malak.ca updated

Since about lat 2016, my website had problems with uptime:  It was mostly down.  In the spring of 2017, it was finally up and I did a bit of restoration work.  And then … it was down again for a few months.  (And, due to the circumstances of this downtime, my restoration work was lost.)

Finally, I transferred my website to an existing home server, and it is now living out of a computer which I believe may be as old as 2003, living under CentOS 7.x series, in my bedroom.  Having fixed a faulty telephone line (squirrels!) the line is now “not noisy” and the internet is back properly.

Main work has been:

I’ve finally got a convert, sort of, to whom I’m giving a linux desktop!

In 2011 a new hire at work was assigned to join me on a few field jobs in order to expose them to the kinds of things we do at the office.

At the time, I enthusiastically told him about my use of linux. Suffice it to say his reaction was “What is this communist stuff anyway?!?!” Harrrummmpphh. “Red Hat is in line to have $1 billion with a big fat capital B in revenues this year alone. Doesn’t sound very communist to me at all.”

Back in mid-December of 2015 — after countless times of telling him about linux in the meantime, hopefully a bit more toned down — he sent me a message: “Here’s a modest budget; set me up, I’d be interested in trying it out.” I was practically beside myself in my pleasure.

I came back from the Christmas holidays and announced that I’d tracked down a used computer for free, and just needed to get it into my hot little hands. I explained that I wanted to give him a relatively risk free introduction. In the meantime, the computer in question, I’m told, proved to be dead and not usable. I’m promised another computer, and this week, when it looks like I’ll indeed be getting it in time for an install day this weekend, I further explained to my colleague: “The computer is probably about four or five years old but it’s supposed to be a dual core with 4 gigs of memory. It won’t be the best performing computer in the world, and some things it just won’t be able to do, at least not spectacularly, not because of linux, but because of the computer itself; however, it should still be good enough for videos, games, and day to day stuff, and you’ll be able to explore all the software available for it and see what can be done with linux, and you can add a few things like a bluetooth dongle if you like.”

He cautiously tells me all along that I’m building up anticipation; the caution suggests to me that he is mildly tongue-in-cheek meaning “of the disappointing variety”.

I then start asking him very specific questions, like what he wants as the computer name (I give him examples of current and past computer names I’ve used, and advise him to choose carefully since using the name of a pet or relative could backfire in case something goes wrong, and in the process of relating the experience to family or friends they may be confused or even become upset), the user name and password to use, the root password he wants, and things like which email client he uses at home. Pleased that he’ll be able to use a GMail interface, he begins to apparently genuinely say “Oh now you’re *really* building anticipation!” instead of the cautious insinuations from before.

Therefore in anticipation of the build this coming weekend, I put together this list of the main things I’ll need to install on his computer, especially since I’ll be helping my brother-in-the-know again with another desktop install, and try to get in some of his under the hood expertise at getting my server to be a bit more useful than a rarely used ftp server, a backup server for my data which depends on my remembering to back up my data on it, and consuming electricity.

So enjoy my list of things to do to loading a Fedora desktop very similar to how I use mine. And yes I know that there are plenty of things I *don’t* say, like “take this icon and place it third or fifth or last in the dock on the left on the activities screen” or, how to do “that”. 🙂

Installing Fedora 21 (Part II), 32 bits at a time

In Part I, I talked about installing Fedora 21 on a new Dell desktop, and promised a Part II, somewhat tongue-in-cheek. But wait folks, I was serious. 🙂

I have an Acer Aspire One which I received new out of the factory sealed box as a birthday present in 2009, and immediately converted it to linux after receiving it – Fedora 11, to be exact. It has used, as I recall, Fedora 11, 12, 14, 15, possibly 16, 17, and 19, all without any trouble. Well, ok, none that can’t be attributed to “whaddya expect out of a notebook vs. a full horsepower machine” and errors stemming from somewhere between the keyboard and the chair. ?

However, time is starting to march on with this machine, and while it was great under roughly 18 months of Fedora 19, it was clearly starting to slow down a bit, but … well, Fedora keeps releasing new versions, and, well, while CentOS 7, which is based on Fedora 19 and which I’d be happy to install on my netbook, unfortunately is only available under 64bit while my netbook is only 32bit. So my options were to either keep Fedora 19 unpatched, upgrade to Fedora 21 workstation, which I wanted to do, upgrade to Fedora 21 with XFCE, which would probably make it peppier, or explore other distros, which I don’t wish to do.

When Fedora 21 Workstation came out in December 2014, I downloaded the 32 bit version, and the fun began. Within a couple of minutes of booting up the live DVD and before the desktop loaded up, the machine went into hibernation. This didn’t feel right, but I hit a key and things came back to life. Then, within about a minute, the machine went into hibernation again. I hit a key again, got a minute of performance, and it hibernated again, ad nauseum, and ad infinitum, literally.

Despite this, I decided to continue with the F21 Workstation installation anyway, and I ended up babysitting the install, hitting a key to wake up the system every minute or so during the installation. On a single core atom processor running at 1.5 GHz, this took a good long while and a lot of keyboard wakeups. Finally, the system was installed, but it kept on hibernating after roughly a minute.

As a reference, I proceeded to install Fedora 21 XFCE Spin, and, except for hibernating once during the initial booting up of the liveDVD, it worked like a charm.

One solution I tried was to do a “yum install fedora-release-workstation” or somesuch from an installed XFCE spin, hoping to then do a “yum groupremove XFCE” and repeat “yum install fedora-release-workstation” just to reinstall any packages which may have gotten removed, but it bricked the install and I had to reinstall XFCE yet again.

For a variety of reasons which are now lost in the winds but which probably included having gone through the following suggestions from ask.fedoraproject.org, I managed to install and re-install the XFCE spin several times again after probably having reinstalled the Workstation a few times in between.

I went to ask.fedoraproject.org to ask for help (here’s my archive), and I got a few interesting responses.

The first response I got was:

“You can do tests and get logs without interference with systemd-inhibit – ie sudo systemd-inhibit bash. The system won’t suspend or hibernate until you end the process invoked with systemd-inhibit.” This didn’t work; hibernation continued as before.

The next response was “I’m just guessing, but it feels like the system thinks that the battery is almost empty and because of that does the right thing in that situation. I’m not sure which software component is handling this situation but anyway, there seems to be a bug that happens to manifest on your particular environment.” This could have been ruled out immediately – mostly – because at the time the battery was physically out of the machine when I tested, and I was running on mains electricity out of the wall. Nonetheless, I did check, with a fully charged battery in, to be sure I wasn’t being a fool; no such luck, under both cases, the machine kept on hibernating every minute or so.

All through this, I learned that at least one user with a Toshiba Satellite Pro without a CD player had this same problem, and worked just fine up till Fedora 20.

My “brother in the know” helped me with some research, and we found something: In the Arch Linux forums, the problem is described, and the user “Scimmia” comes up with the following workaround (here’s my archive):

“Try setting ‘HandleSuspendKey’ and ‘HandleLidSwitch’ to ignore in /etc/systemd/logind.conf” “Scimmia” further claims that this problem appears to be caused by systemd/logind. This all means that somewhere, signals are being sent out, rightly or wrongly or otherwise, that are being interpreted as “the clamshell lid is being closed, so it’s time to hibernate.”

To wit, my brother and I, after I’d installed Fedora 21 Workstation for the probably at least third time, then boot up an XFCE liveDVD (but do not install it), and through some of my brother’s linux kung-foo, he mounts the hard drive, using Thunar in the XFCE spin as a facilitator, and we edited the appropriate file.

… And Bingo was his name-OH. (Translation: Yup, that worked and the machine now works.)

Here are the instructions to correct the problem, at least for an Acer Aspire One, and which are also findable through ask.fedoraproject.org:

1) install F21 32bit workstation, by babysitting the system throughout the whole install to keep waking it up every minute or so (literally!)
2) reboot using a live-dvd that works on the system, such as the F21 XFCE live-DVD
3) mount the hard drive (not really sure specifically how my brother did it but using Thunar seemed to help out a lot)
4)open a terminal session and make sure the hard drive is mounted
5) edit the file /etc/systemd/logind.conf (such as using nano)
6) uncomment the settings for “HandleSuspendKey” and “HandleLidSwitch”
7) set the “HandleSuspendKey” and “HandleLidSwitch” options to “ignore”
8) save the file
9) reboot
10) enjoy

… and, it seems, my instructions, posted on ask.fedoraproject.org, helped at least one other user with an Acer Aspire one. I’m pleased. ?

Now, as for what I think of it … well I like F21 Workstation. On my laptop, it’s a slightly sluggish, but still working well.

More on hotel passwords

Back in 2009, I was ranting about hotel passwords and the lack of any serious consideration most gave to their wifi access,
Hotel internet access passwords — Here’s a case for Captain Obvious
and Well Hallelujah! Big Brother has finally acted!

Well here I am in 2015 writing again on the subject. As you can guess, I’ve used plenty of motels and hotels in the intervening almost six years. As you can guess again, I’ve pretty much given up on my rant since then. And, as you can guess yet again, I’m currently sitting in a motel, using their WiFi.

And can you guess what comes next?

Well, when I checked in, they asked me “Would you like WiFi access?” which tipped me off to ask about whether or not the passwords are auto-generated each time someone checks in. Of course the poor lady was bewildered by the question, to which I responded, “Don’t worry, I’ll have the answer to my question when you hand me that ticket.” And whaddya know, it had a wifi access code that was obviously created on the spot after she’d clicked once or twice on her keyboard and looked at the screen before writing on the ticket. Not too too strong at only five alphanumeric characters, but it wasn’t a dictionary word. The sign in page said that the code was case-insensitive. My untrained eyes would guess it would only come up in a brute force attack, if someone were willing to try all 60,466,176 possible combinations, assuming it’s just the 26 letters in the alphabet and the 10 digits, with no special characters, and they only give out codes five alphanumeric units in length. Of course this ignores the fact that only the “currently active” codes are, well, active, that the system probably has some kind of maximum tries per period of time per mac address, and the like.

Of course, it would probably be cheaper and easier to rent a room, but then I don’t really know how easy or difficult

Of course this story’s postcript is that when I entered the code, it didn’t work — so I called to the front desk to report this and ask for a new one. Whaddya know, Big Brother not only has finally acted, he keeps records — the nice lady asked “Is it such and such?” I answered “not quite, here’s what’s written.” Turns out, the handwritten part of the code that said “U1” sure looked like a “W”.

Hallelujah, indeed.

I’d say that Fedora has arrived!

Almost five years ago in March 2010, I stated “Ubuntu and Fedora LiveCDs — Ubuntu a clear winner!”

I’d burned two live CD’s — one of the current Fedora of the day, and one of the current Ubuntu of the day. I had wanted a group I belonged to to use one to reformat a virus-infected computer to use it again. Incidentally, they declined the honour, however that’s beyond my point: I didn’t want to give them (or anyone) the Fedora CD, while I thought that the Ubuntu CD was great out of the box, specifically including OpenOffice.org (now LibreOffice) and a cute little directory including a short video, a sample mortgage calculator, and two or three other little gems which really put the CD over the top for its immediate usefulness.

Well, I haven’t really used Live CD’s much since I’m not all that worried about having linux on the run, but at this point Fedora 21 seems to only be available by Live CD’s. But to wit, the experience with Fedora 21 seems to be quite the improvement in experience, according to at least two of my somewhere between the stated and implicit standards of comparison: The inclusion of (now) LibreOffice, what I considered a killer omission, and the ability to quickly and easily install many “productive” pieces of software through the new software installer. To be fair, at the time Fedora limited itself to CD’s and in its efforts to include as wide a base as possible for supposed widest mass appeal, Fedora was unable to include OpenOffice.org (or, as possible, any usable subset thereof) due to space restrictions, although it was able to include AbiWord.

Now, Fedora Workstation includes LibreOffice, and by typing into the search box in the “Activities Overview” (click on “Activities” on the upper left hand corner of the screen, or invoke it using the “hot corner” by bringing your cursor up there), the installed software that may help you, as well as a number of other pieces of software in the repositories which may help you, as indicated by a little shopping bag to the left of the proposed piece of software.

screenshot of proposed software

Well, I guess now I just need to find someone who needs to have their computer saved from viruses and spyware. 🙂

I now have a Fedora Friend Finder!

In early 2011, I decided to go to a FudCon in Tempe, Arizona (here’s my archive). And here’s my blog summarizing my participation.

One of the things in the list of items to bring was a Fedora Friend Finder (archive, since the link disappeared), in other words an extension cord with multiple outlets / a power bar. This of course makes sense when you have a bunch of computer people gathering together, face to face: We still bring computers and as such we want to plug them in.

As you can see if you followed the link or checked my archive, the page featured a long power bar with 12 outlets, like the following:

12 outlet power strip

I of course had considered the power bar shown to be quite fanciful and even comical to the point of farce, and as such I assumed that someone had played around with The GIMP to produce the image.  However, the message was clear: I brought a four outlet power bar with a roll-up extension cord to FudCon Tempe, like the following:

cord caddy

During FudCon Tempe, I was mildly popular during the various “unconference” sessions and certainly made friends as a result of my power bar. In fact, during the “Lightning Talks” at the end of the “unconference” part, I was so popular that I had to turn people away who wanted to plug in, even after several other power bars had been plugged into mine.

Fast forward to this past week in 2014, and I’m shopping for supplies at a Canadian Tire for a job site I’m starting up, including electrical extension cords and power bars. What do I find? To my amazement, a 12 outlet power bar just like I’d seen on the Fedora Friend Finder web page. The person I was with was a bit bewildered by my fascination with it; to him, it was just a big power bar. It may have been odd, but it was just another power bar.

I wasn’t just fascinated; I was practically beside myself. Here I was in front of a real live example of the farcical prop I’d seen on a web page. Of course, I had to buy one.

Here’s a pic of it with eight personal pumps and one DryCal calibrator hooked up, charging the internal batteries:

my Fedora Friend Finder

I think it’s cool. It will probably eventually be used at home where I have my multiple computers and a big wide screen TV and PVR, where things are currently lit up like a Christmas tree, so to speak, with multiple power bars which are nonetheless underused given the multiple oversized adapters.

However, the temptation will be there to bring it out to any events at which not only would such a power bar be useful, but also to just brag on an “over the top” level and get incredulous looks along with a “may I plug in ?!?!?”

The Mac Trojan, the solution, and what I think about the millions of dollars it represents

A few weeks ago it came out that the Mac had a real trojan horse in the wild. (Here’s my archive.)

As I understand it, it was the result of a simple vulnerability, by happenstance a major beef I have with Ubuntu as well: some source — a website, a piece of software you install however you do it, or whatever, introduces a simple pop-up that says “Your machine has been compromised! Click here to remove it!” The dutiful lamb, er user, clicks “Ok”, then — and here’s the clincher — the downloaded “cleaning” software, which is actually the trojan horse, needs administrator access to install (or “root” access in unix parlance, the base of the Mac, and effectively the same thing with any linux distro), and the user obliges with their password. They do this of course understanding that it’s important to keep their machine safe from malware, and that when they’re doing certain things, they have to enter their password. “Trust me, I’m reputable computer software trying to protect you, I know what I’m doing. Professionals programmed me.” Then of course they get the user to hand out money for “licences” to keep their computer “protected” — as in, they get the “licence” money, and they send a command to the trojan to lie dormant and not do any harm to the system. (In some commercial districts, especially with small Mom & Pop style shops, it’s called “Protection” money; the cops call it “Extortion”.)

For the non-technically inclined, this works through a simple process:

– Under any Mac / unix / linux system, there is one all-powerful account called root.
– Switching to root to install software is occasionally a pain, so Macs (and Ubuntu) rely heavily on a command that is so heavily integrated into the system that it lets certain users transparently, when called upon, install any kind of software, good or bad, by simply entering their own password, on the presumption that this select group, which are listed in a special group, are trusted with system administration.

Here’s a bit more on root:

– This account literally is, within the limits of what that instance of the OS can do on the installed piece of hardware, the top god. For the purpose of this conversation, it’s Zeus, the chief god who is the most powerful god in Greek mythology, above all other gods.
– In such a system, the normal user — including the principal user of a computer with only 1 to 5 users (the typical home computer) — usually isn’t even a lesser god. They’re mere mortals, with limitations and unable to affect much beyond their own account.
– On the other hand, the root user, noticing that user X is consuming too many resources, can decide to put further limits on that user, or any other, but not vice-versa per se nor one mere mortal upon another. I have such a principal “mere mortal” account on all my computers, and I of course know the root passwords, so I can become root on those computers and do whatever I like on them; usual practice, of course, dictates that one temporarily logs into root to do whatever is necessary as root, then to log out back into the “mere mortal” account to do day-to-day stuff. Such as write this piece.
– One command in Mac / unix / linux is the “sudo” command. This allows defined “mere-mortal” users to elevate their privileges to that of the root user on a generally one-time and contextual basis which ceases when the task is complete, and which has to be re-invoked any time that they want or need to use said root privileges again. This overall makes them lesser gods: While they indeed do have Zeus’ powers, these powers are limited to the task at hand and only the moment at hand, and allows people to maintain their systems while avoiding carelessly doing damage, all in a convenient package. Therefore, the user can do necessary changes, adjustments, updates, and the like, but, since they are doing it as themselves with the necessary privileges only when the situation calls for it, they usually, under normal, routine circumstances — acting in the capacity of a mere-mortal — avoid doing system-wide damage, because, well, they aren’t root. Normally a simple command line command would either only affect their own account, but no one else’s, or, depending on the command, the system would (or should) say “you need to be root to do that”. The problem I see here is that on a Mac / Ubuntu / other similar system, as I explain below, sudo is so tightly integrated into the system that it’s normally presumed that since the user in question is typing in the command, they actually are fully aware of what the command does, and that they really want to do it, so the system automatically asks for their password, invoking Zeus’ — root’s — powers. (BTW, this is why it’s also dangerous to do day to day stuff as root — the system presumes that root knows what they’re doing. Hence why, as mentioned above, you only log into root to do rooty stuff, then you log out again to do day to day routine stuff.)
– Further, there is a certain security element to it: the system logs who invoked the privileges in this fashion, so that Zeus, er, root, can check up on his underlings. Incidentally, anyone on the system can be in a list of people with “sudo-er” privileges, and how they get it, when they get it, why they get it, for what purpose(s), and just about any other condition, can be set by root.
– Mac OSX, Ubuntu and its derivatives, and other similar systems, depend on sudo; in fact, the root user on both systems are disabled by default, and sudo is heavily integrated into the system: The principal user by default is the defacto root user, since their password is all that’s needed to do rooty things when such things are required — unless a savvy admin principal user makes another user a sudoer, which can be done quite easily, as explained above. To be fair, on any unix / linux system you can extremely limit access to the root user, and set it up such that the only way to use root privileges is by sudo; it’s just an active choice made by Ubuntu and MacOSX. Don’t despair, on an Ubuntu system, it is also trivially easy to reenable the root user, and remove the principal user’s (and other users’) sudo privileges; I have no clue regarding Mac OSX but I imagine that it can be done. And, no doubt, break your warranty and support privileges at the same time.

So, back to the subject at hand:

What happened with this trojan horse is that the wolf (the trojan’s programmer(s)), knowing that Little Red Riding Hood (the users) have been trained to protect their system from attacks and keep them updated and to trust the computer when it says “you’ve been attacked”, dressed up as Grandma and said, “Trust me. I’m trying to protect you.” Said LRRH users obliged. And, as I mentioned earlier, those who control the trojans get the “licence” money, send a command to the trojan to lie dormant, and as long as the money keeps on coming, no harm comes to the system. (In some commercial districts, especially with small Mom & Pop style shops, it’s called “Protection” money; the cops call it “Extortion”.)

Can you blame the users?

For the purpose of this piece, I am forced to say “No.” At least to the extent that the culture that the systems that they are using is blinding them. (Even under linux you’re expected to keep your system up to date to avoid such difficulties.) “Oooh, we’re easier to use. Oooh, we’re pretty. Oooh, you want to use your computer, not maintain its innards, just like you don’t need to be a mechanic to drive your car or ride your bicycle.”

Of course it’s a two way street: The fact is, computers these days are complicated, because the things we ask them to do are complicated. Which means that, when it comes to computers at least, a quote by Admiral James T. Kirk, to the young and inexperienced Lieutenant Saavik, after taking control of the bad guy’s ship by essentially using the ship’s root password (the ship’s “prefix number”), taking down defences, and causing critical damage, comes to mind: “You have to learn why things work on a starship.”

sudo is not evil, much as I might think or want you to believe it is. However, as I’ve said earlier, it likely could be — and here’s the proof of concept — the downfall of any system that depends on it. The main reasons it isn’t evil is that next year, someone will find another weakness to exploit, and it is quite convenient to use. Maybe in a fashion directly in line with my “holier than thou” approach to commoners’ computing (r).

And in other corners …

This trojan resulted in the proposition — so I’ve heard, so this is pure speculation at this point — that the App Store concept could be applied real hard, to the Mac. As it is, the App Store already exists for the Mac; I actually think that the App Store for the Mac is a good idea: It’s a repository of trusted software that will work — and knowing Apple, spectacularly well — on the Mac, instead of downloading it willy-nilly from anywhere on the internet. However, the idea here is that it would be to the exclusion of all other sources. And here I thought that Apple was pioneering in the Mac world the repository system, hopefully to be followed by others, just like in linux.

The upside:

– You can get all your software from one place, and it would be (presumably) safe.
– Apple would digitally sign each piece in a couple of ways such that you could only get usable, safe software from there.
– Presumably, Apple will run all software through thorough testing so that the chances of it being infected with a virus or it being or rendering your computer vulnerable to compromise would be remarkably low. (When was the last time you heard of an iPod Touch / iPhone / iPad virus or trojan?)

The downside:

– You won’t even be able to compile your own software to run on your own machine (oh sure, I imagine in a virtual testing platform at least conceptually similar to the platform used develop iPod Touch and iPad apps).
– Like with the iPod Touch, I imagine that you’ll never know whether you’ll ever be able to run your software — of which I imagine many apps will be important to a good number of developers, if only internally, and not just be yet another tip calculator or yet another Tetris reimplementation — until it shows up in the App Store. Apple isn’t stupid, though; I’m sure that with the current App Store money talks many languages, and that many commercially-backed apps get through a little more easily and assuredly when the developers pay a fee guaranteeing its appearance in the App Store, or a higher-than-average commission per download/sale.
– Of course, you will have to fork over the source code to Apple. And, only Apple will ever truly have full access to the source code of the final product, so you won’t know whether they’ll modified it (admittedly, sometimes no doubt for the better), how they’ve modified it, whether they’ve introduced bugs or vulnerabilities, or back doors. So far, nothing different from the way the App Store for the iPod Touch or the iPad work.

But here’s what really gets to me:

So you want to develop some internal software that will give you a competitive edge over your competitors? Say, a different, possibly revolutionary analysis scheme for the metrics in your industry? And, you use Macs because you consider them to be either superior to other platforms, or their use otherwise adds some inherent value to your operations?

I see a money stream for Apple here. No, a cash cow. “OK, you *must* submit the source code to us. We’ll compile and digitally sign it, and make sure it works properly on your machines. We’ll review the code, identify and remove bugs, and even suggest better code and functionality. And only your operation’s computers can install the software; we’ll password protect access to the software. For a fee, of course. Oh, you don’t trust us? OK, here’s a Mac server that you can have in your server room. You’ll get a control panel. Of course, the server will ultimately still be controlled by us only, the code will still have to be reviewed by our engineering team, and your “submit” button will merely inform our team to start looking at things, and we’ll still control what goes into the final, compiled code, including back doors and all sorts of unknown blobs. Possibly some critical functions of the “revolutionary analysis scheme” being disabled, removed, or massively modified, or replaced with inferior substitutions. For a massive fee, of course.

Sort of adds an ironic twist to the notion of “proprietary software”, doesn’t it?

Seems to me that the only thing that will keep Apple clean on this one is that it’s actually in Apple’s interest to be a clean and legitimate player. Apple has successfully built a business based not on being the biggest, the greatest, the cheapest or having quite the latest or greatest technology (sometimes things are slightly a step behind). Or even making the biggest profits. They’ve built a business on delivering a clearly superior user-experience and tightly integrating the software and technology; for instance, there’s actually something to the iPad’s function of closing instances of web browsers above a certain number, since allowing too many instances to remain open (sometimes as Orphan Annies or Captain Dunsels) they may not be performing any useful function to the user, yet would be consuming system resources such as memory, processor time, or battery power that could deprive other processes of necessary resources, and ultimately diminish the user experience. This idea has merit; every once in a while I have to make a point of closing down some windows simply because there are too many open and they’re slowing down my system.

Of course, such a value-added division — that of reviewing software over a diverse cross-section of industries and making them work really well on a given platform — would mean that they would develop lots of expertise. And, it would naturally make Apple quite the intellectual powerhouse. Imagine, Apple Medical Consulting Services. Apple Financial Expertise. Apple Engineering Software. Apple Human Resources Management. They actually would accumulate this expertise.

But what if the software that, in keeping with their business practices and policies, is necessarily in their care proves to be less then optimal, not because of the submitted source code, but because of Apple’s actions? Of course these are concerns that any company worries about every day; the issue here is the monopoly that they would be creating.

Now let’s not blow things out of proportion: Macs are remarkably secure. So is Ubuntu, and by and large any typical linux distro, certainly any of the mainstream distros and any other that is “properly” designed and maintained (I bet that you could take a dot-com era distro and actively administer it, and it will be relatively secure.)

But it seems that Apple has brought and will be bringing the repository model, which flourishes under linux, to a logical extreme, and will generally make billions more than Red Hat ever will or even could. And, will no doubt exploit the model for even more billions. But at what cost?

What — jumping the fence for a moment here — do only evil, maniacal control freaks have a monopoly on knowing know how to build safe, high-quality software?

Or maybe, just maybe, is it a matter of what makes the likes of Apple, MS, and Red Hat so successful the fact that they are able to command the sales revenues required to attract highly talented teams of programmers and other experts?

And — now coming back to the other side of the fence — what about the added value that volunteer programmer and other volunteer contributors bring to their software?

Realize that in a linux distro, the distributor leverages open-source software — with varying amounts of both paid-professional and volunteer (both otherwise professional) contributor content — to make their distro. The underlying OS part of OSX is based on Darwin, which is a direct derivative of FreeBSD, which again has varying amounts of both paid-professional and volunteer (both otherwise professional) contributor content. And even MS has a certain amount of BSD-derived code in it, for things such as the networking code, and probably elsewhere.

So, all this makes me wonder a bunch of things:

On trojans, malware, spyware, viruses, and social engineering:

I hate ’em all. I hate that there is an industry out there whose basis for legitimacy lies somewhere between software that is not optimal because it’s real brick-a-brack, and users who don’t use a bit of common sense. There will always be people trying to get the better of you; it’s that people fall for the charms of charlatans, who have little defence against common sense, that bugs me, be it the trojan authors or the software writers who figure that people won’t know better regarding what they buy.

On sudo:

Well, the problem there really lies somewhere between the keyboard and the chair; using sudo has its advantages and disadvantages, just like logging straight into root does. That tightly integrating sudo can arguably aggravate things by hiding things and make them “easier” for the user doesn’t change the fact that if an user just always logs in as root, they can do whatever they want, including wiping the whole directory tree. People have to understand *why* the computer works and does what it does, and why it is asking for a password, whether it’s their own (for sudo) or it’s the root password.

On repositories and safer, better software:

How is the repository system going to benefit the Mac? Organized and even better quality software (presumably). It’s about time that Apple used the repository system. It’s about time that Windows adopted it too. It’s about time that a few people set up repositories, possibly competing, for Windows; imagine the lineups for software of all kinds found in a single location that has been reviewed, works, is relatively safe and relatively virus free? You could use the iPod App Store model with prices ranging for $0.00 to $1,000,000.00 or more, or a NetFlix approach of a flat fee per month for unlimited access, or advertiser sponsorship, or some other revenue stream you dream up, or any combination of the above.

On monopolization and evil software empires:

Is Apple really all that evil? They don’t have *that* much of the desktop market share. Plenty more people buy MS — in the consumer market, either you buy a Mac, or you buy a computer, that has MS by default. A few of us, up to roughly comparable in numbers to the Mac crowd, depending on who you believe, use another OS sporting penguin stickers.

So I’m just having a knee-jerk reaction to the idea that Apple will probably become a monopoly over a really large cross-section of the economy.

My participation at FUDCon Tempe 2011

(I know, I’m a month late on this.)

I went to FUDCon for the first time this year; it was the first large gathering of Linux / Fedora /Computer people I’d attended, and I’m glad I went. I was also pleased to finally see so many Fedora desktops — over time I’ve become mildly frustrated being the only Fedora / Red Hat person in the room, often in a sea of Ubuntu.

One of the more difficult things was figuring out in advance how the nuances of how things would work: Not ever having been to a BarCamp style event, I had no clue how or whether a presentation I had prepared would be accepted, let alone inserted into the schedule.

My participation:

Friday

After a day of touristy stuff in downtown Phoenix, I showed up about 5:30pm ish to the courtesy room at the Courtyard in Tempe. After helping stuff nametags into plastic nametag holders on neckstraps, I actually managed to regale people with my stories about crossing the Canada/US border and get plenty of belly laughs. Harish and I managed to exchange a quip to the order of “Oooh, I get to meet the myth!” — first by my stating amazement at finally meeting someone who had once actually installed SLS Linux, and in turn being on the receiving end from Harish when I confirmed that I’m one of the Trekkie myths. In between, the two of us held court on the subject of rotary phones, much to the amazement of Ryan — a university student under 20 — at the anachronism. In the meantime, opensource.com was celebrating its first birthday and supplied pizza, beer and cake.

Saturday:

BarCamp pitches, voting, and State of Fedora Address

The pitches were an interesting experience — Of the 170 or so actual participants, it seemed as though at least a third if not half the room got up to pitch their presentation! During the voting process, near the end, I was quite pleased to note that approximately 30-40 people had voted for my presentation. Afterwards, Jared from Red Hat give his “State of Fedora” address, the audio of which can be found here (here’s my archive). His main messages dealt with growth and working together; Fedora is strong, not just because of the bits on the CD but because of the people. His ultimate message was that “Fedora will be stronger tomorrow because of the work today.”

Presentations:

Open Source Anthropology / Diana Harrelson

This was one of the more interesting presentations I attended. Diana did some research for her master’s degree on online communities, and chose the Fedora community as her test subjects. Some of the things that we as linux users — both Fedora and the greater Linux community — know about ourselves were confirmed. One such point that she underlined was the

Future Fedora and Reducing Bureaucracy / Max Spevack and the Fedora Board

This was an “interesting” session — perhaps not the best for me. What I found most interesting was how bureaucratic the meeting felt, and not just because of the subject being discussed. Of course it discussed how frustrated people are with how to get others involved in the Fedora project.

Fedora Security Lab and Securing Linux / Joerg Simon and Donald Buchan

Joerg’s presentation was interesting — he talked about one of Fedora’s spins, tailored to include a bunch of tools on how to test system security by measuring all sorts of parameters — open ports, security holes, and the like. I’ve downloaded it and plan on taking a look at how it operates.

My presentation worked out ok; people seemed (at least politely) receptive to my talk, the subject, and my suggestions. The most contentious issues? Root access, root passwords vs. keys, and su vs. sudo.

Juicy Software Repo Management with Pulp / Jason Connor and Jay Dobies

Even though it would have gone over my head as much as software repo management did, I wish I had have gone to Jeff Darcy’s Cloud Filesystem presentation since he’d been telling me about it on Friday evening. Unfortunately I don’t think I got anything out of this presentation, however well it was presented.

I Want to Keep on Hacking but my Hands Hurt / Mel Chua and Sebastian Dziallas

This was a fun presentation — Mel and Sebastien brought a bunch of ergonomic toys related to relieving and avoiding stresses related to using a computer. There were a lot of defacto visual gags as a result of people using the toys or assuming less harmful positions and ways to use your computer better.

FUDPub

Well as usual I showed off how horrible I am at games by agreeing to be beaten by, er play against Clint at ping pong. Food was great; burrito night! There also was plenty of liquid refreshment. I got to meet a computer science professor from Seneca College in Toronto, and thank him for the wiki he’d put up for his students’ participation in FUDCon, which can be found here (here’s my archive). Although I only found it the day before I left home, this was invaluable for framing and gelling all the little details about my participation.

Sunday

Designing UI mockups in Inkscape / MĂĄirĂ­n Duffy

This presentation was a bit more amusing for me; at least it wasn’t over my head. 🙂 MĂĄirĂ­n proved to be a true mistress when it comes to Inkscape, even though I suspect that for her and most Inkscape users what she was doing was basic stuff to be expected by anyone in graphic design. The coolest thing about her presentation? Her hot dog wallpaper! hotdog here too

IP Law for Hackers / Pam Chestek and Richard Fontana

This was an interesting, two hour session on how Red Hat lawyers have to deal with open licenses such as the GPL, and trademark issues related to the Fedora project. One of the main things I remember is to “keep the name of your project simple, memorable, and generic, ie. unrelated to your product.”

Lightning Talks!

Covered in another area, the lightning talks were apparently a new entry into the FUDCon format. I think that there should be a couple of such sessions, given a sufficient number of presentations. The most interesting talk? Mel talking about baking (here’s my archive). Seriously.

I did not attend the hackfests per se but I spoke with Simon about OLPC. I found his recounting of the successes of the OLPC in Bolivia (?) interestubg: The response to “we should be sending food and textbooks, not computers” criticisms is “Getting textbooks out is hard, but teachers can easily distribute educational resources with OLPC. And, the kids’ parents come back to the school in the evening to use the internet, and learn reading skills while also finding out the true price of their crops instead of being taken advantage of by unscrupulous purchasers hoping that uneducated, uninformed farmers won’t know any better.” As for having a static base (such as Fedora 7) creating a security risk, Simon reminded me that the likelier security risk is to the order of “Give me your computer, you little (censored)!”

I helped with clean up; after that I made an impromptu organization for a group of us to go to Gordon Biersch’s, a local brewpub. The whitbeer was good, and the chicken parmesan was good too. And a bunch of us organized a road trip for the next morning.

Monday

During the little road trip and on the topic of Fedora and Red Hat, I remember Brian (thank you for the driving!), a Red Hat employee, telling me about working at Red Hat and the RHEL sales model. It felt like tactics similar to a competing product.

After returning from the road trip, the hackfests on Monday were what I would consider “boring” — definitely not my thing.

The bright light for me was unfortunately at the expense of people who were stranded in Phoenix due to winter storms keeping their flights from leaving Phoenix — the Monday night party in the hotel lobby was quite a lot of fun, and even on Tuesday evening there were a few people still waiting around. I on the other hand had planned to stay sveral days later, so of course I was supposed to be there.

My thanks go to Jared, Robyn, Ryan, Southern Gentleman, Simon, Harish, Joerg, Ian, Clint, Chris, MĂĄirĂ­n, Mel, and everyone else.

Free PDF splitters, and other crippleware

Yesterday I downloaded a PDF splitter to use on my MS computer at work. And I got bitten, hard. I wouldn’t exactly call it crippleware; most people expect even crippleware to be minimally useful. This piece was not.

I shall quote the message that I sent to their support email addy:

I am writing to let you know that your free trial download for the PDF splitter is not a useful piece of software at all, for the simple reason that it intentionally and flagrantly renders the split documents useless by inserting the “watermark” — a large message spanning the diagonal of the page, in cherry red characters, saying “in order to remove this message please visit our website” — across every page of the document.


Were it to put a far more discreet message along the top or bottom, this might be tolerable however ugly it would be; however, it is hardly of any value to anyone wishing to take advantage of the “15 free uses” or somesuch in order to evaluate the software before deciding to purchase it; in fact, I expect that most people downloading the evaluation copies are immediately turned off by this malfunction.

Obviously, I don’t expect a response from them, at least not a useful response. Obviously, I would never have bought the software to begin with were I to have had a good experience using the software — I admit it, I’m cheap.

And sure, I should have thought things through a bit better and (as I mention below) install Ghostscript to do the job. Sure, I was in a bind and embarrassed myself and my employer in front of the client.

So of course, the following reactions come to mind:

– What, the programmer(s) wanted to show off their skill at insering “watermarks”, and that are ugly to boot?
– Or did the programmer or company put more thought into the dollar signs floating in front of their eyes than, oh, I don’t know, producing a piece of software that someone may actually wish to buy?
– Or did the Marketing Department convince the programmer’s supervisor that the watermark had to be put in?

And on a personal level:

– I should install ghostscript and run:
“gswin32c -sDEVICE=pdfwrite -dNOPAUSE -dQUIET -dBATCH -dFirstPage=m -dLastPage=n -sOutputFile=out.pdf in.pdf”
– I should stop trying to delude myself that there won’t be an ever increasing number of useless PDF tools out there that require you to buy the product before getting a true evaluation copy;
– When using my work computer, stop using a Windows mentality, and apply a thing or two that I know how to do under linux.

Of course in the short term, what I did was speak with the secretary very nicely, who has Adobe Professional to split the file, and she did.

My point should be clear: If you want to sell your software, go right ahead; I won’t be buying it anyway. And if you want to give away a trial period during which people can, well, try the software, go right ahead; I may try your product during the trial period. But why give a free trial period (in the case above, 15 operations) that reflects poorly on the company and actually annoys your potential customers?

News Flash — Linux spotted in the wilds of Montreal — again!

Back in January I mentioned a chance meeting with someone on a commuter train using Fedora on their laptop. Well this afternoon, I had another such chance meeting in a pub.

At a 5 Ă  7 (Quebec speak for “Happy Hour”) at Hurley’s Irish Pub on Crescent Street this afternoon, I walked by someone with a laptop listening to the Irish musicians, and almost walked by, the Ubuntu icon in the corner of the screen was so familiar (despite being a die-hard Fedora user). I realized my error and exclaimed “Wow Ubuntu in the wild!”

I got a quick look at Ubuntu Netbook Remix using Chrome. Dan, the user, said that though he uses Firefox at home on his desktop, he finds that Chrome is way faster at least on his netbook. He said that the machine came with another Linux distro when he bought it, which he didn’t much like, so he reformatted.

Well, Dan, you made my day!