Planet Debian

Subscribe to Planet Debian feed
Planet Debian -
Updated: 23 min 55 sec ago

Arturo Borrero González: Great Debian meeting!

11 January, 2016 - 17:19

Last week we finally ended with a proper Debian informal meeting at Seville.

A total amount of 9 people attended, 3 of them DDs (Aurelien Jarno, Gillem Jover, Ana Guerrero) and 1 DM (me).

The meeting started with the usual "personal references" round, and then topics ranged from how to get more people involved with Debian, to GSoC-like programs discussions, and some Debian anecdotes as well.

There were also talks about when and how future meetings should be.

This meeting was hosted by, thanks to Pablo Neira (Netfilter project head).

Some pics of the moment:

Alessio Treglia: Filling old bottles with new wine

11 January, 2016 - 15:29


They are filling old bottles with new wine!” This is what the physicist Werner Heisenberg heard exclaiming by his friend and colleague Wolfgang Pauli who, criticizing the approach of the scientists of the time, believed that they had been forcibly glued the notion of “quantum” on the old theory of the planetary-model of Bohr’s atom. Faced with the huge questions introduced by quantum physics, Pauli instead began to observe the new findings from a different point of view, from a new level of reality without the constraints imposed by previous theories.

Newton himself, once he theorized the law of the gravitational field, failing to place it in any of the physical realities of the time, he merely…

<Read More...>

Daniel Pocock: FOSDEM RTC Dev-room schedule published

11 January, 2016 - 13:09

If you want to help make Free Real-time Communication (RTC) with free, open source software surpass proprietary solutions this year, a great place to start is the FOSDEM RTC dev-room.

On Friday we published the list of 17 talks accepted in the dev-room (times are still provisional until the FOSDEM schedule is printed). They include a range of topics, including SIP, XMPP, WebRTC and peer-to-peer Real-time communication.

RTC will be very prominent at FOSDEM this year with several talks on this topic, including my own, in the main track.

Keith Packard: Altos1.6.2

11 January, 2016 - 12:03
AltOS 1.6.2 — TeleMega v2.0 support, bug fixes and documentation updates

Bdale and I are pleased to announce the release of AltOS version 1.6.2.

AltOS is the core of the software for all of the Altus Metrum products. It consists of firmware for our cc1111, STM32L151, STMF042, LPC11U14 and ATtiny85 based electronics and Java-based ground station software.

This is a minor release of AltOS, including support for our new TeleMega v2.0 board, a small selection of bug fixes and a major update of the documentation

AltOS Firmware — TeleMega v2.0 added

The updated six-channel flight computer, TeleMega v2.0, has a few changes from the v1.0 design:

  • CC1200 radio chip instead of the CC1120. Better receive performance for packet mode, same transmit performance.

  • Serial external connector replaced with four PWM channels for external servos.

  • Companion pins rewired to match EasyMega functionality.

None of these change the basic functionality of the device, but they do change the firmware a bit so there's a new package.

AltOS Bug Fixes

We also worked around a ground station limitation in the firmware:

  • Slow down telemetry packets so receivers can keep up. With TeleMega v2 offering a fast CPU and faster radio chip, it was overrunning our receivers so a small gap was introduced between packets.
AltosUI and TeleGPS applications

A few minor new features are in this release

  • Post-flight TeleMega and EasyMega orientation computations were off by a factor of two

  • Downloading eeprom data from flight hardware would bail if there was an error in a data record. Now it keeps going.


I spent a good number of hours completely reformatting and restructuring the Altus Metrum documentation.

  • I've changed the source format from raw docbook to asciidoc, which has made it much easier to edit and to use docbook features like links.

  • The css moves the table of contents out to a sidebar so you can navigate the html format easily.

  • There's a separate EasyMini manual now, constructed by taking sections from the larger manual.

Ben Hutchings: Debian LTS work, December 2015

11 January, 2016 - 08:36

In December I carried over 15 hours from October/November and was assigned another 15 hours of work by Freexian's Debian LTS initiative. I worked a total of 20 hours despite the holidays.

I uploaded a security and bug fix update to linux-2.6 early in December, and sent DLA-360-1. I also backported several more security fixes, released in the new year. I sent several of the fixes to Willy Tarreau for inclusion in Linux 2.6.32-longterm.

I prepared an update to sudo to fix CVE-2015-5602. This turned out not to have been properly fixed upstream, so I finished the job and am now in the process of backporting and uploading fixes for all suites.

I reviewed the packages affected by CVE-2015-8614 and the upstream fix in claws-mail, and found that that was also incomplete. This resulted in another CVE ID being issued.

I had another week in the front desk role, over the new year, and triaged about 20 new issues. About half of them affected packages supported in squeeze-lts.

Updated: I also found a bug in the contact-maintainers script used by the LTS front desk. It used apt-cache show to find out the maintainers of a source package, which may result in outdated information — particularly if you configure APT to fetch squeeze sources in order to work on LTS! I modified the script to grab maintainer information out of the RDF description provided by (not yet implemented on I feel there ought to be an easier way to do this, but at least I learned something about RDF.

Dirk Eddelbuettel: Rcpp 0.12.2: Keep rollin'

11 January, 2016 - 07:08

The third update in the 0.12.* series of Rcpp arrived on the CRAN network for GNU R earlier today, and has been pushed to Debian. It follows the 0.12.0 release from late July, the 0.12.1 release in September, and the 0.12.2 release in November making it the seventh release at the steady bi-montly release frequency. This release is somewhat more of a maintenance release addressing a number of small bugs and nuisances without adding any new features.

Rcpp has become the most popular way of enhancing GNU R with C or C++ code. As of today, 553 packages on CRAN depend on Rcpp for making analytical code go faster and further. That is up by more than fourty packages from the last release in November.

Once again, we have new first-time contributors. Kazuki Fukui corrected an issue he encountered when having CLion re-formatted some code for him. Joshua Pritikin corrected a constructor initialization. Of course, we also had several pull reports from regular contributors -- see below for a detailed list of changes extracted from the NEWS file.

Changes in Rcpp version 0.12.3 (2016-01-10)
  • Changes in Rcpp API:

    • Const iterators now CharacterVector now behave like regular iterators (PR #404 by Dan fixing #362).

    • Math operators between matrix and scalars type have been added (PR #406 by Qiang fixing #365).

    • A missing std::hash function interface for Rcpp::String has been addded (PR #408 by Qiang fixing #84).

  • Changes in Rcpp Attributes:

    • Avoid invalid function names when generating C++ interfaces (PR #403 by JJ fixing #402).

    • Insert additional space around & in function interface (PR #400 by Kazuki Fukui fixing #278).

  • Changes in Rcpp Modules:

    • The copy constructor now initialized the base class (PR #411 by Joshua Pritikin fixing #410)

  • Changes in Rcpp Repository:

    • Added a file providing some points to potential contributors (PR #414 closing issue #413)

Thanks to CRANberries, you can also look at a diff to the previous release. As always, even fuller details are on the Rcpp Changelog page and the Rcpp page which also leads to the downloads page, the browseable doxygen docs and zip files of doxygen output for the standard formats. A local directory has source and documentation too. Questions, comments etc should go to the rcpp-devel mailing list off the R-Forge page.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Carl Chenet: Feed2tweet 0.2: power of the command line sending your Feed RSS to Twitter

11 January, 2016 - 06:00

Feed2tweet is a self-hosted Python app to send you RSS feed to Twitter. A long descriptions about why and how to use it is available in my last post about it.

Feed2tweet is in production for Le Journal du hacker, a French Hacker News-style FOSS website.

Feed2tweet 0.2 brings a lot of new command line options, contributed by Antoine Beaupré @theanarcat. Taking a short extract of the Feed2tweet 0.2 changelog:


  • new command line option -r or –dry-run to simulate execution of Feed2tweet
  • new command line option -d or –debug to increase verbosity of the execution of Feed2tweet
  • new command line option -v or –verbose to follow the execution of Feed2tweet
  • new command line option –cachefile to get the path of the cache file
  • new command line option –hashtaglist to get the path of the hash tag composed by multiple words
  • new command line option -r or –rss to get the uri of the RSS feed


Lots of issues from the previous project was also fixed.

Using Feed2tweet? Send us bug reports/feature requests/push requests/comments about it!

Ben Hutchings: Debian LTS work, December 2015

11 January, 2016 - 05:11

In December I carried over 15 hours from October/November and was assigned another 15 hours of work by Freexian's Debian LTS initiative. I worked a total of 20 hours despite the holidays.

I uploaded a security and bug fix update to linux-2.6 early in December, and sent DLA-360-1. I also backported several more security fixes, released in the new year. I sent several of the fixes to Willy Tarreau for inclusion in Linux 2.6.32-longterm.

I prepared an update to sudo to fix CVE-2015-5602. This turned out not to have been properly fixed upstream, so I finished the job and am now in the process of backporting and uploading fixes for all suites.

I reviewed the packages affected by CVE-2015-8614 and the upstream fix in claws-mail, and found that that was also incomplete. This resulted in another CVE ID being issued.

I had another week in the front desk role, over the new year, and triaged about 20 new issues. About half of them affected packages supported in squeeze-lts.

Vasudev Kamath: Managing Virtual Network Devices with systemd-networkd

10 January, 2016 - 23:56

I've been using bridge networking and tap networking for containers and virtual machines on my system. Configuration for bridge network which I use to connect containers was configured using /etc/network/interfaces file as shown below.

auto natbr0
iface natbr0 inet static
   pre-up brctl addbr natbr0
   post-down brctl delbr natbr0
   post-down sysctl net.ipv4.ip_forward=0
   post-down sysctl net.ipv6.conf.all.forwarding=0
   post-up sysctl net.ipv4.ip_forward=1
   post-up sysctl net.ipv6.conf.all.forwarding=1
   post-up iptables -A POSTROUTING -t mangle -p udp --dport bootpc -s -j CHECKSUM --checksum-fill
   pre-down iptables -D POSTROUTING -t mangle -p udp --dport bootpc -s -j CHECKSUM --checksum-fill

Basically I setup masquerading and IP forwarding when network comes up using this, so all my containers and virtual machines can access internet.

This can be simply done using systemd-networkd with couple of lines, yes couple of lines. For this to work first you need to enable systemd-networkd.

systemctl enable systemd-networkd.service

Now I need to write 2 configuration file for the above bridge interface under /etc/systemd/network. One file is natbr0.netdev which configures the bridge and the which configures IP address and other stuff for the bridge interface.

Description=Bridge interface for containers/vms

Description=IP configuration for natbr0

The IPForward in above configuration is actually redundant, when I set IPMasquerade it automatically enables IPForward. So these configuration is equivalent of what I did in my interfaces file. It also avoids me doing additional iptables usage to add masquerading rules. This pretty much simplifies handling of virtual network devices.

There are many other things which can you do with systemd-networkd, like running a DHCPServer on the interface and many other things. I suggest you to read manual pages on and systemd.netdev(5).

systemd-networkd allows you configure all type of virtual networking devices and actual network interfaces. I've not myself used it to handle actual network interfaces yet.

Andrew Shadura: Public transport map of Managua

10 January, 2016 - 23:26

Holger Levsen writes about the public transport map of Managua, Nicaragua, which is, according to him, the first detailed map of Managua’s bus network:

If you haven’t been to Managua, you might not be able to immediatly appreciate the usefulness of this. Up until now, there has been no map nor timetable for the bus system, which as you can see now easily and from far away, is actually quite big and is used by 80% of the population in a city, where the streets still have no names.

Having had a look at the map they produced, I have to admit I quite liked it:

MapaNica, the community behind said map, are raising funds to make lives of locals easier by publishing a printed version of the map and distributing it. They have already raised more than $3300 of their $7500 goal. Every further donation will help them print more maps.

Please go to and support their initiative!

Holger Levsen: 20160110-support-mapanica-net

10 January, 2016 - 20:17
Please support the public transportation map of Manugua

Some of you might remember DebConf12 in Managua, Nicaragua and the very friendly and helpful locals, who recently contacted me to tell me about their new project, so that I share this on planet Debian: A local community of openstreet map enthusiasts, of which some were involved in DebConf12, has collected for the first time detailed information about Managua's bus network!

To bring their efforts further, they will now print these maps on paper, so that even more people can use them in their daily lives.

If you haven't been to Managua, you might not be able to immediatly appreciate the usefulness of this. Up until now, there has been no map nor timetable for the bus system, which as you can see now easily and from far away, is actually quite big and is used by 80% of the population in a city, where the streets still have no names.

If this made you curious (or just brought back happy memories from 2012) please go to and donate some money - their campaign is running for 3 more weeks and currently they have already raised 3300 USD, enough to print some maps, but 4200 USD short of their goal. Every further donation will help to print some more maps, even something as little as 20 USD or EUR will help people in their real lifes to better understand the beast of Managua's bus route network.

Juliana Louback: NLP: Viterbi Named-Entity Tagger

10 January, 2016 - 17:06

During my MSc program, I was lucky to squeeze into Michael Collin’s NLP class. We used his Coursera course as part of the program, which I’d highly recommend.

Recently I decided to review my NLP studies and I believe the best way to learn or relearn a subject is to teach it. This is one in a series of 4 posts with a walk-through of the algorithms we implemented during the course. I’ll provide links to my code hosted on Github.

Disclaimer: Before taking this NLP course, the only thing I knew about Python was that ‘it’s the one without curly brackets’. I learned Python on the go while implementing these algorithms. So if I did anything against Python code conventions or flat-out heinous, I apologize and thank you in advance for your understanding. Feel free to write and let me know.

The Concept

To quote Wikipedia, “Named-entity recognition (I’ve always known it as tagging) is a subtask of information extraction that seeks to locate and classify elements in text into predefined categories such as the names of persons, organizations, locations, expressions of times, quanitites, monetary values, percentages, etc.”

For example, the algorithm receives as input some text

“Bill Gates founded Microsoft in 1975.”

and outputs

“Bill Gates[person] founded Microsoft[organization] in 1975[date].”

Off the top of my head, some useful applications are document matching (ex. a document containing Gates[person] may not be on the same topic as one containing gates[object]) and query searches. I’m sure there are lots more, if you check out Collin’s Coursera course he may discuss this in greater depth.

The Requirements

Development data: The file ner_dev.dat provided by prof. Michael Collins has a series of sentences separated by an empty line, one word per line.

Training data: The file ner_train.dat provided by prof. Michael Collins has a series of sentences separated by an empty line, one word and tag per line, speparated by a space.

Word-tag count data: The file ner.counts has the format [count] [type of tag] [label] [word]. The tags used are RARE, O, I-MISC, I-PER, I-ORG, I-LOC, B-MISC, B-PER, B-ORG, B-LOC. The tag O means it’s not an NE. This file is generated by, a script provided by prof. Michael Collins. Run on the training data ner_train.dat

The Algorithm

Python code: Usage: python ner.counts ngram.counts [input_file] > [output_file] Summary: The Viterbi algorithm finds the maximum probability path for a series of observations, based on emission and transition probabilities. In a Markov Process, emission is the probability of an output given a state and transition is the probability of transitioning to the state given the previous states. In our case, the emission parameter e(x|y) = the probability of the word being x given you attributed tag y. If your training data had 100 counts of ‘person’ tags, one of which is the word ‘London’ (I know a guy who named his kid London), e(‘London’|’person’) = 0.01. Now with 50 counts of ‘location’ tags, 5 of which are ‘London’, e(‘London’|’location’) = 0.1 which clearly trumps 0.01. The transition parameter q(yi | yi-1, yi-2) = the probability of putting tag y in position i given it’s two previous tags. This is calculated by Count(trigram)/Count(bigram). For each word in the development data, he Viterbi algorithm will associate a score for a word-tag combo based on the emission and transition parameters it obtained from the training data. It does this for every possible tag and sees which is more likely. Clearly this won’t be 100% correct as natural language is unpredictable, but you should get pretty high accuracy.

Optional Preprocessing

Re-label words in training data with frequency < 5 as ‘RARE’ - This isn’t required, but useful. Re-run if used.

Python code:

Usage: python [input_file]


  1. Uses Python Counter to obtain word counts in [input_file]; removes all word-count pairs with count < 5, store remaining pairs in a dictionary named rare_words.
  2. Iterates through each line in [input file], checks if word is in rare words dictionary, if so, replaces word with RARE.

Step 1. Get Count(y) and Count(x~y)

Python code:


  1. Iterate through each line in ner.counts file and store each word-label-count combo in a dictionary count_xy and update the dictionary of count_y. For example count_xy[Peter][I-PER] returns the number of times the word ‘Peter’ was labeled ‘I-PER’ in the training data and count_y[I-PER] the total number of ‘I-PER’ tags. The dictionary count_y contains 8 items, one for each label ( RARE , O, I-MISC, I-PER, I-ORG, I-LOC, B-MISC, B-PER, B-ORG, B-LOC);
  2. Return count_xy, count_y

Step 2. Get bigram and trigram counts

Python code:


  1. Iterate through each line in the n-gram_counts file
  2. If the line contains ’2-GRAM’ add an item to the bigram_counts dictionary using the bigram (two space-separated labels following the tag type ‘2-gram’) as key, count as value. This dictionary will contain Count(yi-2,yi-1).
  3. If the line contains ’3-GRAM’, add an item to the trigram_counts dictionary using the trigram as key, count as value. This dictionary will contain Count(yi-2, yi-1, yi).
  4. Return dictionaries of bigram and trigram counts.

Step 3. Viterbi

(For each line in the [input_file]):

  1. If the word was seen in training data (present in the count_xy dictionary), for each of the possible labels for the word:
  2. Calculate emission = count_xy[word][label] / float(count_y[label]
  3. Calculate transition = trigram_counts[trigram])/float(bigram_counts[bigram] Note: yi-2 = *, yi-1 = * for the first round
  4. Set probability = emission x transition
  5. Update max(probability) and arg max if needed. 2 If the word was not seen in the training data:
  6. Calculate emission = count xy[RARE][label] / float(count y[label].
  7. Calculate q(yi yi-1, yi-2) = trigram counts[trigram])/float(bigram counts[bigram]. Note: yi-2 = ∗, yi-1 = ∗ for the first round
  8. Set probability = emission × transition
  9. Update max(probability) if needed, arg max = RARE
  10. Write arg max and log(max(probability)) to output file.
  11. Update yi-2, yi-1.
  12. Update yi-2, yi-1.


Prof. Michael Collins provided an evaluation script to verify the output of your Viterbi implementation. Usage: python ner_dev.key [output_file]

Alessio Treglia: A WordPress Plugin to list posts in complex nested websites

10 January, 2016 - 16:06


List all posts by Authors, nested Categories and Titles is a WordPress Plugin I wrote to fix a menu issue I had during a complex website development. It has been included in the official WordPress Plugin repository. The Plugin is particularly suitable to all multi-nested categories and multi-authors websites handling a large number of posts and complex nested category layout (i.e.: academic papers, newpapers articles, etc). This plugin allows the user to place a shortcode into any page and get rid of a long and nested menu/submenu to show all site’s posts. A selector in the page will allow the reader to select grouping by Category/Author/Title. You can also manage to install a “tab” plugin (i.e.: Tabby Responsive Tabs) and arrange each group on its specific tab.

Output grouped by Category will look like:

    post1                       AUTHOR
        post2                   AUTHOR
        post3                   AUTHOR
            post4               AUTHOR

while in the “Author” grouping mode, it is:

  post1               [CATEGORY]
  post2               [CATEGORY]

  post1               [CATEGORY]
  post2               [CATEGORY]

The plugin installs a new menu “ACT List Shortcodes” in Admin->Tools. The tool is a helper to automatically generate the required shortcode. It will parse the options and display the string to be copied and pasted into any page.

The Plugin is holding a GPL2 license and it can be downloaded from its page on WP Plugins.


Scott Kitterman: Debian LTS Work December 2015

10 January, 2016 - 10:34

This was my eighth month as a Freexian sponsored LTS contributor. I was assigned 8 hours for the month of December.  It’s also the month in which I (re)learned an important lesson.

I decided to take another run at backporting the security fixes for Quassel.  Unlike the first time, I was successful at getting the fixes backported.  Then I ran into another problem: the changes took advantage of new features in c++11 such as std::function.

I made an attempt to change things away from c++11 with my limited c++ foo and after running head first into a brick wall several times finally consulted with the upstream author of the original fixes.   He let me know that while the problematic code is in fact present in the quassel versions in squeeze and wheezy, it’s not actually possible to trigger the security issue and that the CVEs should not actually apply to those versions.

That’s my report of a singularly unproductive and unpleasant 8 hours.  Next time I ask upstream first if there’s any doubt.  I shouldn’t assume they only care about current/recent releases.

Norbert Preining: Kobo firmware 3.19.5761 mega update (KSM, nickel patch, ssh, fonts)

10 January, 2016 - 05:16

Since 3.18.0 there have been two new firmwares for the Kobo eInk devices. For the very recently released firmware release 3.19.5761 I have updated my collection of patches and features. As with previous mega-package, I prepared updates for all three hardwares, Mark4 (Glo), Mark5 (Aura), and Mark6 (GloHD), but only the one for Mark6 is tested by myself.

Changes since last release:

  • KSM updated to v8
  • koreader updated to v2015.11-stable
  • update pbchess package to 2015.07
  • (that was actually in the last one already, but I mention it again, just to be sure) customdict scripting update via was removed – for those who need it there is a patch that works better in the Metazoa patches, but I did not activate it for the public release.

Included patches from the Metazoa firmware patches: Custom reading footer style, My 15 line spacing values, Custom left & right margins, Brightness fine control, Search in Library by default, Custom page refresh options (1,2,3,…,12), Fix three KePub fullScreenReading bugs, Always display chapter name on navigation menu. Other things that are included are as usual: koreader, pbchess, coolreader, the ssh part of kobohack, and some side-loaded fonts. For details on the respective parts please see the previous post

Download Mark6 – Kobo GloHD

firmware: Kobo 3.19.5761 for GloHD

Mega update: Kobo-3.19.5761-combined/Mark6/KoboRoot.tgz

Mark5 – Aura

firmware: Kobo 3.19.5761 for Aura

Mega update: Kobo-3.19.5761-combined/Mark5/KoboRoot.tgz

Mark4 – Kobo Glo, Aura HD

firmware: Kobo 3.19.5761 for Glo and AuraHD

Mega update: Kobo-3.19.5761-combined/Mark4/KoboRoot.tgz


Daniel Pocock: Comments about people with mental illness

10 January, 2016 - 00:00

A quote:

As the Buddha said 2500 years ago... we're all out of our fucking minds. (Albert Ellis)

There have been a few occasions over the last year where people suffering mental illnesses have been the subject of much discussion.

In March 2015 there was the tragic loss of Germanwings flight 9525. It was discovered that the co-pilot, Andreas Lubitz, had been receiving treatment for mental illness. Under strict privacy laws, nobody at his employer, the airline, had received any information about the diagnosis or treatment.

During the summer, the private mailing list for a large online community discussed the mental illness of a contributor to a project. Various people expressed opinions that appeared to be generalizations about all those with mental illness. Some people hinted the illness was a lie to avoid work while others speculated about options for treatment. Nobody involved mentioned having any medical expertise.

It is ironic that on the one hand, we have the dramatic example of an aircraft crashing at the hands of somebody who is declared unfit to work but working anyway and on the other hand when somebody else couldn't do something, the diagnosis is being disputed by people who find it inconvenient or don't understand it.

More recently, there has been openly public discussion about whether another developer may have had mental illness. Once again, there doesn't appear to be any evidence from people with any medical expertise or documentation whatsoever. Some of the comments appear to be in the context of a grudge or justifying some other opinion.

What's worse, some comments appear to suggest that mental illness can be blamed for anything else that goes wrong in somebody's life. If somebody is shot and bleeds to death, do you say low blood pressure killed him? Likewise, if somebody is subject to some kind of bullying and abused, does this have no interaction with mental illness? In fact, Google reveals an enormous number of papers from experts in this field suggesting that mental illness can arise or be exacerbated by bad experiences. Although it may not have been clear at that point in time, when we look back at Alan Turing's death today, suicide was not a valid verdict and persecution was a factor.

Statistics tell us that 1 in 4 people experience a mental health problem in the UK each year. In the USA it is 26% of the adult population, each year. These may be long term conditions or they may be short term conditions. They may arise spontaneously or they may be arising from some kind of trauma, abuse or harassment in the home, workplace or some other context.

For large online communities, these statistics imply it is inevitable that some participants will be suffering from mental illness and others will have spouses, parents or children suffering from such conditions. These people will be acutely aware of the comments being made publicly about other people in the community. Social interaction also relates to the experience of mental illness, people who are supported by their community and society are more likely to recover while those who feel they are not understood or discriminated against may feel more isolated, compounding their condition.

As a developer, I wouldn't really like the idea of doctors meddling with my code, so why is it that some people in the IT and business community are so happy to meddle around in the domain of doctors, giving such strong opinions about something they have no expertise in?

Despite the tragic loss of life in Germanwings 9525, observing some of these other discussions that have taken place reminds me why Germany and some other countries do have such strict privacy laws for people who seek medical treatment.

Iain R. Learmonth: Trust

9 January, 2016 - 23:27

This is not a new world, this is simply an extension of the old one. I'm not going to write here about sweeping changes that are happening now, but changes that have been taking place in plain sight for many decades. No one has flipped a switch, only tweaked and tuned variables here and there to lead us down this path. I'd like to reflect on where we are now but there is no way I could describe how it is we got here, the journey was far too complex and filled with ommissions, half-truths and outright lies. It's likely we will never know what has brought us here.

I live in Scotland, a country that is a part of the United Kingdom and a member of the European Union. We have a Scottish Government, although certain matters are still handled by the UK Government. The European Government also handles some matters and these can take effect across the entire European Union. I do not feel that I can hold trust in any of these bodies anymore.

The European Convention on Human Rights was, for me at least, a beacon of hope. A series of fundamental rights guaranteed to be upheld for every person within the European Union. A series of fundamental rights that has been ignored by governments repeatedly:

  • 1999: it was held the UK had violated the human rights of several homosexual soldiers who had been dismissed from the armed forces because of their sexuality
  • 2002: it was held the UK had violated the human rights of a widower regarding entitlement to receive bereavement benefits who had been discriminated against on account of his gender
  • 2005: it was held that the UK violated the human rights of prisoners by denying them the ability to vote
  • 2010: the stop and search procedures used by the UK police pursuant to the Terrorism Act 2000 were considered illegal under the ECHR because they did not require the police to have grounds for suspicion before using them

This is not an exhaustive list, just select cross-sections of our recent history. It is important to remember that in each of these cases, it took a citizen to take the case to the European Court of Human Rights. These rights were violated by the UK government until the actions were challenged, the legislation that allowed them was currently enacted into UK law without regard for the ECHR.

It should also be noted that the ban on prisoners voting is still in effect in the UK.

We've learnt that the ECHR is not an effective safeguard against the abuse of powers by government. The UK government also sees the Human Rights Act as a problem, although at least scrapping it has been delayed for now.

Much of these breaches of human rights are justified by the government as in the interest of the runaway train known as "national security". I have recently had direct contact with one aspect of this during my journey home from 32c3. You can read about my experiences with airport security here and here.

My experiences at these airports angered me for a number of reasons. The first of which was that I was asked to expose my genitals as part of the routine screening, which I do not believe to be proportionate at all. At Luton, I was at the point where I was intending to leave the airport and take the train instead before I was allowed to excercise my right to opt-out of the nude body scanner.

Since these incidents, I have conducted some research into these scanners and started an article on the Open Rights Group wiki.

While the security officer at Luton had tried to tell me that the radio waves used could not penetrate clothing, they in fact can and this is the entire purpose of them. While the security officer at Luton told me that the machines did not generate an image, they are in fact doing exactly that, even if that image is processed by computer vision algorithms as opposed to being viewed by a human reviewer.

A leaflet by the Department for Transport, made available on the Aberdeen Airport website, also states that no image is created, and yet this is exactly how the scanners work. I have never seen this leaflet printed and available in the airport itself, although I admit I do not fly regularly and may have missed it. That said, it does not provide a true representation of the scan process and I would go as far to say it contains an outright lie.

In a document published by the UK Government titled "Response to the consultation on the use of security scanners in an aviation security environment", they state:

"nearly all passengers, if they fully understand the procedures, would be unlikely to opt for [the alternative of a private search]"

Even with this display of confidence that they believe the public are happy with the invasion of privacy brought by the security scanners, they have still chosen to not fully inform the public in the way in which the scanner operates.

It is the lies that anger me the most. We claim to live in a democracy and you cannot have a democracy without transparency. It is not too late for the Government to earn back my trust, but for now, they haven't given me good reason to believe anything they produce.

If you have read this article and you would like to support efforts for change in the United Kingdom, please consider joining the Open Rights Group and perhaps getting involved in their work.

Guido Günther: Debian Fun in December 2015

9 January, 2016 - 23:09
Debian LTS

December was the eighth month I contributed to Debian LTS under the Freexian umbrella. It was a bit of a funny month since most of the time most open CVEs were already taken care of by other team members (which is nice) but it resulted in me not releasing a single DLA which feels weird.

Nevertheless in total I spent nine hours working on:

  • LTS Frontdesk duties like the triaging of 16 CVEs and patch reviews (which actually found an error reassuring me that spending time on this is useful).

  • Finding a fix for CVE-2015-7555 in giflib. I did not release a DLA yet since I hoped upstream would comment if this is the proper fix.

  • nss/nspr:

    • Discussion on using the same nss in all suites continued.
    • I did further upgrade test for nss focusing on Java this time (which is a heavy user of nss for its certificate handling).
    • Enabled the internal testsuite of nspr as well since nss and nspr often get updated in lockstep. This resulted in 809723 and upstream bugs 1236333, 1236334, 1236244 (which were already merged thanks to Wan-Teh Chang). The current modifications are available here. Overall the test suite needs more cleanups but it's already useful as is.

On unpaid time I introduced some usertags for tracking our non DLA related activities (although it seems I'm currently the only user).

Other Debian stuff
  • I uploaded libvirt 1.3.0~rc1 and 1.3.0~rc2 to experimental and 1.3.0 final to unstable.
  • I uploaded libvirt-python 1.3.0 with newly added autopkg tests
  • Filed bugs reminding that libvirt-bin is a transitional package that will be dropped soon.
  • Finally released gbp 0.7.1 with lots of changes most of these where already mentioned in the December installment of this post but there's more:

    • git-pbuilder updates to 1.37 and 1.38
    • fixes for 791759 and 766350,
    • doc updates including the addition of the patch queue handling

    Still looking for time to finish gbp import-orig's rollback support.

  • I added a function to link to the Debian BTS to my emacs config to ease writing these kind of posts.

Dirk Eddelbuettel: digest 0.6.9

9 January, 2016 - 08:39

A new release, now at version number 0.6.9, of the digest package is now on CRAN. I also just prepared the Debian upload.

This release is very large part the work of Thierry Onkelinx who added stable sha1 support in a new function sha1(). Here, stable means that numerically equivalent numbers (in the sense of the semi-famous R FAQ entry 7.31) result in identical hashes. This is useful for hashing results from numerical analysis---where the representation may differ bitwise between, say, 32 and 64-bit platforms. We started to write a little more about this in a (at this very point still rather unfinished) little vignette.

We also had a nice pull request from fellow Rcpp hacker Qiang Kou who updated the code to use XLENGTH so that large vectors can be supported.

CRANberries provides the usual summary of changes to the previous version.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Jan Wagner: New blogging engine

9 January, 2016 - 08:15

Exactly 3 years after I moved on from Wordpress to Octopress I thought it's time for something new. Some of you might have noticed that I've not much blogged in the past.

A new Octopress version was promised a year ago. While I've liked writing in Markdown, the deployment workflow was horribly broken and keeping Octopress up to date was impossible. I blogged so seldom that I needed to consult the documentation every time in the recent days.

After looking into several projects, Ghost seems most promising. And the good news: it has a split-screen Markdown editor with integrated live preview.

There are several migration scripts out there, but I only found one which was able to also export tags. The import into Ghost worked like a charm.


Creative Commons License ลิขสิทธิ์ของบทความเป็นของเจ้าของบทความแต่ละชิ้น
ผลงานนี้ ใช้สัญญาอนุญาตของครีเอทีฟคอมมอนส์แบบ แสดงที่มา-อนุญาตแบบเดียวกัน 3.0 ที่ยังไม่ได้ปรับแก้