Planet ALUG

Syndicate content
Planet ALUG -
Updated: 1 hour 26 min ago

Daniel Silverstone (Kinnison): The Beer'o'Meter project

Sun, 31/01/2016 - 17:51

As some of you may know, I have been working on a small hardware project called the Beer'o'Meter whose purpose is to allow us to extend Ye Olde Vic's beer board to indicate the approximate fullness of each cask. For some time now, we've been operating an electronic beer board at the Vic which you may see tweeted out from time to time. The pumpotron has become very popular with the visitors to the pub, especially that it can be viewed online in a basic textual form.

Of course, as many of you who visit pubs know only too well. That a beer is "on" is no indication of whether or not you need to get there sharpish to have a pint, or if you can take your time and have a curry first. As a result, some of us have noticed a particular beer on, come to the pub after dinner, and then been very sad that if only we'd come 30 minutes previously, we'd have had a chance at the very beer we were excited about.

Combine this kind of sadness with a two week break at Christmas, and I started to develop a Beer'o'Meter to extend the pumpotron with an indication of how much of a given beer had already been served. Recently my boards came back from Elecrow along with various bits and bobs, and I have spent some time today building one up for test purposes.

As always, it's important to start with some prep work to collect all the necessary components. I like to use cake cases as you may have noticed on the posting yesterday about the oscilloscope I built.

Naturally, after prep comes the various stages of assembly. You start with the lowest-height components, so here's the board after I fitted the ceramic capacitors:

And here's after I fitted the lying-down electrolytic decoupling capacitor for the 3.3 volt line:

Next I should have fitted the six transitors from the middle cake case, but I discovered that I'd used the wrong pinout for them. Even after weeks of verification by myself and others, I'd made a mistake. My good friend Vincent Sanders recently posted about how creativity is allowing yourself to make mistakes and here I had made a doozy I hadn't spotted until I tried to assemble the board. Fortunately TO-92 transistors have nice long legs and I have a pair of tweezers and some electrical tape. As such I soon had six transistors doing the river dance:

With that done, I noticed that the transistors now stood taller than the pins (previously I had been intending to fit the transistors before the pins) so I had to shuffle things around and fit all my 0.1" pins and sockets next:

Then I could fit my dancing transistors:

We're almost finished now, just one more capacitor to provide some input decoupling on the 9v power supply:

Of course, it wouldn't be complete without the ESP8266Huzzah I acquired from AdaFruit though I have to say that I'm unlikely to use these again, but rather I might design in the surface-mount version of the module instead.

And since this is the very first Beer'o'Meter to be made, I had to go and put a 1 on the serial-number space on the back of the board. I then tried to sign my name in the box, made a hash of it, so scribbled in the gap

Finally I got to fit all six of my flow meters ready for some testing. I may post again about testing the unit, but for now, here's a big spider of a flow meter for beer:

This has been quite a learning experience for me, and I hope in the future to be able to share more of my hardware projects, perhaps from an earlier stage.

I have plans for a DAC board, and perhaps some other things.

Categories: LUG Community Blogs

Daniel Silverstone (Kinnison): Building an Oscilloscope

Sun, 31/01/2016 - 17:51

I recently ordered some PCBs from Elecrow for the Vic's beer-measurement system I've been designing with Rob. While on the site, I noticed that they have a single-channel digital oscilloscope kit based on an STM32. This is a JYE Tech DSO138 which arrives as a PCB whose surface-mount stuff has been fitted, along with a whole bunch of pin-through components for you to solder up the scope yourself. There's a non-trivial number of kinds of components, so first you should prep by splitting them all up and double-checking them all.

Once you've done that, the instructions start you off fitting a whole bunch of resistors...

Then some diodes, RF chokes, and the 8MHz crystal for the STM32.

The single most-difficult bit for me to solder was the USB socket. Fine pitch leads, coupled with high-thermal-density socket.

There is a veritable mountain of ceramic capacitors to fit...

And then buttons, inductors, trimming capacitors and much more...

THe switches were the next hardest things to solder, after the USB socket...

Finally you have to solder a test loop and close some jumpers before you power-test the board.

The last bit of soldering is to solder pins to the LCD panel board...

Before you finally have a working oscilloscope

I followed the included instructions to trim the scope using the test point and the trimming capacitors, before having a break to write this up for you all. I'd say that it was a fun day because I enjoyed getting a lot of soldering practice (before I have to solder up the beer'o'meter for the pub) and at the end of it I got a working oscilloscope. For 40 USD, I'd recommend this to anyone who fancies a go.

Categories: LUG Community Blogs

Chris Lamb: Free software activities in January 2016

Sun, 31/01/2016 - 08:16

Here is my monthly update covering a large part of what I have been doing in the free software world (previously):

  • Changed Django's project/app templates to use a py-tpl suffix to workaround the 1.9 release series shipping invalid .py files that are used as templates. (#5735)
  • Pushed a number of updates to my Strava Enhancement Suite Chrome extension:
    • Added the ability to sort starred segments first. (#42)
    • Added an option to display hidden segments by default. (#34)
    • Also hide "Yearly Goals" as part of hiding upcoming data. (#41)
    • Removed more "premium" badges. (#43)
    • Fixed an issue where removing feed entries didn't correctly cleanup subsequently-empty date headers. (commit)
  • Released a work-in-progress django.contrib.staticfiles library to recursively transparently concatenate Javascript and CSS files using "Debian-style" .d directories. I had previously been doing this manually via the various release processes — and bespoke views during development — as the idea pre-dated the existence of the staticfiles framework. (Repo)
  • Updated, a hosted script to easily test and build Debian packages on Travis CI, to support the wheezy distribution and to improve error-handling in general. (Repo)
  • Ensured that, a hosted version of the diffoscope in-depth and content aware diff utility, periodically cleans up containers.
  • Moved my personal music library to use dh-virtualenv and to deploy to its own server via Ansible. I also updated the codebase to the latest version of Django at the same time, taking advantage of a large number of new features and recommendations.
  • Fixed a strange issue with empty IMAP messages in my tickle-me-email GTD email toolbox.
  • It was also a month of significant bug reports and feature requests being sent to my private email.
  • Had a talk proposal accepted (Reproducible Builds - fulfilling the original promise of free software) at FOSSASIA 16.

My work in the Reproducible Builds project was also covered in more depth in Lunar's weekly reports (#35, #36, #37, #38, #39)


This month I have been paid to work 18 hours on Debian Long Term Support (LTS). In that time I did the following:

  • Sevend days of "frontdesk" duties, triaging CVEs, etc.
  • Issued DLA 386-1 for cacti to patch an SQL injection vulnerability.
  • Issued DLA 388-1 for dwarfutils fixing a NULL deference issue.
  • Issued DLA 391-1 for prosody correcting the use of a weak pseudo-random number generator.
  • Issued DLA 404-1 for nginx to prevent against an invalid pointer deference.
  • redis (2:3.0.7-1) — New upstream stable release, also ensure that test processes are cleaned up and replacing an existing reproducibility patch with a SOURCE_DATE_EPOCH solution.
  • python-django (1.9.1-1) — New upstream release.
  • disque (1.0~rc1-4) — Make the build reproducible via SOURCE_DATE_EPOCH, ensure that test processes are cleaned up and that the nocheck flag is correctly honoured.
  • gunicorn (19.4.5-1) — New upstream release.
  • redis (2:3.2~rc3-1) — New upstream RC release (to experimental).
Bugs filed Patches contributed RC bugs

I also filed 100 FTBFS bugs against apache-log4j2, awscli, binutils, brian, ccbuild, coala, commons-beanutils, commons-vfs, composer, cyrus-sasl2, debiandoc-sgml-doc-pt-br, dfvfs, dillo, django-compat, dulwich, git-annex, grpc, hdf-eos5, hovercraft, ideviceinstaller, ircp-tray, isomd5sum, javamail, jhdf, jsonpickle, kivy, klog, libcloud, libcommons-jexl2-java, libdata-objectdriver-perl, libdbd-sqlite3-perl, libpam-krb5, libproc-waitstat-perl, libslf4j-java, libvmime, linuxdcpp, lsh-utils, mailutils, mdp, menulibre, mercurial, mimeo, molds, mugshot, nose, obex-data-server, obexfs, obexftp, orafce, p4vasp, pa-test, pgespresso, pgpool2, pgsql-asn1oid, php-doctrine-cache-bundle, php-net-ldap2, plv8, pngtools, postgresql-mysql-fdw, pyfftw, pylint-common, pylint-django, pylint-django, python-ase, python-axiom, python-biopython, python-dcos, python-falcon, python-instagram, python-markdown, python-pysam, python-requests-toolbelt, python-ruffus, pytsk, pyviennacl, ros-class-loader, ros-ros-comm, ros-roscpp-core, roxterm, ruby-celluloid-extras, ruby-celluloid-fsm, ruby-celluloid-supervision, ruby-eye, ruby-net-scp, ruby-net-ssh, ruby-sidekiq, ruby-sidekiq-cron, ruby-sinatra-contrib, seaview, smc, spatial4j-0.4, swift-plugin-s3, tilecache, typecatcher, ucommon, undertaker, urdfdom, ussp-push, xserver-xorg-video-intel & yt.

FTP Team

As a Debian FTP assistant I ACCEPTed 201 packages: abi-tracker, android-platform-build, android-platform-frameworks-native, android-platform-libcore, android-platform-system-core, animate.css, apitrace, argon2, autosize.js, bagel, betamax, bittorrent, bls-standalone, btfs, caja-dropbox, cegui-mk2, complexity, corebird, courier-authlib, cpopen, ctop, dh-haskell, django-python3-ldap, e2fsprogs1.41, emacs-async, epl, fast5, fastkml, flask-restful, flask-silk, gcc-6, gitlab, golang-github-kolo-xmlrpc, golang-github-kr-fs, golang-github-pkg-sftp, golang-github-prometheus-common, google-auth-library-php, h5py, haskell-aeson-compat, haskell-userid, heroes, hugo, ioprocess, iptables, ivy-debian-helper, ivyplusplus, jquery-timer.js, klaus, kpatch, lazarus, libatteanx-store-sparql-perl, libbrowserlauncher-java, libcgi-test-perl, libdata-sah-normalize-perl, libfsntfs, libjs-fuzzaldrin-plus, libjung-free-java, libmongoc, libmygpo-qt, libnet-nessus-rest-perl, liborcus, libperinci-sub-util-propertymodule-perl, libpodofo, librep, libsodium, libx11-xcb-perl, linux, linux-grsec-base, list.js, lombok, lua-mediator, luajit, maven-script-interpreter, midicsv, mimeo, miniasm, mlpack, mom, mosquitto-auth-plugin, moxie.js, msgpuck, nanopolish, neovim, netcdf, network-manager-applet, network-manager-ssh, node-esprima-fb, node-mocks-http, node-schlock, nomacs, ns3, openalpr, openimageio, openmpi, openms, orafce, pbsim, pd-iemutils, pd-nusmuk, pd-puremapping, pd-purest-json, pg-partman, pg-rage-terminator, pgfincore, pgmemcache, pgsql-asn1oid, php-defaults, php-jwt, php-mf2, php-redis, pkg-info-el, plr, pnmixer, postgresql-multicorn, postgresql-mysql-fdw, powa-archivist, previsat, pylint-flask, pyotherside, python-caldav, python-cookies, python-dcos, python-flaky, python-flickrapi, python-frozendict, python-genty, python-git, python-greenlet, python-instagram, python-ironic-inspector-client, python-manilaclient, python-neutronclient, python-openstackclient, python-openstackdocstheme, python-prometheus-client, python-pymzml, python-pysolr, python-reno, python-requests-toolbelt, python-scales, python-socketio-client, qdox2, qgis, r-cran-biasedurn, rebar.js, repmgr, rfcdiff, rhythmbox-plugin-alternative-toolbar, ripe-atlas-cousteau, ripe-atlas-sagan, ripe-atlas-tools, ros-image-common, ruby-acts-as-list, ruby-allocations, ruby-appraiser, ruby-appraiser-reek, ruby-appraiser-rubocop, ruby-babosa, ruby-combustion, ruby-did-you-mean, ruby-fixwhich, ruby-fog-xenserver, ruby-hamster, ruby-jeweler, ruby-mime-types-data, ruby-monkey-lib, ruby-net-telnet, ruby-omniauth-azure-oauth2, ruby-omniauth-cas3, ruby-puppet-forge, ruby-racc, ruby-reek, ruby-rubinius-debugger, ruby-rubysl, ruby-rubysl-test-unit, ruby-sidekiq-cron, ruby-threach, ruby-wavefile, ruby-websocket-driver, ruby-xmlhash, rustc, s-nail, scrm, select2.js, senlin, skytools3, slurm-llnl, sphinx-argparse, sptk, sunpy, swauth, swift, tdiary, three.js, tiny-initramfs, tlsh, ublock-origin, vagrant-cachier, xapian-core, xmltooling, & yp-tools.

I additionally REJECTed 29 packages.

Categories: LUG Community Blogs

Mick Morgan: guest network

Sun, 24/01/2016 - 16:52

Last month Troy Hunt posted an interesting comment on his blog about the problems around the etiquette of allowing guests onto your home wifi network. In his post, Hunt notes that guests can be deeply offended at being refused access. This is understandable. If they are guests in your home then they are probably close friends or family. Refusing access can make it seem that you don’t trust them. However, as Hunt goes on to point out, it is not the guests per se you need to worry about. Anyone on your network can cause problems – usually completely unintentionally. In my case I have the particular problem that my kids assume that they can use the nertwork when they are here. Worse, they assume that they may access the network through their (google infested) smart phones. Now try as I might, there is no way I can monitor or control the way my kids (or their partners) set up their phones. Nor should I want to.

Hunt asks how others handle this problem. Like him I don’t much trust the separation offered by “guest” networks on wifi routers. In my case I decided long ago to split my network in two. I have an outer network which connects directly to my ISP and a second, inner network, which connects through another router to my outer network. Both networks use NAT and each uses an address range drawn from RFC1918. Furthermore, the routers are from different manufacturers so, hopefully, any vulnerability in one /may/ not be present in the other. My inner network has all my domestic devices, including my NAS, music and video streaming systems, DNS server etc. attached. These devices are mostly hard wired through a switch to the inner router. I only use wifi where it is not possible to hard wire, or where it would make no sense to do so. For example, my Sonos speakers and the app controlling them on my android tablet must use wifi. However, there is no reason why my kids, who insist on using Facebook, need to have access to my internal systems. So I run a separate wifi network on the outer router and they only have access to that. The only systems on the external screened network is one of my VPN endpoints (useful for when I am out and about and want to appear to be accessing the wider world from my home), and my old slug based webcam. My policy stance on the inner network is to consider the screened outer network as almost as hostile as the wider internet. This has the further advantage that bloody google doesn’t get notification of my internal wifi settings through my kids leaving “backup and restore” active on their android phones.

Categories: LUG Community Blogs

Mick Morgan: sign this now

Mon, 11/01/2016 - 22:03

I am a paying member of both Amnesty International and the Open Rights Group. Both those organisations, along with many other Civil Rights organisations, technology companies and concerned individuals are signatories to an open letter to Governments across the world demanding that we retain the right to strong encryption in order to protect our privacy. That letter says:

  • Governments should not ban or otherwise limit user access to encryption in any form or otherwise prohibit the implementation or use of encryption by grade or type;
  • Governments should not mandate the design or implementation of “backdoors” or vulnerabilities into tools, technologies, or services;
  • Governments should not require that tools, technologies, or services are designed or developed to allow for third-party access to unencrypted data or encryption keys;
  • Governments should not seek to weaken or undermine encryption standards or intentionally influence the establishment of encryption standards except to promote a higher level of information security. No government should mandate insecure encryption algorithms, standards, tools, or technologies; and
  • Governments should not, either by private or public agreement, compel or pressure an entity to engage in activity that is inconsistent with the above tenets.

I’ve signed. You should too.

Categories: LUG Community Blogs

Mick Morgan: idiotic

Thu, 07/01/2016 - 14:54

Today’s Register has an article about the UK Internet Service Providers Association written evidence to the Parliamentary Joint Committee on the Draft Investigatory Powers Bill.

I don’t wish to comment on that evidence here, Adrian Kennard has already provided much useful comment on the failings of the Draft Bill. My purpose in this post to highlight the absurdity of the Parliamentary Committee’s request that the ISPA evidence be withdrawn from it’s Website. The Register article ends with this update:

ISPA contacted The Register after the publication of this story to inform us: “ISPA was requested to remove the written evidence it submitted to the Joint Committee on the Investigatory Powers Bill from the ISPA website by the Joint Committee. Their guidance states that submissions become the property of the Committee and should not be published elsewhere until the Committee has done so itself.”

As of now (14.30 on 7 January) that evidence is still on the ISPA Website. Even if removed, it will still, of course, be available from a huge range of sources such as search engine caches (apologies for the google reference, but it is the obvious one). Or you could get it here.

The point is, once such a document has been published electronically on the net, no-one, but no-one, can put the genie back in the bottle and unpublish it.

The officials supporting the Joint Parliamentary Committee should know that. And if they don’t then I would submit that they are not technically competent enough to be supporting the Committee.

Categories: LUG Community Blogs

Steve Engledow (stilvoid): TODO

Sat, 02/01/2016 - 22:35

As last year, here's this year's TODO as a diff with last time.

New Year's Resolutions
  • Read even more (fiction and non-fiction)

    I'm certainly doing plenty of this now :)

  • Write at least one short story

  • Write some moreand release at least one games

  • Go horse riding

  • Learn some more turkish

  • Keep learning languages

    I've been having a good time learning with Duolingo recently and have found learning more than one language is helping recall in all of them.

  • Play a lot more guitar

    Lots more guitar played in 2015 than 2014 and it ought to continue through this year.

  • Lose at least a stone (in weight, from myself)

    Utter fail on this one. I've put weight on. Efforts shall be redoubled and all that.

  • Receive a lot less email

    I'm gettting a lot less email these days.

  • Blog more

    I'd say it's been about the same but I'm happy with that.

  • Write more software

  • Release more software

    Definitely nailed these two.

  • Be a better husband and father

    Pfft. I'm the best, natch.

  • Improve or replace the engine I use for my blog

    Much happier with how this works now.

  • Contribute more to existing open source projects

  • Pass all of the AWS certification exams

    Especially as I'm going to be working there this year ;)

Categories: LUG Community Blogs

Mick Morgan: a bad way to end the year

Fri, 01/01/2016 - 19:41

Sadly, I read today that Ian Murdock, the “Ian” in Debian, died on Monday, 28 December 2015. He was only 42 years old. Various reports indicate that he had been distressed for some time before his death. The tweets reportedly from Murdock’s twitter account shortly before his death are very disturbing.

Murdock’s contribution to the FLOSS community was immense. The operating system he created with “Deb”, Debra Lynn, his then girlfriend, is the foundation upon which much of today’s internet infrastructure is built. Ubuntu, one of the most popular desktop linux distros, is itself built upon debian. This blog, and all of my web, mail and other servers is built upon debian. His legacy will endure.

Murdock left a wife and two young children. He died much, much, too young.

Categories: LUG Community Blogs

Chris Lamb: Free software activities in December 2015

Thu, 31/12/2015 - 11:05

Here is my monthly update covering a large part of what I have been doing in the free software world (previously):


My work in the Reproducible Builds project was also covered in more depth in Lunar's weekly reports (#31, #32, #33, #34).


This month I have been paid to work 12 hours on Debian Long Term Support (LTS). In that time I did the following:

  • Issued DLA 363-1 for libphp-phpmailer fixing a header injection vulnerability.
  • Issued DLA 365-1 for foomatic-filters correcting a shell injection vulnerability.
  • Issued DLA 369-1 for pygments fixing an issue shell injection vulnerability.
  • Issued DLA 374-1 for cacti to fix an SQL injection vulnerability.
  • Did some futher investigation of CVE-2011-5325 in busybox.
  • python-django (1.9) — New upstream release.
  • redis (3.0.6) — New upstream stable release. I additionally backported this package to Debian stable.
  • redis (3.2~rc1) — Uploaded upstream's "testing/next" branch to experimental for testing.
  • gunicorn (19.4.1) — New upstream release.
FTP Team

As a Debian FTP assistant I ACCEPTed 45 packages: apt-show-source, dompurify.js, groonga, haskell-cryptol, initramfs-tools, iprange, jailer, jquery-slugify.js, jquery-ui-touch-punch.js, koji, lazy-object-proxy, libanyevent-termkey-perl, libjs-favico.js, liblwp-useragent-chicaching-perl, librdf-ns-curated-perl, libterm-termkey-perl, libvpx, lua-ansicolors, lwn4chrome, mimeo, node-isstream, onionbalance, osrm, profitbricks-sdk-python, pygeoif, pypi2deb, python-getdns, python-inflect, python-keyutils, python-nmea2, python-pika, qtip2.js, ruby-clockwork, ruby-innertube, ruby-joiner, ruby-middleware, ruby-pundit, ruby-rails-assets-jquery-nicescroll, ruby-rails-tokeninput, sqlacodegen, tails-installer, taskd, typeahead.js, udiskie & webcamoid and REJECTed 4.

Bugs filed Patches contributed

I also filed FTBFS bugs against acpid, android-platform-frameworks-base, antlr3, artemis, beignet, bisonc++, bobcat, bustle, cargo, checkbox-ng, code2html, cplay, datanommer.commands, dcmtkpp, debci, diffutils, diod, django-restricted-resource, docker-libkv, doomsday, dvdauthor, dwww, elasticsearch, elki, flask-script, freeipa, fso-frameworkd, funny-manpages, ggcov, ghc-mod, gmpc-plugins, gparted, gs-collections, guacamole-server, guncat, haskell-concrete-typerep, haskell-geniplate, haskell-nats, haskell-x509-util, hawtbuf, heimdal, htsjdk, inspircd, jboss-xnio, jenkins-winstone, jpeginfo, jruby-openssl, kaffeine, kdbg, ktp-accounts-kcm, kuser, libcommons-cli-java, libcommons-openpgp-java, libconfig-model-lcdproc-perl, libdata-faker-perl, libexplain, libgettext-commons-java, libgtk2-ex-printdialog-perl, libmoops-perl, libnet-frame-perl, libsendmail-milter-perl, libupnp, libuv, libvpx, liwc, m4, maven2, meep-mpich2, nagios-plugin-check-multi, natlog, netpipe, ocserv, ogre-1.8, orthanc-dicomweb, perspectives-extension, php-mail, php-pinba, phpseclib, pkg-haskell-tools, plastimatch, plexus-compiler, plexus-compiler-1.0, python-acme, python-crontab, python-cs, python-csscompressor, python-debian, python-distutils-extra, python-django-compressor, python-django-openstack-auth, python-django-tagging, python-pygit2, python-pyramid, python-pywcs, python-releases, python-shade, python-statsd, python-tasklib, python-tasklib, python-webm, python-websockets, regina-normal, rinetd, roboptim-core, rpm2html, rpm2html, ruby-factory-girl, ruby-fogbugz, ruby-i18n-inflector, ruby-loofah, ruby-protected-attributes, ruby-rack-contrib, ruby-rufus-scheduler, ruby-sanitize, ruby-sidetiq, ruby-sinatra, scsh-0.6, shogun, sleekxmpp, slugimage, spatial4j, sqwebmail-de, trac-announcer, ttt, txaws, umbrello, wine-gecko-2.21, xboxdrv, xfonts-wqy, xserver-xorg-video-openchrome, yorick & yoshimi.

Categories: LUG Community Blogs

Steve Engledow (stilvoid): One for the Vortex Manipulator

Mon, 28/12/2015 - 00:27

Things I wish someone had told me before / I would send in a message to my earlier self through a time portal / I will pass on to my child(ren):

  1. Do not form pointless habits; they will hurt you eventually.

    This includes, but is not limited to: knuckle cracking, nail biting, and the annoying compulsion to ensure that things are arranged symmetrically.

  2. Make lists, not war

    a. If Workflowy doesn't exist yet, invent it.

    b. Make lists of everything. Lists are cool.

  3. Drink more water.

    • When out drinking, switch to water an hour before you intend to go home.

    • Drink more water at all other times too.

  4. If you have any debts, focus on those first but not to the total exclusion of entertainment.

  5. If there's a way to do it without incurring debts, do it that way.

  6. Learn another language as early as possible; it gets considerably harder the longer you wait.

  7. If this message came through a time portal, figure out how it works and tell people!

  8. Read more. Fiction and non-fiction.

  9. Write more. Again, it doesn't matter what, just write.

  10. Accept that not everything will add up to a nice even number.

  11. Practice things more. A modicum of latent talent is not enough to compensate for a lack of practice.

    This applies most specifically to music.

    Also, use "latent" and "talent" together more often.

  12. When someone tells you you're great, remember it and keep the memory ready for...

  13. When someone criticises you or puts you down, don't let it upset you. Take away any message that could help you improve but don't dwell on the negativity.

  14. Expect more from yourself than from other people.

  15. Play more group sports.

  16. Know when to stop. Like this.

Categories: LUG Community Blogs

Mick Morgan: merry christmas 2015

Thu, 24/12/2015 - 16:17

It’s trivia’s birthday again (9 years old today!), so I just have to post to wish my readers (both of you, you know who you are….) a Merry Christmas and a happy New Year. Much has happened over the last year or so which has distracted me from blogging (life gets in the way sometimes) but I feel my muse returning so I may write more in the new year. Meanwhile, take a look at Alan Woodward’s update to Scott Culp’s 2000 essay “10 Immutable Laws Of Security” which he posted on the BBC site. It is called
have yourself a merry cyber-safe Christmas.

I’ll drink to that.

Categories: LUG Community Blogs

Chris Lamb:

Sat, 19/12/2015 - 12:56 is my new hosted utility to make it easier and cleaner to test your Debian packages on the Travis CI continuous integration platform, without duplicating configuration or scripts across mulitiple repositories.

You can read more about how it works, as well as follow the quick setup instructions.

As ever, patches welcome.

Categories: LUG Community Blogs

Chris Lamb: Peake Nationalism

Tue, 15/12/2015 - 23:59

Timothy Peake boarded the International Space Station a few hours ago becoming the United Kingdom's first official astronaut. It has become headline news, dominating the day's news cycle.

But whilst Peake left our pale blue dot with only the humble honorific "Mister", he has subsequently been awarded the dubious appellation of "British Astronaut".

Now, I'm no open-borders pan-nationalist and nor do I in any wish to detract or denigrate Peake's accomplishments — indeed, it is only out of a genuine respect of "our Tim's" achievements that I pen this in the first place — but are we still clinging to the idea that an extraordinary effort by a co-member of our species requires a nationalistic qualifier?

How much do we really have in common with our "fellow countrymen"? This is, after all, the International Space Station, to which Peake was elevated from Kazakhstan on the back of a Russian rocket, in order that he may peacefully collaborate with an American, a Ukrainian, etc.

I encountered the rebuttal that support of this nature is inspirational and incentive to others, but is it really motivating to know that — if you toil to achieve greatness in this life — then your accomplishments will be cheaply co-opted by mediocrities who only share the same colour passport as you? In this sense, isn't national pride really a form of national insecurity?

A "Briton" in space: if space travel can teach us anything, it's that broadcasting the specific patch of ground you were born in is an outdated, tribalistic contrivance and should be assigned to the dustbin of history.

Categories: LUG Community Blogs

Steve Engledow (stilvoid): Ford

Mon, 14/12/2015 - 22:23

Today I become a Firefox add-on developer!

Really, it was far too easy and a little disappointing that I needed to bother, as all I needed was a simple way to hide the browser chrome when I wanted a little more screen space for the content or I wanted a distraction-free environment for reading an article.

I wrote Focus Mode for Firefox to do just that :)

Now, someone tell me why that's not already a standard feature in Firefox. Or even better, tell me that it is and that I just failed to notice it. And while you're at it, tell me why I couldn't find an existing extension that does it!

Categories: LUG Community Blogs

Chris Lamb:

Sun, 13/12/2015 - 12:05

If you haven't already come across it, diffoscope is a tool that reveals what makes files or directories actually different. It recursively unpacks archives of many kinds, transforming binary formats into more human-readable forms in order to make it easier to compare them. It can compare two tarballs, ISO images, PDF, squashfs images, etc.

Anyway, yesterday I hacked together which lets anyone easily try out and share these in-depth comparisons using just a web browser.

The underlying idea is not only to provide a useful service, but also that it will publicise and spread the usage of diffoscope, resulting in net improvements that will feed back into the Reproducible Builds effort.

As usual, patches welcome.

Categories: LUG Community Blogs

Mick Morgan: knees and other jerks

Tue, 08/12/2015 - 16:20

On sunday, the motherboard intially reported that, in the wake of the Paris atrocities of November 13th, the French Government was proposing to ban Tor and free WiFi. As it turns out, this is not strictly accurate. The report was later corrected – thus:

Correction: The initial headline and copy of this article suggested that the proposals to block Tor and control free wifi were already part of a proposed law. These are in fact points that the French police and gendarmes would like to see included in the bill, according to the document seen by Le Monde. The headline and copy have been updated to clarify this; we apologise for the error.

Nevertheless, the actual story is still worrying. Governments of all shades seem to react badly when they feel that they must be seen to “do something”. We, in the UK, have already seen how the desire to “do something” results in unfortunate over reaction and ill-thought proposals for legislation. So it is sad to see the French (for whom I have much admiration) apparently reacting to Paris by opting to clamp down on civil liberties. I’d like to think that the reality is not as bad as the initial report suggested though. Certainly the motherboard post now makes clear that:

French law enforcement wants to have (my emphasis) several powers added to a proposed law, including the move to forbid and block the use of the Tor anonymity network, according to an internal document from the Ministry of Interior seen by French newspaper Le Monde.

It continues:

French law enforcement wish to “Forbid free and shared wi-fi connections” during a state of emergency. This comes from a police opinion included in the document: the reason being that it is apparently difficult to track individuals who use public wi-fi networks.

Noting that China actively blocks connections to Tor, the article continues:

If the French really wanted to block Tor, they might have to consider a model similar to the Chinese regime’s. Naturally, that might be worrying for anyone that cares about free-speech, increasing surveillance, or, say, democracy.

Let’s just hope that sense prevails and Western democracies do not react to terrorism in a way which reduces the very freedoms we cherish so much.

Categories: LUG Community Blogs

Chris Lamb: Free software activities in November 2015

Mon, 30/11/2015 - 21:46

Here is my monthly update covering a large part of what I have been doing in the free software world (previously):

  • Presented at MiniDebConf Cambridge 2015 on the current status of Debian's Reproducible Builds effort.
  • Contributed initial Debian support to Red Hat Product Security's repository of certificates shipped by various vendors and Open Source Projects. (#1)
  • Wrote a proof-of-concept version of Guix's challenge command to determine if an installed binary package is reproducible or not. (code)
  • Started initial work on a b2evolution package.
  • Arranged logistics for the Reproducible Builds summit in Athens.

My work in the Reproducible Builds project was also covered in more depth in Lunar's weekly reports (#27, #28, #29, #30).


This month I have been paid to work 13 hours on Debian Long Term Support (LTS). In that time I did the following:

  • Issued DLA 349-1 for python-django correcting an potential settings leak.
  • Issued DLA 351-1 for redmine fixing a data disclosure vulnerability.
  • Worked on multiple iterations of a fix for CVE-2011-5325 in busybox, not yet complete in order to additionally cover hardlinks.
  • Frontdesk duties.
  • redis — Addressing CVE-2015-8080, a buffer-overflow security issue.
  • python-django — Uploading the latest RC release to experimental.
  • strip-nondeterminism — Disable stripping Mono binaries as it is was too aggressive preventing some package installs.
  • gunicorn — Correct Python interpreter path references in gunicorn3-debian.
  • python-redis — New upstream release.
  • ispell-lt — Making the build reproducible.
Patches contributed
RC bugs

I also filed FTBFS bugs against apt-listdifferences, beanbag, billiard, cached-property, celery-haystack, chessx, coturn, coyote, csoundqt, datanommer.models, django-auth-ldap, django-celery-transactions, django-classy-tags, django-compat, django-countries, django-floppyforms, django-localflavor, django-markupfield, django-model-utils, django-oauth-toolkit, django-openid-auth, django-picklefield, django-polymorphic, django-ratelimit, django-reversion, django-sekizai, django-simple-captcha, django-tables, djangorestframework-gis, factory-boy, gitinspector, golang-testify, gurgitate-mail, haproxy, harvid, kamailio, klatexformula, kombu, kytea, libcatmandu-marc-perl, libdatetime-incomplete-perl, libhtml-calendarmonth-perl, libmath-bigint-gmp-perl, libpodofo, libxml-rpc-fast-perl, lifeograph, mangler, mini-buildd, mpfit, percona-xtradb-cluster-galera-2.x, pion, python-biom-format, python-cligj, python-django-bootstrap-form, python-django-contact-form, python-django-extensions, python-halberd, python-jingo, python-jmespath, python-libpcap, python-memory-profiler, python-passlib, python-restless, python-rsa, python-zipstream, r-bioc-variantannotation, reconserver, ruby-state-machines, ruby-state-machines, ruby-virtus, sigx, sorl-thumbnail, subtitleeditor, texmaker, tweepy, visualboyadvance, webissues, xfe & zeroinstall-injector.

Categories: LUG Community Blogs

Steve Engledow (stilvoid): Sorted

Mon, 30/11/2015 - 15:07

I decided to restructure the folder I keep code in (~/code, natch) - taking my cue from how Go does it - so that the folder structure represents where code has come from.

As with all things, moving a couple of hundred folders by hand seemed far too daunting so I wrote a bash script to do it.

This script enters each subdirectory within the current directory and, if it has a git remote, moves it to a folder that represents the git remote's path.

For example, if I had a folder called scripts that had a git remote of, this script will move the folder to

#!/bin/bash # Target directory for renamed folders BASE=/home/steve/code/sorted for i in $(find ./ -maxdepth 1 -mindepth 1 -type d); do cd "$i" folder="$(git remote -v 2>/dev/null | head -n 1 | awk '{print $2}' | sed -e 's/^.*:\/\///' | sed -e 's/:/\//' | sed -e 's/^.*@//' | sed -e 's/\.git$//')" cd .. if [ -n "$folder" ]; then mkdir -p "$BASE/$(dirname $folder)" mv "$i" "$BASE/$folder" fi done

Yes it's horrid but it did today's job ;)

Categories: LUG Community Blogs

Mick Morgan: cameron meets corbyn

Sat, 28/11/2015 - 20:01

(With thanks to David Malki!)

Categories: LUG Community Blogs

Mick Morgan: christmas present

Mon, 23/11/2015 - 19:12

Like most people in the UK at this time of the year I’ve been doing some on-line shopping lately. Consequently I’m waiting for several deliveries. Some delivery companies (DHL are a good example) actually allow you to track your parcels on-line. In order to do this they usually send out text or email messages giving the tracking ID. Today I received an email purporting to come from UKMail. That email message said:

UKMail Info!
Your parcel has not been delivered to your address November 23, 2015, because nobody was at home.
Please view the information about your parcel, print it and go to the post office to receive your package.

UKMail expressly disclaims all conditions, guarantees and warranties, express or implied, in respect of the Service. Where the law prevents such exclusion and implies conditions and warranties into this contract, where legally permissible the liability of UKMail for breach of such condition,
guarantee or warranty is limited at the option of UKMail to either supplying the Service again or paying the cost of having the service supplied again. If you don’t receive a package within 30 working days UKMail will charge you for it’s keeping. You can find any information about the procedure and conditions of parcel keeping in the nearest post office.

Best regards,

I /very/ nearly opened the attached file. That is probably the closest I have come to reacting incorrectly to a phishing attack. Nice try guys. And a very good piece of social engineering given the time of year.

Virustotal suggests that the attached file is a malicious word macro container. Interestingly though, only 7 of the 55 AV products that Virustotal uses identified the attachment as malicious. And even they couldn’t agree on the identity of the malware. I suspect that it may be a relatively new piece of code.

Categories: LUG Community Blogs