Planet Debian

Subscribe to Planet Debian feed
Planet Debian - http://planet.debian.org/
Updated: 2 hours 13 min ago

Ian Wienand: Australia, ipv6 and dd-wrt

15 January, 2016 - 12:00

It seems that other than Internode, no Australian ISP has any details at all about native IPv6 deployment. Locally I am on Optus HFC, which I believe has been sold to the NBN, who I believe have since discovered that it is not quite what they thought it was. i.e. I think they have more problems than rolling out IPv6 and I won't hold my breath.

So the only other option is to use a tunnel of some sort, and it seems there is really only one option with local presence via SixXS. There are other options, notably He.net, but they do not have Australian tunnel-servers. SixXS is the only one I could find with a tunnel in Sydney.

So first sign up for an account there. The process was rather painless and my tunnel was provided quickly.

After getting this, I got dd-wrt configured and working on my Netgear WNDR3700 V4. Here's my terse guide, cobbled together from other bits and pieces I found. I'm presuming you have a recent dd-wrt build that includes the aiccu tool to create the tunnel, and are pretty familiar with logging into it, etc.

Firstly, on dd-wrt make sure you have JFFS2 turned on for somewhere to install scripts. Go Administration, JFFS2 Support, Internal Flash Storage, Enabled.

Next, add the aiccu config file to /jffs/etc/aiccu.conf

# AICCU Configuration

# Login information
username USERNAME
password PASSWORD

# Protocol and server listed on your tunnel
protocol tic
server tic.sixxs.net

# Interface names to use
ipv6_interface sixxs

# The tunnel_id to use
# (only required when there are multiple tunnels in the list)
#tunnel_id <your tunnel id>

# Be verbose?
verbose false

# Daemonize?
daemonize true

# Require TLS?
requiretls true

# Set default route?
defaultroute true

Now you can add a script to bring up the tunnel and interface to /jffs/config/sixxs.ipup (make sure you make it executable) where you replace your tunnel address in the ip commands.

# wait until time is synced
while [ `date +%Y` -eq 1970 ]; do
sleep 5
done

# check if aiccu is already running
if [ -n "`ps|grep etc/aiccu|grep -v grep`" ]; then
aiccu stop
sleep 1
killall aiccu
fi

# start aiccu
sleep 3
aiccu start /jffs/etc/aiccu.conf

sleep 3
ip -6 addr add 2001:....:....:....::/64 dev br0
ip -6 route add 2001:....:....:....::/64 dev br0

sleep 5

#### BEGIN FIREWALL RULES ####
WAN_IF=sixxs
LAN_IF=br0

#flush tables
ip6tables -F

#define policy
ip6tables -P INPUT DROP
ip6tables -P FORWARD DROP
ip6tables -P OUTPUT ACCEPT

# Input to the router
# Allow all loopback traffic
ip6tables -A INPUT -i lo -j ACCEPT

#Allow unrestricted access on internal network
ip6tables -A INPUT -i $LAN_IF -j ACCEPT

#Allow traffic related to outgoing connections
ip6tables -A INPUT -i $WAN_IF -m state --state RELATED,ESTABLISHED -j ACCEPT

# for multicast ping replies from link-local addresses (these don't have an
# associated connection and would otherwise be marked INVALID)
ip6tables -A INPUT -p icmpv6 --icmpv6-type echo-reply -s fe80::/10 -j ACCEPT

# Allow some useful ICMPv6 messages
ip6tables -A INPUT -p icmpv6 --icmpv6-type destination-unreachable -j ACCEPT
ip6tables -A INPUT -p icmpv6 --icmpv6-type packet-too-big -j ACCEPT
ip6tables -A INPUT -p icmpv6 --icmpv6-type time-exceeded -j ACCEPT
ip6tables -A INPUT -p icmpv6 --icmpv6-type parameter-problem -j ACCEPT
ip6tables -A INPUT -p icmpv6 --icmpv6-type echo-request -j ACCEPT
ip6tables -A INPUT -p icmpv6 --icmpv6-type echo-reply -j ACCEPT

# Forwarding through from the internal network
# Allow unrestricted access out from the internal network
ip6tables -A FORWARD -i $LAN_IF -j ACCEPT

# Allow some useful ICMPv6 messages
ip6tables -A FORWARD -p icmpv6 --icmpv6-type destination-unreachable -j ACCEPT
ip6tables -A FORWARD -p icmpv6 --icmpv6-type packet-too-big -j ACCEPT
ip6tables -A FORWARD -p icmpv6 --icmpv6-type time-exceeded -j ACCEPT
ip6tables -A FORWARD -p icmpv6 --icmpv6-type parameter-problem -j ACCEPT
ip6tables -A FORWARD -p icmpv6 --icmpv6-type echo-request -j ACCEPT
ip6tables -A FORWARD -p icmpv6 --icmpv6-type echo-reply -j ACCEPT

#Allow traffic related to outgoing connections
ip6tables -A FORWARD -i $WAN_IF -m state --state RELATED,ESTABLISHED -j ACCEPT

Now you can reboot, or run the script, and it should bring the tunnel up and you should be correclty firewalled such that packets get out, but nobody can get in.

Back to the web-interface, you can now enable IPv6 with Setup, IPV6, Enable. You leave "IPv6 Type" as Native IPv6 from ISP. Then I enabled Radvd and added a custom config in the text-box to get DNS working with google DNS on hosts with:

interface br0
{
AdvSendAdvert on;
prefix 2001:....:....:....::/64
 {
 };
 RDNSS 2001:4860:4860::8888 2001:4860:4860::8844
 {
 };
};

(again, replace the prefix with your own)

That is pretty much it; at this point, you should have an IPv6 network and it's most likely that all your network devices will "just work" with it. I got full scores on the IPv6 test sites on a range of devices.

Unfortunately, even a geographically close tunnel still really kills latency; compare these two traceroutes:

$ mtr -r -c 1 google.com
Start: Fri Jan 15 14:51:18 2016
HOST: jj                          Loss%   Snt   Last   Avg  Best  Wrst StDev
1. |-- 2001:....:....:....::      0.0%     1    1.4   1.4   1.4   1.4   0.0
2. |-- gw-163.syd-01.au.sixxs.ne  0.0%     1   12.0  12.0  12.0  12.0   0.0
3. |-- ausyd01.sixxs.net          0.0%     1   13.5  13.5  13.5  13.5   0.0
4. |-- sixxs.sydn01.occaid.net    0.0%     1   13.7  13.7  13.7  13.7   0.0
5. |-- 15169.syd.equinix.com      0.0%     1   11.5  11.5  11.5  11.5   0.0
6. |-- 2001:4860::1:0:8613        0.0%     1   14.1  14.1  14.1  14.1   0.0
7. |-- 2001:4860::8:0:79a0        0.0%     1  115.1 115.1 115.1 115.1   0.0
8. |-- 2001:4860::8:0:8877        0.0%     1  183.6 183.6 183.6 183.6   0.0
9. |-- 2001:4860::1:0:66d6        0.0%     1  196.6 196.6 196.6 196.6   0.0
10.|-- 2001:4860:0:1::72d         0.0%     1  189.7 189.7 189.7 189.7   0.0
11.|-- kul01s07-in-x09.1e100.net  0.0%     1  194.9 194.9 194.9 194.9   0.0

$ mtr -4 -r -c 1 google.com
Start: Fri Jan 15 14:51:46 2016
HOST: jj                          Loss%   Snt   Last   Avg  Best  Wrst StDev
1.|-- gateway                    0.0%     1    1.3   1.3   1.3   1.3   0.0
2.|-- 10.50.0.1                  0.0%     1   11.0  11.0  11.0  11.0   0.0
3.|-- ???                       100.0     1    0.0   0.0   0.0   0.0   0.0
4.|-- ???                       100.0     1    0.0   0.0   0.0   0.0   0.0
5.|-- ???                       100.0     1    0.0   0.0   0.0   0.0   0.0
6.|-- riv4-ge4-1.gw.optusnet.co  0.0%     1   12.1  12.1  12.1  12.1   0.0
7.|-- 198.142.187.20             0.0%     1   10.4  10.4  10.4  10.4   0.0

When you watch what is actually using ipv6 (the ipvfoo plugin for Chrome is pretty cool, it shows you what requests are going where), it's mostly all just traffic to really big sites (Google/Google Analytics, Facebook, Youtube, etc) who have figured out IPv6.

Since these are exactly the type of places that have made efforts to get caching as close as possible to you (Google's mirror servers are within Optus' network, for example) and so you're really shooting yourself in the foot going around it using an external tunnel. The other thing is that I'm often hitting IPv6 mirrors and downloading larger things for work stuff (distro updates, git clones, image downloads, etc) which is slower and wasting someone else's bandwith for really no benefit.

So while it's pretty cool to have an IPv6 address (and a fun experiment) I think I'm going to turn it off. One positive was that after running with it for about a month, nothing has broken -- which suggests that most consumer level gear in a typical house (phones, laptops, TVs, smart-watches, etc) is either ready or ignores it gracefully. Bring on native IPv6!

Norbert Preining: CJK fonts and Ghostscript: cjk-gs-integrate release 20160115.0

15 January, 2016 - 07:37

I have made a new release of cjk-gs-integrate, the script that searches for all kind of CJK fonts, and makes them available to Ghostscript (and if asked for also to TeX by linking). The update has been uploaded to CTAN (link) and it will land in TeX Live within the next days.

Changes made in this version are mostly related to link handling and removal:

  • fix link names of otf font links
  • safer remove option
  • ensure that we don’t create circular links

For more explanations concerning how to run cjk-gs-integrate, please see the dedicated page: CJK fonts and Ghostscript integration.

For feedback and bug reports, please use the github project page.

Enjoy.

Petter Reinholdtsen: Always download Debian packages using Tor - the simple recipe

15 January, 2016 - 06:30

During his DebConf15 keynote, Jacob Applebaum observed that those listening on the Internet lines would have good reason to believe a computer have a given security hole if it download a security fix from a Debian mirror. This is a good reason to always use encrypted connections to the Debian mirror, to make sure those listening do not know which IP address to attack. In August, Richard Hartmann observed that encryption was not enough, when it was possible to interfere download size to security patches or the fact that download took place shortly after a security fix was released, and proposed to always use Tor to download packages from the Debian mirror. He was not the first to propose this, as the apt-transport-tor package by Tim Retout already existed to make it easy to convince apt to use Tor, but I was not aware of that package when I read the blog post from Richard.

Richard discussed the idea with Peter Palfrader, one of the Debian sysadmins, and he set up a Tor hidden service on one of the central Debian mirrors using the address vwakviie2ienjx6t.onion, thus making it possible to download packages directly between two tor nodes, making sure the network traffic always were encrypted.

Here is a short recipe for enabling this on your machine, by installing apt-transport-tor and replacing http and https urls with tor+http and https, and using the hidden service instead of the official Debian mirror site. I recommend installing etckeeper before you start to have a history of the changes done in /etc/.

apt install apt-transport-tor
sed -i 's% http://ftp.debian.org/%tor+http://vwakviie2ienjx6t.onion/%' /etc/apt/sources.list
sed -i 's% http% tor+http%' /etc/apt/sources.list

If you have more sources listed in /etc/apt/sources.list.d/, run the sed commands for these too. The sed command is assuming your are using the ftp.debian.org Debian mirror. Adjust the command (or just edit the file manually) to match your mirror.

This work in Debian Jessie and later. Note that tools like apt-file only recently started using the apt transport system, and do not work with these tor+http URLs. For apt-file you need the version currently in experimental, which need a recent apt version currently only in unstable. So if you need a working apt-file, this is not for you.

Another advantage from this change is that your machine will start using Tor regularly and at fairly random intervals (every time you update the package lists or upgrade or install a new package), thus masking other Tor traffic done from the same machine. Using Tor will become normal for the machine in question.

On Freedombox, APT is set up by default to use apt-transport-tor when Tor is enabled. It would be great if it was the default on any Debian system.

Sven Hoexter: call for trouble aka RM xchat

15 January, 2016 - 03:59

Well we want to freeze later this year so I started with the axing now. Maybe a bit premature like Mattia pointed out correctly in #debian-qa, because we've some maintained plugins for xchat around.

cwirc a morse code via IRC plugin

xchat-xsys system statistics output to a channel Update: There is a xsys plugin included with hexchat.

xchat-guile GNU Scheme scripting plugin

I can survive without them, so I'd be fine with another three RM bugs. Now feel free to flame me, I promise to wear my finest asbestos underwear.

Tiago Bortoletto Vaz: "Des pas sur la neige..." Orchestration

15 January, 2016 - 03:48

Des pas sur la neige ("Footprints in the Snow") is a beautiful piano piece from Debussy which I had the chance to orchestrate in the context of my music composition program at the university. I've received a few critics and some kind words about this work, so last year I decided to publish it somewhere.

Then I completely forgot. Then this week I watched Youth, from Paolo Sorrentino, who's known for chosing lovely music for his lovely movies, and Debussy was there. I've got then some motivation and after a few adjustments here and there I uploaded the final score here.

I've been using MuseScore, a free (libre) software for all my music work, even for less traditional notation.

Lunar: Reproducible builds: week 37 in Stretch cycle

15 January, 2016 - 02:24

What happened in the reproducible builds effort between January 3rd and January 9th 2016:

Toolchain fixes

David Bremner uploaded dh-elpa/0.0.18 which adds a --fix-autoload-date option (on by default) to take autoload dates from changelog.

Lunar updated and sent the patch adding the generation of .buildinfo to dpkg.

Packages fixed

The following packages have become reproducible due to changes in their build dependencies: aggressive-indent-mode, circe, company-mode, db4o, dh-elpa, editorconfig-emacs, expand-region-el, f-el, geiser, hyena, js2-mode, markdown-mode, mono-fuse, mysql-connector-net, openbve, regina-normal, sml-mode, vala-mode-el.

The following packages became reproducible after getting fixed:

Some uploads fixed some reproducibility issues, but not all of them:

Patches submitted which have not made their way to the archive yet:

  • #809780 on flask-restful by Chris Lamb: implement support for SOURCE_DATE_EPOCH in the build system.
  • #810259 on avfs by Chris Lamb: implement support for SOURCE_DATE_EPOCH in the build system.
  • #810509 on apt by Mattia Rizzolo: ensure a stable file order is given to the linker.
reproducible.debian.net

Add 2 more armhf build nodes provided by Vagrant Cascadian. This added 7 more armhf builder jobs. We now run around 900 tests of armhf packages each day. (h01ger)

The footer of each page now indicates by which Jenkins jobs build it. (h01ger)

diffoscope development

diffoscope 45 has been released on January 4th. It features huge memory improvements when comparing large files, several fixes of squashfs related issues that prevented comparing two Tails images, and improve the file list of tar and cpio archive to be more precise and consistent over time. It also fixes a typo that prevented the Mach-O to work (Rainer Müller), improves comparisons of ELF files when specified on the command line, and solves a few more encoding issues.

Package reviews

134 reviews have been removed, 30 added and 37 updated in the previous week.

20 new “fail to build from source” issues were reported by Chris Lamb and Chris West.

prebuilder will now skip installing diffoscope to save time if the build results are identical. (Reiner Herrmann)

Jan Wagner: Running Ghost blogging platform via Docker

15 January, 2016 - 01:36

When I was thinking about using Ghost, I did read the installations guide and then I just closed the browser window.
I didn't wanted to install npm, yet another package manager, and just hack init scripts. Not speaking about updating Ghost itself.

Some weeks later I did think about using Ghost again. It has a nice Markdown Editor and some nice other features. Since everybody is jumping on the Docker band wagon actually and I had used it for some tests already, I thought trying the Ghost Docker image might be a good idea.

If you are interested into how I did that, read on.

I suppose you have installed a stock Debian Jessie.

Installing Docker Pulling the Docker image

Just in case you didn't, you need to (re)start docker to work with service docker restart

# docker pull ghost
Making Ghost (container image) run forever

I did not like systemd in the first place for many reasons. But in some circumstances it makes sense. In case of handling a Docker container it makes life much easier.

# mkdir -p /srv/docker/ghost/
# /etc/systemd/system/ghost.service << EOF
[Unit]
Description=GHost Service  
After=docker.service  
Requires=docker.service

[Service]
ExecStartPre=-/usr/bin/docker kill ghost  
ExecStartPre=-/usr/bin/docker rm ghost  
ExecStartPre=-/usr/bin/docker pull ghost  
ExecStart=/usr/bin/docker run  --name ghost --publish 2368:2368 --env 'NODE_ENV=production' --volume /srv/docker/ghost/:/var/lib/ghost ghost  
ExecStop=/usr/bin/docker stop ghost

[Install]
WantedBy=multi-user.target  
EOF  
# systemctl enable ghost && systemctl daemon-reload && systemctl start ghost 

This will start your container on start and even is looking for a new Docker image and it fetching it, if needed. If you don't like this behavior, just comment out the line in the config and reread it with systemctl daemon-reload.

Now you should have listening something on port 2368:

# netstat -tapn | grep 2368
tcp6       0      0 :::2368                 :::*                    LISTEN      7061/docker-proxy  
Persistent Data

Thanks to the Docker mount option you can find all your data in /srv/docker/ghost/. So your blog will still have content, even if the ghost Docker images is updated:

# ls /srv/docker/ghost/
apps  config.js  data  images  themes  
Accessing the container

To kick your ghost into production, it might be useful if you make it available on port 80 at least. This can be done for example by changing your Docker publish configuration or adding a DNAT to your firewall.

But I would recommand using a proxy in front of your Docker container. This might be part of one of my next articles.

Rapha&#235;l Hertzog: Working as a paid LTS contributor

14 January, 2016 - 22:01

While the details about how to join the set of paid contributors have always been public (here) we did not advertise this fact very much outside of the people already interested in LTS (and thus subscribed to debian-lts@lists.debian.org). But right now we would like to have a few more paid contributors on board and I’m thus posting this call for volunteers.

Who can apply?

You need to meet those requirements:

  • you are Debian Developer or a Debian Maintainer;
  • you have some prior experience with providing security updates in Debian (at least on your own packages);
  • you have good programming skills and know multiple languages (to be able to backport security fixes);
  • you can emit invoices to Freexian;
  • you accept the rules defined for this project:
    • you must respect the privacy of any customer data;
    • you must prepare a public monthly report of the work done on paid time;
    • you must respect the Debian code of conduct and respond to queries about your work from fellow community members;
    • you must do your best to meet the high-quality standards set by the Debian security team.

Even though Freexian is located in France and requires you to provide invoice in EUR, there are no conditions on your nationality or country of residence. For contributors outside of the Euro zone, Freexian is using Transferwise to pay them with minimal currency conversion costs (Paypal is also possible if nothing else works).

The rate offered to paid contributors is the same for all (75 EUR/hour), it’s based on a correct rate for independent contractors in western Europe. If the rate is very high for your own country, then be happy to be able to invoice Freexian at this rate and use this opportunity to work less (for money) and contribute more to Debian on your (now copious) free time.

How does the work look like?

If you apply, you will have to send us an SSH key so that you can have access to the internal git repository used for work. It contains a ledger file to track the hours funded by sponsors and how they have been dispatched to the various contributors. You can always know how many hours are assigned to you, how many can be invoiced, and so on. You will have to update it once a month to record the work you did (and indicate us where the report has been published).

The repository also contains a README with many explanations about the workflow (how hours are dispatched, the delay you have to publish your report, etc) and a small helper script (./find-work) to match up the pending updates (registered in dla-needed.txt) with the popularity of the package among the sponsors.

Now the work itself is relatively well documented in the LTS wiki. You will have to provide updates for packages that need an update.

You have some freedom in selecting the packages but at some point you will have to work on packages that you don’t know that are written in a language that you have almost not used. So you must be able to go out of your comfort zone and still do a good work. You must also be able to multi-task because in some cases you will get stuck on a particular update and you will have to seek help from the upstream developer (or from the Debian package maintainer). Don’t expect to be able to do all your work hours in a single run… thus don’t wait until the last days of the month. Start early and dispatch your work hours over the month.

From time to time, you will also have to handle the “LTS frontdesk” for one week. During this week, you need to spend a bit of time every day to triage the new CVE, to respond to questions on the mailing list, and to sponsor updates prepared by volunteers who do not have upload rights.

Questions?

Ask your questions in the comments and I will update this section with your questions and our answers.

What if I have no prior experience with security updates?

Start getting some experience. The LTS and security teams are open for anyone to join. Read their documentation and provide some updates that other contributors can sponsor.

Before accepting you as paid contributor, we generally ask you to prepare one or two DLA on your free time just to make sure that you know the workflow and that you are up to the task.

What if I have only X hours available for paid LTS work?

In the git repository there’s a file where you document how many work hours you can handle. You might get less than this amount, but we generally never assign less than 8 hours (to make sure that you can handle one complicated update from start to end, or your possible week of LTS frontdesk).

You can adjust it each month or even opt-out if you are not available for whatever reason. But once you have been assigned work hours, it’s important to actually do the work that you requested!

How do I apply?

Get in touch with me (as documented).

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

Elena 'valhalla' Grandi: Conservancy supporter, at last!

14 January, 2016 - 15:58
Conservancy supporter, at last!

Yesterday I've finally donated to become a Conservancy Supporter http://sfconservancy.org/supporter/.

The reasons to donate have already been explained many times both on Planet Debian http://planet.debian.org/ and elsewhere; a few weeks ago I wrote a post (in Italian) on the Ninux community blog https://blog.ninux.org/2015/12/03/causa-vmware-per-violazione-gpl-sponsor-ritirano-fondi-a-software-freedom-conservancy/ to spread the word about it.

So, why I haven't donated earlier?

Trying to donate via PayPal from Italy (and, it seems, from Europe in general) requires a PayPal account, which I don't have and don't want to have, so I contacted them to ask for bank transfer instructions.
The first instructions I received were too complex for my online-only bank account, so I asked my bank for help, there was an exchange of emails, further simpler instructions from their bank, a small donation to test everything and time passed.

Finally, the good news: it is possible to donate to Conservancy from Italy (and probably from elsewhere in EU) using a SEPA transfer with minimal commissions and usually available from the home banking websites, so that it doesn't require significantly more effort than using paypal.
You can contact Conservancy via e-mail mailto:accounting@sfconservancy.org to get the relevant payment data.

(Conservancy has an account in EUR which is then used to pay for expenses in EUR, so no currency conversion commission are involved.)

Zlatan Todorić: Happy New Year (again?)

14 January, 2016 - 08:00

Yes again, I like it that way. Twice! Anyway, we have here what is called Serbian New Year (it is again, Orthodox by Julian calendar).

So, if you missed or think you can do better New Year's resolutions - feel free to join the party (just a notice, besides firework we have a lot of gun fire here during that time. A LOT.).

Advice for everyone's resolution list: be better version of yourself, have more happy days.

Cheers. (oh, yes, get more involved in Debian)

Vincent Sanders: Ampere was the Newton of Electricity.

14 January, 2016 - 07:08
I think Maxwell was probably right, certainly the unit of current Ampere gives his name to has been a concern of mine recently.

Regular readers may have possibly noticed my unhealthy obsession with single board computers. I have recently rehomed all the systems into my rack which threw up a small issue of powering them all. I had been using an ad-hoc selection of USB wall warts and adapters but this ended up needing nine mains sockets and short of purchasing a very expensive PDU for the rack would have needed a lot of space.

Additionally having nine separate convertors from mains AC to low voltage DC was consuming over 60Watts for 20W of load! The majority of these supplies were simply delivering 5V either via micro USB or DC barrel jack.

Initially I considered using a ten port powered USB hub but this seemed expensive as I was not going to use the data connections, it also had a limit of 5W per port and some of my systems could potentially use more power than that so I decided to build my own supply.

A quick look on ebay revealed that a 150W (30A at 5V) switching supply could be had from a UK vendor for £9.99 which seemed about right. An enclosure, fused and switched IEC inlet, ammeter/voltmeter with shunt and suitable cables were acquired for another £15

A little careful drilling and cutting of the enclosure made openings for the inlets, cables and display. These were then wired together with crimped and insulated spade and ring connectors. I wanted this build to be safe and reliable so care was taken to get the neatest layout I could manage with good separation between the low and high voltage cabling.

The result is a neat supply with twelve outputs which i can easily extend to eighteen if needed. I was pleasantly surprised to discover that even with twelve SBC connected generating 20W load the power drawn by the supply was 25W or about 80% efficiency instead of the 33% previously achieved.

The inbuilt meter allows me to easily see the load on the supply which so far has not risen above 5A even at peak draw, despite the cubitruck and BananaPi having spinning rust hard drives attached, so there is plenty of room for my SBC addiction to grow (I already pledged for a Pine64).

Overall I am pleased with how this turned out and while there are no detailed design files for this project it should be easy to follow if you want to repeat it. One note of caution though, this project has mains wiring and while I am confident in my own capabilities dealing with potentially lethal voltages I cannot be responsible for anyone else so caveat emptor!

Norbert Preining: Ian Buruma: Wages of Guilt

14 January, 2016 - 05:47

Since moving to Japan, I got more and more interested in history, especially the recent history of the 20th century. The book I just finished, Ian Buruma (Wiki, home page) Wages of Guilt – Memories of War in Germany and Japan (Independent, NYRB), has been a revelation for me. As an Austrian living in Japan, I am experiencing the discrepancy between these two countries with respect to their treatment of war legacy practically daily, and many of my blog entries revolve around the topic of Japanese non-reconciliation.

Willy Brandt went down on his knees in the Warsaw ghetto, after a functioning democracy had been established in the Federal Republic of Germany, not before. But Japan, shielded from the evil world, has grown into an Oskar Matzerath: opportunistic, stunted, and haunted by demons, which it tries to ignore by burying them in the sand, like Oskar’s drum.
Ian Buruma, Wages of Guilt, Clearing Up the Ruins

The comparison of Germany and Japan with respect to their recent history as laid out in Buruma’s book throws a spotlight on various aspects of the psychology of German and Japanese population, while at the same time not falling into the easy trap of explaining everything with difference in the guilt culture. A book of great depth and broad insights everyone having even the slightest interest in these topics should read.

This difference between (West) German and Japanese textbooks is not just a matter of detail; it shows a gap in perception.
Ian Buruma, Wages of Guilt, Romance of the Ruins

Only thinking about giving a halfway full account of this book is something impossible for me. The sheer amount of information, both on the German and Japanese side, is impressive. His incredible background (studies of Chinese literature and Japanese movie!) and long years as journalist, editor, etc, enriches the book with facets normally not available: In particular his knowledge of both the German and Japanese movie history, and the reflection of history in movies, were complete new aspects for me (see my recent post (in Japanese)).

The book is comprised of four parts: The first with the chapters War Against the West and Romance of the Ruins; the second with the chapters Auschwitz, Hiroshima, and Nanking; the third with History on Trial, Textbook Resistance, and Memorials, Museums, and Monuments; and the last part with A Normal Country, Two Normal Towns, and Clearing Up the Ruins. Let us look at the chapters in turn:

  • War Against the West
    This chapter sets the stage in two parts, Bonn and Tokyo, by comparing the reaction in these countries to the Iraq war. The German “Betroffenheit” (To be betroffen implies a sense of guilt, a sense of shame, or even embarrassment.) as the core of German post-war politics, literature, and media is introduced. On the Japanese side the difficult and diverse situation and attitudes towards the Iraq (and other) wars, as well as the necessary bits of post-war history and development of the Japanese constitution.

    What is so convenient in the cases of Germany and Japan is that pacifism happens to be a high-minded way to dull the pain of historical guilt. Or, conversely, if one wallows in it, pacifism turns national guilt into a virtue, almost a mark of superiority, when compared to the complacency of other nations.

  • Romance of the Ruins
    This chapter focuses on the war and immediate post-war period with references to the specific literature and movies emerging out of the circumstances of destroyed countries who have lost the war.

    Hitler’s doom and the emperor’s speech, the end of one symbol and the odd continuity of another. Whatever their symbolic differences, both would be associated forever with ruins—ruined cities, ruined people, ruined ideals.

  • Auschwitz
    The psychological construction of war memorials in both Germanies, which focuses on the religious aspects, is discussed, followed by an excursion through post-war German literature and the long-term ignorance of anything related to the Holocaust.

    Here the past had fossilized into something monumental or, as Adorno would have put it, museal.

  • Hiroshima

    Paralleling the previous chapter, Hiroshima introduces the simplistic and reduced focus of the Hiroshima memorials, mostly ignoring the foreign victims, many of them being Koreans forced to work in Japan, and concentrating on the Japanese martyrdom. Focusing on the atomic bomb event everything else is removed from the field of view.

    The problem with this quasi-religious view of history is that it makes it hard to discuss past events in anything but nonsecular terms. Visions of absolute evil are unique, and they are beyond human explanation or even comprehension. To explain is hubristic and amoral. If this is true of Auschwitz, it is even more true of Hiroshima. The irony is that while there can be no justification for Auschwitz unless one believes in Hitler’s murderous ideology, the case for Hiroshima is at least open to debate. The A-bomb might have saved lives; it might have shortened the war. But such arguments are incompatible with the Hiroshima spirit.

  • Nanking
    The history and aftermath, as well as the attempts of rejection and refutation of the Nanking massacre are described. The Tokyo Trials and their critique by governmental scholars are touched, as well as bit of fresh air blowing through the Japanese society after the death of Hirohito, which lead to the publication of the records of Nanking by Azuma Shiro 東 史郎.

    Yet the question remains whether the raping and killing of thousands of women, and the massacre of thousands, perhaps hundreds of thousands, of other unarmed people, in the course of six weeks, can still be called extreme conduct in the heat of battle. The question is pertinent, particularly when such extreme violence is justified by an ideology which teaches the aggressors that killing an inferior race is in accordance with the will of their divine emperor.

  • History on Trial
    One of the central chapters in my opinion. It discusses and compares the two post-war trials: The Nurnberg trials in Germany and the Tokyo trials in Japan. In both cases the juridical value is questioned, focusing on the winner-looser situation of post-war times.

    The Nuremberg trials were to be a history lesson, then, as well as a symbolic punishment of the German people—a moral history lesson cloaked in all the ceremonial trappings of due legal process. They were the closest that man, or at least the men belonging to the victorious powers, could come to dispensing divine justice.

    Also, the differences in war trials in East and West Germany is compared. The East Germany Waldheimer trials, as well as the thorough purge of Nazis from East German jurisdiction and politics, which was in stark contrast to both West German’s very restricted trials, as well as Japan’s absolute non-purge of criminals.

    As long as the emperor lived, Japanese would have trouble being honest about the past. For he had been formally responsible for everything, and by holding him responsible for nothing, everybody was absolved, except, of course, for a number of military and civilian scapegoats, Officers and Outlaws, who fell “victim to victors’ justice.

  • Textbook Resistance

    This chapter compares the representation of war and post-war times in the textbooks in West and East Germany and Japan. The interesting case of Ienaga Saburo 家永 三郎 and the year-long trials (1965-1993) around his history textbook are recounted. The ministry of education had forced a redaction of his history textbook to conform with the revisionist view onto history, deleting most passages that are critical of the Japanese position during the first half of the 20th century. This was one of the very few cases in Japanese post-war history where someone stood up against this revisionist view.

    The judges and some of the counsel for the ministry sat back with their eyes closed, in deep concentration, or fast asleep. Perhaps they were bored, because they had heard it all before. Perhaps they thought it was a pointless exercise, since they knew already how the case would end. But it was not a pointless exercise. For Ienaga Saburo had kept alive a vital debate for twenty-seven years. One cussed schoolteacher and several hundred supporters at the courthouse might not seem much, but it was enough to show that, this time, someone was fighting back.

  • Memorials, Museums, and Monuments
    This chapter returns to war memorials: The change of meaning from post WW-1, which were memorials, to post WW-2 ones which became warning monuments, indicating the shift of attention and evaluation of war history in Germany. In contrast to this, Japan’s quasi non-existence of war museums till the late 90ies, as well as the existence of the Yasukuni shrine honoring and celebrating besides other several A-class war criminals as deities.

    The tragedy is not just that the suicide pilots died young. Soldiers (and civilians) do that in wars everywhere. What is so awful about the memory of their deaths is the cloying sentimentality that was meant to justify their self-immolation. There is no reason to suppose they didn’t believe in the patriotic gush about cherry blossoms and sacrifice, no matter how conventional it was at the time. Which was exactly the point: they were made to rejoice in their own death. It was the exploitation of their youthful idealism that made it such a wicked enterprise. And this point is still completely missed at the Peace Museum today.

  • A Normal Country

    This chapter discusses the slow normalization of post-war situation after the 90ies, and all the hurdles that needed to be overcome: In the case of Germany the speech of Philipp Jenninger, then president of the Bundestag, is recounted. 50 years after the Kristallnacht he tried to give a speech of “historicization”, only to be find himself shunned and expelled due to the lack of Betroffenheit.

    It was not an ignoble enterprise, but he should have recognized that Historisierung, even forty-three years after the war, was still a highly risky business. For a “normal” society, a society not haunted by ghosts, cannot be achieved by “normalizing” history, or by waving cross and garlic. More the other way around: when society has become sufficiently open and free to look back, from the point of view neither of the victim nor of the criminal, but of the critic, only then will the ghosts be laid to rest.

    On the Japanese side the case of Motoshima Hitoshi 本島 等, who dared to question Hirohito:

    Forty-three years have passed since the end of the war, and I think we have had enough chance to reflect on the nature of that war. From reading various accounts from abroad and having been a soldier myself, involved in military education, I do believe that the emperor bore responsibility for the war.

    which led to hitherto unseen of demonstration of extreme-right-wing groups issuing death treats that lead to a failed assassination of Motoshima, all under the completely complacent Japanese police and politics letting the right-wingers play their game.

    By breaking a Japanese taboo, Motoshima struck a blow for a more open, more normal political society, and very nearly lost his life. Jenninger, I like to think, wanted to strike a blow for the same, but failed, and lost his job. Perhaps he wasn’t up to the task. Or perhaps even West Germany was not yet normal enough to hear his message.

  • Two Normal Towns

    This chapter focuses on two rare cases of civil courage and political commitment: Anja Rosmus, who stepped forth as school child to rewrite the history of Passau. She unveiled the truth about deep involvement into the NS crimes of many inhabitants of Passau, a fact that was up to then covered up and purged from knowledge. She, too, received many death threads, including nailing a killed cat onto her door. The response of the head of the tourist office in Passau, Gottfried Dominik, speaks about the very peculiar attitude:

    I asked him again about the local camp and the small hidden memorial. Dominik showed signs of distress. “It was difficult,” he admitted, “very difficult. I know what you mean. But let me give you my personal opinion. When you have a crippled arm, you don’t really want to show it around. It was a low point in our history, back then. But it was only twelve years in thousands of years of history. And so people tend to hide it, just as a person with a crippled arm is not likely to wear a short-sleeved shirt.”

    A similar incident is recounted on the Japanese side, the Hanaoka incident (detailed article) and its unveiling by Nozoe Kenji, where 800 Chinese slave workers, after escaping from a forced-work camp for the Kajima Corporation, where rabbit-hunted down and slaughtered. He, too, got death threats, and was virtually expelled from his home area because he dared to publish his findings.

    I think it is this basic distrust, this refusal to be told what to think by authorities, this cussed insistence on asking questions, on hearing the truth, that binds together Nozoe, Rosmus, and others like them. There are not many such people in Japan, or anywhere else for that matter. And I suspect they are not much liked wherever they live.

  • Clearing Up the Ruins

    The last chapter tries to round up all the previous chapters, and look into the most recent history and near future. While not completely pessimistic with respect to Japan, the final chapter leaves clear statements on the current state of Japanese society and politics:

    The state was run by virtually the same bureaucracy that ran the Japanese empire, and the electoral system was rigged to help the same corrupt conservative party to stay in power for almost forty years. This arrangement suited the United States, as well as Japanese bureaucrats, LDP politicians, and the large industrial combines, for it ensured that Japan remained a rich and stable ally against Communism. But it also helped to stifle public debate and stopped the Japanese from growing up politically.

    His description of current Japanese society, written in 1995, is still hauntingly true in 2016:

    There is something intensely irritating about the infantilism of postwar Japanese culture: the ubiquitous chirping voices of women pretending to be girls; the Disneylandish architecture of Japanese main streets, where everything is reduced to a sugary cuteness; the screeching “television talents” rolling about and carrying on like kindergarten clowns; the armies of blue-suited salarymen straphanging on the subway trains, reading boys’ comics, the maudlin love for old school songs and cuddly mama-sans.

The boook somehow left me with a bleak impression of Japanese post-war times as well as Japanese future. Having read other books about the political ignorance in Japan (Norma Field’s In the realm of a dying emperor, or the Chibana history), Buruma’s characterization of Japanese politics is striking. He couldn’t foresee the recent changes in legislation pushed through by the Abe government actually breaking the constitution, or the rewriting of history currently going on with respect to comfort women and Nanking. But reading his statement about Article Nine of the constitution and looking at the changes in political attitude, I am scared about where Japan is heading to:

The Nanking Massacre, for leftists and many liberals too, is the main symbol of Japanese militarism, supported by the imperial (and imperialist) cult. Which is why it is a keystone of postwar pacifism. Article Nine of the constitution is necessary to avoid another Nanking Massacre. The nationalist right takes the opposite view. To restore the true identity of Japan, the emperor must be reinstated as a religious head of state, and Article Nine must be revised to make Japan a legitimate military power again. For this reason, the Nanking Massacre, or any other example of extreme Japanese aggression, has to be ignored, softened, or denied.
Ian Buruma, Wages of Guilt, Nanking

While there are signs of resistance in the streets of Japan (Okinawa and the Hanako bay, the demonstrations against secrecy law and reversion of the constitution), we are still to see a change influenced by the people in a country ruled and distributed by oligarchs. I don’t think there will be another Nanking Massacre in the near future, but Buruma’s books shows that we are heading back to a nationalistic regime similar to pre-war times, just covered with a democratic veil to distract critics.

I close with several other quotes from the book that caught my attention:

In the preface and introduction:

[…] mainstream conservatives made a deliberate attempt to distract people’s attention from war and politics by concentrating on economic growth.

The curious thing was that much of what attracted Japanese to Germany before the war—Prussian authoritarianism, romantic nationalism, pseudo-scientific racialism—had lingered in Japan while becoming distinctly unfashionable in Germany.

In Romance of the Ruins:

The point of all this is that Ikeda’s promise of riches was the final stage of what came to be known as the “reverse course,” the turn away from a leftist, pacifist, neutral Japan—a Japan that would never again be involved in any wars, that would resist any form of imperialism, that had, in short, turned its back for good on its bloody past. The Double Your Incomes policy was a deliberate ploy to draw public attention away from constitutional issues.

In Hiroshima:

The citizens of Hiroshima were indeed victims, primarily of their own military rulers. But when a local group of peace activists petitioned the city of Hiroshima in 1987 to incorporate the history of Japanese aggression into the Peace Memorial Museum, the request was turned down. The petition for an “Aggressors’ Corner” was prompted by junior high school students from Osaka, who had embarrassed Peace Museum officials by asking for an explanation about Japanese responsibility for the war.

The history of the war, or indeed any history, is indeed not what the Hiroshima spirit is about. This is why Auschwitz is the only comparison that is officially condoned. Anything else is too controversial, too much part of the “flow of history”.

In Nanking, by the governmental pseudo-historian Tanaka:

“Unlike in Europe or China,” writes Tanaka, “you won’t find one instance of planned, systematic murder in the entire history of Japan.” This is because the Japanese have “a different sense of values” from the Chinese or the Westerners.”

In History on Trial:

In 1950, Becker wrote that “few things have done more to hinder true historical self-knowledge in Germany than the war crimes trials.” He stuck to this belief. Becker must be taken seriously, for he is not a right-wing apologist for the Nazi past, but an eminent liberal.

There never were any Japanese war crimes trials, nor is there a Japanese Ludwigsburg. This is partly because there was no exact equivalent of the Holocaust. Even though the behavior of Japanese troops was often barbarous, and the psychological consequences of State Shinto and emperor worship were frequently as hysterical as Nazism, Japanese atrocities were part of a military campaign, not a planned genocide of a people that included the country’s own citizens. And besides, those aspects of the war that were most revolting and furthest removed from actual combat, such as the medical experiments on human guinea pigs (known as “logs”) carried out by Unit 731 in Manchuria, were passed over during the Tokyo trial. The knowledge compiled by the doctors of Unit 731—of freezing experiments, injection of deadly diseases, vivisections, among other things—was considered so valuable by the Americans in 1945 that the doctors responsible were allowed to go free in exchange for their data.

Some Japanese have suggested that they should have conducted their own war crimes trials. The historian Hata Ikuhiko thought the Japanese leaders should have been tried according to existing Japanese laws, either in military or in civil courts. The Japanese judges, he believed, might well have been more severe than the Allied tribunal in Tokyo. And the consequences would have been healthier. If found guilty, the spirits of the defendants would not have ended up being enshrined at Yasukuni. The Tokyo trial, he said, “purified the ‘crimes’ of the accused and turned them into martyrs. If they had been tried in domestic courts, there is a good chance the real criminals would have been flushed out.”

After it was over, the Nippon Times pointed out the flaws of the trial, but added that “the Japanese people must ponder over why it is that there has been such a discrepancy between what they thought and what the rest of the world accepted almost as common knowledge. This is at the root of the tragedy which Japan brought upon herself.

Emperor Hirohito was not Hitler; Hitler was no mere Shrine. But the lethal consequences of the emperor-worshipping system of irresponsibilities did emerge during the Tokyo trial. The savagery of Japanese troops was legitimized, if not driven, by an ideology that did not include a Final Solution but was as racialist as Hider’s National Socialism. The Japanese were the Asian Herrenvolk, descended from the gods.

Emperor Hirohito, the shadowy figure who changed after the war from navy uniforms to gray suits, was not personally comparable to Hitler, but his psychological role was remarkably similar.

In fact, MacArthur behaved like a traditional Japanese strongman (and was admired for doing so by many Japanese), using the imperial symbol to enhance his own power. As a result, he hurt the chances of a working Japanese democracy and seriously distorted history. For to keep the emperor in place (he could at least have been made to resign), Hirohito’s past had to be freed from any blemish; the symbol had to be, so to speak, cleansed from what had been done in its name.

In Memorials, Museums, and Monuments:

If one disregards, for a moment, the differences in style between Shinto and Christianity, the Yasukuni Shrine, with its “relics,” its “sacred ground,” its bronze paeans to noble sacrifice, is not so very different from many European memorials after World War I. By and large, World War II memorials in Europe and the United States (though not the Soviet Union) no longer glorify the sacrifice of the fallen soldier. The sacrificial cult and the romantic elevation of war to a higher spiritual plane no longer seemed appropriate after Auschwitz. The Christian knight, bearing the cross of king and country, was not resurrected. But in Japan, where the war was still truly a war (not a Holocaust), and the symbolism still redolent of religious exultation, such shrines as Yasukuni still carry the torch of nineteenth-century nationalism. Hence the image of the nation owing its restoration to the sacrifice of fallen soldiers.

In A Normal Country:

The mayor received a letter from a Shinto priest in which the priest pointed out that it was “un-Japanese” to demand any more moral responsibility from the emperor than he had already taken. Had the emperor not demonstrated his deep sorrow every year, on the anniversary of Japan’s surrender? Besides, he wrote, it was wrong to have spoken about the emperor in such a manner, even as the entire nation was deeply worried about his health. Then he came to the main point: “It is a common error among Christians and people with Western inclinations, including so-called intellectuals, to fail to grasp that Western societies and Japanese society are based on fundamentally different religious concepts . . . Forgetting this premise, they attempt to place a Western structure on a Japanese foundation. I think this kind of mistake explains the demand for the emperor to bear full responsibility.”

In Two Normal Towns:

The bust of the man caught my attention, but not because it was in any way unusual; such busts of prominent local figures can be seen everywhere in Japan. This one, however, was particularly grandiose. Smiling across the yard, with a look of deep satisfaction over his many achievements, was Hatazawa Kyoichi. His various functions and titles were inscribed below his bust. He had been an important provincial bureaucrat, a pillar of the sumo wrestling establishment, a member of various Olympic committees, and the recipient of some of the highest honors in Japan. The song engraved on the smooth stone was composed in praise of his rich life. There was just one small gap in Hatazawa’s life story as related on his monument: the years from 1941 to 1945 were missing. Yet he had not been idle then, for he was the man in charge of labor at the Hanaoka mines.

In Clearing Up the Ruins:

But the question in American minds was understandable: could one trust a nation whose official spokesmen still refused to admit that their country had been responsible for starting a war? In these Japanese evasions there was something of the petulant child, stamping its foot, shouting that it had done nothing wrong, because everybody did it.

Japan seems at times not so much a nation of twelve-year-olds, to repeat General MacArthur’s phrase, as a nation of people longing to be twelve-year-olds, or even younger, to be at that golden age when everything was secure and responsibility and conformity were not yet required.

For General MacArthur was right: in 1945, the Japanese people were political children. Until then, they had been forced into a position of complete submission to a state run by authoritarian bureaucrats and military men, and to a religious cult whose high priest was also formally chief of the armed forces and supreme monarch of the empire.

I saw Jew Süss that same year, at a screening for students of the film academy in Berlin. This showing, too, was followed by a discussion. The students, mostly from western Germany, but some from the east, were in their early twenties. They were dressed in the international uniform of jeans, anoraks, and work shirts. The professor was a man in his forties, a ’68er named Karsten Witte. He began the discussion by saying that he wanted the students to concentrate on the aesthetics of the film more than the story. To describe the propaganda, he said, would simply be banal: “We all know the ‘what,’ so let’s talk about the ‘how.’” I thought of my fellow students at the film school in Tokyo more than fifteen years before. How many of them knew the “what” of the Japanese war in Asia.

Keith Packard: auto-calendar

14 January, 2016 - 05:01
Automatic Calendar Management — Notmuch + Calypso

One of the big “features” of outlook/exchange in my world is automatically merging of incoming calendar updates from email. This makes my calendar actually useful in knowing what meetings people have asked me to attend. As I'm not willing to otherwise tolerate outlook, I decided to try and provide that in my preferred environment; notmuch and calypso.

Identifying calendar updates

The first trick is how to identify incoming messages with calendar updates. I'd love to be able to search for specific mime content types, but I haven't been able to construct such a search. Failing that, I'm just looking for messages containing the string 'text/calendar':

notmuch search --output=messages tag:inbox AND text/calendar

Next, I want to skip over previously scanned calendar updates, so I'll plan on tagging messages that have been scanned with the 'calendar' tag and skip those:

notmuch search --output=messages tag:inbox AND text/calendar AND not tag:calendar
jq — sed for json

With the messages containing likely calendar entries identified, the remaining task is to extract the MIME section containing the actual calendar data. Notmuch can generate json for the message, leaving us only needing to parse the json and extract the relevant section. I found the 'jq' tool in the archive, which looks like a rather complicated parsing and reformatting tool for json data. It took a while to understand, but I managed to generate a command string that takes a notmuch message and pulls out the content for all text/calendar elements:

jq -r '..| select(."content-type"? == "text/calendar") | .content'

This is a recursive walk over the data structure. It looks for structures with "content-type": "text/calendar" and dumps their "content" elements in raw text form.

Putting it all together

Here's the complete script:

#!/bin/bash

SEARCH="tag:inbox AND not tag:calendar AND text/calendar"

TMP=`mktemp`

trap "rm -r $TMP" 0 1 15

notmuch search --output=messages $SEARCH | while read message; do
    notmuch show --format=json $message | 
        jq -r '.. | select(."content-type"? == "text/calendar") | .content' > $TMP
    if [ -s $TMP ]; then
        calypso --import private/calendar $TMP && notmuch tag +calendar $message
    else
        notmuch tag +calendar $message
    fi
done

I'd love to fix calypso's --import operation to talk to the local calypso daemon with the database loaded; the current mechanism actually loads the entire database into a new process and then applies the new data to that. With my calendar often containing hundreds of entries, that takes a while.

Rapha&#235;l Hertzog: Freexian’s report about Debian Long Term Support, December 2015

14 January, 2016 - 00:12

Like each month, here comes a report about the work of paid contributors to Debian LTS.

Individual reports

In December, 113.50 work hours have been dispatched among 9 paid contributors. Their reports are available:

  • Antoine Beaupré did 8h for his first month of work on LTS.
  • Ben Hutchings did 20 hours (out of 15 hours allocated + 15 extra hours remaining, meaning that he has 10 extra hours to do over January).
  • Chris Lamb did 12 hours.
  • Guido Günther did 9 hours (out of 8 hours allocated + 2 remaining, thus keeping 1 extra hour for January).
  • Mike Gabriel did nothing (the 8 hours allocated are carried over for January).
  • Raphaël Hertzog did 21.25 hours (18h allocated + 3.25h taken over from Mike’s unused hours of November).
  • Santiago Ruano Rincón did 15 hours (out of 18.25h allocated + 2 remaining + 3.25 taken over from Mike’s unused hours of November, thus keeping 8.50 extra hours for January).
  • Scott Kitterman did 8 hours.
  • Thorsten Alteholz did 21.25 hours (out of 18.25h allocated + 3 hours taken over from Mike’s unused hours of November).
Evolution of the situation

We lost our first silver sponsor (Gandi.net, they prefer to give the same amount of money to Debian directly) and another sponsor reduced his sponsorship level. While this won’t show in the hours dispatched in January, we will do a small jump backwards in February (unless we get new sponsors replacing those in the next 3 weeks).

This is a bit unfortunate as we are rather looking at reinforcing the amount of sponsorship we get as we approach Wheezy LTS and we will need more support to properly support virtualization related packages and other packages that were formerly excluded from Squeeze LTS. Can you convince your company and help us reach our second goal?

In terms of security updates waiting to be handled, the situation is close to last month. It looks like that having about 20 packages needing an update is the normal situation and that we can’t really get further down given the time required to process some updates (sometimes we wait until the upstream authors provides a patch, and so on).

Thanks to our sponsors

We got one new bronze sponsor but he’s not listed (he did not fill the form where we request their permission to be listed).

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

Rhonda D'Vine: 2016 Resolutions

13 January, 2016 - 08:51

People these days often do think about what worked well in the last year that they are proud of, what didn't work so well and what they plan to change the coming year. For me a fair amount of the resolutions were about my name. One of them was getting rid of my old name from the Debian—Project Participants page. Actually, I started with it on new year's eve already:

DatePackageVersion Dec 31abook0.6.1-1 Jan 01tworld1.3.2-1 Jan 01blosxom2.1.2-2 Jan 02netris0.52-10 Jan 03t-prot3.4-4 Jan 04rungetty1.2-16 Jan 05tworld1.3.2-2 Jan 06tetrinet0.11+CVS20070911-2 Jan 07xblast-tnt-musics20050106-3 Jan 08xblast-tnt-sounds20040429-3 Jan 09xblast-tnt-levels20050106-3 Jan 10xblast-tnt-images20050106-3 Jan 11tetradraw2.0.3-9 Jan 12ldapvi1.7-10

So far I've done a fair amount of my job. There are eight source package left to get tweaked. Those might be a bit more difficult and require more attention though. What I also did during those efforts: Convert all packages to source format 3.0 (quilt), and use a dh style debian/rules file. The latter enabled the packages to build reproducible too, which is also an added benefit. So this is a win situation on many levels.

One of the most prominent reasons why I didn't convert to a dh style debian/rules file yet was that I considered it making easy things easy and difficult things difficult. Finding out what to override and how to do that was something I was unable to figure out, and speaking with people didn't help me there neither. Only recently someone told me that there is dh binary --no-act to figure out what would be called, and then you just prefix it with override_ in debian/rules to get to where you want to go. This worked extremely well for me.
I'm personally still not a big fan of source format 3.0 (quilt) with respect to that it insists on patches to be applied and leaves them that way after building the source package, which makes it difficult to deal with when having upstream source in the VCS too, but I managed to find my way around so many things in the past that I can live with that. The benefit of not having to repack upstream source if it isn't in .gz form is a far bigger benefit.

So, I hope to stay productive and be able to get the remaining package also adjusted and fixed. Guess that's doable until the end of the month, and getting rid of all reproducible build bugreports against my packages along that lines. I will check those packages that carry my name already too after my old name is gone from the overview page.

/debian | permanent link | Comments: 0 | Flattr this

Antoine Beaupré: The Downloadable Internet

13 January, 2016 - 00:07
How corporations killed the web

I have read with fascination what we would have called before a blog post, except it was featured on The Guardian: Iran's blogfather: Facebook, Instagram and Twitter are killing the web The "blogfather" is Hossein Derakshan or h0d3r, an author from Teheran that was jailed for almost a decade for his blogging. The article is very interesting both because it shows how fast things changed in the last few years, technology-wise, but more importantly, how content-free the web have become, where Facebook's last acquisition, Instagram, is not even censored by Iran. Those platforms have stopped being censored, not because of democratic progress but because they have become totally inoffensive (in the case of Iran) or become a tool of surveillance for the government and targeted advertisement for companies (in the case of, well, most of the world).

This struck a chord, personally, at the political level: we are losing control of the internet (if we ever had it). The defeat isn't directly political: we have some institutions like ICANN and the IETF that we can still have an effect on, even if only at the technological level. The defeat is economic, and, of course, through economy comes enormous power. That defeat meant that we have first lost free and open access to the internet (yes, dialup used to be free) and then free hosting of our content (no, Google and Facebook are not free, you are the product). This marked a major change in the way content is treated online.

H0d3r explains this as the shift from a link-based internet to a stream-based internet, a "deparure from a books-internet towards a television-internet". I have been warning about this "television-internet" in my talks and conversation for a while and with Netflix taking the crown off Youtube (and making you pay for it, of course), we can assuredly say that H0d3r is right and the television, far from disappearing, is finally being resurrected and taking over the internet.

The Downloadable internet and open standards

But I would like to add to that: it is not merely that we had "links" before. We had, and still have, open standards. This made the internet "downloadable" (and by extension, uploadable) and decentralized.

(In fact, I still remember my earlier days on the web when I would actually download images (as in "right-click" and "Save as..." images, not just have the browser download and display it on the fly). I would download images because they were big! It could take a minute or sometimes more to download images on older modems. Later, I would do the same with music: I would download WAV files before the rise of the MP3 format, of which I ended up building a significant collection (just fair use copies from friends and owned CDs, of course) and eventually video files.)

The downloadable internet is what still allows me to type this article in a text editor, without internet access, while reading H0d3r's blog post on my e-reader, because I downloaded his article off an RSS feed. It is what makes it possible for anyone to download a full copy of this blog post and connected web pages as a git repository and this way get the full history of modifications on all the pages, but also be able to edit it offline and push modifications back in.

Wikipedia is downloadable (there are even offline apps for your phone). Open standards like RSS feeds and HTML are downloadable. Heck, even the Internet Archive is downloadable (and I mean, all of it, not just the parts you want), surprisingly enough.

The app-based internet and proprietary software

App-based websites like Google Plus and Facebook are not really downloadable. They are meant to be browsed through an app, so what you actually see through your web browser is really more an application, downloaded software than a downloaded piece of content. If you turn off Javascript, you will see that visiting Facebook actually shows no content: everything is downloaded on the fly by an application itself downloaded, on the fly, by your browser. In a way, your browser has become an operating system that runs proprietary, untrusted and unverified applications from the web.

(The software is generally completely proprietary, except some frameworks that are published as free software in what looks like the lenient act of a godly king, but is actually more an economic decision of a clever corporation which outsources, for free, R&D and testing to the larger free software community. The real "secret sauce" is basically always proprietary, if only so that we don't freak out on stuff like PRISM that reports everything we do to the government.)

Technology is political. This new "app design" is not a simple optimization or an cosmetic accident of a fancy engineer: by moving content through an application, Facebook, Twitter and the like can see exactly what you do on a web page, what you actually read (as opposed to what you click on) and how long. By adding a proprietary interface between you and the content online, the advertisement-surveillance complex can track every move you make online.

This is a very fine-tuned surveillance system, and because of the App, you cannot escape it. You cannot share the content outside of Facebook, as you can't download it. Or at least, it's not obvious how you can. Projects like youtube-dl are doing an amazing job reverse-engineering what is becoming the proprietary Youtube streaming protocol, which is constantly changing and is not really documented. But it's a hack: it's a Sisyphus struggle which is bound to fail, and it does, all the time, until we figure out how to either turn those corporations into good netizens respecting and contributing to open standards (unlikely) or destroy those corporations (most likely).

You are trapped in their walled garden. No wonder internet.org is Facebook only: for most people nowadays, the internet is the web, and the web is Facebook, Twitter and Google, or an iPad with a bunch of apps, each their own cute little walled garden, crafted just for you. If you think you like the Internet, you should really reconsider what you are watching, what you are consuming, or rather, how it is consuming you. There are alternatives. Facebook is a though nut to crack for free software activists because we lack the critical mass. But Facebook it is also an addiction for a lot of people, and spending less time on that spying machine could be a great improvement for you I am sure. For everything else, we have good free software alternatives and open standards, use them.

"Big brother ain't watching you, you're watching him." - CRASS, Nineteen Eighty Bore (audio)

Michal &#268;iha&#345;: Weekly phpMyAdmin contributions

13 January, 2016 - 00:00

Going back to real weekly report, this time covering first week of 2016.

The biggest task was focused on codebase cleanup. As Microsoft is ending support for old Internet Explorer version, we've decided to do same thing for next major release. This allowed us to remove some compatibility code and also upgrade jQuery to 2.x branch, which removes support for older browsers as well.

To continue in the cleanup tasks, I've revisited most of array iterating places and removed not needed reset() calls or generally cleanup up related code.

Besides working directly on the code, I've improved our infrastructure a bit as well and we now have developer documentation online at https://develdocs.phpmyadmin.net/. It is generated using phpdox, but suggestions to improve it are welcome.

All handled issues:

Filed under: English phpMyAdmin | 0 comments

Gunnar Wolf: Readying up for the second "Embedded Linux" diploma course

12 January, 2016 - 23:28

I am happy to share here a project I was a part of during last year, that ended up being a complete success and now stands to be repeated: The diploma course on embedded Linux, taught at Facultad de Ingeniería, UNAM, where I'm teaching my regular classes as well.

Back in November, we held the graduation for our first 10 students. This photo shows only seven, as the remaining three have already relocated to Guadalajara, where they were hired by Continental, a company that promoted the creation of this specialization program.

After this first excercise, we went over the program and made some adequations; future generations will have a shorter and more focused program (240 instead of 288 hours, leaving out several topics that were not deemed related to the topic or were thoroughly understood by students to begin with); we intend to start the semester-long course in early February. I will soon update here with the full program and promotional material, as soon as I receive it.

I am specially glad that this course is taught by people I admire and recognize, and a very interesting mix between long-time academic and stemming from my free-software-related friends: From the academic side, Facultad de Ingeniería's professors Laura Sandoval, Karen Sáenz and Oscar Valdez, and from the free-software side, Sandino Araico, Iván Chavero, César Yáñez and Gabriel Saldaña (and myself on both camps, of course ☺)

AttachmentSize OT401_nota.jpg75.82 KB

Bits from Debian: New Debian Developers and Maintainers (November and December 2015)

12 January, 2016 - 18:30

The following contributors got their Debian Developer accounts in the last two months:

  • Stein Magnus Jodal (jodal)
  • Prach Pongpanich (prach)
  • Markus Koschany (apo)
  • Bernhard Schmidt (berni)
  • Uwe Kleine-König (ukleinek)
  • Timo Weingärtner (tiwe)
  • Sebastian Andrzej Siewior (bigeasy)
  • Mattia Rizzolo (mattia)
  • Alexandre Viau (aviau)
  • Lev Lamberov (dogsleg)
  • Adam Borowski (kilobyte)
  • Chris Boot (bootc)

The following contributors were added as Debian Maintainers in the last two months:

  • Alf Gaida
  • Andrew Ayer
  • Marcio de Souza Oliveira
  • Alexandre Detiste
  • Dave Hibberd
  • Andreas Boll
  • Punit Agrawal
  • Edward Betts
  • Shih-Yuan Lee
  • Ivan Udovichenko
  • Andrew Kelley
  • Benda Xu
  • Russell Sim
  • Paulo Roberto Alves de Oliveira
  • Marc Fournier
  • Scott Talbert
  • Sergio Durigan Junior
  • Guillaume Turri
  • Michael Lustfield

Congratulations!

Russell Coker: Sociological Images 2015

12 January, 2016 - 18:13

The above sign was at the Melbourne Docks in December 2014 when I was returning from a cruise. I have no idea why there are 3 men and 1 woman on the sign (and a dock worker was also surprised when I explained why I was photographing it). I wonder whether a sign that had 3 women and 1 man would ever have been installed or not noticed if it was installed.

At the start of the first day of LCA 2015 the above was displayed at the keynote as a flow-chart for whether someone should ask a question at a lecture. Given that the first real item in the list is that a question should fit in a tweet I think it was inspired by my blog post about the length of conference questions [1].

At the introduction to the Astronomy Miniconf the above slide was displayed. In addition to referencing the flow-chart for asking questions it recommends dimming laptop screens (among other things).

The above sign was at a restaurant in Auckland in January 2015. I thought that sort of sexist “joke” went out of fashion a few decades ago.

The above photo is from a Melbourne department store in February 2015. Why gender a nerf gun? That just doesn’t make sense. Also it appeared that the only nerf crossbow was the purple/pink one, is a crossbow considered feminine nowadays?

The above picture is a screen-shot of one of the “Talking Angela” series of Android games from March. Appropriating the traditional clothing of marginalised groups is a bad thing. People of Native American heritage who want to wear their traditional clothing face discrimination when they do so, when white people play dress-up in clothing that is a parody of Native American style it’s really offensive. The site Racialicious.com has a tag for articles about appropriation [2].

The above was in a library advertising an Ebook reader. In this case they didn’t even have pointlessly gendered products they just had pointlessly gendered adverts for the same product. They also perpetuate the myth that only girls read vampire books and only boys read about space. Also why is the girl lying down to read while the boy is sitting up?

Above is an Advent calendar on sale in a petrol station. Having end of year holiday presents that have nothing to do with religious festivals makes sense. But Advent is a religious observance. I think this would be a better candidate for “war on Christmas” paranoia than a coffee cup of the wrong colour.

The above photo is of boys and girls pipette suckers. Pointlessly gendered recreational products like Nerf guns is one thing, but I think that doing it to scientific equipment is a bigger problem. Are scientists going to stop work if they can’t find a pipette sucker of the desired gender? Is worrying about this going to distract them from their research (really bad if working with infectious or carcinogenic solutions). The Integra advertising claims to be doing this to promote breast cancer research which is also bogus. Here is a Sociological Images article about the problems of using pink to market breast cancer research [3] and the Sociological Images post about pinkwashing (boobies against breast cancer) is also worth reading [4].

As an aside I made a mistake in putting a pipette sucker over the woman’s chest in that picture. The way that Integra portreyed her chest is relevant to analysis of this advert. But unfortunately I didn’t photograph that.

Here is a link to my sociological images post from 2014 [5].

Related posts:

  1. Sociological Images 2014 White Trash The above poster was on a bridge pylon...
  2. Sociological Images 2012 In 2011 I wrote a post that was inspired by...
  3. Sociological Images I’ve recently been reading the Sociological Images blog [1]. That...

Pages

Creative Commons License ลิขสิทธิ์ของบทความเป็นของเจ้าของบทความแต่ละชิ้น
ผลงานนี้ ใช้สัญญาอนุญาตของครีเอทีฟคอมมอนส์แบบ แสดงที่มา-อนุญาตแบบเดียวกัน 3.0 ที่ยังไม่ได้ปรับแก้