Petter Reinholdtsen: Is Pentagon deciding the Norwegian negotiating position on Internet governance?
In Norway, all government offices are required by law to keep a list of every document or letter arriving and leaving their offices. Internal notes should also be documented. The document list (called a mail journal - "postjournal" in Norwegian) is public information and thanks to the Norwegian Freedom of Information Act (Offentleglova) the mail journal is available for everyone. Most offices even publish the mail journal on their web pages, as PDFs or tables in web pages. The state-level offices even have a shared web based search service (called Offentlig Elektronisk Postjournal - OEP) to make it possible to search the entries in the list. Not all journal entries show up on OEP, and the search service is hard to use, but OEP does make it easier to find at least some interesting journal entries .
In 2012 I came across a document in the mail journal for the Norwegian Ministry of Transport and Communications on OEP that piqued my interest. The title of the document was "Internet Governance and how it affects national security" (Norwegian: "Internet Governance og påvirkning på nasjonal sikkerhet"). The document date was 2012-05-22, and it was said to be sent from the "Permanent Mission of Norway to the United Nations". I asked for a copy, but my request was rejected with a reference to a legal clause said to authorize them to reject it (offentleglova § 20, letter c) and an explanation that the document was exempt because of foreign policy interests as it contained information related to the Norwegian negotiating position, negotiating strategies or similar. I was told the information in the document related to the ongoing negotiation in the International Telecommunications Union (ITU). The explanation made sense to me in early January 2013, as a ITU conference in Dubay discussing Internet Governance (World Conference on International Telecommunications - WCIT-12) had just ended, reportedly in chaos when USA walked out of the negotiations and 25 countries including Norway refused to sign the new treaty. It seemed reasonable to believe talks were still going on a few weeks later. Norway was represented at the ITU meeting by two authorities, the Norwegian Communications Authority and the Ministry of Transport and Communications. This might be the reason the letter was sent to the ministry. As I was unable to find the document in the mail journal of any Norwegian UN mission, I asked the ministry who had sent the document to the ministry, and was told that it was the Deputy Permanent Representative with the Permanent Mission of Norway in Geneva.
Three years later, I was still curious about the content of that document, and again asked for a copy, believing the negotiation was over now. This time I asked both the Ministry of Transport and Communications as the receiver and asked the Permanent Mission of Norway in Geneva as the sender for a copy, to see if they both agreed that it should be withheld from the public. The ministry upheld its rejection quoting the same law reference as before, while the permanent mission rejected it quoting a different clause (offentleglova § 20 letter b), claiming that they were required to keep the content of the document from the public because it contained information given to Norway with the expressed or implied expectation that the information should not be made public. I asked the permanent mission for an explanation, and was told that the document contained an account from a meeting held in the Pentagon for a limited group of NATO nations where the organiser of the meeting did not intend the content of the meeting to be publicly known. They explained that giving me a copy might cause Norway to not get access to similar information in the future and thus hurt the future foreign interests of Norway. They also explained that the Permanent Mission of Norway in Geneva was not the author of the document, they only got a copy of it, and because of this had not listed it in their mail journal.
Armed with this knowledge I asked the Ministry to reconsider and asked who was the author of the document, now realising that it was not same as the "sender" according to Ministry of Transport and Communications. The ministry upheld its rejection but told me the name of the author of the document. According to a government report the author was with the Permanent Mission of Norway in New York a bit more than a year later (2014-09-22), so I guessed that might be the office responsible for writing and sending the report initially and asked them for a copy but I was obviously wrong as I was told that the document was unknown to them and that the author did not work there when the document was written. Next, I asked the Permanent Mission of Norway in Geneva and the Foreign Ministry to reconsider and at least tell me who sent the document to Deputy Permanent Representative with the Permanent Mission of Norway in Geneva. The Foreign Ministry also upheld its rejection, but told me that the person sending the document to Permanent Mission of Norway in Geneva was the defence attaché with the Norwegian Embassy in Washington. I do not know if this is the same person as the author of the document.
If I understand the situation correctly, someone capable of inviting selected NATO nations to a meeting in Pentagon organised a meeting where someone representing the Norwegian defence attaché in Washington attended, and the account from this meeting is interpreted by the Ministry of Transport and Communications to expose Norways negotiating position, negotiating strategies and similar regarding the ITU negotiations on Internet Governance. It is truly amazing what can be derived from mere meta-data.
I wonder which NATO countries besides Norway attended this meeting? And what exactly was said and done at the meeting? Anyone know?
On Thursday, October 22, 2015, Ubuntu 15.10 (Wily Werewolf) was released. To celebrate, some San Francisco members of the Ubuntu California LoCo Team held a small release party. Yelp was gracious enough to host the event and provide us with food and drinks. Canonical also sent us a box of swag for the event. Unfortunately, it did not arrive in time. Luckily, James Ouyang had some extra goodies from a previous event for us to hand out. Despite having a rather small turnout for the event, it was still a fun night. Several people borrowed the USB flash drives I had setup with Ubuntu, Kubuntu, and Xubuntu 15.10 in order to install Ubuntu on their machines. Other people were happy to play around with the new release in a virtual machine on my computer. Overall, it was a good night. Hopefully, we can put together an even better and larger release party for Ubuntu 16.04 LTS.
This was my sixth month as a Freexian sponsored LTS contributor. I was assigned 4 hours for the month of October and I had 4 unused hours from September for a total of 8.
With that time I started working on backporting security fixes for Quassel, but it’s turned into a major project. The commit message for one of the commits between what’s in squeeze-lts and what I was trying to backport is “Reformat ALL the source!”. That’s never a good sign.
I set that aside and focused instead on reviewing the MySQL 5.5 packages that the LTS team is working on. They are getting there, but we need to make sure we have it all right as we don’t want to break existing installations.
This month I hope to continue the work on both these packages.
- db2twitter 0.1 released – build and send tweets with values from a database – first public release – official documentation
- retweet 0.4 released – store already retweeted tweets ids in a sqlite3 database – official documentation
- Update as NMU python-tweepy to last upstream version as a dedicated branch on the python-retweet git repository. The official maintainer took it to update the main branch and release the news version of python-tweepy. This package was a blocker for packaging db2twitter and retweet, which both need python3 version of the tweepy library.
- Create the Debian package of db2twitter – now in NEW queue
- Create the Debian package of retweet – now in NEW queue
That’s all folks! See you next month!
FOSDEM is one of the largest gatherings of Free Software contributors in the world and happens each February in Brussels (Belgium, Europe). One of the tracks will be the Desktops DevRoom (formerly known as “CrossDesktop DevRoom”), which will host Desktop-related talks.
We are now inviting proposals for talks about Free/Libre/Open-source Software on the topics of Desktop development, Desktop applications and interoperability amongst Desktop Environments. This is a unique opportunity to show novel ideas and developments to a wide technical audience.
Topics accepted include, but are not limited to:
- Open Desktops: Gnome, KDE, Unity, Enlightenment, XFCE, Razor, MATE, Cinnamon, ReactOS, etc
- Closed desktops: Windows, Mac OS X, CDE, MorphOS, etc (when talking about a FLOSS topic)
- Software development for the desktop
- Development tools
- Applications that enhance desktops
- General desktop matters
- Cross-platform software development
Talks can be very specific, such as the advantages/disadvantages of development with Qt on Wayland over X11/Mir; or as general as predictions for the fusion of Desktop and web in 5 years time. Topics that are of interest to the users and developers of all desktop environments are especially welcome. The FOSDEM 2015 schedule might give you some inspiration.Submissions
Please include the following information when submitting a proposal:
- Your name
- The title of your talk (please be descriptive, as titles will be listed with around 400 from other projects)
- Short abstract of one or two paragraphs
- Short bio (with photo)
- Requested time: from 15 to 45 minutes. Normal duration is 30 minutes. Longer duration requests must be properly justified. You may be assigned LESS time than you request.
All submissions are made in the Pentabarf event planning tool: https://penta.fosdem.org/submission/FOSDEM16
When submitting your talk, make sure to select the “Desktops” devroom as the “Track”. Otherwise your talk will not be even considered for any devroom.
If you already have a Pentabarf account from a previous year, even if your talk was not accepted, please reuse it. Create an account if, and only if, you don’t have one from a previous year. If you have any issues with Pentabarf, please contact pgquiles at elpauer dot org.Deadline
The deadline for submissions is December 6th 2015. FOSDEM will be held on the weekend of January 30th and 31st 2015 and the Desktops DevRoom will take place on Sunday, January 31st 2015.
We will contact every submitter with a “yes” or “no” before December 18th 2015.Recording permission
The talks in the Desktops devroom will be audio and video recorded, and possibly streamed live too.
By submitting a proposal you consent to be recorded and agree to license the content of your talk under a Creative Commons (CC-BY) license.
If you want us to stop the recording in the Q & A part (should you have one), please tell us. We can do that but only for the Q & A part.More information
The official communication channel for the Desktops DevRoom is its mailing list firstname.lastname@example.org.
Use this page to manage your subscription: https://lists.fosdem.org/listinfo/desktops-devroomOrganization
The Desktops DevRoom 2016 is managed by a team representing the most notable open desktops:
- Pau Garcia i Quiles, KDE
- Christophe Fergeau, Gnome
- Michael Zanetti, Unity
- Philippe Caseiro, Enlightenment
- Jérome Leclanche, Razor
If you want to join the team, please contact pgquiles at elpauer dot org
What happened in the reproducible builds effort this week:Toolchain fixes
- Robert Luberda uploaded ispell/3.4.00-4 which fixes another issue with uninitialized memory in ispell hashes. Original patch by Valentin Lorentz.
- Robert Luberda uploaded man2html/1.6g-8 which adds support for SOURCE_DATE_EPOCH. Original patch by akira.
- gregor herrmann uploaded libdebian-copyright-perl/0.2-3 which sorts copyright files for deterministic ordering. Original patch by Reiner Herrmann.
- Rafael Laboissiere uploaded octave-pkg-dev/1.3.2 which normalizes the name of the temporary build directory. This doesn't seem to be enough to make Octave packages reproducible just yet, though.
- Nicolas Boulenguez uploaded gprbuild/2015-1 which sets a deterministic date to the generated source.
The following packages became reproducible after getting fixed:
- apache2/2.4.17-1 by Stefan Fritsch.
- autogen/1:5.18.6-3 by Andreas Metzler.
- debian-timeline/37 by Chris Lamb.
- fonty-rg/0.6 uploaded by Radovan Garabík, original patch by Chris Lamb.
- foxeye/0.10.2-2 by Andriy Grytsenko.
- hsqldb/2.3.3+dfsg2-1 by Markus Koschany.
- jasperreports/6.1.1+dfsg-1 uploaded by Markus Koschany, fix by Emmanuel Bourg.
- libmath-base-convert-perl/0.11-2 uploaded by Salvatore Bonaccorso, original patch by Reiner Herrmann.
- libsdl2-gfx/1.0.1+dfsg-2 uploaded by Manuel A. Fernandez Montecelo, original patch by Reiner Herrmann.
- libsdl2/2.0.2+dfsg1-8 uploaded by Gianfranco Costamagna, patch by Reiner Herrmann.
- linux/4.2.5-1 by Ben Hutchings.
- litl/0.1.7+dfsg-1 by Samuel Thibault, original patch by Chris Lamb.
- python-keystoneclient/1:1.7.1-4 by Thomas Goirand.
- sphinxbase/0.8+5prealpha-1 by Samuel Thibault.
- tatan/1.0.dfsg1-6 uploaded by Markus Koschany, original patch by Reiner Herrmann.
- v4l2loopback/0.9.1-4 uploaded by IOhannes m zmölnig, original patch.
- yadifa/2.1.4-2 uploaded by Markus Schade, original patch by Reiner Herrmann.
Some uploads fixed some reproducibility issues but not all of them:
- lcov/1.12-2 by Alastair McKinstry, original patch by Reiner Herrmann.
- libsdl1.2/1.2.15-12 uploaded by Manuel A. Fernandez Montecelo, original patch by Reiner Herrmann.
- metview/4.5.7-1 by Alastair McKinstry.
- mumble/1.2.10-2 by Christopher Knadle.
The following package is currently failing to build from source but should now be reproducible:
Patches submitted which have not made their way to the archive yet:
- #803501 on fdroidserver by Reiner Herrmann: add support for SOURCE_DATE_EPOCH to docs/gendocs.sh and normalizes tarball permissions. Sent upstream.
- #803547 on bbswitch by Reiner Herrmann: tell tar to normalize the permissions.
- #803583 on ndiswrapper by Reiner Herrmann: tell tar to normalize the permissions.
- #803601 on xtables-addons by Reiner Herrmann: tell tar to normalize the permissions.
- #803603 on usb-modeswitch-data by Reiner Herrmann: tell tar to normalize the permissions.
A quick update on current statistics: testing is at 85% of packages tested reproducible with our modified packages, unstable on armhf caught up with amd64 with 80%.
The schroot name used for running diffoscope when testing OpenWrt, NetBSD, Coreboot, and Arch Linux has been fixed. (h01ger, Mattia Rizzolo)Documentation update
Paul Gevers documented timestamps in unit files created by the Free Pascal Compiler.
reproducible-builds.org is now live. It contains a comprehensive documentation on all aspects that have been identified so far of what we call “reproducible builds”. It makes room for pointers to projects working on reproducible builds, news, dedicated tools, and community events.Package reviews
206 reviews have been removed, 171 added and 196 updated this week.
Chris Lamb reported 28 failing to build from source issues.
New issues identified this week: timestamps_in_pdf_content, different_encoding_in_html_by_docbook_xsl, timestamps_in_ppu_generated_by_fpc, method_may_never_be_called_in_documentation_generated_by_javadoc.Misc.
Andrei Borzenkov has proposed a fix for uninitialized memory in GRUB's mkimage. Uninitialized memory is one source of hard to track down reproducibility errors.
Holger Levsen presented Debian's effort on reproduible builds at Festival de Software Libre in Vallarta, Mexico.
The book’s preface is co-signed by the last three Debian Project Leaders and it has been available through debian.org for a few months now. We are glad to have so much recognition for the hard work we have put in the book over the years.
Thank you all and I hope you will enjoy this new edition!
The work is not yet entirely over us for Roland and I, since we’re now busy updating the French translation of the book. It should be available in the upcoming weeks. Keep posted!
Last week I was in Tokyo, Japan for the OpenStack Summit, discussing the new Mitaka version that will be released in 6 months.
I've attended the summit mainly to discuss and follow-up new developments on Ceilometer, Gnocchi, Aodh and Oslo. It has been a pretty good week and we were able to discuss and plan a few interesting things. Below are what I found remarkable during this summit concerning those projects.Distributed lock manager
I did not attend this session, but I need to write something about it.
See, when working in a distributed environment like OpenStack, it's almost obvious that sooner or later you end up needing a distributed lock mechanism. It started to be pretty obvious and a serious problem for us 2 years ago in Ceilometer. Back then, we proposed the service-sync blueprint and talked about it during the OpenStack Icehouse Design Summit in Hong-Kong. The session at that time was a success, and in 20 minutes I convinced everyone it was the good thing to do. The night following the session, we picked a named, Tooz, to name this new library. It was the first time I met Joshua Harlow, which became one of the biggest Tooz contributor since then.
For the following months, we tried to move the lines in OpenStack. It was very hard to convince people that it was the solution to their problem. Most of the time, they did not seem to grasp the entirety of what was at stake.
This time, it seems that we managed to convince everyone that a DLM is indeed needed. Joshua wrote an extensive specification called Chronicle of a DLM, which ended up being discussed and somehow adopted during that session in Tokyo.
So yes, Tooz will be the weapon of choice for OpenStack. It will avoid a hard requirement on any DLM solution directly. The best driver right now is the ZooKeeper one, but it'll still be possible for operators to use e.g. Redis.
This is a great achievement for us, after spending years trying to fix features such as the Nova service group subsystem and seeing our proposals postponed forever.
With the new projects launched this last year, Aodh & Gnocchi, in parallel of the old Ceilometer, plus the change from programs to Big Tent in OpenSack, the team is having an identity issue. Being referred to as the "Ceilometer team" is not really accurate, as some of us only work on Aodh or on Gnocchi. So after discussing that, I proposed to rename the team to Telemetry instead. We'll see how it goes.Alarms
The first session was about alarms and the Aodh project. It turns out that the project is in pretty good shape, but probably need some more love, which I hope I'll be able to provide in the next months.
The need for a new aodhclient based on the technologies we recently used building gnocchiclient has been reasserted, so we might end up working on that pretty soon. The Tempest support also needs some improvement, and we have a plan to enhance that.Data visualisation
We got David Lyle in this session, the Project Technical Leader for Horizon. It was an interesting discussion. It used to be technically challenging to draw charts from the data Ceilometer collects, but it's now very easy with Gnocchi and its API.
While the technical side is resolved, the more political and user experience side of was to draw and how was discussed at length. We don't want to make people think that Ceilometer and Gnocchi are a full monitoring solution, so there's some precaution to take. Other than that, it would be pretty cool to have view of the data in Horizon.Rolling upgrade
It turns out that Ceilometer has an architecture that makes it easy to have rolling upgrade. We just need to write a proper documentation explaining how to do it and in which order the services should be upgraded.Ceilometer splitting
The split of the alarm feature of Ceilometer in its own project Aodh in the last cycle was a great success for the whole team. We want to split other pieces of Ceilometer, as they make sense on their own, makes it easier to manage. They are also some projects that want to use them without the whole stack, so that's a good idea to make it happen.CloudKitty & Gnocchi
I attended the 2 sessions that were allocated to CloudKitty. It was pretty interesting as they want to simplify their architecture and leverage what Gnocchi provides. I proposed my view of the project architecture and how they could leverage the more of Gnocchi to retrieve and store data. They want to go in that direction though it's a large amount of work and refactoring on their side, so it'll take time.
We also need to enhance the support of extension for new resources in Gnocchi, and that's something I hope I'll work on in the next months.
Overall, this summit was pretty good and I got a tremendous amount of good feedback on Gnocchi. I again managed to get enough ideas and tasks to tackle for the next 6 months. It really looks interesting to see where the whole team will go from that. Stay tuned!
USENIX lately started a new journal called JESA to tackle the issue of education for Systemadministrators. For the first issue Tom Limoncelli wrote an open letter which tries to summarize the current situation the industry faces. For me it's kind of a problem statement one can use to start thinking about solutions.
Currently I don't see something like a formal education to call yourself Systemadministrator or Systemengineer anywhere near. And I don't think it's required. But still the expectations I see on both ends - employer and employee - often differ a lot in all kind of directions.
In Germany we've a very organized (some call it bureaucratic) system of non academic education, organized as an apprenticeship. And like Tom wrote in the open letter mentioned above many IT departments do not follow best practise, and even more do so unintentionally because they never got that far. But what kind of people can you expect from this system when they got formed for three years in a rather sloppy environment? So there is a lot to fix, but as usual I've doubts when I think about possible solutions. Do I expect too much from the education system and/or the people? Do I look at the wrong people? Is this education system the right system to educate this kind of people I'd like to work with?
In case you're one of those troubled by the sorry state of the acpu release in Ubuntu 14.04 you can now switch to the official backport. Micah Gersten was kind enough to invest some time and got it uploaded.
FOSDEM is one of the world's premier meetings of free software developers, with over five thousand people attending each year. FOSDEM 2016 takes place 30-31 January 2016 in Brussels, Belgium.
This call-for-participation contains information about:
- Real-Time communications dev-room and lounge,
- speaking opportunities,
- volunteering in the dev-room and lounge,
- related events around FOSDEM, including the XMPP summit,
- social events (including the Saturday night dinner),
- the Planet aggregation sites for RTC blogs
The Real-Time dev-room and Real-Time lounge is about all things involving real-time communication, including: XMPP, SIP, WebRTC, telephony, mobile VoIP, codecs, privacy and encryption. The dev-room is a successor to the previous XMPP and telephony dev-rooms. We are looking for speakers for the dev-room and volunteers and participants for the tables in the Real-Time lounge.
The dev-room is only on Saturday, 30 January 2016 in room K.3.401. The lounge will be present for both days in building K.
To discuss the dev-room and lounge, please join the FSFE-sponsored Free RTC mailing list.Speaking opportunities
Note: if you used Pentabarf before, please use the same account/username
Main track: the deadline for main track presentations was midnight on 30 October. Leading developers in the Real-Time Communications field are encouraged to consider submitting a presentation to the main track.
Real-Time Communications dev-room: deadline 27 November. Please also use the Pentabarf system to submit a talk proposal for the dev-room. On the "General" tab, please look for the "Track" option and choose "Real-Time devroom".
Other dev-rooms: some speakers may find their topic is in the scope of more than one dev-room. It is permitted to apply to more than one dev-room but please be kind enough to tell us if you do this. See the full list of dev-rooms.
Lightning talks: deadline 27 November. The lightning talks are an excellent opportunity to introduce a wider audience to your project. Given that dev-rooms are becoming increasingly busy, all speakers are encouraged to consider applying for a lightning talk as well as a slot in the dev-room. Pentabarf system to submit a lightning talk proposal. On the "General" tab, please look for the "Track" option and choose "Lightning Talks".First-time speaking?
FOSDEM dev-rooms are a welcoming environment for people who have never given a talk before. Please feel free to contact the dev-room administrators personally if you would like to ask any questions about it.Submission guidelines
The Pentabarf system will ask for many of the essential details. Please remember to re-use your account from previous years if you have one.
In the "Submission notes", please tell us about:
- the purpose of your talk
- any other talk applications (dev-rooms, lightning talks, main track)
- availability constraints and special needs
You can use HTML in your bio, abstract and description.
If you maintain a blog, please consider providing us with the URL of a feed with posts tagged for your RTC-related work.
We will be looking for relevance to the conference and dev-room themes, presentations aimed at developers of free and open source software about RTC-related topics.
Please feel free to suggest a duration between 20 minutes and 55 minutes but note that the final decision on talk durations will be made by the dev-room administrators. As the two previous dev-rooms have been combined into one, we may decide to give shorter slots than in previous years so that more speakers can participate.
Please note FOSDEM aims to record and live-stream all talks. The CC-BY license is used.
For any questions, please join the FSFE-sponsored Free RTC mailing list.Volunteers needed
To make the dev-room and lounge run successfully, we are looking for volunteers:
- FOSDEM provides video recording equipment and live streaming, volunteers are needed to assist in this
- organizing one or more restaurant bookings (dependending upon number of participants) for the evening of Saturday, 30 January
- participation in the Real-Time lounge
- helping attract sponsorship funds for the dev-room to pay for the Saturday night dinner and any other expenses
- circulating this Call for Participation to other mailing lists
FOSDEM is made possible by volunteers and if you have time to contribute, please feel free to get involved.Related events - XMPP and RTC summits
The XMPP Standards Foundation (XSF) has traditionally held a summit in the days before FOSDEM. There is discussion about a similar summit taking place on 28 and 29 January 2016. Please see the XSF Summit 19 wiki and join the mailing list to discuss.
We are also considering a more general RTC or telephony summit, potentially on 29 January. Please join the Free-RTC mailing list and send an email if you would be interested in participating, sponsoring or hosting such an event.Social events and dinners
The traditional FOSDEM beer night occurs on Friday, 29 January
On Saturday night, there are usually dinners associated with each of the dev-rooms. Most restaurants in Brussels are not so large so these dinners have space constraints. Please subscribe to the Free-RTC mailing list for further details about the Saturday night dinner options and how you can register for a seat.Spread the word and discuss
If you know of any mailing lists where this CfP would be relevant, please forward this email. If this dev-room excites you, please blog or microblog about it, especially if you are submitting a talk.
If you regularly blog about RTC topics, please send details about your blog to the planet site administrators:http://planet.jabber.org email@example.com http://planet.sip5060.net firstname.lastname@example.org http://planet.opentelecoms.org email@example.com
Please also link to the Planet sites from your own blog or web site.Contact
For discussion and queries, please subscribe to the Free-RTC mailing list.
The dev-room administration team:
Attention: If these two videos don't both look identical (save for rounding errors) to each other and to this slide, it has broken understanding of YUV color primaries, and will render lots of perfectly normal video subtly off in color, one way or the other.
Remux in MP4 instead of MPEG-TS here, for easier testing in browsers etc.: First, second. Chrome passes with perfect marks, Iceweasel segfaults on both (GStreamer's quality or lack thereof continues to amaze me). MPlayer and VLC both get one of them wrong (although VLC gets it more right if you use its screenshot function to save a PNG to disk, so check what's actually on the screen); ffmpeg with PNG output gets it right but ffplay doesn't.
Edit to add: The point is the stable picture, not the flickering in the first few frames, of course. The video was encoded quite hastily.
This month I marked 492 packages for accept and rejected 50 of them. I had to send only 11 emails to maintainers.
Up to now I accepted about 6000 packages, my first one was pexpect_3.0-1 on 20131211.date package 1 20131211 pexpect_3.0-1 1111 20140506 dochelp_0.1 2121 20140825 cl-parse-number_1.3-1 2222 20140903 node-websocket-driver_0.3.5-1 3333 20150303 libparse-keyword-perl_0.08-1 4242 20150625 python-monotonic_0.2-1 4444 20150708 libmusicbrainz5_5.1.0+git20150707-1 5555 20150928 golang-github-yosssi-ace_0.0.4+git20150515.41.78e48a2-3
So, when do you expect accepted package number 6666, 7777, 8888 and 9999?
This month I only got a workload of 13.25h. Altogether I uploaded those DLAs:
- [DLA 327-1] freeimage security update
- [DLA 331-1] polarssl security update
- [DLA 334-1] libxml2 security update
- [DLA 334-2] libxml2 regression update
While preparing the libxml2 upload, I mixed up things for the i386 build and so [DLA 334-2] had to follow shortly after [DLA 334-1].
I also prepared a new upload of PHP5 with nine CVEs fixed. I put the i386 and amd64 versions at people.d.o and invite everybody to test them and give positive or negative feedback. The real upload to the archive will happen next week.
This month I also had another term of doing frontdesk work and looked for CVEs that are important for Squeeze LTS or could be ignored.
This month I only polished some packages and uploaded:
I also manually closed #711329 and #352421. After adopting package chktex I inherited #352421, which was one of my oldest bugs. It was about emacs longlines-mode support and I could close it without actually fixing something. The longlines-mode vanished from emacs. So, sorry for that …
I know I don't mention a season, and I'm a few hours late for hallowe'en, but here's a haiku about Haiku:
A death, once again,
The master sighs, and fixes,
It rises up, undead.
Yet another monthly upstream Armadillo update gets us the first changes to the new the 6.* series. This was preceded by two uploads of test released to GitHub-only. These two were tested both against all reverse-dependencies as usual. A matching upload to Debian will follow shortly.
Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab.
This release is fairly straightforward with few changes:Changes in RcppArmadillo version 0.6.200.2.0 (2015-10-31)
Upgraded to Armadillo 6.200.0 ("Midnight Blue Deluxe")
expanded diagmat() to handle non-square matrices and arbitrary diagonals
expanded trace() to handle non-square matrices
Courtesy of CRANberries, there is also a diffstat report for the most recent CRAN release. As always, more detailed information is on the RcppArmadillo page. Questions, comments etc should go to the rcpp-devel mailing list off the R-Forge page.
Here is my monthly update covering a large part of what I have been doing in the free software world (previously):
- Did significant work on a healthcare-related project to be released under a free-software license
- Fixed an issue in dh-virtualenv where initscripts could be started before the Virtualenv has completely configured
- Added support to the mailvelope OpenPGP browser extension to show the key ID in the "Sign message with key" dialog
- Added Django 1.8 support to django-setuptest
- Added the ability for my tickle-me-email Getting Things Done toolbox to inject emails into "draft" folders, and subsequently added attachment support
- Fixed Strava Enhancement Suite's calculation of repeated segments to also include "hidden segments"
- Corrected the output filename calculation in Legofy, a program makes an image look as if it was built out of Lego
- Added per-activity rate limiting to my stravabot IRC bot
- Worked with Tyler Garner to add support in django-slack for reporting exceptions as well as with Bastian Hoyer towards Python 3 support
- Worked with freeyoung to merge support in dns-filter for "stripped" A records as well as to add more configuration options
- Uploaded all of my Python and Django packages to Python Package Index
- Updated my email address in Django's AUTHORS file to point to my typical Django-related email address
- Blogged about how to migrate away from add_to_builtins for Django 1.9
- Submitted a patch to ensure pyversions emits its output in a deterministic order. Further work is needed to ensure packages are deterministic.
- Registered and arranged logistics for MiniDebConf Cambridge 2015.
This month I have been paid to work 11 hours on Debian Long Term Support (LTS). In that time I did the following:
- DLA 326-1 for zendframework fixing an SQL injection vulnerability.
- DLA 332-1 for optipng correcting a use-after-free issue.
- DLA 333-1 for cakephp preventing a remote Denial of Service attack.
- DLA 337-1 for busybox fixing a vulnerability when unzipping a specially crafted zip file/
- DLA 338-1 for xscreensaver preventing a crash when hot-swapping monitors.
- redis — New upstream release as well as changing the default UNIX socket location and correctly supporting "cluster" mode config file hardening and redis-sentinel's runtime directory handling under systemd. An update for jessie was also uploaded.
- python-redis — Attempting to get the autopkgtest tests to finally pass.
- debian-timeline — Making the build reproducible.
- gunicorn — New upstream release.
- cpl-plugin-naco: Please make the build reproducible
- criu: Please make the build reproducible
- fonts-oldstandard: version string should be 2.2really2.02-$DEBIAN_REVISION
- lintian: Please warn about use of deprecated githubredir.debian.net in debian/watch files
- python3-defaults: pyversions emits its output in a deterministic order
- bochs: Support building under Linux 4.x
- go-mtpfs: Missing Build-Depends on pkg-config and libusb-1.0-0-dev
- openslide-python: Missing Build-Depends on python3-pil and libopenslide-dev
- python-changelog: Missing Build-Depends on python3-sphinx
- python-redmine: Missing Build-Depends on python3-requests
- python3-astropy: Incompatible with Python 3.5
- xserver-xorg-video-qxl: Missing Build-Depends on libglib2.0-dev and libssl-dev
I also filed FTBFS bugs against arora, barry, django-ajax-selects, django-polymorphic, django-sitetree, flask-autoindex, flask-babel, genparse, golang-github-jacobsa-ogletest, healpy, jarisplayer, jsurf-alggeo, kmidimon, libmapper, libpreludedb, mathgl, metview, miaviewit, moksha.common, monster-masher, node-connect, node-postgres, opensurgsim, php-xml-rss, pokerth, pylint-django, python-django-contact-form, python-pyqtgraph, python-pyramid, qlipper, r-bioc-cummerbund, r-bioc-genomicalignments, rawdns, ruby-haml-rails, ruby-omniauth-ldap, scute, stellarium, step, synfigstudio, tulip, xdot, & yelp.
Reading on vacation always puts me in the mood to buy more books, including a couple that I picked up while on vacation. (I only read one, but that one, Ancillary Mercy, was certainly worth it.)
Ta-Nehisi Coates — Between the World and Me (non-fiction)
Kameron Hurley — Empire Ascendant (sff)
Kameron Hurley — Rapture (sff)
Jenny Lawson — Furiously Happy (non-fiction)
Ann Leckie — Ancillary Mercy (sff)
Kaori Mori — Bride's Story: Volume 2 (graphic novel)
Kaori Mori — Bride's Story: Volume 3 (graphic novel)
Randall Munroe — xkcd: Volume 0 (strip collection)
Jo Walton — The Philosopher Kings (sff)
Fumi Yoshinaga — Ōoku: Volume 3 (graphic novel)
Infidel, the middle book of the Bel Dame Apocrypha trilogy by Kameron Hurley, was out of stock, so I'll have to re-order. I might put in another book order shortly to get that plus a few other things, although really I could just take that time to go read more books.
Back from vacation now, so fell out of the reading habit a bit. I've been doing other stuff on the train, but shortly I'll get back into it.
I'm not normally one to respond to online appeals for money: there are often far too many of them. Ken Starks is a well known Linux personality who set up a charity to provide needy local people with Linux and recycled machines. He's also a good guy who works hard for this as something he believes in: this is no scam. The Helios Project (from before his own charity merged with another known as Reglue) is also still an SPI project as far as I know
Ken is currently holding a fund raising drive to replace his vehicle used for the Reglue project on Indiegogo. This is probably most of interest to US readers who may be able to treat this as charitable donation - the things he's offering in return for donations are most readily shipped within the US and Canada.
Any and all help would be greatly appreciated.
Back in March I was given an LG G Watch R, the first Android Wear smartwatch to have a full round display (the Moto 360 was earlier, but has a bit cut off the bottom of the actual display). I’d promised I’d get round to making some comments about it once I’d had it for a while and have failed to do so until now. Note that this is very much comments on the watch from a user point of view; I haven’t got to the point of trying to do any development or other hacking of it.
Firstly, it’s important to note I already was wearing a watch and have been doing so for all of my adult life. Just a basic, unobtrusive analogue watch (I’ve had a couple since I was 18, before that it was pretty much every type of calculator watch available at some point), but I can’t remember a period where I didn’t. The G Watch R is bulkier than what I was previously wearing, but I haven’t found it obtrusive. And I love the way it looks; if you don’t look closely it doesn’t look like a smart watch (and really it’s only the screen that gives it away).
Secondly, I already would have taken my watch off at night and when I was showering. So while the fact that the battery on the G Watch R will really only last a day and a half is by far and away its most annoying problem, it’s not as bad as it could be for me. The supplied charging dock is magnetic, so it lives on my beside table and I just drop the watch in it when I go to bed.
With those details out of the way, what have I thought of it? It’s certainly a neat gadget. Being able to see my notifications without having to take my phone out of my pocket is more convenient than I expected - especially when it’s something like an unimportant email that I can then easily dismiss by swiping the watch face. My agenda being just a flick away, very convenient, particularly when I’m still at the stage of trying to remember where my next lecture is. Having walking directions from Google Maps show up on the watch (and be accompanied by a gentle vibration when I need to change direction) is pretty handy too. The ability to take pictures via the phone camera, not so much. Perhaps if it showed me roughly what I was about to photograph, but without that it’s no easier than using the phone interface. It’s mostly an interface for consuming information - I’ve tried the text to SMS interface a few times, but it’s just not reliable enough that I’d choose to use it.
I’ve also been pleased to see it get several updates from LG in the time I’ve had it. First the upgrade from Wear 4.4 to Wear 5.1 (probably via 5.0 but I forget), but also the enabling of wifi support. The hardware could always support this, but initially Android Wear didn’t and then there was some uncertainty about the FCC certification for the G Watch R. I can’t say I use it much (mostly the phone is within range) but it’s nice to see the improvements in support when they’re available.
What about the downsides? Battery life, as mentioned above, is definitely the major one. Mostly a day is fine, but the problem comes if I’m ever away. There’s no way to charge without the charging dock, so that becomes another things I have to pack. And it’s really annoying to have your watch go dead on you midday when you forget to do so. I also had a period where I’d frequently (at least once a week) find an “Android Wear isn’t responding. Wait/Restart?” error on the watch screen. Not cool, but thankfully seems to have stopped happening. Finally there’s the additional resource requirements it puts on the phone. I have a fairly basic Moto G 4G that already struggles with Ingress and Chrome at the same time, so adding yet another thing running all the time doesn’t help. I’m sure I could make use of a few more apps if I was more comfortable with loading the phone.
The notable point for me with the watch was DebConf. I’d decided not to bring it, not wanting the hassle of dealing with the daily charging. I switched back to my old analogue watch (a Timex, if you care). And proceeded to spend 3 days looking at it every time my phone vibrated before realising that I couldn’t do that. That marked the point where I accepted that I was definitely seeing benefits from having a smart watch. So when I was away for a week at the start of September, I brought the charger with me (at some point I’ll get round to a second base for travel). I was glad I’d done so. I’m not sure I’m yet at the point I’d replace it in the event it died, but on the whole I’m more of a convert that I was expecting to be.