openssl x509 -in ios_development.cer -inform DER -out ios_development.pem -outform PEM # Convert ios_development.pem to ios_development.p12. Enter a password and remember it for later. openssl pkcs12 -export -inkey private.key -in ios_development.pem -out ios_development.p12 Distribution p12 key

Now, generate a distribution p12 key in the same way:

# Generate a certificate signing request. Use your own email address! openssl req -new -key private.key -out DistCertificateSigningRequest.certSigningRequest -subj '/emailAddress=joe@example.com, CN=Joe Example, C=UK'

On the “What type of certificate do you need?” Apple page, say “iOS App Development”. Go through its little wizard and upload your DistCertificateSigningRequest.certSigningRequest file. It will give you back a ios_distribution.cer file.

# Convert ios_distribution.cer to ios_distribution.pem openssl x509 -in ios_distribution.cer -inform DER -out ios_distribution.pem -outform PEM # Convert ios_distribution.pem to ios_distribution.p12. Enter a password and remember it for later. openssl pkcs12 -export -inkey private.key -in ios_distribution.pem -out ios_distribution.p12 Add your phone as a Device

On the Apple page, on the left, it has a “Devices” section. Add a new device. For this, you’ll need the UDID of your iPhone. Do not use one of the apps on the App Store to get this: Apple changed things in iOS 7 so that apps can’t read your real UDID: they get a vendor-specific fake one. If you’ve got what you think is the UDID of your phone and it begins in FFFF then it’s not your actual UDID; it’s a vendor-specific fake UDID, and that will not work here. Instead, plug your iPhone into your Ubuntu machine with USB, and then run

$ lsusb -v 2>/dev/null | grep -e "Apple Inc" -A 2
iManufacturer 1 Apple Inc.
iProduct 2 iPhone
iSerial 3 472585[censored]

The iSerial is your actual UDID. Use it to add your phone as a new Device on the Apple developer portal.

Add your app

Also on the left of the Apple page, there’s Identifiers > App IDs. Add a new App ID for the app you’re planning to build.

Get a Provisioning Profile

You now need a Provisioning Profile. This is a certificate which is specific to a (p12 key, app, device(s)) combination; that is, you need a new one of these for each combination of app-to-install and device-to-install-it-on. You can add more than one device to a provisioning certificate, though.

Under Provisioning Profiles on the left on the Apple page, add a new profile for your chosen combination of (key, app, device). It will give you a something.mobileprovision file to download.

Add keys to PhoneGap Build

In the PhoneGap Build Edit Account page, go to Signing Keys and upload your p12 key and mobileprovision file. Unlock the key by entering the password you created for it. On your app’s PGB page you should now be able to select that key under iOS and build your app for iOS. Finally, point your selected device’s Safari browser at the download URL for your iOS app (https://build.phonegap.com/apps/PGB_APPID/download/ios) and you’ll be able to install it.

Done. An iOS app built with Ubuntu. Thank you to Apple for opening up the ability to administer this stuff through the web, PhoneGap for providing the Build service, and Breeze for working out how to tie it all together.

Categories: LUG Community Blogs

Aq: Building a (PhoneGap) iOS app from Ubuntu entirely without Mac OS X

Planet WolvesLUG - Tue, 11/02/2014 - 12:11

The Major: But, Fawlty, how did the starling get in the bar?
Basil: No, no, no. You were in the bar.
The Major: I was in the bar? Yes! Yes, I was!
Basil: And the starling was in the garden, and the rat was nowhere at all.

It is possible, with the aid of PhoneGap and Adobe’s PhoneGap Build service, to make an app for iOS, get it signed, and deploy it to an iPhone without having a Mac involved at all. Up until yesterday I would have sworn up and down that this was not possible, and I told a bunch of people that; making a PhoneGap app isn’t a problem from Ubuntu, but getting the necessary keys to get it signed is. However, thanks to a writeup from BreezeJS I now know that this is not the truth. It’s possible to make an iOS app in Ubuntu and get it signed, I’ve done it, and now I’ll walk through that process. This description owes a lot to the Breeze writeup without which I’d be nowhere, but exactly what the screens look like has changed a little. Links and instructions correct as of 11th February 2014.

Make a PhoneGap app

No instructions for this bit. Read the PhoneGap documentation. Once you’ve built that, you’ll have a www/ folder with the HTML, CSS, and JavaScript of your app in it.

Get a PhoneGap Build account and add your app

Also no instructions for this bit, other than to say this: the app bundle that you upload or pull from Github does not have to contain just the contents of your www folder. I pointed PGB at a Github repos which had the www/ folder at top level and other things in the repos too, and it worked fine. Remember that your config.xml file which configures PGB needs to be in the same folder as index.html.

Get an iOS developer account

Sign up for the Apple Developer Programme. To build iOS apps this will cost you sixty quid. Once you get an email saying that you have access to iTunes Connect, you’ve been approved. Do what it tells you and fill out a bunch of forms about your bank account and address and so on.

Set up certificates

Go to the Apple Developer Member Centre and choose Certificates, Identifiers & Profiles, then under iOS Apps choose Certificates. You’ll probably see a screen saying “What type of certificate do you need?”; if you don’t, there’s a [+] button to add a new certificate.

The first thing you need is the Apple intermediate signing certificate, available from this screen. At the bottom it says Worldwide Developer Relations Certificate Authority; download this AppleWWDRCA.cer file and keep it around somewhere.

Development p12 key

Now, set yourself up a development p12 key as follows.

# Generate your private key openssl genrsa -out private.key 2048 # Generate a certificate signing request. Use your own email address! openssl req -new -key private.key -out CertificateSigningRequest.certSigningRequest -subj '/emailAddress=joe@example.com, CN=Joe Example, C=UK'

On the “What type of certificate do you need?” Apple page, say “iOS App Development”. Go through its little wizard and upload your CertificateSigningRequest.certSigningRequest file. It will give you back a ios_development.cer file.

# Convert ios_development.cer to ios_development.pem openssl x509 -in ios_development.cer -inform DER -out ios_development.pem -outform PEM # Convert ios_development.pem to ios_development.p12. Enter a password and remember it for later. openssl pkcs12 -export -inkey private.key -in ios_development.pem -out ios_development.p12 Distribution p12 key

Now, generate a distribution p12 key in the same way:

# Generate a certificate signing request. Use your own email address! openssl req -new -key private.key -out DistCertificateSigningRequest.certSigningRequest -subj '/emailAddress=joe@example.com, CN=Joe Example, C=UK'

On the “What type of certificate do you need?” Apple page, say “iOS App Development”. Go through its little wizard and upload your DistCertificateSigningRequest.certSigningRequest file. It will give you back a ios_distribution.cer file.

# Convert ios_distribution.cer to ios_distribution.pem openssl x509 -in ios_distribution.cer -inform DER -out ios_distribution.pem -outform PEM # Convert ios_distribution.pem to ios_distribution.p12. Enter a password and remember it for later. openssl pkcs12 -export -inkey private.key -in ios_distribution.pem -out ios_distribution.p12 Add your phone as a Device

On the Apple page, on the left, it has a “Devices” section. Add a new device. For this, you’ll need the UDID of your iPhone. Do not use one of the apps on the App Store to get this: Apple changed things in iOS 7 so that apps can’t read your real UDID: they get a vendor-specific fake one. If you’ve got what you think is the UDID of your phone and it begins in FFFF then it’s not your actual UDID; it’s a vendor-specific fake UDID, and that will not work here. Instead, plug your iPhone into your Ubuntu machine with USB, and then run

$ lsusb -v 2>/dev/null | grep -e "Apple Inc" -A 2 iManufacturer 1 Apple Inc. iProduct 2 iPhone iSerial 3 472585[censored]

The iSerial is your actual UDID. Use it to add your phone as a new Device on the Apple developer portal.

Add your app

Also on the left of the Apple page, there’s Identifiers > App IDs. Add a new App ID for the app you’re planning to build.

Get a Provisioning Profile

You now need a Provisioning Profile. This is a certificate which is specific to a (p12 key, app, device(s)) combination; that is, you need a new one of these for each combination of app-to-install and device-to-install-it-on. You can add more than one device to a provisioning certificate, though.

Under Provisioning Profiles on the left on the Apple page, add a new profile for your chosen combination of (key, app, device). It will give you a something.mobileprovision file to download.

Add keys to PhoneGap Build

In the PhoneGap Build Edit Account page, go to Signing Keys and upload your p12 key and mobileprovision file. Unlock the key by entering the password you created for it. On your app’s PGB page you should now be able to select that key under iOS and build your app for iOS. Finally, point your selected device’s Safari browser at the download URL for your iOS app (https://build.phonegap.com/apps/PGB_APPID/download/ios) and you’ll be able to install it.

Done. An iOS app built with Ubuntu. Thank you to Apple for opening up the ability to administer this stuff through the web, PhoneGap for providing the Build service, and Breeze for working out how to tie it all together.

Categories: LUG Community Blogs
Syndicate content