Ladies and gentlemen, God Street Wine is getting back together for a couple of shows this summer and their fan club presale tickets go on sale in a half hour. I was bummed because I was getting on a flight to Austin for a friend’s wedding, right before ticketing opened. Well, I am on that flight now and apparently all American Airlines domestic flights have WiFi. Technology can be awesome sometimes (usually when it makes it easier to do every day things). Let’s just hope my battery doesn’t die before I can snag a few tickets.

Note: Fedora connected flawlessly. Bar none, we have the easiest networking setup out there. Dan Williams has done a kick ass job with Network Manager!

Update: Just purchased six tickets for Friday and six for the Saturday shows! The money goes to a good cause and I have plenty of friends who will come back to NY for this.

[read this post in: ar de es fr it ja ko pt ru zh-CN ]

DEV300_m74 +5 overall unused, though sal becomes unused method free.

// Because sometime you just need everything in the global context
var Module = imports.module;
for (i in Module)
    this[i] = Module[i]; 

// note this only works from scripts eval'ed via the C API
// gjs_context_eval or gjs_context_eval_file
// as this == [global object]

[read this post in: ar de es fr it ja ko pt ru zh-CN ]

The slides for my talk about the audio infrastructure of Linux mobile devices at BOSSA 2010 in Manaus/Brazil are now available online. They are terse (as usual), and the most interesting stuff is probably in what I said, and not so much in what I wrote in those slides. But nonetheless I believe this might still be quite interesting for attendees as well as non-attendees.

The talk focuses on the audio architecture of the Nokia N900 and the Palm Pre, and of course particularly their use of PulseAudio for all things audio. I analyzed and compared their patch sets to figure out what their priorities are, what we should move into PulseAudio mainline, and what should better be left in their private patch sets.

One of the rather odder bugs. OOo’s file menu suddenly appears for no good reason (while playing embedded video in Firefox on another workspace). Story is that OOo has the focus while the video is playing in totem-mozplugin, totem-mozplugin seems to want to inhibit the screensaver from kicking in so sends regular Left Alt strokes to the display via XTest. If OOo has the focus, it receives the Alts, and one of its quirks is that the file menu appears on press and release of Left Alt.

The DOJ is breaking up ES&S, the country’s largest provider of voting machinery, the OSDV project seems to be gaining some attention, and RHAT stock recently hit a five-year high. This seems like as good a time as any to dig up my ‘Red Hat should be in electronic voting‘ post and followup. Take the gamble, Raleigh! Buy the ES&S assets at bargain prices and get into the game.

As we are deluding ourselves here into thinking it’s snowing in Barcelona, I thought it appropriate to post some videos from the past few snowboarding trips.

Coincidentally, this is my first foray into the HTML5 video world – more on that later.

Let’s start with my favorite, the one where I show off how years of gymnastics in my youth help me keep my body in one piece:

(Also notice the cool new orange snowboard pants that I settled on. Snowboard fashion was really boring this year, mostly grey and black only, with some ugly flashy colours as exceptions. I leave it to you to judge whether orange is one of them).

We spent eight full days in Tignes, France, with only about three days of sunny weather, and the rest filled with clouds and snow.

My goal this year was to learn how to do a 180. With the help of an instructor, that’s exactly what I did! Here’s an admittedly simple one – all the good ones are not caught on video.

Here’s a more aggressive one with a bad ending:

A few weeks before our snowboard trip, we also had a business planning weekend which included one day of skiing. Xavier risked life and limb following me around with his iPhone to record this. It’s not the most exciting descent in the world, and he ended up missing my one fall in it, but I was surprised to see how short the whole descent really is if you don’t take any time to stop!

And here are Xavi and me relaxing over cheese fondue and raclette the day before the skiing:

Some notes about the HTML5 video part:

• there is an enormous difference in colour between playing Ogg in Firefox, MP4 in Safari, and MP4 in Quicktime, on the same MacBook. My pants range from a soft orange to a bright red. Something is obviously up!
• To learn about HTML5, I started with Dive into HTML5 Video, then learned about Video for Everybody, some web code that handles all of the stuff I don’t know how to do for me and just makes sure the video can play on Firefox/Chrome/Safari/iPhone/…
• Then I looked for WordPress integration, and found a plugin with a long name that implemented most of Video for Everybody. I modified it a little to do something more sensible for the poster image in case it’s external, and to accept .mp4 as an extension instead of .m4v (which is not suggested by Dive into HTML)
• I configured our transcoding platform to generate the three types of output file needed to support HTML5: the thumbnail, Ogg/Theora/Vorbis, and .mp4 with H264 and AAC.

The embedded video should work fine in Firefox/Safari/Chrome/iPhone/Opera (except in Aitor’s “I plug mplayer into Opera” case), and work fine in Explorer too where it falls back to Flash.

I couldn’t get this to work in Android. 2.0 is rumoured to support the video tag, but so far no dice, and I couldn’t find a single HTML5 video page online that the Android phones over here can play. If you can see these videos embedded in Android, or know what I should to fix them, please do let me know!

And not because she's set the alarm for the wrong time, or used a 'crazy frog' sound theme, but because it had a remote root exploit. It's fixed now.

It all started when I bought her a Chumby for Christmas. A Chumby is a little bedside device that can act as an alarm clock as well as running flash-lite applets. What made it especially appealing is that you can write your own applets if you want, and the whole thing is Linux-based and designed to be hackable: they correctly abide by the GPL and have their sources available, you can build and install your own software, you can even enable ssh and have a remote shell if you want to. And with NTP the clock is always at the right time, since I really don't like having out-of-sync clocks around the house.

So it was time to connect another device to my wireless network: a device designed to be left on and permanently connected to the network, and having a connected microphone, in the bedroom. A quick look around the OS and I found that it had a web server accessible by default, and a pair of CGI scripts, written in shell script, running as root, that didn't correctly escape their input. (Hint: writing secure CGI scripts in shell is non-trivial).

With a bit of careful manipulation (to get around some character handling in the code) I had a remote root shell on a default Chumby and could stream audio from the microphone remotely. Oops. Not too big a deal though as it's unlikely you're going to have it directly connected to the internet, although with some social engineering, if you know someone with a Chumby, you could do a cunning cross-site scripting attack and get a reverse shell that way.

I contacted the Chumby folks and they dealt with this like an ideal vendor; acknowledging the issue, keeping in contact, and doing a security update. Good for them. I like this device and vendor so much I'm going to buy another Chumby, and a few colleagues from work are too.

But how many other devices do we connect to our networks without thinking about them, and how many folks outside of the security paranoid have properly secured and segmented wireless networks? I've got a IP wireless network CCTV camera and a VOIP phone system both which seem to be running Linux (and both which seem to have vulnerabilities) to worry about next although harder since both are closed systems which haven't released their source.

So for CVE database: CVE-2010-0418 is "Chumby One before 1.0.4 and Chumby Classic before 1.7.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a carefully crafted request to the web interface". Reported 29 Dec 2009, vendor responded 29 Dec 2009, tested fix 3 Feb 2010, public and updates 4 Mar 2010.

[Note: original post containing these videos.]

If you haven’t heard of Bon Iver before then you’re in for a bit of a treat. (I’m sure that many of you have, and just don’t know it.) These three videos were shot by Vincent Moon and Chryde and really showcase how these guys sound.

If you love these videos, I strongly suggest you support the artist by buying their CD, For Emma, Forever Ago. It’s really quite fantastic. (I’d love to know how to support the video makers as well, but it’s not clear how to do so from looking at their site!)

Anyway, enjoy!

[Your reader has removed this video content or your browser does not support open video. Please see the original post or use a modern browser or view the video directly.]

[Your reader has removed this video content or your browser does not support open video. Please see the original post or use a modern browser or view the video directly.]

[Your reader has removed this video content or your browser does not support open video. Please see the original post or use a modern browser or view the video directly.]

One of the things I really love about my N900 is the ease with which I could share photos. You take the picture, click a few buttons, and there it is, your photo on flickr on Facebook. I’m sure other devices offer a similar experience, but this really is the first time I’ve been able to appreciate

Since a few weeks my Facebook sharing has stopped working. At first it only seemed like a missing icon and broken config. But I had a really really hard time to figure out the problem, much harder than it should have been for a mostly open platform. Of course, for some reason this sharing part is closed, which doesn’t make much sense at all. What secrets can Nokia possibly have invested in some code that pushes photos to flickr or Facebook.

So, as part of the debugging process, over various weeks, I’ve seen and done the following:

• When sharing through the Facebook account, the little ‘I’m sharing’ icon that pops up in the status area went away almost immediately, compared to sharing through Flickr
• Sharing stores outgoing stuff in $HOME/.sharing/outbox – files were piling up there
• At first I thought I had some login details problems, so I went to Settings > Sharing accounts and clicked on the Facebook account. That didn’t do anything at all, no dialog popped up. Since the Delete button is in that popup, I also couldn’t use the UI to recreate my Facebook sharing account.
• I started learning about where the N900 stores account info, following some dubious posts until I found out about signond, a daemon running as root that stores login information. This daemon uses the file $HOME/.signon/user_db.xml (You get no points at all for correctly guessing whether this file contains XML data, but please do go look for yourself!)
• I moved this file around to force recreation of data, which seemed to work after a reboot, since my Flickr data was now gone, as well as the Facebook one. I was able to click Flickr in Settings > Sharing accounts, but the Facebook still didn’t pop up a dialog. At least this narrows down the problem I should solve for now: I can’t even configure the service from scratch even when deleted, so let’s focus on that first.
• I reinstalled the package that contained the facebook sharing plugin. This restored the icon, but the popup still didn’t work.
• Usually I would just strace the relevant binary, but I considered the friction too high at first since there is no strace in fremantle, and I would have to set up a chroot for this.
• But what binary ? I didn’t even know what program handles the settings. After comparing a few ps listings, I figured out the program was controlpanel.
• Interestingly, you can just ssh into the device as the user, and execute controlpanel, and it will pop up the binary on the phone (even with X forwarding), which I didn’t expect, but is fine by me. This gave me a message like “sharing-accountstore.c 516 sharing_account_store_add_account Last added id exists: 35
  ” which I wrongly took to mean that adding a facebook account was failing because it was still somehow present in the config. This is when I figured out that this code is closed, because I wasn’t able to figure out where to get accountstore.c and look at what it is doing. I’m pretty sure it’s not storing its settings in gconf (at least I couldn’t find anything related to facebook sharing when walking the gconf tree), and it doesn’t seem to be in any dot folders in my home dir. Anyone know ?
• Finally, I gave up, set up the chroot, and straced that binary. And I should have known this would have led me to the right solution. Among all the noise, there were some calls trying to open a library. It’s normal for a bunch of calls to fail as it searches the whole LD_LIBRARY_PATH, but usually the last one of those in an strace log should succeed. But they weren’t; apparently /usr/lib/libfacebookcommon.so.0 was missing!
• Looking for that file on disk confirmed that it wasn’t there, and doing dpkg -L feedservice-plugin-fb-common showed that it should in fact be there. This reminded me of a pet peeve I have with those people who claim Debian’s packaging system to be far superior to rpm – apparently dpkg doesn’t have any equivalent of rpm -qv which allows you to verify that the files that should be installed by a package are indeed on disk. This would have saved me *a lot* of time figuring out this problem, and is typically the first thing I do on an rpm-based system where things act funny.
• With my first real clue in hand, I used ldd to verify that indeed there were libraries missing:
  

  ldd -r /usr/lib/sharing/plugins/libfacebooksharingservice.so
  …
  undefined symbol: facebook_credentials_free (/usr/lib/sharing/plugins/libfacebooksharingservice.so)
  undefined symbol: facebook_request_reset (/usr/lib/sharing/plugins/libfacebooksharingservice.so)
  undefined symbol: network_utils_post_multipart_with_progress (/usr/lib/sharing/plugins/libfacebooksharingservice.so)
  undefined symbol: facebook_get_email (/usr/lib/sharing/plugins/libfacebooksharingservice.so)
  undefined symbol: facebook_login (/usr/lib/sharing/plugins/libfacebooksharingservice.so)
  undefined symbol: generate_signature (/usr/lib/sharing/plugins/libfacebooksharingservice.so)
  undefined symbol: facebook_store_credentials_to_gconf (/usr/lib/sharing/plugins/libfacebooksharingservice.so)
  undefined symbol: facebook_request_new (/usr/lib/sharing/plugins/libfacebooksharingservice.so)
  undefined symbol: facebook_request_free (/usr/lib/sharing/plugins/libfacebooksharingservice.so)

• Using dpkg -S to figure out what package this belonged to, I apt-get remove’d that package, then reinstalled it and dependencies.
• Still didn’t work, so repeated the process, this time libfeeserviceutils.so.0 was missing, so reinstall feedservice-utils and dependencies.

And finally! The sharing plugin can again be configured, and all is well. But this experience was needlessly painful…

For the record, I didn’t tinker with any package files by hand (anyone who knows me a little knows my stance on packages and /usr), and I have no idea what I did to get into a situation where files that should be on disk aren’t. And I’m worried about what else is missing, so if anyone can point me to some resources explaining how to verify installed package manifests, that would be awesome.

I got some nice birthday gifts (mostly the ability to be around family) but possibly the best gift I got was this Wondermark strip:

I will henceforth refer to reading a contract as ‘looking for locomotives.’

As a bonus, and related to my recent post about plain english in the law, Wondermark is apparently working with the Center for Plain Language on a contest to reward plain (and terrible) use of plain English in communication. That is terrific to hear, and I wish them great luck with it. I only wish I had some appropriate examples to submit to the contest.

Apparently, someone decided to go shopping instead. But really guys...really?

Due to the big storm Thursday night, we spent two days without power. After freezing ourselves on Friday, we decided to spend Saturday at a friend's place (thank you Aris, Chris and Sarah). While checking on our house, there were always crews at work trying to clear up the fallen trees, reopen roads and reconnect power and communications lines. A big thank you goes out to the power and telco crews who are working around the clock to clear up the mess and reconnect New England.

My latest Amazon order arrived at work. One of the books was the Doolittle book in the 33 1/3 series. For those who don’t know, this series dissects an album track by track and tells stories about the recording. The first one I read was on Afghan Whigs’s “Gentlemen”, for obvious reasons.

These books tend to be a little top-heavy, saying less about the band and more about the reviewer, and they can be hit-and-miss because a lot depends on the actual writer/journalist. It seems the band remembers little about making the album. Two things stick after reading this one:

• Apparently I’m as prone to mishearing lyrics as anyone else. This book tells me that the first lines of La La Love You are “Shake your butt / Not too hard”. All my life I’ve been hearing that as “Take the bus! Not the car!” Somehow I’m going to keep preferring mine, although I have to admit shake your butt makes more sense in the context of the song.
• If you’ re doing a 100+ page book on Doolittle, how on earth do you manage to not talk at all about the hidden mini-album in Doolittle that you get when you play the tracks as numbered in the CD booklet ? Gouge away/Mr. Grieves/Dead/Wave of Mutilation/Tame/Hey/I Bleed/Monkey gone to Heaven tell a very different story than the main album. If there’s one question I’d ask mr. Thompson about Doolittle, it would have been about this one…

The book was written before the recent Doolittle tour, as it mentions Silver has never been played live by the band. Which I’m going to assume was correct before that tour since I have no bootleg evidence to the contrary…

Yet another post on my series on Food. This time it’s a video by Mark Bittman who talks about our food system, what we’ve lost and what we should be doing. (I love his focus on real food – not most of the imitation food we have today.)

Original Post. Licensed as CC-BY-NC-ND.

(Thanks to Deb for finding this!)

I know there have been a lot of questions about where the chromium packages went, so I've been cleared to make the following statement:

We have discontinued distribution of the Courgette package after having learned of allegations of patent infringement relating to the package, including a patent lawsuit
brought against Google. (See Red Bend Ltd. and Red Bend Software Inc. v. Google Inc., Civ. Action No. 09-cv-11813 (E.D. Ma.)).

Okay! With that out of the way, there are new chromium packages for Fedora 11 & 12 available here.

You may be asking, what about Fedora 10 and 11? Well, I stopped doing Fedora 10 builds quite a while ago, and either no one noticed, or they were okay with the older build. Fedora 10 is end-of-life at this point, so I didn't feel any guilt over stopping those builds.

With Fedora 11, the problem is this: The way that I do my chromium builds is to remove as much of google's bundled copies of system libraries as possible. One of those libraries which I patch out is libicu. Fedora 11 has libicu-4.0, which worked great for a while, but lately, the chromium code is dependent on features which are only found in libicu-4.2. So, my options here are:

A) Figure out some way to make a libicu42 package for chromium to use and link against but which won't conflict with the Fedora system libicu
B) Generate a new source package just for Fedora 11 which has the bundled copy of libicu and uses it instead of the system bits (which I really do not want to do)
C) Not build for Fedora 11

So, for the moment, I'm sitting in C, because I really have very very little free time. If a kind soul wanted to help generate a libicu42 package (that doesn't conflict), I would be able to get Fedora 11 going again. Otherwise, you can be patient and wait for me to get around to having the time to do it myself. :)

ADDENDUM: If you emailed/dented/twittered/irc'd me asking what was going on, and didn't get a response, I'm sorry. Please don't take it personally. The above statement is all I can say on this topic, and I haven't been able to even say that much until just now.

ADDENDUM 2: Thanks to Alex Butcher for providing libicu42 packages which do not conflict, Fedora 11 chromium packages are back now too.

Barnes and Noble released the nook source code last week. This includes the code to busybox, uboot and their kernel. Unfortunately, the uboot and kernel code both appear to be missing swathes of code found statically linked in the binaries that they're distributing. License compliance is hard, let's flail wildly.

Visiting family for my birthday; if I don’t respond to your email it is because I am soaking in sunshine.

In DEV300_m72 filter and desktop are now unused method free. Though additional unused methods in scripting and sc appear. -16 overall

Okay I've been busy elsewhere but dragged myself back to try and finish this for upstream

v10 of the patch is up
http://people.freedesktop.org/~airlied/vgaswitcheroo/0001-vga_switcheroo-initial-implementation-v10.patch

changes are mainly that mjg59 was right about keeping ugly things in the drivers.

adding ATRM support to get the ROMs on ATI hybrid for the discrete card was actually a pain with the previous code design,
so I moved lots of it around again, and now the discrete ROM can be retrieved via the ATRM method.

I've tested it on the W500 and it works as well as before, which means still the 3rd or 4th switch fails and locks the machine up,
I need to debug this further.

The refactored code should hopefully make it easier to fill in the nvidia/nvidia and intel/nvidia blanks for mjg59.

Update 1: v11 is now up
http://people.freedesktop.org/~airlied/vgaswitcheroo/0001-vga_switcheroo-initial-implementation-v11.patch
It should fix the failure to switch to IGD the 2nd time hopefully.

Update 2: v13 is now up, it blindly implements nvidia DSM changing, but I've no idea if it works. Hopefully someone can test it and give me some feedback. Its nearly all guesswork from work mjg59 did.

Chris asks where OpenSolaris is headed. My reaction: nobody cares anymore. FreeBSD established itself as the alternative to Linux, and that leaves Solaris with no niche. So, whatever. It is much more important what is going to happen to OpenOffice and MySQL. Also, Sun carried a pretty large assortment of lesser projects, such as Lustre.

I’ve seen other people blog about it as well, so I shouldn’t stay behind – obviously it’s noteworthy.

In a good seven hours, our platform will be streaming a talk by the eminent Mr. Lessig from Harvard. Apparently the stream is going to be projected in various locations around the world as well where people will gather to follow the speech. While we’re only the technological medium and hence a small piece in making this possible, it still makes me proud to be part of this chain. It’s moments like these participating in a chain of openness that make me think business and technology can be used for the greater good.

For more info, see our blog. I’ll be tuning in after landing in Brussels at midnight tonight!

The Open Video Alliance will be hosting an online chat with Lawrence Lessig tomorrow at 6pm eastern time / 3pm pacific time (see more time zones here.)

There are a lot of events in person as well. I will be at the event near San Francisco.

The event will also be broadcast live with open video, thanks to Fluendo. The best client for you to watch it in will be either Firefox or VLC. More instructions on clients can be on the openvideo wiki.

ld gives you "Can not allocate memory".

(turned out to be a corrupt object file)

So yesterday we found a bug in RATS (Rawhide Acceptance Test Suite - the scripts we use for testing Rawhide and other Fedora candidate trees). The test found no problems with the Fedora 13 release candidate tree we'd just made, but when we tried to install it, the installer died because the kernel had missing dependencies. Huh? The tests are supposed to check that!

We checked the logs, and the test script hadn't even checked the kernel package. But 'kernel' was definitely in the list of packages that were supposed to be checked - and it was still in the list after we got through the loop that checked all the packages. But it never got tested. What gives?

The cause turned out to be an embarrassing mistake on my part. Consider the following python snippet:

meats = ('bacon', 'pork', 'beef')

input = ['one', 'two', 'pork', 'three', 'four']

for n in input:
    if n in meats:
        input.remove(n)
    else:
        print n

What would you expect to see as output? Probably 'one, two, three, four', right? Instead, you'll get:

one
two
four

Shortening a list while you're iterating over it turns out to be a bad idea. You can append to the list just fine, and the loop will happily iterate over the new items you added once it gets to the end of the list. But if you remove an item, bad things happen. Here's what happens:

When the loop is processing 'pork', it's processing the third item in the list. When you remove 'pork', the list gets shifted up, so now 'three' becomes the third item in the list.

Then we hit the end of the loop and move to the fourth item in the list - without ever processing 'three'!

So it turns RATS was removing the package before 'kernel' in the package list - which was the right thing to do - but that caused us to accidentally skip 'kernel', leading to the false positive result from the test.

Long story short: Never remove items from a list while you're looping over it.

The excellent Eric Goldman had a good post Tuesday about giving students grades for wikipedia content. This reminded me that ages ago I’d written that two of my classes were going to use wikis, but never followed up on it.

picture: UC Berkeley Law School Quote, by ingridtaylar, used under CC-BY

The classes I used wikis for were different than Eric’s- he actually assigned students to create Wikipedia articles, whereas the four classes I ended up taking with wikis all used school-hosted wikis for a wide variety of purposes:

• Three designated note-takers taking notes into the wiki, allowing the banning of laptops for other students.
• Note-taking rotating among all students, with wiki gnoming being (if I recall correctly) an ill-defined grade component, but no non-note-taking articles assigned.
• Creation of articles in a class wiki being the primary grade for the class, and with some interaction with other student’s work expected, but with no significant intent that the articles written would become a permanent resource for the public. Essays were capped at 1,000 words- which drove many students nuts but led to some fine writing.
• Creation of articles in a class wiki being the primary grade, with the intent that the class website would build up over the course of repeated class offerings to become an authoritative web asset for the scholarly community working in that area.¹

(All of these classes except the last were in technology-related courses.)

Despite these widely different set of approaches, several pieces of Eric’s commentary rang very true for me.

First, basic wiki concepts were tough. Partially, this reflects poor technology- the average wiki is needlessly hard to use.² Eric saw this in his students (“it took students a substantial amount of time to format their entries into Wikipedia’s format”) and I think it was true in my classmates as well.

But it isn’t just about the technology. Eric says “[m]ost students did not intuitively understand how to approach writing an encyclopedic treatment of a topic.” That does not ring perfectly true for me- lots of my classmates read enough of wikipedia that the format was relatively familiar- but it isn’t insane, especially given the very wide variability in the treatment of legal topics in wikipedia. It would almost certainly help to provide a sort of ‘model’ article, much like the model memos used in writing classes. Since most of the cases will be about specific statutes or cases writing two model/template articles should suffice for many classes.

Other wiki concepts, like extensive linking, or publishing drafts to the world in wiki-style, were apparently even more strange to most of my classmates. None of the four class wikis were deeply interlinked or cross-referenced, outside of what was necessary to create a table of contents and occasional outlinks to wikipedia. Similarly, few students were willing to post works-in-progress to the wiki and refine them there- most students preferred to work privately and then put a final text into the wiki. I’m not sure that law school is the right place to teach wiki nature, and indeed Prof. Goldman seems nervous about publishing student work while it is still a work-in-progress³, but still- I was surprised so few of my classmates appeared to be into the wiki way of creating iteratively edited, interlinked content.⁴

Collaboration was another angle that was difficult. Prof. Goldman says “I gave students the option of working together on a topic, but none ended up pursuing that.” This is not surprising- law schools are essentially designed to teach anti-collaboration- but it is a shame, since collaboration is a (the?) crucial skill in legal practice. Some mandatory wiki collaboration (every student required to substantively edit and fact-check another student’s work, as well as their own writing?) might be a small step in the right direction- and might also help alleviate Eric’s concern about the amount of time he spent editing and fact-checking. As a bonus, the wiki nature of the project should make it easy to grade this student editing- the edits will all be right there⁵.

All these issues make it hard to write good informative wiki-articles in a class context, but surprisingly, they also made the class-notes-in-wiki strategy fall far short of its potential. I would have thought that the lower barrier to entry (no need for perfection) and the stronger incentive for students to delve into them (so that they’d be prepared for exams) would have encouraged these wikis to become ongoing demonstrations in improvement. But instead people just had other things to do, so they tended to languish, untended, until right before exams. I think some ‘live’ wiki technologies like Wave, Etherpad, etc., will help improve that in the future (by allowing more than one editor while the class is actually happening) but until them I’m afraid wiki class notes might not get very far.

In the one class I had that was truly article-oriented, the professor provided a set of suggested questions to research and address. Prof. Goldman seems to regret not doing this from the start, but unfortunately this seems like an inevitable requirement. At the time you want students to start researching and writing they just can’t know the subject area well enough to know what is ‘missing’ from the wiki, so you almost certainly have to provide pointers for all but the most driven students. Note here that this class was in a purely scholarly area (no one was going to treat our work on English property law of the 1300s as legal advice) so we did not have some of the constraints that he felt he had with regards to making sure it was right before it was published. It would be interesting to delve into this question more- given that articles do not identify their authors as lawyers, and given that people come to wikipedia with an expectation that it is imperfect, I wonder if students can be encouraged to publish more work in earlier forms than they might otherwise.

Prof. Goldman concludes that “[i]t is unrealistic to expect that most law students can produce useful entries without supervision.” I’m not sure I’d be so harsh; I think most of my classmates were capable of doing this if prodded to, and it seems like most of Eric’s were too (after more supervision than he expected, admittedly.) But if he is right, this is a pretty sad statement to make. We’re a profession which is necessarily grounded in our ability to communicate, and we should be a profession grounded in our ability to communicate clearly and concisely to a legally unsophisticated public- that is to say, to our clients. If our students can’t write a simple encyclopedia entry, we’re in trouble.

Despite this pessimism, I think the piece gets the most important part exactly right:

I think a wiki entry might be a useful alternative to the traditional seminar paper. I have never been a huge fan of requiring students to write law review-style seminar paper in a semester-long course. Ultimately I think it’s nearly impossible for a novice to come up with a good topic and write a coherent and well-researched paper in a 4 month semester from a cold start. (I expand on that point a little here). As a result, in practice, many student seminar papers devolve into quasi-encyclopedic treatments of a topic with a paragraph of student commentary tacked onto the end. Instead of going through that charade, the professor could channel the student’s research and writing effort into an expressly encyclopedic treatment. This would reduce the pressure students feel to come up with a novel topic, and it would allow the world at large to benefit from the student’s work rather than the effort going into a desk drawer (or worse, the circular file) at the semester’s end.

In my experience, wiki writing- whether the goal is inclusion in Wikipedia or not- really should be part of the law school curriculum. It is better than traditional papers for teaching basic research and scholarship, and if done well, can also teach collaboration, editing, and other writing skills. There is still a lot to learn about the ‘done well’ part, but I hope Prof. Goldman and others continue to experiment with it. They’re doing the right thing even if their students don’t realize it yet :)

1. This separate class wiki had a lot of benefits, most notably being that student articles are never targeted for deletion as irrelevant, but obviously the segregation from the main wiki community has drawbacks too. Maybe the equivalent of the class prize for best essay should be that the best article is ‘promoted’ to main wikipedia…
2. I think real-time wiki/wysiwyg tools like Wave and Etherpad will help fix this once they mature.
3. It might make sense to ‘incubate’ student posts in a separate wiki, so that their classmates can see and participate in each other’s work, before publishing it to Wikipedia.
4. Tangentially, focusing on linking may also provide the solution to Prof. Goldman’s problem that the school requires seminar papers to be 20 pages long- one article is unlikely to be of equivalent length, but an interlinked network of articles on related cases, statutes, and topics could easily grow to that size.
5. One could imagine giving 40% credit for the article and 10% credit for the quantity and quality of edits made to other students articles, if you had an incubator wiki

In recent versions PulseAudio integrates the numerous mixer elements ALSA exposes into one single powerful slider which tries to make the best of the granularity and range of the hardware and extends that in software so that we can provide an equally powerful slider on all systems. That means if your hardware only supports a limited volume range (many integrated USB speakers for example cannot be completely muted with the hardware volume slider), limited granularity (some hardware sliders only have 8 steps or so), or no per-channel volumes (many sound cards have a single slider that covers all channels), then PulseAudio tries its best to make use of the next hardware volume slider in the pipeline to compensate for that, and so on, finally falling back to software for everything that cannot be done in hardware. This is explained in more detail here.

Now this algorithm depends on that we know the actual attenuation factors (factors like that are usually written in units of dB which is why I will call this the "dB data" from now on) of the hardware volume controls. Thankfully ALSA includes that information in its driver interfaces. However for some hardware this data is not reliable. For example, one of my own cards (a Terratec Aureon 5.1 MkII USB) contains invalid dB data in its USB descriptor and ALSA passes that on to PulseAudio. The effect of that is that the PulseAudio volume control behaves very weirdly for this card, in a way that the volume "jumps" and changes in unexpected ways (or doesn't change at all in some ranges!) when you slowly move the slider, or that the volume is completely muted over large ranges of the slider where it should not be. Also this breaks the flat volume logic in PulseAudo, to the result that playing one stream (let's say a music stream) and then adding a second one (let's say an event sound) might incorrectly attenuate the first one (i.e. whenever you play an event sound the music changes in volume).

Incorrect dB data is not a new problem. However PulseAudio is the first application that actually depends on the correctness of this data. Previously the dB info was shown as auxiliary information in some volume controls, and only noticed and understood by very few, technical people. It was not used for further calculations.

Now, the reasons I am writing this blog posting are firstly to inform you about this type of bug and the results it has on the logic PulseAudio implements, and secondly (and more importantly) to point you to this little Wiki page I wrote that explains how to verify if this is indeed a problem on your card (in case you are experiencing any of the symptoms mentioned above) and secondly what to do to improve the situation, and how to get correct dB data that can be included as quirk in your driver.

Thank you for your attention.

We’ve got an opening at Mozilla to work on the team that does both web developer and mozilla developer documentation. We’re looking for someone awesome, who groks HTML, CSS JavaScript, C, C++, loves working with people and is a great writer to boot.

Basically we’re looking for a word Ninja.

If you fit the bill, feel free to apply.

(Note: Ninja outfit not included with hire offer letter.)

Alex Macgillivray, late of google and now of twitter, has a good post just now that might help hackers understand what transactional attorneys (aka corporate attorneys, aka ‘the people who write contracts rather than sue over contracts’, aka ‘me right now’) actually do on a day to day basis:

To put it in computer terms, imagine the contract as a computer program. In each the object is to be able to interpret the words and have that interpretation drive a result. Now imagine that there is no compiler for your program and that you can’t run any tests. All debugging must be done only theoretically and in your head. Imagine that you are coding with another person that is likely to be trying to develop a program that does something significantly different from what you want it to do. You and the other programmer may have different time constraints and, even though you are trying to do different things, you have to be on good terms with the other person because she could just as easily decide to stop working on your project. You and the other person take turns editing the code but without a common coding environment or standard tools to figure out whether the other person (or you) goofed it up. Then imagine that the code you are writing has a high probability of only ever being “run” through two different interpreters with significantly conflicting points of view about desirable outcomes and you likely won’t get to see the result of any of these “runs.” … Include a small chance that your code will be “run” by a relatively unbiased interpreter but the outcome of that one interpretation will be at extremely high stakes, often millions of dollars. Finally, know that you will likely get little credit for writing good code but will be crucified if the one time your code is run it doesn’t work flawlessly. Now you are beginning to understand how hard the job of a good transactional attorney is.

But as they say, read the whole thing.

Today I ran into a weird problem on my N900. I was clearing some space to put on more music, and to do so I wanted to delete some root images I had on the device.

I had used qchroot to mount each of them to decide whether I could delete them or not. The combination of mount, qchroot and closechroot however seem to have some issues; I’m not 100% convinced closechroot actually properly cleans up. It seems to do so, but running mount after it shows most chroot mounts still active, although you can’t actually access them or unmount them by hand.

Anyway, I unmounted them as best as I could, and deleted 3 of them, for a total of 8 GB. However, the disk space wasn’t actually freed. Deleting other files worked fine and reclaimed disk space as expected.

I rebooted, thinking that there probably were active references to the blocks, but this didn’t fix anything either.

I started digging around for possibly hidden Trash folders, and someone on #maemo suggested that there should be a /home/user/MyDocs/.Trash-1000 but it wasn’t there on my device.

Eventually, I found about dosfsck, which is installed on the device, and it said something hopeful:

Reclaimed 109128 unused clusters (7151812608 bytes).
Free cluster summary wrong (5274 vs. really 114402)
1) Correct
2) Don’t correct

and after some fiddling to actually make it apply the changes, it dropped the following files in my MyDocs:

FSCK0000.REC
FSCK0001.REC
FSCK0002.REC

They were all about the same size as the images from before, so I deleted these files and voila!

Since I didn’t find anything pointing to this using Google, I’m posting it here so that I can find it next time, as well as others that may need it..

Ran "yum update" today on F12 and the rewrite of BIND configuration produced a fail-to-start again. Only instead of a blatant syntax error with unbalanced braces like when DNSSEC was first enabled, they merely referred a non-existing file (/etc/pki/dnssec-keys//named.dnssec.keys). BTW, I looked everywhere, it's not a part of any package we ship in Fedora. What a facepalm, in the middle of stable release too. You know, the anti-Rawhide people always bring it up how Rawhide is "not guaranteed" to work. Well, is F12 "guaranteed"?

For about four recent releases it became noticeable that Fedora folks put a lot of effort into the QA and polish, but once release is out of the door, controls are relaxed and all sorts of dubious code flows freely in the guise of "security" updates. The S-word is some kind of a magic key that trumps any basic quality. The net result is going to be people installing releases and then never updating, once they catch up on what's happening. What's worse, once this folk wisdom gets established, it cannot be easily reversed even if updates become quality checked.

My God, I've been vaguely aware of the HTML5 video train wreck but I hadn't realised just how much of a fucking abortion the rest of the HTML5 'standard' is.

I had the misfortune to read the section on character encodings over the weekend, and it almost made me lose my lunch.

Not only does it codify the crappy and unreliable practice of applying heuristics to guess character encodings, it also requires that a user agent deliberately ignore the explicitly specified character set in some cases — for example, text explicitly labelled as US-ASCII or ISO8859-1 MUST be rendered as if it were Windows-1252!

It justifies this idiocy, which it admits is a 'willful violation', on the basis that it aids compatibility with legacy content. By which of course it means "broken content", since this was never actually necessary for anyone who published content correctly even with older versions of HTML.

But that doesn't make any sense — surely legacy content won't be identifying itself as HTML5? It might be reasonable to do these stupid things for legacy content, but not HTML5. The complete mess we have with charset labelling is a prime example of where the RFC1122 §1.2.2 approach of being lenient in what you accept has turned out to be massively counter-productive — if we'd simply refused to make stupid guesses about character sets in the first place, then people would have actually started getting the labelling right.

The sensible approach to take with HTML5 would just have been to say "All content which identifies itself as HTML5 MUST be in the UTF-8 character encoding. A conforming user agent MUST NOT attempt to interpret content as if it has any other encoding; any invalid UTF-8 byte sequences MUST be shown using the Unicode replacement character U+FFFD (�) or equivalent."

Or, if we really must continue to permit the legacy crap 8-bit character sets, it should have said that the content MUST be in the character set specified in the HTTP Content-Type: header or equivalent <META> tag.

Keep the stupid heuristics for legacy content by all means, but it should be forbidden to render HTML5 content in a character set other than the one it is labelled with, and all invalid characters (including the C1 control characters in ISO8859-1 which in Windows-1252 would map to extra printable characters like the Euro sign) MUS be shown as U+FFFD (�). And then the people who publish broken crap would see that they're publishing broken crap, rather than thinking it's OK because the browser they use just happens to assume the same character set as the system they're publishing from.

To me, HTML5 looks less like a standard and more like a set of broken hackish kludges to work around the fact that people out there aren't actually capable of following a standard.

Horizontal panoramas are so 2009 -- which is why I now give you the vertical panorama:

Now if I wasn't too stupid to hold my camera steady shooting upwards, this could actually have been a really good picture.

While tracking down some surround sound related bugs I was missing a speaker setup and testing utility. So I decided to do something about it and I present you gnome-speaker-setup:

The tool should be very robust and even deal with the weirdest channel mappings. OTOH the artwork is not really good and appropriate. But I hope it still shows some resemblance to other UIs of this type. If you are an artist wand want to contribute better artwork make sure to go through the Gnome Art Requests page, and more specifically this particular request.

This (or something like it) will hopefully and eventually end up in some way or another in gnome-media. Until that day comes I'll maintain this tool independently.

To compile this you need a recent Vala and libcanberra 0.23.

As I mentioned, I headed to Pittsburgh last week to give some talks at CMU and find out something about what they're doing there. Despite the dire weather that had closed the airport the day before, I had no trouble getting into town and was soon safely in a hotel room with a heater that seemed oddly enthusiastic about blasting cold air at me for ten seconds every fifteen minutes. Unfortunately, it seems that life wasn't as easy for everyone - ten minutes after I arrived, I got a phone call telling me that the city had asked CMU to cancel classes the next day.

This turned out to be much less of a problem than I'd expected - whether because of their enthusiasm to learn about ACPI or because they simply hadn't noticed the alert telling them about the cancellation, a decent body of students turned up the next morning. After a brief chat with Mark Stehlik, the assistant dean for undergraduate education, I headed off to the lecture hall. The fact that I can now just plug my laptop into a VGA cable and have my desktop automatically extend itself continues to amaze me, as does OpenOffice's seemingly unerring ability to get confused about which screen should have my content and which should be showing me the next slide. Nevertheless, facts were imparted and knowledge dropped on those assembled. I'm even reasonably sure that the contents were factually accurate, which is a shame because the most attractive part of teaching always struck me as being able to lie to students who will then happily regurgitate whatever you tell them because in case it turns up on the exam. Perhaps this is why I'm safer out of academia.

Lunch offered an opportunity to visit the Red Hat sponsored lab, which was pleasingly located somewhere other than a basement. The guy on the right of the picture is Greg Kesden, the director of undergraduate laboratories in CS there - it was wonderful to get an opportunity to see the machines getting used, and students seemed genuinely appreciative of the facility.

After lunch I spent a while talking to Satya about the Internet Suspend and Resume project. This is an impressive combination of virtualisation and migration, using a Fedora-based live image to bring up an OS on arbitrary hardware before downloading a machine image and launching it. The majority of the data is pulled in on demand, meaning that initial performance can be slow but ensuring that data is only downloaded if it's needed. When the user is finished, the delta between the original image and the new one can be pushed back to the server while remaining cached on the local machine in case the image is used again.

It's an interesting approach, combining the flexibility of thin clients with the advantages of having actually useful computing power at the local end. There's a few functional awkwardnesses, such as some VMs being unhappy if images are migrated between machines with different CPU features, and it obviously benefits from having significant bandwidth. But the idea of being able to combine the convenience of a floating session with the knowledge that you can still keep copies of your data on you is an attractive one, and I'd love a future where I can move my session between my laptop and a desktop.

After that there was some time to talk to Bill Scherlis and Philip Lehman about the software engineering courses that CMU run. Part of the minor in software engineering includes a course requirement to make a meaningful contribution to an existing software project, from design through to submission and upstream acceptance. I had the opportunity to talk to a couple of the students about this and the differences they found between working with the Mozilla and Chrome communities, which I'll try to write up at some point.

Finally I gave a presentation on Fedora and some of the issues that we face in providing a useful OS when patents and recalcitrant hardware vendors do their best to thwart us. Despite the ice outside and the significantly-below-freezing temperatures, enough people turned up that sorties had to be sent out to find extra chairs. It was great to see how interested people were in learning about what we do, although it's probably the case that the free pizza did help encourage people.

After that it was an early trip back to the airport, where I found that my plane was delayed and the only "restaurant" still open was McDonalds. Even so, I left with the feeling that it had been an interesting and educational visit. Many thanks to David Eckhardt, who runs the OS course I presented to and who looked after me all day - thanks too to Joshua Wise who picked me up when David was running late due to the ground being covered with blocks of ice.

OOO 3.2.0 “vanilla” install sets for minority Linux ports are now available from download.openoffice.org. 3.2.0 rpms for
* PPC (32bit powerpc)
* s390x (64bit z/Series)
* IA64 (64bit Itanium)
and 3.2.0 .debs for
* parisc (32bit HPPA).

There was a recent post on LWN suggesting that three specific Nokia patents may cover Theora. A deeper analysis indicates that’s just not true.

Two of the patents 6,950,469 and 7,263,125, are post-VP3 and therefore not relevant because the patent filing dates are after the invention and introduction of VP3 (the basis for Theora.) Thus, Theora predates these patents and could not infringe.

The other patent, 6,504,873, requires the affirmative step of defining a “linear equation” between two reference pixels. Theora does not use such an equation; thus it doesn’t satisfy the limitations of the claims and does not infringe.

Anssi Hannula posted a patch to add Gobi 2000 support to qcserial and provided me with support for gobi_loader. I've added the gobi_loader code here. You'll need Anssi's kernel patch from here, and probably also my followup patch with extra IDs from here. Note that the 2000 devices need an extra firmware file (UQCN.mbn) as well as the apps.mbn and amss.mbn files.

The qcserial driver is currently broken in 2.6.32 and later. It's due to the switch to using kfifo for usb serial, but we haven't been able to work out the actual cause. I'm looking at alternative approaches.

A video of Charles Babbage’s Difference Engine in operation at the Computer History Museum.

A larger and higher quality version of the video is also available.

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors was published today listing the most widespread issues that lead to software vulnerabilities.

During the creation and review of the list we spent some time to see how closely last years list matched the types of flaws we deal with at Red Hat. We first looked at all the issues that Red Hat fixed across our entire product portfolio in the 2009 calendar year and filtered out those that had the highest severity. All our 2009 vulnerabilities have CVSS scores, so we filtered on those that have a CVSS base score of 7.0 or above^[1].

There were 22 vulnerabilities that matched, and we mapped each one to the most appropriate CWE. This gives us 11 flaw types which led to the most severe flaws affecting Red Hat in 2009:

CWE	CWE Description	CWE/SANS top 25?	Number of Vulnerabilities
CWE-476	NULL Pointer Dereference	No (on cusp)	6
CWE-120	Buffer Copy without Checking Size of Input	Yes	3
CWE-129	Improper Validation of Array Index	Yes	3
CWE-131	Incorrect Calculation of Buffer Size	Yes	3
CWE-78	OS Command Injection	Yes	1
CWE-285	Improper Access Control (Authorization)	Yes	1
CWE-362	Race Condition	Yes	1
CWE-330	Use of Insufficiently Random Values	No (on cusp)	1
CWE-590	Free of Memory not on the Heap	No	1
CWE-672	Use of a Resource after Expiration or Release	No (on cusp)	1
CWE-772	Missing Release of Resource after Effective Lifetime	No (on cusp)	1

10 of the 11 CWE are mentioned in the 2010 CWE/SANS document, although 4 of them are on "the cusp" and didn't make it into the top 25.

This quick review shows us that 2009 was the year of the kernel NULL pointer dereference flaw, as they could allow local untrusted users to gain privileges, and several public exploits to do just that were released. For Red Hat, interactions with SELinux prevented them being able to be easily mitigated, until the end of the year when we provided updates. Now, in 2010, the upstream Linux kernel and many vendors ship with protections to prevent kernel NULL pointers leading to privilege escalation. So although 2009 was the year where CWE-476 mattered to Linux administrators, it didn't make the SANS/CWE top 25 as this flaw type should not lead to severe issues (as long as the protections remain sufficient).

Here is a breakdown with the complete data set to show the CVSS scores and packages affected:

CVE	CWE	top 25?	CVSS base	Fixed in
CVE-2008-5182	CWE-362	Yes	7.2	Red Hat Enterprise Linux 5 (kernel)
CVE-2009-0065	CWE-129	Yes	8.3	Red Hat Enterprise Linux 4,5,MRG (kernel)
CVE-2009-0692	CWE-120	Yes	8.3	Red Hat Enterprise Linux 3,4 (dhcp)
CVE-2009-0778	CWE-772	No (on cusp)	7.1	Red Hat Enterprise Linux 5 (kernel)
CVE-2009-0846	CWE-590	No	9.3	Red Hat Enterprise Linux 2.1, 3 (krb5) [2]
CVE-2009-1185	CWE-131	Yes	7.2	Red Hat Enterprise Linux 5 (udev)
CVE-2009-1385	CWE-129	Yes	7.1	Red Hat Enterprise Linux 3,4,5,MRG (kernel)
CVE-2009-1439	CWE-131	Yes	7.1	Red Hat Enterprise Linux 4,5,MRG (kernel)
CVE-2009-1579	CWE-78	Yes	7.5	Red Hat Enterprise Linux 3,4,5 (squirrelmail)
CVE-2009-1633	CWE-131	Yes	7.1	Red Hat Enterprise Linux 4,5,MRG (kernel)
CVE-2009-2406	CWE-120	Yes	7.2	Red Hat Enterprise Linux 5 (kernel)
CVE-2009-2407	CWE-120	Yes	7.2	Red Hat Enterprise Linux 5 (kernel)
CVE-2009-2692	CWE-476	No (on cusp)	7.2	Red Hat Enterprise Linux 3,4,5,MRG (kernel)
CVE-2009-2694	CWE-129	Yes	7.5	Red Hat Enterprise Linux 3,4,5 (pidgin)
CVE-2009-2698	CWE-476	No (on cusp)	7.2	Red Hat Enterprise Linux 3,4,5 (kernel)
CVE-2009-2848	CWE-672	No (on cusp)	7.2	Red Hat Enterprise Linux 3,4,5,MRG (kernel)
CVE-2009-2908	CWE-476	No (on cusp)	7.2	Red Hat Enterprise Linux 5 (kernel)
CVE-2009-3238	CWE-330	No (on cusp)	7.8	Red Hat Enterprise Linux 4,5,MRG (kernel)
CVE-2009-3290	CWE-285	Yes	7.2	Red Hat Enterprise Linux 5 (kvm)
CVE-2009-3547	CWE-476	No (on cusp)	7.2	Red Hat Enterprise Linux 3,4,5,MRG (kernel)
CVE-2009-3620	CWE-476	No (on cusp)	7.2	Red Hat Enterprise Linux 4,5,MRG (kernel)
CVE-2009-3726	CWE-476	No (on cusp)	7.2	Red Hat Enterprise Linux 5,MRG (kernel)

[1] NIST NVD rate vulnerabilities as "High" severity if they have a CVSS base score of 7.0-10.0. This ends up excluding flaws in web browsers such as Firefox which can have a maximum CVSS base score of 6.8.

[2] Red Hat Enterprise Linux 4 and 5 were also affected by this vulnerability, but with a lower CVSS base score of 4.3, due to the extra runtime pointer checking.

Your browser doesn’t support open video or you are reading this through a feed reader that strips video tags. Please view the video directly.

Shot this with my N900 on my flight out of Sweden last week and wanted to test out Pitivi. o

My PS/2 adapter seems to have died at last... Or, actually, it still works, but it takes several reboots to have it "grab" and start working. It was getting worse gradually, perhaps a capacitor is dying somewhere or whatnot. So, I hooked up a Belkin keyboard that I obtained many years ago for some kind of USB testing, and what do you know: I worked with computers for 27 years now and this is probably the second or third worst keyboard that I ever touched (the so-called "Cuban Videoton" or "CID" - the terminal made in the Island of Cuba - was the worst, and it had a couple of good competitors, one of which hailed from Yerevan, Armenia). The problem is subtle: keys of the Belkin Scorpius 980 Plus have a random friction in them. To write it in a blog, it sounds like a ridiculously petty complaint, but it's real. Typing anything correctly is a pain, and I have to program in C on it, goddamit.

I was thinking about killing two birds with one stone by getting one with a built-in touchpad in the laptop position. My trusty old ALPS touchpad is great and all, but it developed a peculiar problem: its feet became hard with age and it slides. The common Adesco keyboards get mixed reviews and the listed sizes are contradictory or not credible. Amazon has one SolidTek type that seems like the right size and design. One problem though: $40 price. Isn't it a bit high for what seems like a rather dubious quality? It's not like I am on welfare, it's just... not an Apple or Daimler-Benz product to command a price like that.

So, yeah.

UPDATE: Peter Zijlstra pointed out the Lenovo UltraNav, which is definitely a quality unit, but it has all me (mis)features of a ThinkPad: left Ctrl and Fn are swapped, buttons that go along with the nipple offset the touchpad down, Esc is way far up. I already have a T400 and I hate all of that. Otherwise, it's perfect.

UPDATE 2010/03/01: After some consideration, I went with the the IBM keyboard because of (a) quality and (b) 100% key pitch.

True, it has all the disadvantages of the Thinkpad layout, but at least to type on it is not painful. BTW, no Microsoft button.

Oh, and the ALPS touchpad is finally retired after 13 years of service without reproach. It probably is the oldest computer peripheral in the house by far, because usually I recycle ruthlessly.

I mostly read the article about Coverity's experience in the trenches as something I would read at The Daily WTF. Which I don't read, let alone daily: it's too far removed from my world. Still, some of that may come handy one day. Like this:

How to handle cluelessness. You cannot often argue with people who are sufficiently confused about technical matters; they think you are the one who doesn't get it. They also tend to get emotional. Arguing reliably kills sales. What to do? One trick is to try to organize a large meeting so their peers do the work for you. The more people in the room, the more likely there is someone very smart and respected and cares (about bugs and about the given code), can diagnose an error (to counter arguments it's a false positive), has been burned by a similar error, loses his/her bonus for errors, or is in another group (another potential sale).

But other than that, bah humbug. My universe is gcc (or maybe LLVM at the most). The heroic tales of fighting people who write C in StudlyCaps mean nothing to me. The only real import of the article is how Sparse needs more attention. If nothing else, Free Software developers need to counter-patent everything in Sparse for when Coverity comes for us, we'll be ready.

Recently, I’ve been doing some posts on food. This is another one.

A friend of mine recently posted a link to a pretty interesting article about an animal model meant to observe the effects of artificial sweeteners on rats. Here’s the money quote:

Even though the saccharin-sweetened yogurt group actually got fewer calories from their yogurt, they gained more weight than the group fed yogurt sweetened with glucose (Swithers & Davidson, 2008; Swithers, Baker, & Davidson, 2009). At the end of 5 weeks of study, the saccharin-fed rats had also gotten significantly fatter than the glucose-fed rats.

With my own body I know that there is some kind of expectation created by texture and flavor when you’re eating a specific food. In my experience, eating artificial sweeteners often makes me hungrier. And after eating a relatively natural diet based on foods that I can recognize, eating something that includes processed ingredients and artificial sweeteners is a shocking experience once I’ve consumed it. I can tell my body doesn’t really know how to react.

If this is something that interests you I also strongly suggest watching the video in my post on sugar by Dr. Robert Lustig as well as the video of Michael Pollan speaking at the Long Now Foundation. These are both long attention span posts, but they are worth your time to understand the world of food we live in.

(I’m aware that there’s some Confirmation Bias in my selection here, but evidence does seem to be aligning with my own personal experience, the experiences of my peers and large groups of people as well – see the videos for more information on the effects of sugar and processed foods.)

HotSSH 0.2.7

So I took a bit of free time to fix up some things in my semi-toy project hotssh. If you like it, you should upgrade since this release fixes some major bugs with the connection tracking, and some more minor things.

The project's at the point where though if I wanted to do anything noticeably more compelling, I'd have to either take the leap of using a real SSH library (maybe libssh?) rather than invoking OpenSSH as a subprocess. The problem is that gets into a lot of complexity in trying to stay in sync with whatever OpenSSH does (key management, known_hosts etc.). Probably someday though.

dbus 1.2.20

In the category of less user visible but probably more important, a new stable DBus is available. There are fixes larger and smaller (the real changelog is from 1.2.18 which was a paper bag release). I think one of the most important for mobile Linux users is the patch to switch to the monotonic clock; basically DBus will be more reliable if you suspend the system or reset the system clock. Besides other reliability fixes, there are some other small nice things like a better dbus-monitor. Thanks to Tom Hughes of Palm for the former, and Lennart Poettering of Red Hat and Will Thompson of Collabora for the latter!

And now back to some more user-visible GNOME Shell work; as Jon mentioned it looks like some new contributors are outpacing me, while I've been working on some of the underlying St toolkit infrastructure. Time to catch up!

Suddenly it’s upon me. Packing my bags for eight days of snowboarding in the French alps. It came so unexpected this year.

Found a description of off-piste runs on the net, should come in handy.

I’ll be sure to visit this particular spot in La Vallée Perdue that I snapped with my phone last year:

For those of you who haven’t seen Tomeu Vizoso’s blog on the hackfest we are trying to pull together this is a second call to PyGObject, Python 3 and GtkIntrospect hackers who might want to join us in getting the future of the Python bindings to GTK sorted out.

At issue are a couple of roadblocks to the continual maintenance of the the bindings. First is the lack of support for Python 3.0 and second is the unclear picture of how GNOME 3 effects us. The current plan is to finish the work done on PyGI (Python GObjectIntrospect support for PyGObject), at the same time making sure it all works under both Python 2.x and Python 3.x. Moving to the PyGI bindings should make the maintenance burden somewhat lighter for our busy maintainers.

If you have something you can contribute and are interested in attending our hackfest please take a look at the wikipage and e-mail myself or Tomeu. While this is being sponsored by the GNOME Foundation, you don’t need to be a Foundation member to be considered for an invite. We hope to be finalizing things soon and getting a budget to send to the board for approval.

[read this post in: ar de es fr it ja ko pt ru zh-CN ]

I'm "attending" the Red Hat Cloud Thing. The Deltacloud guy is presenting, Jeff Garzik is next with our own Hail. To get this working, I had to add thomson-webcast.net to Flash whitelist, otherwise the site said "No Scripting". It's about time somebody started a company streaming presos in Theora or something...

I'll try and post these regularly when I make major additions/removals.

drm-radeon-testing is the cutting edge KMS radeon branch, it is going to be rebased and things will be added/removed as they are worked on by developers. So you can base patches on it but you should talk to the developer who owns the area first.

git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6.git drm-radeon-testing

I've just pushed a rebased tree now with the following:

latest i2c algo + hw i2c engine code + all fixes squashed: This adds support for hw i2c engines found on radeons and
exposes them + sw i2c buses to userspace so i2c tools can use them. (agd5f).

pll algorithm reworking + quirks: cleans up the code to allow for the selection of the old pll algorithm on some hardware. (agd5f)

pm support so far: Adds all the current PM patches - just does engine reclocking so far using the power tables from the BIOS. (Zajec/agd5f)

Evergreen (Radeon HD 5xxx) support: basic KMS support for the evergreen range of devices - no irqs or accel yet. (agd5f)

radeon unlocked ioctl support (airlied)

bad CS recording (glisse)

misc cleanups/fixes - Dell/Sun server support ported from userspace hopefully.

The tree did contain Jerome's r600 CS checker but I've dropped it for now at his request as he has newer patches
in testing.

Okay, lets see. In the last week, I've sold my house, added a healthy baby boy to our family, had our first choice house fall through, had our second choice house fall through, and finally, bought a house. Oh yeah, and the Bruins broke their losing streak. :)

Pam did an excellent writeup about the baby's birth, so if you're interested, please go read it here: Pam&aposs Baby Birth Story
If you just want to look at baby pics, go here: http://spot.fedorapeople.org/baby/

While we were in labor on Monday, our Arlington condo was being shown, and the person decided they wanted to buy it and put an offer in. After a little back and forth, we got to a final offer, which we accepted. The only catch was that now we needed to find suitable housing to move to. We've been looking for 2 months now, so we had our short list narrowed down. We put in an offer on our first choice, which was an estate sale. It was a smallish house on 2 acres of beautiful land, we had already started planning out how we would expand and improve the house over time and where Pam would plant her garden. The house was priced very high, but the realtor assured us that it would never re-appraise for that value, so we put in a lower price offer. We assumed that they would provide a counter offer, but they refused! They were unwilling to move from the price at all. Our realtor strongly recommended that we not even consider paying their asking price. In fact, the seller's broker got so fed up with this decision that he dropped the listing entirely. Apparently, the sellers saw what the town had tax appraised the property for a few years back and intended to get exactly that much out of it and not a penny less. This was very sad, because the MLS listing had "MAKE AN OFFER!" as its first line.

Pam and I moved on to our second choice, but we wanted to go out and walk through it one more time to make sure, so we scheduled to go out with our realtor this past weekend. Our realtor was out of town, but her backup agreed to make the arrangements... but then she called us back to tell us that our second choice had gone under agreement the day before! Again, we'd gotten our hopes up, and now we really didn't know what to do. We did have a few more houses on our short-list, but they were honestly, not ideal for what we wanted. The backup realtor pointed out a new house that had just come on the market in Ayer, and encouraged us to go and check it out. It looked good on the MLS listing, but we'd been fooled before.

On Super Bowl Sunday, Pam, Baby Jimmy (we haven't decided exactly what we're calling the baby yet, James/Jim/Jimmy, so I'm trying nicknames out), Pam's parents (who flew down to help us out with the baby), and me all got into the car and went to see the house in Ayer, and wouldn't you know, it was just great! It had the space we wanted, nice high ceilings and wide hallways and a very open layout. There are a few places where it needs some work, the kitchen really needs to be redone and expanded, the finished office in the basement is a bit of a DYI job and it shows, but there is space to expand/fix it. Also, because it is in Ayer, there is no FIOS yet (the town website says it will be coming to Ayer in 6 months). :( But, we can have chickens (with permit)! It has an awesome yard with lots of gardening space and wooded areas. The lot backs up to protected land that the town owns that isn't buildable. The house is in a lovely little neighborhood, so Jimmy will have lots of other kids to play with when he gets older. I wanted to check out one other house that we hadn't yet seen, so we went to go look at it, but it had severe water damage, so I didn't get much past the front room before I knew it wasn't right. We headed back to the realty to meet our regular realtor (who was back in town) and we put in an offer on the Ayer house. During the Super Bowl, we went back and forth with counter offers, but they gave a verbal agreement to our second offer! Finally, we have a house!

My back is killing me! Babies involve so much bending and lifting. I haven't hurt this much in a really long time, but the baby is worth it. Today, we have more doctors appointments for Pam and Baby Jimmy. I'm going to try to get some small pieces of work done. I'm hopeful I can get back to work, at least part time, tomorrow. If you're waiting on me to do something, please be patient!

I sent out the "ncld" (a pun on ncurses) that I mentioned before. It is tested, and I already have tabled switched over to it. All is left is to get Jeff to apply it.

Savings in the code size are pretty good, but more importantly it is not impenetrable spagetti from 1968 anymore. And this is important if we want anyone ever hack on CLD voluntarily. People actually pay attention to shit code. To quote:

Fedora uses yum, which originally was developed by Yellow Dog. I forgot who told me this (I think it was either Jeremy [Katz] or Notting [Bill Nottingham]), but the story was that they (e.g. MSW [Matthew Wilson], Notting, and Jeremy) looked at things like apt-rpm, urpm, and yum as a base for [the] next up2date. Only yum passed the test "not to puke while looking at the source". That's how it came to be.

If you tilt your head just right, CLD is somewhat similar to Zookeeper in function (or so I heard), and one time someone asked why not just use Zookeeper. Jeff answered, "Zookeeper's API is too complex". I was concerned that someone would look at the code and think we were NIH hypocrites, because CLD's API before ncld was complex too (for no good reason - it was assembly-level complexity). Well, not anymore. What Jeff actually meant, I think, was that Zookeeper intrinsic architecture was too complex for what we want in Hail.

Jon Masters posted a somewhat ambiguous twit: "Why does Google use 1e100.net?" Obviously, 1e100 is the exponent syntax for gugol, but aside from that, why is it necessary to use a separate domain? It seems like a trick that is done often. Here's a short list:

Youtube uses ytimg.com. They started doing it before the acquisition by Google, and apparently it was used to host the static content. Youtube used 3-rd party CDNs for hot videos back then, but always with youtube.com for a domain. They continue that practice, except that ytimg.com now serves other random stuff now.

Google uses 1e100.net, which seems to pop randomly.

Facebook uses fbcdn.net. Obviously it means "Facebook CDN".

So, using a second SLD is clearly a common practice of some kind, that everyone in the business agrees is valuable. But how exactly does it work? Is it about the performance or security? Why only 2 domains and not 10 or 1000?

UPDATE: I have two friends called "Jon M." and other of them says:

It's for security. If you don't fully trust the security of your CDN, then you put it on a separate domain, so that content served from it can't access your users sessions.

Presumably it's because cookies are matched by domain. And Peter Jones adds:

It cuts down on http headers - especially cookies. If you put images on a second domain, it means /far/ fewer headers transferred, and fewer db lookups for the things /in/ them.

Those cookies!

I'm off to CMU at the weekend, in order to do a couple of talks on Monday (the 8th). I'll be giving an introduction to ACPI to the operating systems class in the morning, and an open presentation on Fedora, some of the challenges we face and how to get involved in Linux in the afternoon. This is as a result of our cooperation with CMU, which has led to things like the request on the right. How could we refuse?

I’m currently reading a book on modern legal drafting (read: ‘plain english for dummies, I mean, lawyers’). It is very good so far, but I think this is a telling stat about lawyers: 127 pages are devoted to why clear, modern english is a good idea. That is 22 pages more than are devoted to how to write clear, modern english.

This imbalance isn’t as insane as it sounds at first; there are some not-crazy reasons to re-use old language in legal documents, and explaining why they aren’t actually correct is a useful service. Still… given that some of the complaints about legalese cited by the book are over 200 years old, you would think the profession might at least by now realize that much legalese is a bad idea, even if we haven’t yet learned how to get rid of it…

(Favorite sentence from the book: “My client has discussed your proposal to fill the ditch with his partners.“)

Here's a really badly shot video of GPU switching in action ;-0 - whiteouts are mostly be logging out and in ;-)

Well, I’ve gone and done it. Thanks to David Malcolm’s excellent 2to3c tool and some hand wrangling with PyUnicode objects I was able to get D-Bus Python compiling and working on Python 3. Grab the patch and start testing it out.

I’ve also tested this under Python 2.6 but it would be nice to see if it also works under Python versions 2.6 since 2.6 has a couple of compatibility layers built in.

[read this post in: ar de es fr it ja ko pt ru zh-CN ]

DEV300_m71, svx, soltools and accessibility all 0 unused methods now. ucb reportdesign and sal nearly unused free. sc and sw creep up again. Over all count -17

v6 of the patch + another patch which needs some work before I can merge it are available now.

This mainly cleans up the patch architecture a lot and allow for Matthew to put his nvidia code in easier hopefully. Its moves the ATPX specific code to the radeon driver.

The second patch is from an experiment that I videod on a webcam but am now failing to upload, I'll probably get a better video tomorrow, the lighting was fairly bad for it today.

It basically allows for a delayed gpu switch ( it changes the debugfs API ), and allows gpu drivers to block the switch.

The switch file now takes ON/OFF like always, but the PCI IDs input is gone. There are 4 commands

IGD - try and switch now to the integrated device - can fail if drm drivers block it (mainly if X has the device open)
DIS - try and switch now to the discrete device - can fail if drm drivers block it (X again).
DIGD - try a delayed switch to integrated device
DDIS - try a delayed switch to discrete device.

So with X running you can echo DDIS to the file and log off X, it'll then switch as soon as X closes the drm device, and when
gdm restarts X it'll be running on the discrete GPU. If we had a shiny GUI on top of this it'd be as close as MacOSX can do it.
When you select to do a delayed switch we power up the other GPU straight away so the switch is quicker.

It needs more debugging, some open issues include:

after a few switches it can die on its ass
powering up the Intel glitches the display even when running the AMD
there may be race conditions in the patch, probably need a mutex around device open + this stuff
suspend/resume - since we D3 the card, if you do an s/r cycle it'll resume it, we need a flag in the
driver to say its powered off by the mux and to ignore s/r cycles - I've started adding this to radeon.

mjg59 has access to an nvidia laptop and is looking closely at how to make that all work.