- Info
Planet FLOSS Research
Planet FLOSS Research is a meeting point for Free/Libre/Open Source Software researchers. It aggregates several RSS feeds produced by individuals or organizations which are actively investigating FLOSS (see list in the "subscription" box in the upper right corner).
December 06, 2009
I accompanied Penny to Prague,
from where she embarked into the mountains today for a week-long
Moodle developer meeting. We
froliced in the city a bit, tried to avoid the hordes of anonymous
tourists that flooded the city, steered clear of the Christmas
kitsch that was all over, sampled Czech food wherever we could, and
enjoyed the local beer.
On Friday, Petr Baudis took us
out to The Pub, an
ingenious concept by the Czech brewery Pilsner Urquell: every table
has taps from where one can draw beers without waiting or having to
get up, guests accumulate a tab measured in litres, and a huge
screen shows which “The Pub” instance has the best beer throughput.
Add to that an automated ordering system for salty snacks, and the
brewery ensures a ready beer flow with need for no more than two
staff members.
Penny and I had already decided that Pilsner Urquell was our
favourite Czech beer, mostly due to its bitterness. We also sampled
the local Staropramen,
and the well-known Budvar, and found
our preference reinstated.
At street prices of 50 CZK per half-litre of Pilsner, it was
thus a punch in the face when the bartender at the airport bar
asked for 145 CZK for the carelessly tapped beer, offering crap
music and uncomfortable seating for the price.
I refused the beer, because I prefered to keep only the good
memories of the brew.
NP: OSI:
Blood
December 04, 2009
  It’s been a while since I posted stuff about the kids - that is, stuff that is neither FSFE (legal, licensing or policy) nor KDE (development, porting) nor NLUUG (open standards, open systems) related. I could even have titled this post “Who is my family?” to keep with the recent theme of posting random pictures of (sub)groups of people.
My youngest child is five years old. Among other things, that means that he now has “leerplicht”, which is a Dutch way of saying he must attend school during regular school days and hours — so no more rushing away to random countries for conferences for him. I had a vague scheme to take him to FOSS.in at one point, but this year that wonderful conference overlaps with Amiel’s birthday (ok, it would have been cool to have a party in Bangalore) and Sinterklaas (high point of the Dutch family social calendar) which meant that the MOMC put her foot down and said “you will (both) stay here.”
So now it’s december, Amiel is five and happy at school and about to start English classes — maybe I should try to teach Mira some python so she can start writing plasmoids (after all, she’s six).
December 03, 2009
Look at my horse
My horse is amazing
This is the last of the KDE e.V. board photo montages I’ll do from our recent board meeting in Berlin. You will note that we have considerable skills in rodeo riding as applied to dragons. But for a much better view of the KDE community (”KDE”) you should take a look at the planet or the dot.
December 02, 2009
Just because the source code isn’t all delivered in a tidy bundle to my doorstep with a thank-you note attached, doesn’t mean that I won’t try stuff out. Thanks to Christoph and Holger for explaining some of the WebKit things to me. In the course of today the KDE4-OpenSolaris folks updated the soprano packages, phonon (from an SVN checkout), and futzed around sufficiently that you should be able to build the Essential KDE Desktop (I don’t know where that fits in the new branding: it’s konsole, konqueror, kmail, plus integration with GDM so you can actually log in). As always, the specfiles and patches can be found in the Mercurial repo.
We still have 21 open bugreports against KDE trunk with patches attached (these are the same as patches in that repo, only reported upstream). That’s still a bunch to “encourage” maintainers to pick up. As a general rule, we commit trivia directly (happy constructors, const mismatches), file bugs on larger items, and try to keep the amount of unmergeable cruft to a minimum. I wrote some such cruft today for Dolphin, where apparently ? (some const KFileItemList method) : KFileItemList() << item isn’t acceptable. Sun Studio is particularly picky about types in the ternary operator; come to think of it a const_cast might have done the trick as well: something to experiment with later, because that would be a mergeable-trivia kind of patch.
Sometimes it’s hard to decide what flavor a patch is: today I added find_package(Boost) include_directories(Boost_INCLUDE_DIRS) to a few subdirectories in KDE PIM; that’s because Boost doesn’t live in the default compiler search path, but Akonadi’s headers #include them — so anything using Akonadi must also have the Boost include dirs in its include search path, which wasn’t the case. It’s a minor change, but it doesn’t scream “trivial” to me, so it’s sitting in our repo as “unmergeable cruft” for now.
All that said, that part of KDE SC 4.3.77 that I’ve gotten up and running is really nice; I’ve said it before, but the stuff integrates really well, including the GNOME network manager and notifications done by the pkgbuild tools when I’m building new stuff and the device manager; there’s still plenty to work on as well, but on the whole it pebbles (a small way to rock). Now if only I could start konqueror or dolphin from the menu or krunner — must be some weird crash going on behind the scenes when there’s no tty output. [[ And as a final shot, I should add that Konqueror is almost infinitely better with Wordpress now than it was in 4.3.0. ]]
December 01, 2009
Qt 4.6.0 is out. That’s the first of the trials and tribulations for today, because it suggests that packagers should update their work on Qt. Which is one of those things that can take up to half of a KDE SC minor release cycle to get right. And when you find code in WebKit that has actually shipped that looks like this (real version in FastMalloc.cpp line 1438):
void *foo() {
#if COMPILER(MSVC)
// Without this, Visual Studio will complain that this method does not return a value.
return 0;
#endif
}
.. then it’s not so much reading Qt code as it is looking at the DailyWTF. No duh, you need a return statement to return a value. WebKit has other bits of badness in it as well, like missing configure checks. Remember when it was all the rage to check if the platform had char *strnstr() and then working with HAVE_STRNSTR instead of going #ifdef Q_OS_WINDOWS? Anyway, our sixteen variegated patches against Qt 4.5.3 still mostly apply, so I’ll go and experiment with them.
But actually I was trying to start updating the packages for OpenSolaris in the run up to KDE SC 4.4.0, which is still two months away. Fortunately Hajma has wrestled with KDE SVN trunk compilation and the dashboard now, so we have some idea of what’s going on in trunk and can slay bugs (happy constructor pattern seems popular again) as they show up. However, building from SVN checkouts (including all of kdesupport) is a world apart from building packages where you’re looking for released tarballs, clear dependency versioning and good documentation. Unfortunately, the Techbase documentation for KDE SC 4.4 requirements isn’t started yet as of this writing. It strikes me that there’s nothing about the parts coming from kdesupport in the 4.3 requirements either — I must have missed a memo somewhere.
Soprano just released a new version, 2.3.70, meant to work with the 4.4 beta cycle, so we can get started on that. Phonon is a bit trickier, since there’s no version check for phonon done in KDEbase-runtime (in the released 4.3.77 tarball, at least) and it fails sometime during compile with a missing phonon/globalconfig.h. The strigi website hasn’t been updated in over a year, but I know Jos has been doing releases of it — I just need to find out where to get a stable tarball.
Maybe it’s just a month too early to want to build KDE SC 4.4 against anything resembling release packages or on top of a stable software stack. Certainly when the stack that you’re delivering (various support packages, then the KDE development platform, then applications and a desktop on top of that) is very deep it can be tricky to get everything in sync, but it does place a burden on packagers. There’s a lot of stuff to update when a new release comes out, and not much time to do it in (which, incidentally, makes the KDE-FreeBSD team’s 4.3.3 packages all the more impressive to me — now if only 8-R didn’t have that little root hole).
November 30, 2009
The location for GUADEC has been published: the Hague. LWN reports, and it looks like a cool team of folks doing the organizing. I wish them all the best — but they’re competing against the vierdaagse, so it’s no contest, really.
Let’s take a look at what happens when other Free Software operating systems run on my laptop, in terms of power consumption (and nothing else — I’m not going to explain in detail what’s running on each one, and rest assured that the available apps and toolsets in each of these installs is very different, reflecting what I use each OS for):
- OpenSolaris, display off, nvidia drivers: 31W
- OpenSolaris, display on, idle, nvidia drivers: 38W
- OpenSolaris, display on, disk + network activity, nvidia drivers: 52W
- Just the power brick: 1W
So it looks like Solaris is marginally (2W) better with power than Kubuntu at idle, and this laptop draws quite a lot in regular use. Maybe Solaris is not switching some hardware feature on, like Bluetooth, rather than being more efficient — but I haven’t noticed anything missing (Bluetooth is not something I’d miss). FreeBSD 8 fares no different — roughly same usage numbers as the other two OSsen.
Many commenters suggested trying the nouveau driver — so I did, whatever is available on Kubuntu 9.04 with no updates applied, and it makes no difference in power consumption, fails utterly at resume-from-suspend (nv got me no video, but I could ssh in, while now it just hangs), and is just as slow on logout as the nv driver. Perhaps there’s newer versions available — not something I’m going to experiment with this week.
November 26, 2009
Verbing weirds language. Language is important, because saying what you mean in such a way that the audience understands what you’re talking about is the whole point of communication, isn’t it. Well, we could say that getting the idea across is what’s important. Great thinkers such as Wittgenstein and Brouwer have thought so. They even said so, or at least tried to get that idea across.
I need to say “PJU25FV3SH3J” for Technorati reasons. It does not mean much to human readers, though.
I need to say “Linux kernel” to mean the stuff you can get here, “GNU/Linux” when I mean that kernel plus a userland composed mostly of GNU software (like a command-line-shell). I’m not sure how to distinguish that from “a software stack built with the GNU development toolchain”, although it’s pretty rare to identify software based on the tools that are used to turn the program into object code.
I could say “Ubuntu” or “OpenSUSE” to mean a collection of software packaged by some organization and partly customized for some specific audience, containing at least the GNU userland, a Linux kernel, and probably a whole bunch of other tools and software packages compiled with the GNU compiler but otherwise outside of that project, and possibly including proprietary software as well.
These words start to have a wider and wider coverage, with less and less specific content. Unless I say “OpenSUSE 11.2″ and add a qualifier to make more specific which collection of software I mean. Even then, I should want to indicate which packages or desktop environment I’ve got installed as part of that collection — because there’s choice in how to interpret the words, too.
A word like “freedom” has a fairly short dictionary definition, but you can see that much has been written on different meanings of freedom. That is, as a word it has a wide coverage, which then needs a great deal of talking about to pin down again. Consider Wikipedia’s freedom (philosophy) and freedom (political). Those articles are actually fairly short. I wonder why? And of course we know that “the Four Freedoms” can mean only one thing. Oh, wait .. it doesn’t. I never knew there was a disambiguation page even for that.
Good thing there’s only one Free Beer. Although I must say I prefer the 4.0 release to the 3.0 release, at least in Sweden.
Oddly enough, “FreeBSD” and “OpenSolaris” are so far free of the wordsmithing arguments about what they mean; there’s a kernel and a partly GNU userland (where each FreeBSD release tends to replacce one or two more GNU tools with BSD-licensed tools — such is the nature of licensing) and pretty much the same set of applications you can build on them. In the OpenSolaris case, the GNU tools might even be compiled with a non-GNU compiler. Perhaps these words, names or trademarks are used more like “OpenSUSE” than as a term for an general collection of software. Even if in FreeBSD’s case, it is largely unbranded. Strange world.
Of course, some of these considerations show up now because names can be redefined. I think Aaron sums it up really nicely (edited a little from his dot comment):
if you want to refer to the “whole chunk of stuff i got at once that contains all sorts of stuff” then you can refer to the KDE software compilation. we really want people to be talking about and more aware of KDE as a modular set of software suites. there’s also okular and several dozen other apps that come in the SC, and many more KDE apps that don’t come in the SC. this is why we’re changing the name, because it’s so confusing.
So on weekends, I’m still a KDE dude, but my software engineering is applied to bringing the KDE Software Compilation to OpenSolaris. It doesn’t compile right now (darn you GCC-isms, GNU-isms and Linux-isms), but it will. And at some point in the future I can point again to the %files section of the specfile and say “there! that is what it means!”
Last night, Dutch TV carried Rip! A Remix Manifesto on the regular national channels, at ten thirty in the evening. It’s a manifesto: not necessarily all that balanced or careful, but definitely worth your time to watch. Huzzah for National Film Board of Canada.
Saros has just recently been named one of the best 30 Eclipse plugins by AjaxLine. Way to go Saros team!
No sooner do I join the team than Saros is winning accolades. Coincidence?… Well, yes actually. I’ve yet to contribute a thing so far!
Graphics drivers (for X11 under whatever Free Software operating system you care to use) are one area where Free Software has plenty of room for improvement. My laptop has an nVidia GeForce 9600M in it, which means that there are two drivers I can use for it: the Free Software nv driver, or the proprietary nvidia one. There are qualitative differences (based on what’s available in Kubuntu 9.04 in this case): the proprietary one has the technical advantage that suspend works, compositing works and that logout is faster (because there’s a screen capture thing happening that is used to grey out the display). But there’s also an interesting quantitative difference: power use. This is one I hadn’t thought about at all — the laptop simply gets very warm under normal usage, to the point that my hands get uncomfortable resting on the keyboard. After switching video drivers, though, I thought the laptop felt a lot cooler in normal use. So, measurements. I used a watt-meter that sits between the wall socket and the power brick of the laptop to measure the following:
- System idle, display on, nvidia driver: 40W
- System idle, display blanked, nvidia driver: 33W
- System idle, display on, nv driver: 42W
- System idle, display blanked, nv driver: 35W
Non-idle the machine draws just as much: clearly regular end-user activities (writing email, writing letters, writing blog entres, but no compiling) don’t exactly stress the machine or draw extra power. Given the numbers, I don’t understand the perceived difference in temperature or comfort of working on the machine. But it does help me put a price on Freedom: two watts.
November 25, 2009
As some readers of this blog know,
from this month onward I'm on a leave of absence from my
academic post
to head the
Greek Ministry of Finance
General Secretariat of Information Systems .
The job's extreme demands explain the paucity of blog postings here.
I'll describe the many organizational and management
challenges of my new position in a future blog post.
For now let me concentrate on a small but interesting technical aspect:
the air gap we use to isolate the systems involved in processing
tax and customs data from the systems used for development and production
work.
I feel as though I am almost completely adjusted and acclimatised to my new surroundings, and furthermore I am now becoming fully immersed in my new work here at the Free University of Berlin (FU). Therefore, I think I can begin to introduce the new work I am now part of. My research concerns have now diversified a little: they continue to include FLOSS and empirical methods, but they also now encompass Agile Methods. Let me explain…
I am now part of Saros, an on-going project here at the Institute of Computer Science. Saros is a free/open source Eclipse plug-in that enables distributed collaborative software development within the Eclipse environment. Developers can work simultaneously on shared documents over a network, allowing concurrent access to geographically dispersed programmers. Changes made are instantaneously seen by all participants, and Saros makes it clear who made what changes.
 A screenshot of Saros (click to enlarge) The plugin is useful in a number of scenarios, such as collaborative development, joint code reviews, or knowledge transfer. But particularly cool, is the support for distributed pair programming, by allocating the roles of “driver” or “observer” to everyone involved. In time, more features will help Saros replicate the pair programming experience in a distributed environment.
It seems I have joined a project that is already thriving thanks to the hard work and dedication of both the researchers and the team of bachelors/masters students who have contributed to the software in the previous months. Feedback from users is coming in steadily, the number of downloads is now measurable in thousands, and there are a few “testimonials” to Saros from outside parties (locatable on the FU website).
And there is plenty of life left in the project because a steady stream of students continue to sign up to work on new aspects. Together with the existing team they have some exciting new features in the works that will enrich the feature set of Saros.
Why not go to the SourceForge page and try it out for yourself?
November 24, 2009
The release of Google ChromiumOS was an event waited by industry analysts with significant anticipation, and the overall impression after the announcement was that it went out as a fizzle, and not a bang. Most comments were centered on the obvious shortcomings of this first pre-alpha release, the significant limits in the supported hardware, the reliance on networking for everything (especially the initial login), the over-reliance on Google services. And all the comments are right-and, at the same time, based on a general misperception of what can be a potential competitor for the most visible part of the IT infrastructure, namely the traditional desktop PC. I had the opportunity to explore the code, build my version, and in general to evaluate the release in the context of the UTAUT model of technology adoption, and I believe that the approach is sound and sensible, and will change the market even if it fails.
The first misconception is the idea that ChromiumOS was designed as a desktop OS competitor, despite the previous comments from Google spokespersons that the release would have been targeted towards a different market. The reality is that, even in ideal conditions and with technology prevalence (that is, the new technology is invariably and clearly superior to the old one) in presence of strong network effect and market prevalence NO alternative can supplant the incumbent in a short period of time, but can eventually grow its market in small percentage increments. This is especially true if the incumbent has pricing flexibility, that is it is possible to lower prices to fight back economic advantages, by moving the dead loss to some other market sector where there is less competition. This is what happened in the netbook market, with the possible loss of market space to Linux alternatives thwarted by lowering the pricing point of the offered operating system. Google makes with ChromiumOS a technological bet, that is a clear continuation of their overall strategy, and that has a serious potential to materialize.
It is not a desktop operating system. Desktop OS are full-featured, flexible, allow for unlimited installation of applications; on the other hand, ChromiumOS is a thin shell designed to run the Chrome browser as a single application. So, everyone expecting Google to save the idea of the Linux desktop has missed the fundamental point that it is not possible for anyone to fight for the desktop and win in a short amount of time, and without a massive monetary investment. But it is always possible to create a new market, and that’s exactly what Google is trying to do; similarly to when Apple launched the iPhone, very few believed that it would reach any substantial market share, forgetting that the iPhone was not a phone, but an execution platform – something different from all the previous smartphones, for which apps and web browsing were at most an afterthought.ChromiumOS resembles in this aspect Moblin (and shares much code with it) but in an even more radical way.
It requires little or no maintenance and support. What is the single highest source of costs for PCs? Management and support. OS patching and installation/reinstallation, fixing applications, installing and removing apps, checking for malware, identity management… the list can go on forever. The real innovation in ChromiumOS is the use of an upgradeable read-only code frame, clearly mimicking set-top boxes that can upgrade themselves OTA (over the air) for example from a satellite channel. ChromiumOS is capable of managing in a transparent and secure way this upgrade, handling securely interruptions and attacks. This, coupled with a totally encrypted local store, means that the hardware can be effectively thought as a purely ephemeral device that can substituted with limited configuration needs, and that large numbers of devices can be upgraded and managed without human intervention and in total security. Applications are embedded in web pages, and managed as web pages; so the maintenance and training requirements are limited.
It is not really tied into Google. Of course in this first release it heavily uses Google services for everything; but changing that is trivial. The authentication part is managed by a PAM module that can be easily swapped, and login completion (that actually turns your login name in a gmail account) is just a small modification of the SLiM login manager used by the OS to perform the initial login, and can be changed with a few lines of code. The same for the application list (the first icon on the top left of the screen), that is merely a hardwired URL – change it with your own portal address, and you get the same result without using Google. The only part that requires some work is the integration of Google SSO (through a complex cookie exchange mechanism); augmenting that with something like OpenSSO from Sun would not require more than a few days of work anyway.
It is not a SplashTop clone. There are several Linux-based instant-on environments, designed to be integrated inside of a flash BIOS; the most famous one is SplashTop, used in many motherboards and notebooks from Asus, Acer, HP, Sony and many others. The problem of this approach is that it is “fixed”: the image is difficult to update and upgrade, and this means that it rapidly loses appeal. ChromiumOS uses a trusted boot mechanism to ensure that upgrades are legitimate, but integrates it in a clean and smart way, making sure that the users will continuously be up to date.
It does require the net most of the time, but not always. The first login requires a working connection, but then the credentials are hashed and stored in a cache wallet, that allows to enter even in absence of a connection. If the pages allow for detached operation (using Gears, HTML5 persistent storage, or similar mechanisms) the system will work even without a connection. It is a stopgag solution, but is sensible: most of the time spent in desktop applications is centered on online services that are unusable without a connection, so it makes sense when considering the OS as something that is not competing in the same market as a traditional PC. Local, cached web applications may provide in the future more flexibility in this sense, but moch effort needs to be done to make it a worthwhile path. If we consider how people spend time on the PC, we can use the data from Wakoopa, that ublished recently a measurement of time spent per application on Windows, OSX and Linux, and shows that for example on Windows the time is spent with:
- Firefox (28.71%)
- Internet Explorer (6.88%)
- Google Chrome (6.62%)
- Windows Explorer (5.92%)
- Windows Live Messenger (4.25%)
- Opera (2.97%)
- Microsoft Office Word (2.51%)
- Microsoft Office Outlook (2.22%)
- World of Warcraft (1.45%)
- Skype (1.30%)
Apart from Microsoft Word, no other application can be used without a connection; at the same time, most of the applications may be supplanted by future versions of web applications, if the evolution around HTML and related standards continue at the current pace. For games, up-and-coming standards like WebGL and O3D may provide this in a “clientless” way; this is similar to the Quake Live game, that at the moment requires an additional plug-in but that may be potentially recoded using only those standards.
It integrates digital identities better than anyone else. You login once-then, everything just works. Enterprise users with large scale SSO systems sometimes encounter this, but is not that common in consumer and smaller companies, and is a great productivity tool. It is just the beginning: more sophisticated user interfaces are needed (this one for example would be great), but many companies (including Microsoft) are making great progresses in this direction.
It introduces a different model. Desktop PC are flexible, adaptable, usable without connectivity, complex, fragile, difficult to manage. Thin (bitmap-based, like RDP or ICA) clients are slightly easier to manage, require no support, require substantial infrastructure investments, cannot work detached, have marginally lower management costs. The model adopted by Google leverages the local computing power for rendering pages, reducing back-end costs; is simpler to manage, requires no support and can integrate through plug-ins (or browser functionalities) rich functionalities, like 3D (with WebGL and O3d) or native processing (through NaCL) but always within the context of web-delivered applications.
The future will be the final judge; after all, even if something is not successful directly, it may “seed” a future evolution that is capable of shaking the market substantially. The real impact of Negroponte’s OLPC was not the machine in itself (despite the boatloads of innovations contained within) but the re-framing of the netbook market; similarly, maybe it will be not ChromiumOS that will lead the change, but I believe that it is a bold statement – in fact, much bolder than the code that was released.
November 23, 2009
 Here we have some of the brains behind FSFE. It’s just who we have at the office today, Alina, Hugo and myself. Matthias has run off for now.
That’s one of the things about FSFE people: always busy with new projects (like learning to cook), new bits of information to get out into society (Hugo does that), new applications to promote (like yacy). They don’t stand still. Some of them don’t stand still long enough for me to draw a silly picture of them or get a picture of their hair. Henrik Sandklef, for instance, was at FSCONS but didn’t get a caricature in a previous flashcard because he didn’t stand still all weekend, he was so busy organizing things and making sure that things worked out right at the conference. You can see Henrik in the GHM photo, right in the center.
There’s also the FSFE people whom I haven’t seen since I started my artistic career (ten days ago). The formal composition of the FSFE as an association and the core team of the FSFE shows that I’ve missed more than half of them. So do not think that my set of drawings is complete — far from it, given that Gareth (UK), Shane (FTF), Georg (Founding President), Pablo (Spain), Reinhard (Finance), Patrick (Italy), Bernhard (Germany), Henrik (Sweden) and Fernanda (Vice President) are all missing from my portfolio. Come to think of it, I should really boot up my Apple //c and type in the old “Animals” program to create a taxonomy of all 15 members of the association. In theory four yes/no questions should suffice.
November 22, 2009
 Who is that masked man woman looming green thing? This is just a shot of Matthias at his desk. The Plussy on the wall behind him is the mascot of the Fellowship of FSFE. You can support FSFE — and perhaps save Matthias from a terrible fate and get a dinner in the process — by donating time or money.
FSFE shares an office with KDE e.V., and this evening I’m switching hats from blue (KDE e.V. board meeting) to green (FSFE FTF work on cataloging the legal situation for Free Software around Europe). But first .. Berlin! (Cue Leonard Cohen).
November 21, 2009
As an extra event around FSCONS, I had the opportunity to meet a bunch of GNU hackers (part of the GNU Hacker Meeting, GHM). The GNU hackers are the people who maintain particular GNU packages, ranging from binutils to gcc to GNU Scheme to the new GNU PDF library. Cool folks all and neat to see them all in one room — and it illustrated for me that although I’m usually interested (from a technical perspective) in the desktop layer (e.g. KDE), there’s a huge stack underneath. That deeper software stack now has a face for me — up until now, somehow the “shared technology stack” underneath the Free Software desktop sort of stopped for me at X, HAL, DBus, Strigi. Let us not forget the bits underneath that make a GNU/Linux system run.
(Click for full-size version, where you can see that my camera has focus problems with wide pictures under mediocre lighting conditions) From left to right, we find that I’m really bad with remembering names: ?, ?, Matthias Kirschner (FSFE), Jose Marchesi (GNU PDF), Simon Josefsson (GNU TLS, recipient of Nordic Free Software Award 2009), ?, Bruno Haible (gnulib), Alfred M. Szmidt (glibc), ?, Nacho Gonzalez (sysadmin), ?, Henrik Sandklef (FSFE), Brian Gough (FSFE), Alina Mierlus (FSFE), Andy Wingo (Guile), Werner Koch (gnupg), Karsten Gerloff (FSFE), Eelco Dolstra (nix), Paolo Bonzini (GNU Smalltalk), ?. Drop me a note with who’s who (the list of attendees is on the GHM page, also the gnuticias site).
 Clearly, whiteboard is more my medium than Kolourpaint with a trackpad. However, all of the stores in this area of Berlin close at 2pm, which means we haven’t been able (or rather: forgot to, this morning, and then tried and failed after lunch) to purchase some pens for use in the KDE office. I’m at the office for a board meeting this weekend, where we’ve just been talking about how to report best on the contents of these meetings. Suffice to say that blogging is not the right medium, but at least there’s a sketch of who’s here.
November 20, 2009
On Wednesday the Washington Post’s “Security Fix” blog had a small item on privacy issues with the smart grid. It was most interesting for me because of the graph that was included: by looking at a simple metric (power draw in the house) one could reach conclusions on what was happening inside. Breakfast, lunch and dinner can be spotted. This isn’t much of an issue if the data is available only to the power company, stored securely, and applied only to its intended purpose for which it is collected. Presumably that’s to optimize power delivery.
But when the information is used outside of that context, then bad things can happen.
This kind of concern applies to all kinds of metrics that indirectly show what is happening inside a closed box. Consider an active developer on software project where the source repository is available publicly. This applies to lots of them — and CIA.vc makes relevant stats for many even more public. By looking at time stamps you can find out roughly when the developer is active. How accurate this is depends on the style of development, but I know I’m a commit-early, commit-often guy so you can (or used to be able to) find out when I’m awake by watching commits. No commits? I must be elsewhere. Commits skewed by three hours? I must be in Brasil, hacking.
Even that information isn’t all that bad, although it’s a derived piece of information that possibly wasn’t intended to be public. But you can use it for nefarious purposes (e.g. housebreaking). Power consumption of an encryption chip was once used to determine whether it was doing a multiply cycle or an add — and knowing that revealed bits of the key being used, and so extracted the key from the chip. That’s the kind of ancillary information leakage that we can also worry about.
All in all I think it comes down to: data collection technology isn’t bad per se, but the safeguards around the collected data and the purposes to which the data is put might be. Privacy then is a matter of trust in the people that hold the data to do the right thing (regrettably humans are susceptible to temptation).
November 19, 2009
The FSFE stand at FSCONS was staffed by a mix of full-time employees, interns, volunteers, Fellows, country team leads and (occasionally) anyone who would stand there for a few minutes while the rest took off for a food break. In order to show who the FSFE is, I took to drawing little portraits on the whiteboard. Now, my artistic skills are well known — I believe I’ve written of my sheer awesomeness with Kolourpaint; phrases like “skillz like a road-kill hedgehog” apply. Nonetheless, here is a little flash-card which you can use to identify FSFE people at your next conference.
November 18, 2009
Every now and then I post a recipe on this blog, and sometimes I muse about KRecipes, and there have been a few KDE events (the launch event in Mountain View, or CampKDE) where I’ve baked cookies or done other foodie-oriented activities. You can usually count on me to go looking for interesting food (there is no guinea-pig to eat in London, BTW) at events as well. But this winter season, I’m looking at something different. We are looking at something different. The “we” here is the FSFE, and we’ve decided that there’s worse things to do than cook a lovely dinner for some of our friends. So as part of our 2009 Fundraiser the executive team (comprised of at least three affirmed foodies — I’m not sure we have anyone who can function as a sommelier though) will be cooking a lovely dinner for one lucky sponsor of the FSFE.
Perhaps I’ll be able to practice this weekend with Claudia in Berlin — I seem to remember we got along pretty well cooking dinner in Paul’s appartment last year, but it’s a little hazy. Otherwise I’m left to come up with something creative to do with the rutabaga in this week’s vegetable hamper all on my own.
So watch out: Freedom Food might be coming your way.
A somewhat odd article that touches on patents and science crossed my desk last week in the weekend science section of my newspaper, the NRC. It’s about an experiment used to detect dark matter, the DAMA experiment undertaken under the Gran Sasso mountain. Science is largely about reproducibility, at least in the physical sciences: an experiment must be repeatable for it to have any weight as a data point. The reporting might be a little sketchy here, but it claims that the experiment is not repeatable (by researchers elsewhere) because there’s a *patent* on some parts of the original experiment and no-one can deliver the parts to another group of researchers without violating the patent license. The patent holders in this case are the research group who did the experiment in the first place.
Now, this might simply come down to a basic patent licensing dispute (which might be resolved either by granting special permission by the patent holder to another research group, or by re-using some of the original equipment, or by working around the experiment design entirely), but it’s certainly an illustration of how patents can stand in the way of even basic science questions asking “is this true?”
Yesterday’s RAM
mystery was solved after dozens of people have written in with
helpful comments. Thank you all. I need to find time to
create a proper, commentable blog soon so that you all can get the
credit you deserve!
I now have the full 4GB of RAM available:
$ free | head -2
total used free shared buffers cached
Mem: 4063324 1657440 2405884 0 149080 643732
Yay!
The suggestions ranged from timing issues to defective modules,
from 64bit OS via south/north bridge limitations to sacrificing
chickens to god spongebobs.
In the end, several people put their finger on a concept called
“memory hole remapping”, and that turned out to be the ticket. Here
is what I learnt:
This motherboard and the CPU memory controller supports (which
means “can address”) 4096MB of RAM. Since extensions cards, such as
the graphics card and the network controller, also need addressable
slabs of memory for their RAM or registers, ranges in the upper
memory regions are mapped to the RAM of those cards.
The file /proc/mtrr gives a clue over what’s
happening:
reg00: base=0x000000000 ( 0MB), size= 2048MB, count=1: write-back
reg01: base=0x080000000 ( 2048MB), size= 1024MB, count=1: write-back
reg02: base=0x0c0000000 ( 3072MB), size= 256MB, count=2: write-combining
reg03: base=0x0d8000000 ( 3456MB), size= 128MB, count=1: write-combining
reg04: base=0x0e8000000 ( 3712MB), size= 64MB, count=1: write-combining
reg05: base=0x0ec000000 ( 3776MB), size= 64MB, count=1: write-combining
Registers 0 and 1 represent the addressable RAM available to the
operating system. At position 3072, we find two slabs of 256MB
each, most likely corresponding to the two graphics cards in the
system. I think that the 128MB in register 3 is the AGP
aperture. Registers 4 and 5 correspond to 64MB slabs each, most
likely relating to the two network cards I have installed.
The result is that addresses in memory beyond 3072MB are
“routed” to the extension cards, which “overshadow” the original
system RAM and leave it unusable.
When I turned on the “memory hole remapping” feature in the
BIOS, I empowered the BIOS to remap the memory space. The way it
does this is BIOS-dependent, but most likely, it will remap the
overshadowed memory region to the end of the total memory space.
This is a software-only remapping, but the effect is that the
system appears to have more memory.
/proc/mtrr now reads:
reg00: base=0x000000000 ( 0MB), size= 4096MB, count=1: write-back
reg01: base=0x100000000 ( 4096MB), size= 1024MB, count=1: write-back
reg02: base=0x0c0000000 ( 3072MB), size= 1024MB, count=1: uncachable
reg03: base=0x0c0000000 ( 3072MB), size= 256MB, count=1: write-combining
I am not entirely sure how to interpret this yet, but you can
see that there are now an additional 1024MB at position 4096
(register 1), so the system seems to have 5GB of RAM available.
Register 2 describes memory between 3072 and 4096 as not cacheable,
because it maps to extension cards. I do not know how register 3
fits into the picture.
By remapping, we cross the 4096MB mark. To make use of the
additional memory, we will need PAE
enabled to give you 36 bits, or a 64bit operating system: 2^32
is 4096M, so with only 32 bits available, 4GB is all the memory
that can ever be addressed (dirty hacks excluded). Fortunately,
this system has been running the Debian amd64 port even
before it was officially released, and thus, once the BIOS remapped
the memory, I could fully make use of it.
Mystery solved, some knowledge acquired, many of you left to
thank!
November 17, 2009
Update: The mystery has been solved.
Thanks to everyone who wrote in.
Despite the 4× 1Gb RAM modules I added to the Asus A8V
Deluxe mainboard of one of my machines, the BIOS (and Linux)
only sees 3072 Mb. The BIOS is up-to-date (version 1018.002).
The specs say that memory is
4× 184-pin DIMM, Max. 4 GB, DDR 400/333/266 SDRAM, ECC, Non-ECC,
Un-buffered
Dual Channel memory architecture
The four slots are labelled A1, A2,
B1, and B2. A1 and
B1 are blue, the other two are black. All four chips
are DDR400 CL3, even though they are by different
manufacturers.
With all four slots filled, I get 3072 Mb of RAM. If I remove
either of a black module, the RAM falls to 1024 Mb. If I remove
either of a blue module, the RAM falls to 2048 Mb.
Any idea what is going on? How can I get the full 4Gb I want?
Please write
in if you know.
|
-
Last updated:
December 07, 2009 03:03 PM
All times are UTC.
|
It’s been a while since I posted stuff about the kids - that is, stuff that is neither FSFE (legal, licensing or policy) nor KDE (development, porting) nor NLUUG (open standards, open systems) related. I could even have titled this post “Who is my family?” to keep with the recent theme of posting random pictures of (sub)groups of people.
