Planet Debian

Subscribe to Planet Debian feed
Planet Debian - http://planet.debian.org/
Updated: 2 hours 51 min ago

Michal Čihař: stardicter 0.11

27 January, 2017 - 18:00

Stardicter 0.11, the set of scripts to convert some freely available dictionaries to StarDict format, has been released today. There are mostly minor changes and it's time to push them out in official release. The most important being fixed sorting of ascii dictionaries, what did break searching in some programs.

Full list of changes:

  • Improved deaccent filter.
  • Fixed sorting of ASCII dictionaries.

As usual, you can install from pip, download source or download generated dictionaries from my website.

Filed under: Debian English StarDict SUSE | 0 comments

Russ Allbery: Review: Summer in Orcus

27 January, 2017 - 11:12

Review: Summer in Orcus, by T. Kingfisher

Publisher: Red Wombat Studio Copyright: 2016 ASIN: B01N26G2I0 Format: Web serial Pages: 268

In September, Ursula Vernon started posting Summer in Orcus as a web serial, funded by her Patreon supporters. The entire story is now complete and available on-line for free, which is how I read it, but it's also available as an ebook from the expected places if you prefer to read it that way. The ebook publication lists T. Kingfisher as the author, Vernon's pen name for her books for adults. While I would have been happy to read this book as a kid, it does have one fairly gruesome chapter, which is probably the reason for that choice.

Summer is eleven, and her mother loves her very much. So much so that she's never allowed to do anything even slightly risky, and she spends quite a lot of her time and emotional energy reassuring her mother, dealing with the burden of that suffocating love, and helping her through her bad days. Then, one day, a house with giant chicken feet walks into the alley behind her house.

Summer in Orcus is a portal fantasy. It's the story of how Summer meets Baba Yaga and asks for her heart's desire, finds herself in the magical country of Orcus, and is desperately moved by the plight of a frog tree. It has a talking weasel and a werehouse and antelope women who are not to be trusted, and it's about Summer making friends her mother would never have approved of and learning what she's capable of, and about doing what one can to put things right.

Even though it may appear that way at times, Summer in Orcus is not really a book about large things. It's not a saving the world sort of portal fantasy. And it's not really a wish fulfillment portal fantasy, because heart's desires are complicated and subtle. It's a story about being scared and tired and lost, and about making friends, and doing the things one can do rather than learning how to be a completely different person. The plot itself is not particularly complex, but the joy of this story is in all the small things.

Vernon's writing is an absolute delight. Summer in Orcus is packed with sentences and paragraphs that I just want to read again and again and quote at people.

Summer had never had a father, and wasn’t entirely sure what you did with one, and certainly her mother never had anything good to say about the one Summer didn’t have.

Or:

The house lifted its back end up and inched forward a little, like a dog wanting to play. This must have made the floors tilt inside, because Summer heard a banging and sliding of furniture and Baba Yaga yelled, "Fool house! I’ll trade you in for one with turtle feet and a three-car garage!" The house sank back down, but wiggled forward a little more, until the front door was only a few feet away.

Vernon mentions in her author notes at the end that Summer in Orcus started as a place to put a whole bunch of fragmentary ideas that she'd come up with but that didn't seem to fit into other stories, and it does have a bit of a grand tour feel to it. But unlike a lot of grand tour figures, the protagonist is not at all bland. Summer is entirely believable and very sympathetic, torn between wanting a grand adventure and being afraid of circumstance and danger entirely outside of her limited experience. She channels the reader's awe and delight, but is still very much her own person, trying to figure out who she wants to be and believe in without the stifling presence of her mother.

The tour nature of the story does mean that some things weren't explored as deeply as I would have liked. I would dearly love to read more about the dogs, for instance. I also have to admit that Zultan's motives never made sense to me, even after they were explained, and I found him an odd and weirdly random character to the end. But Glorious is, well, glorious, and I utterly adored the bits with the Forester. The ending is highly unusual for a story of this sort, and I thought it was wonderful, with a great symbolic tie back to the start of the story. The aftermath is even better, including Summer standing firm against one of the tropes of portal fantasies that I dislike the most.

This is a great story, with some excellent writing. If you're anything like me, once you read the first chapter you won't want to stop (and since it's all available on the web for free, there's no reason to stop). Recommended.

Rating: 8 out of 10

Iustin Pop: Languages, part 1

27 January, 2017 - 07:21
Human languages, part 1

I do enjoy writing blog posts, but sometimes time is lacking, other times inspiration. As I was eating dinner today, I was lost in thoughts and my eyes stopped on the documentation from a certain medication for coughing (the thing almost noone reads, like EULAs). I was surprised quite surprised with te text that I said “well, some blog posts on languages might be interesting”.

Background: My mother tongue is Romanian. While growing up and learning foreign languages, I considered only the utilitarian aspect of languages, but as I get older (not old, older! ☺), I find human languages more and more interesting.

Back to the subject: this being Switzerland, most everything is written in German, French and Italian (in this order of frequency). German is still a foreign language to me (let's say I get by, but not nicely), French is the fancy high class cousin, and Italian… Well Italian is a special case. When I first saw Italian on TV (a newscast while travelling in Italy) I was shocked at how much one can understand without learning Italian in any way (much, much more than German after years of trying). So Italian language is quite close, and usually one understands a third to half; this is both spoken (less in common language, more in official language) and in writing.

In this particular case, the instructions of use say (sorry for typos, manually copying):

In casi rarissimi possono manifestarsi reazioni di ipersensibilità grave con tumefazione del viso, difficoltà respiratoria (dispnea) e diminuzione della pressione arteriosa.

What was surprising here was not the list of side effects (hah), but that this short phrase is 98% identical to the translation in Romanian; not only words, but also phrase structure. I don't think I've ever seen this before:

În cazuri rare se pot manifesta reacții de hipersensibilitate gravă cu tumefacție a feței, dificultate respiratorie (dispnee) și diminuare a presiunii arteriale.

Not all the words are identical, but even the one that is obviously different (it. 'del viso', ro. 'a feței') is easily translatable as 'visiune' in Romanian means 'to see', so the link is clear. This phrase structure is also quite a natural way to say the things in Romanian.

I was then curious to see the French version, which is:

Dans de très rares cas, [the medicine] peut déclencher de violentes réactions d'hypersensibilité s'accompagnant d'un gonflement du visage, de détresse respiratorie e d'une chute de tension.

French is usually quite different from Romanian that one has to learn it (for quite a while, especially for grammar) in order to be proficient in it, but here you can make also word-by-word translation (transposition?) that doesn't lose the meaning:

În cazuri tare rari, [the medicime] poate declanșa violente reacții de hypersensibilitate acompaniate de o umflare a feței, de ???? respiratorie și de ???? a tensiunii.

Basically here we have two non-equivalent words, and a bit more wierd phrase structure—it sounds more like coloquial speech than written language—but for French is also surprisingly close. You'd invert some of the adjective-noun pairs (fr. 'violentes réactions' is understandable in Romanian as 'violente reacții', but it sounds very poetical and you'd usually write it as 'reacții violente').

The next phrase is no longer that similar, but the one after is again obviously identical:

Se osserva effetti collaterali qui non descritti, dovrebbe informare il suo medico, il suo farmacista o il suo drogerie.

which is:

[Dacă/If] se observă effecte colaterale care nu sunt descrise, trebuie informat medicul vostru, farmacistul vostru sau [xxxx - no real equivalent].

And the French is also identical, modulo again 'droguiste':

Si vouz remarquez de effets secondaires qui ne sont pas mentionnés dans cette notice, veuillez en informer votre médecin, votre pharmacien ou votre droguiste.

which is:

Dacă remarcați efecte secundare care nu sunt menționate în această notă, informați medicul vostru, farmacistul vostru sau al vostru [xxxx].

This is even closer; 'votre' is more similar to '[al] vostru' than 'suo', and the phrase structure is much more natural - this is exactly how you'd write it in 'native' Romanian, whereas the Italian is not (I had to add the 'if' to make it parseable). The 'vous' in 'vouz remarquez' is 'voi' in Romanian, but doesn't need to be added as it would be redundant; but it doesn't confuse the phrase. The 'veuillez en informer' doesn't have a 1:1 translation (it would be written as 'vă rugăm să informați'), but is still understandable; a false friend translation would be 'vedeți să informați'/see to inform/voir informer.

Why is this all surprising? Because Romanian has a significant amount of words of Slavic origin (~11% in overall vocabulary, 15% in most commonly used 2500 words) and some from other nearby countries (Turkey, Greek, some Hungarian and German). At a stretch, it's even possible to write simple but complete sentences entirely with words from Slavic origin, as I learned from this interesting youtube video. Also, our accent is almost always confused with Russian, not with Italian or French.

So to get to a summary: normally you see sentence elements that are similar or identical, but not entire sentences, and definitely not phrases. What made the three languages here keep, in this particular case, not only similar but almost identical words and also almost identical phrase structure? Is it the subject (medicine)? Maybe. Is it a random fluke? If so, I don't remember seeing it before. Do I just see similarities where there are none? Possibly ☺, but at least I thought it worth mentioning; it was quite surprising to me. Did my brain get confused by too many languages and I misinterpreted words that don't really exist (e.g. I was sure that 'vizajul' is a Romanian word, but upon checking, it isn't…)? Also possible.

In any case, for me it was a good subject for a blog post. Now let's not go near Spanish and definitely not near Portuguese…

Martin Michlmayr: Debian on Jetson TX1

27 January, 2017 - 04:51

Debian is now working on the NVIDIA Jetson TX1 developer kit, a development board based on the Tegra X1 chip (Tegra 210), a 64-bit ARM chip.

We have a pre-built u-boot image in Debian as well as kernel and installer support. There are some minor kernel glitches but NVIDIA is very active upstream and I hope they'll get resolved soon.

The Jetson TX1 developer kit makes a pretty good 64-bit ARM development platform. The board is supported in mainline u-boot and the mainline kernel and NVIDIA are pretty responsive to bug reports. Unfortunately, a proprietary blob is required for USB (and Ethernet is connected via USB).

If you're interested in a good 64-bit ARM development platform, give Debian on the Jetson TX1 development kit a try.

John Goerzen: What is happening to America?

26 January, 2017 - 11:17

I still remember vividly my first visit to Europe, back in 2010. I had just barely gotten off a plane in Hamburg and on to a bus to Lubeck, and struck up a conversation with a friendly, well-educated German classical musician next to me. We soon started to discuss politics and religion. Over the course of the conversation, in response to his questions, I explained I had twice voted against George W. Bush, that I opposed the war in Iraq for many reasons, that I did thought there was an ethical imperative to work to defeat climate change, that I viewed health care as an important ethical and religious issue, that I thought evolution was well-established, and that I am a Christian.

Finally, without any hint of insult intended, and rather a lot of surprise written all over his face, he said:

“Wow. You’re an American, and a Christian, and you’re so…. normal!”

This, it seems to me, has a lot to do with Trump.

Ouch

It felt like a punch to the gut. The day after the election, having known that a man that appeared to stand for everything that honorable people are against won the election, like people all around the world, I was trying to make sense of “how could this happen?” As I’ve watched since, as he stacks government with wealthy cronies with records nearly as colorful as his own, it is easy to feel even more depressed.

Based on how Trump spoke and acted, it would be easy to conclude that the “deplorables” won the day – that he was elected by a contingent of sexists or racists ascendent in power.

But that would be too simple an explanation. This is, after all, the same country that elected Barack Obama twice. There are a many people that voted twice for a black man, and then for Trump. Why? Racism, while doubtless a factor, can’t explain it all.

How Trump could happen

Russ Allbery made some excellent points recently:

[Many Americans are] hurt, and they’re scared, and they feel like a lot of the United States just slammed the door in their faces.”

The status quo is not working for people.

Technocratic government by political elites is not working for people. Business as usual is not working for people. Minor tweaks to increasingly arcane systems is not working for people. People are feeling lost in bureaucracy, disaffected by elections that do not present a clear alternate vision, and depressed by a slow slide into increasingly dismal circumstances.

Government is not doing what we want it to do for us. And people are getting left behind. The left in the United States (of which I’m part) has for many years been very concerned about the way blacks and other racial minorities are systematically pushed to the margins of our economy, and how women are pushed out of leadership roles. Those problems are real. But the loss of jobs in the industrial heartland, the inability of a white, rural, working-class man to support his family the way his father supported him, the collapse of once-vibrant communities into poverty and despair: those problems are real too.

The status quo is not working for anyone except for a few lucky, highly-educated people on the coasts. People, honestly, like me, and like many of the other (primarily white and male) people who work in tech. We are one of the few beneficiaries of a system that is failing the vast majority of people in this country.

Russ is, of course, right. The Democrats have been either complicit in policies damaging to many, or ineffective in preventing them. They have often appeared unconcerned with the plight of people outside cities (even if that wasn’t really the case). And it goes deeper.

When’s the last time you visited Kansas?

I live in Kansas. The nearest paved road is about a 3-mile drive from my home. The nearest town, population 600, is a 6-mile drive. My governor — whom I did not vote for — cut taxes on the wealthy so much that our excellent local schools have been struggling for years. But my community is amazing, full of loving and caring people, the sort of people who you know you’ll be living with for 40 years, and so you make sure you get along well with.

I have visited tourist sites in Berlin, enjoyed an opera and a Broadway show in New York, taken a train across the country to Portland, explored San Francisco. I’ve enjoyed all of them. Many rural people do get out and experience the world.

I have been in so many conversations where I try to explain where I live to people that simply cannot fathom it. I have explained how the 18 acres I own is a very small amount where I am. How, yes, I do actually have electricity and Internet. How a bad traffic day is one where I have to wait for three cars to go past before turning onto the paved road. How I occasionally find a bull in my front yard, how I can walk a quarter mile and be at the creek on the edge of my property, how I can get to an airport faster than most New Yorkers and my kids can walk out the front door and play in a spot more peaceful than Central Park, and how all this is way cheaper than a studio apartment in a bad part of San Francisco.

It is rare indeed to see visitors actually traveling to Kansas as a destination. People have no concept of the fact that my mechanic would drop everything and help me get my broken-down car to the shop for no charge, that any number of neighbors or uncles would bring a tractor and come plow the snow off my 1/4-mile driveway out of sheer kindness, that people around here really care for each other in a way you don’t see in a city.

There are people that I know see politics way differently than me, but I know them to be good people. They would also do anything for a person in need, no matter who they are. I may find the people that they vote for to be repugnant, but I cannot say “I’ve looked this person in the eyes and they are nothing but deplorable.”

And so, people in rural areas feel misunderstood. And they are right.

Some perspectives on Trump

As I’ve said, I do find Trump to be deplorable, but not everyone that voted for him is. How, then, do people wind up voting for him?

The New Yorker had an excellent story about a man named Mark Frisbie, owner of a welding and fab shop. The recession had been hard on his business. His wife’s day-care center also closed. Health care was hard to find, and the long, slow decline had spanned politicians of every stripe. Mark and his wife supposedly did everything they were supposed to: they worked hard, were honest, were entrepreneurial, and yet — he had lost his business, his family house, his health coverage, everything. He doesn’t want a handout. He wants to be able to earn a living. Asked who he’d vote for, he said, “Is ‘none of the above’ an option?”

The Washington Post had another insightful article, about a professor from Madison, WI interviewing people in rural areas. She said people would often say: “All the decisions are made in Madison and Milwaukee and nobody’s listening to us. Nobody’s paying attention, nobody’s coming out here and asking us what we think. Decisions are made in the cities, and we have to abide by them.” She pushed back, hard, on the idea that Trump supporters are ignorant, and added that liberals that push that line of thinking are only making the problem worse.

I would agree; seeing all the talk about universities dis-inviting speakers that don’t hew to certain political views doesn’t help either.

A related article talks about the lack of empathy for Trump voters.

And then we have a more recent CNN article: Where Tump support and Obamacare use soar together, explaining in great detail how it can be logical for someone to be on Obamacare but not like it. We can all argue that the Republicans may have as much to do with that as anything, but the problem exists.

And finally, a US News article makes this point:

“His supporters realize he’s a joke. They do not care. They know he’s authoritarian, nationalist, almost un-American, and they love him anyway, because he disrupts a broken political process and beats establishment candidates who’ve long ignored their interests.

When you’re earning $32,000 a year and haven’t had a decent vacation in over a decade, it doesn’t matter who Trump appoints to the U.N., or if he poisons America’s standing in the world, you just want to win again, whoever the victim, whatever the price.

According to the Republican Party, the biggest threat to rural America was Islamic terrorism. According to the Democratic Party it was gun violence. In reality it was prescription drug abuse and neither party noticed until it was too late.”

Are we leaving people out?

All this reminded me of reading about Donald Knuth, the famous computer scientist and something of the father of modern computing, writing about his feelings of trepidation about sharing with his university colleagues that he was working on a project related to the Bible. I am concerned about the complaints about “the PC culture”, because I think it is good that people aren’t making racist or anti-semitic jokes in public anymore. But, as some of these articles point out, in many circles, making fun of Christians and conservatives is still one of the accepted targets. Does that really help anything? (And as a Christian that is liberal, have all of you that aren’t Christians so quickly forgotten how churches like the Episcopals blazed the way for marriage equality many years ago already?)

But they don’t get a free pass

I have found a few things, however, absolutely scary. One was an article from December showing that Trump voters actually changed their views on Russia after Trump became the nominee. Another one from just today was a study on how people reacted when showed inauguration crowd photos.

NPR ran a story today as well, on how Trump is treating journalists like China does. Chilling stuff indeed.

Conclusion

So where does this leave us? Heading into uncertain times, for sure, but perhaps — just maybe — with a greater understanding of our neighbors.

Perhaps we will all be able to see past the rhetoric and polarization, and understand that there is something, well, normal about each other. Doing that is going to be the only way we can really take our country back.

Joey Hess: badUSB

26 January, 2017 - 09:00

This actually happened.

Jan 19 00:05:10 darkstar kernel: usb 2-2: Product: ChaosKey-hw-1.0-sw-1.6.

In real life, my hat is uglier, and Keithp is more kindly looking.

gimp source

Martin-Éric Racine: OpenWRT Backfire on WRT54GL signal strenght

25 January, 2017 - 21:05
Because I wanted my home router to use at least decently supported software that provides complete out-of-the-box support for native IPv6, I recently got around upgrading my WRT54GL's firmware from White Russian to Backfire, which is the most recent OpenWRT release that fits the hardware's limited amount of flash memory.

One issue remains unanswered:

In GNOME shell's top panel and WiFi menu, the signal strength remains at 2 out of 4 bars. Given how the router sits only a few meters behind me, I would have expected much better signal strength than that.

Would anyone happen to know how to improve on these results? Thanks!

Bálint Réczey: Stretch preparations before the freeze

25 January, 2017 - 20:18

These are the last hours when we can update packages and they migrate to testing after 10 days right before the full freeze on 5 February.

The latest Wireshark upstream version, 2.2.4 has been released on Monday and it is waiting patiently to be part of next Debian stable.

I have just tested the fix for Kodi’s bug preventing playing DVD-s and today it will be fixed in unstable as well.

If you have packages which could be updated to make Stretch even better you can still do it today, but don’t wait too long!

Thanks to everyone working on Debian! Stretch will be awesome!

Urvika Gola: Outreachy- Week 4 & 5 Progress

25 January, 2017 - 07:06

Working with Preferences, AudioManager, RingtoneManager   in Android.

Sometimes the noise can get too much. Imagine all the people around you at work or in a classroom. All of them have at least one cell phones. Even if they were all to make a tiny blip, the noise would be irritating and disruptive.

To avoid devices from interrupting the non-digital life, applications often provide settings that allow users to modify app volumes. My task this week was to  enable/disable silent mode in Lumicall.

To provide settings for your application, instead of using multiple Views, Preference APIs should be used.

Each preference appears as an item in a list and provides the appropriate UI for users to modify the setting.

In Lumicall, when settings menu from the menubar is selected, a preference screen is displayed showing various setting options, where I appended a “Configure Silent Mode” option.

The UI for the preference screen is expected to be in Src->xml folder under the name preferences.xml

Snippet from Lumicall’s preference.xml for Configure Silent Mode preference screen.

 

In Lumicall, whenever a SIP message comes in, RingtoneManager  Class is used to generate a notification sound & AudioManager Class is used to generate sound for incoming encrypted calls.

The difference between the two is that, AudioManager provides access to volume and ringer mode control. Ringer modes like, Normal, silent and vibration.  Whereas RingtoneManager provides access to ringtones, notification.

So to add a simple -disable/enable silent mode- functionality, I decided to use a CheckboxPreference. For the same goal, a better looking widget would be a SwitchPreference, but It does not work properly with DarkThemes which Lumicall uses. So I decided to use a simple Checkbox instead.

The result of all the settings are  saved as key value pairs in the default  SharedPreferences file which can be retrieved to make changes in the app based on the settings modified by the user.
Every preference has a key and the result associated with it.
To fetch the result from the SharedPreferences file-
boolean silentflag=PreferenceManager.getDefaultSharedPreferences(ctx).getBoolean(org.sipdroid.sipua.ui.Settings.PREF_SILENT_MODE, org.sipdroid.sipua.ui.Settings.DEFAULT_SILENT_MODE);

Note, the arguments in getBoolean function is  (Key, DefaultValue).

Don’t forget to pass the Context object, ctx in the statement. I wasted a lot of time figuring that one out and created a non-optimal-working way which I eventually had to remove cos I figured out how to retrieve the result value.


To add a second method of setting silent mode, i.e where the user can enter his work days/time, I wanted to display an activity with required widgets .
To display an activity on a when a preference is selected, intent tags are used. (See the above snippet)
Note that the target package in the intent tags is not the package name of where the java file of the activity is to be found.It’s the package name which is your applicationID.

Now this activity, like any other activity in android is a combination of an xml and java file.
1. My xml file contains the widgets for user to enter two set of time value in HH:MM format. i.e.the start and end time during which user requires application notifications to be silent it also contains checkboxes for user to select multiple days of the week.

2. The java file associated with this does the following:
2.1 Comparing the Real Time with User’s Specified Start and End time
2.2 Checking the current day of the week with the days marked by the user in the      checkboxes

I have used inbuilt Calendar class and Date class to accomplish this.

All done I felt quite proud but this.. this was something that tested my patience and endurance!
As I continue my work, I will keep sharing!

 

Please keep reading!
U


Jonathan McDowell: Experiments with 1-Wire

25 January, 2017 - 03:49

As previously mentioned, at the end of last year I got involved with a project involving the use of 1-Wire. In particular a DS28E15 device, intended to be used as a royalty tracker for a licensed piece of hardware IP. I’d no previous experience with 1-Wire (other than knowing it’s commonly used for driving temperature sensors), so I took it as an opportunity to learn a bit more about it.

The primary goal was to program a suitable shared key into the DS28E15 device that would also be present in the corresponding hardware device. A Maxim programmer had been ordered, but wasn’t available in stock so had to be back ordered. Of course I turned to my trusty Bus Pirate, which claimed 1-Wire support. However it failed to recognise the presence of the device at all. After much head scratching I finally listened to a co-worker who had suggested it was a clock speed issue - the absence of any option to select the 1-Wire speed in the Bus Pirate or any mention of different speeds in the documentation I had read had made me doubt it was an issue. Turns out that the Bus Pirate was talking “standard” 1-Wire and the DS28E15 only talks “overdrive” 1-Wire, to the extent that it won’t even announce its presence if the reset pulse conforms to the standard, rather than overdrive, reset time period. Lesson learned: listen to your co-workers sooner.

A brief period of yak shaving led to adding support to the Bus Pirate for the overdrive mode (since landed in upstream), and resulted in a search request via the BP interface correctly finding the device and displaying its ROM ID. This allowed exploration of the various commands the authenticator supports, to verify that the programming sequence operated as expected. These allow for setting the shared secret, performing a SHA256 MAC against this secret and a suitable nonce, and retrieving the result.

Next problem: the retrieved SHA256 MAC did not match the locally computed value. Initially endianness issues were suspected, but trying the relevant permutations did not help. Some searching found an implementation of SHA256 for the DS28E15 that showed differences between a standard SHA256 computation and what the authenticator performs. In particular SHA256 normally adds the current working state (a-g) to the current hash value (h0-h7) at the end of every block. The authenticator does this for all but the final block, where instead the hash value is set to the working state. I haven’t been able to find any documentation from Maxim that this is how things are calculated, nor have I seen any generic implementation of SHA256 which supports this mode. However rolling my own C implementation based on the code I found and using it to compare the results retrieved from the device confirms that this is what’s happening.

So at this point we’re done, right? Wait for the proper programming hardware to turn up, write the key to the devices, profit? Well, no. There was a bit of a saga involving the programmer (actually programmers, one with at least some documentation that allowed the creation of a Python tool to allow setting the key and reading + recording the ROM ID for tracking, and one with no programming documentation that came with a fancy GUI for manually doing the programming), but more importantly it was necessary to confirm that the programmed device interacted with the hardware correctly.

Initial testing with the hardware was unsuccessful. Again endianness issues were considered and permutations tried, but without success. A simple key constructed to avoid such issues was tried, and things worked fine. There was a hardware simulation of both components available, so it was decided to run that and obtain a capture of the traffic between them. As the secret key was known this would then allow the random nonce to be captured, and the corresponding (correct) hash value. Tests could then be performed in software to determine what the issue was & how to generate the same hash for verification.

Two sets of analyzer software were tried, OpenBench LogicSniffer (OLS) and sigrok. As it happened both failed to correctly decode the bitstream detected as 1-Wire, but were able to show the captured data graphically, allowing for decoding by eye. A slight patch to OLS to relax the timing constraints allowed it to successfully decode the full capture and provided the appropriate data for software reproduction. The end issue? A 256 bit number (as defined in VHDL) is not the same as 32 element byte array… Obvious when you know what the issue is!

So? What did I learn, other than a lot about 1-Wire? Firstly, don’t offhandedly discount suggestions that you don’t think make sense. Secondly, having a tool (in this case the Bus Pirate) that lets you easily play with a protocol via a simple interface is invaluable in understanding it. Thirdly, don’t trust manufacturers to be doing something in a normal fashion when they claim to be using a well defined technology. Fourthly, be conscious about all of the different ways bitstreams can be actually processed in memory. It’s not just endianness. Finally, spending the time to actually understand what’s going on up front can really help when things don’t work as you’d expect later on - without the yak shaving to support Overdrive on the BP I wouldn’t have been able to so quickly use the simulation capture to help diagnose the issue.

Shirish Agarwal: Budget and Economics 101

25 January, 2017 - 03:04

The Budget

The story which I wanted to share is there are few friends (from Debian as well as elsewhere) who shared that they didn’t get the whole demonetisation play or what the Government is/was trying to do. As budget is just round the corner (India will be presenting its yearly budget on 1st of February), thought it is prudent to share at least some basics, ideas and theories of what goals the Finance Minister would be looking at when presenting his budget. I would NOT talk of Inflation targeting or some such exotica as those topics would require their own blog-posts altogether. I would mainly be talking a bit about Taxation and in that Personal Income Tax. I would also not use words like ‘Receivables’ and like which thought bit more accurate are not used in everyday language.

Just like Private Companies and increasingly public utilities, The Government of the day has two-three different aims when it is presenting a budget –

a. The first is to give an update about how things went last year. Did all the incomes that were projected, did it happen or was there a short-fall ? If there was a short-fall what were the reasons for the shortfall.

Similarly, did all the budgeted expenditure earmarked for the year was spent and were it spent under the heads they were supposed to ? If not what went wrong there ? There is usually a tussle between Planned and Unplanned expenditure and one of the hallmarks of good governance is that unplanned expenditure is kept at minimum, while planned expenditure and projects completion or/and assets coming on-line were within the estimated time-frames.

So these updates are given to the Parliament and hence public at large.

The second and the more interesting part are the plans for the immediate future, 1 year down-the-line. Based on the performance last year, a bit of crystal-ball gazing of external and internal conditions of the country, the Finance Minister along with her/his colleagues of Finance Ministry.

Trivia – There hasn’t been a female finance minister till date in India.

The Finance Ministry as a whole also holds consultations with most sections of the society before sharing/putting his Fiscal Policy (Planned Expenditure) for debate and passage in form of the Budget. While the budget itself is a technical exercise, it is also a Political exercise as both the budget and the finance bill (which contains the taxation proposals) need to be passed in Lok Sabha (Lower house).

After passing scrutiny of Lok Sabha (Lower House having people’s representatives directly elected) and Rajya Sabha (Upper House, indirectly elected), the taxation proposals becomes the law. It isn’t that simple but for our understanding, keeping it simple. This Political model of governance with two houses is modeled under the British (Westminister) model since 1947.

The Government, just like any other Organization gives a similar Profit and Loss Account and a Balance Sheet.

How A country’s budget is made. A representational and simplified version of how things flow was made using Graphviz. Click on it to see image in detail.

I am a newbie to graphviz. The graph was made like this –


graph Budget {
subgraph tier1 {
node [color="limegreen",style="filled",group="tier1"]
Country_Budget
}
......
Country_Budget -- Profit_and_Loss_Account [type=s];

It might be possible to make the graph much better than it is currently .

The Profit and Loss Account of the Government tells what Incomes it is projected to earn in the upcoming year and whatever Expenditures it hopes to do this year.

The Income and Expenditure independently can be bifurcated into two, Revenue Income and Capital Income and Revenue Expenditure and Capital Expenditure.

Indian Railways EMU local train

The simplest example of such planned expenditure which comes to my mind is the Indian Railways Budget which is all planned expenditure. As can be seen even with ample funds Railways were able to spent only 50% of the total amount disbursed last year. Similarly income generation for Railways was far below the target.

Examples of Revenue Income include taxes of all sorts, while Capital Income are rare, like divestment/stake sale of a company owned by the Government. These are usually one-off events.

Examples of Capital Expenditure is when the Government makes a road, makes a bridge etc. Usually large expenditures come under Capital Expenditure while salaries to Government employees and routine expenditures are known as Revenue Expenditure.

There was a statement by the present Government that the last 6-7 years the budgets has been more or less static as far as numbers are concerned. This hampers Government’s ability to take up any new work.

The Revenue income earned by the Government can again be bifurcated primarily into two Direct Taxes and Indirect Taxes.

INR 2000 Rupees

Direct Taxes are those which the Government earns through Personal Income Tax and Corporate Tax. As only 1 percent of Indians pay Personal income tax, the rest Government tries to raise by –

  • Corporate Tax (which is told to be higher than neighbouring countries around us)
  • Indirect Taxes like VAT (Value Added Tax introduced in 2005 over select items at 1% and now it’s almost 15%,)
  • Duties on all imported goods depending on what the Government thinks of a certain class of goods.For instance, should life-saving drugs be taxed or not and going either way has immediate as well as long-term consequences.

Hence the Government of the day is in fix. It needs to have more money if it wants to invest into infrastructure, defence spending, social spending such as health and education and so on and so forth. It cannot –

  • raise VAT rates more as it may stall public spending
  • raise Corporate Taxes beyond a point otherwise people may either start doing work in black or shadow economy or may leave the country, a term used to describe this is also Capital Flight.
  • raise personal Income Taxes beyond a point otherwise the same thing will happen as above.

Another point is that unlike China which is a Large State-backed Enterprises Export-led Economy which has its own problems, India’s economy is much more consumption-based, hence any large tinkering upwards may possibly stall whatever little spending the middle-class does, similar to the stall in consumer durables which has been happening over the last few years.

There are a couple of short-term solutions that the Government may do –

  • It can raise finances from the market by using a mix of debt and equity instruments such as Bonds and targeted finances for specific schemes under EEE (Exempt, Exempt, Exempt or EET i.e. Exempt, Exempt Tax)
  • The Government prints more money

While both seem to be attractive ways, but both have their disadvantages also, both have costs associated for them. In the first one, like any other scheme, when any scheme is launched, it needs to be underwritten by GOI which means even if it’s not a success they would have to service all and any obligations towards investors.

Also they have to be careful how much they are borrowing as excessive borrowing for today could lead to a Greece-like meltdown situation, whether internal or external borrowers. With external borrowers they also usually like to have a guarantee that the Rupee will not slide beyond a point otherwise the Government will have to pay all and any losses but this is going beyond what I wanted to share.

Printing excess money in the system could lead to loss in the value of the money itself as well as leading to inflationary pressures which leads to more problems for the poor and greater inequality between the classes among other things.

So while the Government may use all of the above ways in varying degrees, the present Government had the idea that if we were to reduce black money or hidden economy (AFAIK no country can claim to completely eliminate it) we would be able to raise the finance we need without a major cost associated to it. For instance, I was reading that even in Canada, it is expected that 20% of black money/shadow economy works and that assessment is by their own taxation authorities.

So While doing demonetization, it came out with an equivalent Black Money Declaration Scheme (IDS). The idea is simple, even if 1 percent of the population comes in the traditional tax net the Government of the day would be able to enhance budgets to various expenditure.

Now while the idea is good in theory, implementation has been the Achilees heel. While the Government’s expected something like 15% of the whole economy was black money or shadow money, almost 95% of the money in circulation came back in Banks during demonetization ( These are unofficial figures, Finance Ministry/RBI would be disclosing the real figures on 1st of February 2017 so we will know).

It is suspected that 10% of money in Banks is black money. There are considerable costs to search analyze, prove in the court of law that it is so. There are and would be considerable costs to train new officers as existing Income Tax Officers are already burdened with Advance Tax being paid by Corporates and small business-man paying round the year (every 3 months), The existing Income Tax Officers already have their hands full.

Also till Governments don’t fix up realty sector/real-estate sector and other places where the black money/shadow economy may prevail. Hence all the training, salary, buildings where new Income Tax Officers could work, infrastructure, new buildings where suspect cases have to be tried and lawyers for those. As have shared a few times on this blog, India has almost 29 million court cases pending in the lower judiciary alone. Unless any such cases are not successfully tried within time by the Government, it would be a waste. Now whether the Government knew of these issues or not would probably be never known.

Lastly, there is a voluntary part that the Government hopes, that they will by themselves join the mainstream tax-paying public. This might happen but any such happening will happen over years. People make their own choices. And unless there are not any stick and carrot approach to the Government’s Policies people will tend to go back to their old ways.

I would share an example from the demonetisation process which would help prove my point –

During demonetization, there was a great push towards doing digital transaction either via smartphones or greater usage of debit and credit cards etc. For the first 60 days till 31st December 2016, you could do digital transactions without paying any transaction fee. During that period, I used my Debit card to shop, to eat at restaurants or/and even small shops.

But come 1st January 2017, the charges for digital transactions are anything between 1.5% to 3% of transactions. Naturally, I stopped using them and use them very sparingly where cash won’t work.

So at the end, while the Government made the whole demonetization drive to drive out shadow economy, terror financing etc. While terror financing has been hurt quite a bit, the same cannot be said of the shadow/black economy.

It seems that the Government would need to close many more doors and windows before people join the mainstream. While Politically it was risky, socially it was also a bit risky move as it was uncertain how and where things will move. Venezuela tried the same thing and fell flat on its face.

All said and done, if and when people become part of the tax-paying class/people, The most optimistic idea that the Government has that everybody will go cashless and it would be far easier to find out who’s not paying taxes. As shared before, I don’t think this will happen unless the charges for cashless is at 0.05% or something similar.

Even IF people do join the mainstream, it is very much possible that the present Govt. will not enjoy fruits of this labour as fruits might come in 2018/19 or even later even if they do come.

So whether the decision had the right affect or not, we may never come to know. Governments tend to tinker around with the figures as well. But I hope some idea of how things happen is known now.


Filed under: Miscellenous Tagged: #demonetization, #Government Budget, #graphviz, #Limitations, #Profit and Loss Account, #Taxation

Sam Hartman: Cudos to GDB Contributors

23 January, 2017 - 21:32
I recently diagnosed a problem in Debian's pam-p11 package. This package allegedly permits logging into a computer using a smart card or USB security token containing an ssh key. If you know the PIN and have the token, then your login attempt is authorized against the ssh authorized keys file. This seems like a great way to permit console logins as root to machines without having a shared password. Unfortunately, the package didn't work very well for me. It worked once, then all future attempts to use it segfaulted. I'm familiar with how PAM works. I understand the basic ideas behind PKCS11 (the API used for this type of smart card), but was completely unfamiliar with this particular PAM module and the PKCS11 library it used. The segfault was in an area of code I didn't even expect that this PAM module would ever call. Back in 1994, that would have been a painful slog. Gdb has improved significantly since then, and I'd really like to thank all the people over the years who made that possible. I was able to isolate the problem in just a couple of hours of debugging. Here are some of the cool features I used:
  • "target record-full" which allows you to track what's going on so you can go backwards and potentially bisect where in a running program something goes wrong. It's not perfect; it seems to have trouble with memset and a few other functions, but it's really good.
  • Hardware watch points. Once you know what memory is getting clobbered, have the hardware report all changes so you can see who's responsible.
  • Hey, wait, what? I really wish I had placed a breakpoint back there. With "target record-full" and "reverse-continue," you can. Set the breakpoint and then reverse continue, and time runs backwards until your breakpoint gets hit.
  • I didn't need it for this session, but "set follow-fork-mode" is very handy for certain applications. There's even a way to debug both the parent and child of a fork at the same time, although I always have to go look up the syntax. It seems like it ought to be "set follow-fork-mode both," and there was once a debugger that used that syntax, but Gdb uses different syntax for the same concept.
Anyway, with just a couple of hours and no instrumentation of the code, I managed to track down how a bunch of structures were being freed as an unexpected side effect of one of the function calls. Neither I nor the author of the pam-p11 module expected that (although it is documented and does make sense in retrospect). Good tools make life easier.

Matthew Garrett: Android permissions and hypocrisy

23 January, 2017 - 14:58
I wrote a piece a few days ago about how the Meitu app asked for a bunch of permissions in ways that might concern people, but which were not actually any worse than many other apps. The fact that Android makes it so easy for apps to obtain data that's personally identifiable is of concern, but in the absence of another stable device identifier this is the sort of thing that capitalism is inherently going to end up making use of. Fundamentally, this is Google's problem to fix.

Around the same time, Kaspersky, the Russian anti-virus company, wrote a blog post that warned people about this specific app. It was framed somewhat misleadingly - "reading, deleting and modifying the data in your phone's memory" would probably be interpreted by most people as something other than "the ability to modify data on your phone's external storage", although it ends with some reasonable advice that users should ask why an app requires some permissions.

So, to that end, here are the permissions that Kaspersky request on Android:
  • android.permission.READ_CONTACTS
  • android.permission.WRITE_CONTACTS
  • android.permission.READ_SMS
  • android.permission.WRITE_SMS
  • android.permission.READ_PHONE_STATE
  • android.permission.CALL_PHONE
  • android.permission.SEND_SMS
  • android.permission.RECEIVE_SMS
  • android.permission.RECEIVE_BOOT_COMPLETED
  • android.permission.WAKE_LOCK
  • android.permission.WRITE_EXTERNAL_STORAGE
  • android.permission.SUBSCRIBED_FEEDS_READ
  • android.permission.READ_SYNC_SETTINGS
  • android.permission.WRITE_SYNC_SETTINGS
  • android.permission.WRITE_SETTINGS
  • android.permission.INTERNET
  • android.permission.ACCESS_COARSE_LOCATION
  • android.permission.ACCESS_FINE_LOCATION
  • android.permission.READ_CALL_LOG
  • android.permission.WRITE_CALL_LOG
  • android.permission.RECORD_AUDIO
  • android.permission.SET_PREFERRED_APPLICATIONS
  • android.permission.WRITE_APN_SETTINGS
  • android.permission.READ_CALENDAR
  • android.permission.WRITE_CALENDAR
  • android.permission.KILL_BACKGROUND_PROCESSES
  • android.permission.RESTART_PACKAGES
  • android.permission.MANAGE_ACCOUNTS
  • android.permission.GET_ACCOUNTS
  • android.permission.MODIFY_PHONE_STATE
  • android.permission.CHANGE_NETWORK_STATE
  • android.permission.ACCESS_NETWORK_STATE
  • android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
  • android.permission.ACCESS_WIFI_STATE
  • android.permission.CHANGE_WIFI_STATE
  • android.permission.VIBRATE
  • android.permission.READ_LOGS
  • android.permission.GET_TASKS
  • android.permission.EXPAND_STATUS_BAR
  • com.android.browser.permission.READ_HISTORY_BOOKMARKS
  • com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
  • android.permission.CAMERA
  • com.android.vending.BILLING
  • android.permission.SYSTEM_ALERT_WINDOW
  • android.permission.BATTERY_STATS
  • android.permission.MODIFY_AUDIO_SETTINGS
  • com.kms.free.permission.C2D_MESSAGE
  • com.google.android.c2dm.permission.RECEIVE

Every single permission that Kaspersky mention Meitu having? They require it as well. And a lot more. Why does Kaspersky want the ability to record audio? Why does it want to be able to send SMSes? Why does it want to read my contacts? Why does it need my fine-grained location? Why is it able to modify my settings?

There's no reason to assume that they're being malicious here. The reasons that these permissions exist at all is that there are legitimate reasons to use them, and Kaspersky may well have good reason to request them. But they don't explain that, and they do literally everything that their blog post criticises (including explicitly requesting the phone's IMEI). Why should we trust a Russian company more than a Chinese one?

The moral here isn't that Kaspersky are evil or that Meitu are virtuous. It's that talking about application permissions is difficult and we don't have the language to explain to users what our apps are doing and why they're doing it, and Google are still falling far short of where they should be in terms of making this transparent to users. But the other moral is that you shouldn't complain about the permissions an app requires when you're asking for even more of them because it just makes you look stupid and bad at your job.

comments

Shirish Agarwal: Debian contributions and World History

23 January, 2017 - 06:06

Beware, this would be slightly longish.

Debian Contributions

In the last couple of weeks, was lucky to put up a patch against debian-policy which had been bothering me for a long-long time.

The problem statement is simple, man-pages historically were made by software engineers for software-engineers. The idea, probably then was you give the user some idea of what the software does and the rest the software engineer would garner from reading the source-code. But over period of time, the audience has changed. While there are still software engineers who use GNU/Linux for the technical excellence, the man-pages have not kept up with this new audience who perhaps are either not technically so sound that or they do not want to take the trouble to reading the source-code to understand how things flow. An ‘example’ or ‘examples’ in a man-page gives us (the lesser mortals) some insight as how the command works, how the logic flows.

A good example of a man-page is the ufw man-page –

EXAMPLES
Deny all access to port 53:

ufw deny 53

Allow all access to tcp port 80:

ufw allow 80/tcp

Allow all access from RFC1918 networks to this host:

ufw allow from 10.0.0.0/8
ufw allow from 172.16.0.0/12
ufw allow from 192.168.0.0/16

Deny access to udp port 514 from host 1.2.3.4:

ufw deny proto udp from 1.2.3.4 to any port 514

Allow access to udp 1.2.3.4 port 5469 from 1.2.3.5 port 5469:

ufw allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469

Now if we had man-pages like the above which give examples, then the user at least can try to accomplish whatever s/he is trying to do. I truly believe not having examples in a man-page kills 50% of your audience and people who could potentially use your tool.

Personal wishlist – The only thing (and this might be my failure) is we need a good way to search through a man-page. The only way I know is using ‘/’ and try to give a pattern. Lots of times it fails because I, the user doesn’t know the exact keyword which the documenter was using. What would be nice, great if we do have some sort of parser where I tell it, ‘$this is what I’m looking for’ and the parser tries the pattern + all its synonyms and whatever seems to be most relevant passage from the content, in this case – a manpage it tells me. It would make my life a lot easier while at the same time force people to document more and more.

I dunno if there has been any research or study of the relationship between good documentation and popularity of a program. I know there are lots of different tiny bits which make or break a program, one of which would definitely be documentation and in that a man-page IF it’s a command-line tool.

A query on Quora gives some indication https://www.quora.com/How-comprehensible-do-you-find-Unix-Linux-Man-pages although the low response rate tells its own story.

there have been projects like man2html and man2pdf and others which try to make the content more accessible to people who are not used to the man-page interface but till you don’t have ‘Examples’ the other things can work only so far. Also if anybody talks about X project which claims to solve this problem they will have to fight manpages who have been around like forever.

As can be seen in the patch, did some rookie mistakes as can be seen. I also filed a lintian bug at the same time. Hope the patch does get merged at some point in debian-policy and then a check introduced in lintian in some future release. I do agree with anarcat’s assertion that it should be at the level of the manpage missing level.

I am no coder but finding 14,000 binary packages without a manpage left me both shocked and surprised.

I came to know about manpage-alert from the devscripts package to know which all binary packages that have been installed but not have man-pages.

I hope to contribute a manpage or two if I across a package I’m somewhat comfortable with. I have made a beginning of sorts by running manpage alert and putting the output in a .txt file which I would grep through manually and see if something interesting jumps at me.

The learning garnered from putting the patch to the debian package resulted in another patch but this time for an upstream project altogether. As can be seen all are just baby-steps that even a non-coder can take.

Another couple of bugs I filed which were fixed were of a sim called ‘unknown-horizons’ . A 2D realtime strategy simulation. I had filed three bugs, two of which were fixed in 2 days, the 3rd I hope is also fixed soonish.

Lastly, I spent most of the week-end poring over packages who have left files in /etc/bash_completion.d/ . I spent almost 4-5 odd hours as each package in question as well as entries found in /etc/bash-completion.d/$filename I had to find which package it belonged to first –

[$] dpkg -S /etc/bash_completion.d/git-prompt

git: /etc/bash_completion.d/git-prompt

I know that dpkg-query also does the same –


[$] dpkg-query -S /etc/bash_completion.d/git-prompt

git: /etc/bash_completion.d/git-prompt

But I am used to plain dpkg although do know that dpkg-query can do lot more intimate searching in various ways than dpkg can.

Once the package name was established, first simulate the purge –

[$] sudo aptitude -s purge git

[sudo] password for shirish:
The following packages will be REMOVED:
git{p}
0 packages upgraded, 0 newly installed, 1 to remove and 14 not upgraded.
Need to get 0 B of archives. After unpacking 29.5 MB will be freed.
The following packages have unmet dependencies:
libgit-wrapper-perl : Depends: git but it is not going to be installed
git-extras : Depends: git (>= 1.7.0) but it is not going to be installed
bup : Depends: git but it is not going to be installed
git-remote-gcrypt : Depends: git but it is not going to be installed
git-svn : Depends: git (> 1:2.11.0) but it is not going to be installed
Depends: git ( 1:2.11.0) but it is not going to be installed
Depends: git (= 1:1.8.1) but it is not going to be installed
git-core : Depends: git (> 1:1.7.0.2) but it is not going to be installed
The following actions will resolve these dependencies:

Remove the following packages:
1) bup [0.29-2 (now, testing, unstable)]
2) fdroidserver [0.7.0-1 (now, testing, unstable)]
3) git-annex [6.20161012-1 (now, testing)]
4) git-core [1:2.11.0-2 (now, testing, unstable)]
5) git-extras [4.2.0-1 (now, testing, unstable)]
6) git-remote-gcrypt [1.0.1-1 (now, testing, unstable)]
7) git-repair [1.20151215-1 (now, unstable)]
8) git-svn [1:2.11.0-2 (now, testing, unstable)]
9) gitk [1:2.11.0-2 (now, testing, unstable)]
10) libgit-wrapper-perl [0.047-1 (now, testing, unstable)]
11) python3-git [2.1.0-1 (now, testing, unstable)]
12) svn2git [2.4.0-1 (now, testing, unstable)]

Leave the following dependencies unresolved:
13) devscripts recommends libgit-wrapper-perl
14) dh-make-perl recommends git
15) fdroidserver recommends git
16) git-annex recommends git-remote-gcrypt (>= 0.20130908-6)
17) gplaycli recommends fdroidserver
18) python-rope recommends git-core

Accept this solution? [Y/n/q/?] q
Abandoning all efforts to resolve these dependencies.
Abort.

Then I made a note of all the packages being affected, saw purging all of them wouldn’t call others (the Package dependency Hell), made the purge and then reinstalled anew.

The reason I did this is that many a times during upgrade, either during update/upgrade sometimes the correct action doesn’t happen. To take the git’s example itself, there were two files git-extras and git-prompt which were in /etc/bash_completion.d/ both of which were showing their source as git. Purging git and installing git afresh removed git-extras file and git-prompt is the only one remaining.

While blogging about the package, did try to grep through changelog.Debian.gz and changelog.gz in git –

┌─[shirish@debian] - [/usr/share/doc/git] - [10046]
└─[$] zless changelog.gz

and similarly –

┌─[shirish@debian] - [/usr/share/doc/git] - [10046]
└─[$] zless changelog.Debian.gz

But failed to find any mention of the now gone git-extras. Doing this with all the packages took considerable time as didn’t want to deal with any potential fallout later on. For instance, ufw (uncomplicated firewall) also had an entry in /etc/bash_completion.d/, hence before purging ufw, took backup of all the rules I have made, did a successful simulation

[$] sudo aptitude -s purge ufw gufw

The following packages will be REMOVED:
gufw{p} ufw{p}
0 packages upgraded, 0 newly installed, 2 to remove and 14 not upgraded.
Need to get 0 B of archives. After unpacking 4,224 kB will be freed.

Note: Using 'Simulate' mode.
Do you want to continue? [Y/n/?] y
Would download/install/remove packages.

purged the packages, reinstalled it and then re-added all the rules. Doing it all for various sundry packages, had to do it manually as there is no one size fits all solution.

A sensitive one was grub which still has an entry in /etc/bash_completion.d/grub. Doing it wrong could have resulted in a non-bootable situation. There are workarounds for that, but it would have taken quite a bit of time, energy, notes and bit of recall factor what I did the last time something like that happened. Doing it manually, being present meant I could do it rightly the first time.

So, was it worth it – It would be if the package maintainers do the needful and the remaining entries are moved out of /etc/bash_completion.d/ to /usr/share/bash-completions and some to my favourite /usr/share/zsh/vendor-completions/ – for instance –

┌─[shirish@debian] - [/usr/share/zsh/vendor-completions] - [10064]
└─[$] ll -h _youtube-dl

-rw-r--r-- 1 root root 3.2K 2016-12-01 08:48 _youtube-dl

But trying to get all or even major packages to use zsh-completions would be hard work and would take oodles of time and this concerns upstream stuff, also very much outside what I was sharing.

World History

Before, during and even after South-African experience, I was left wondering why India and South Africa, two countries who had similar histories at least the last couple of hundred years or more, the final result of Independence was so different for both the countries. It took me quite sometime to articulate that in a form of question , while the answers were interesting, from what little I know of India itself, if I were an Englishman I would never leave ‘Hindustan’. What the people answering failed to take into account was that in that era it was ‘Hindustan’ or un-divided India.

Pre-partition map of India

This map can be found at https://commons.wikimedia.org/wiki/File:British_Indian_Empire_1909_Imperial_Gazetteer_of_India.jpg and is part of quite a few Indian articles. I would urge people to look at the map in-depth. Except for the Central India Agency and Central India Provinces, most of the other regions were quite comfortable weather-wise.

Hence I can’t help but feel the assertion that Britishers didn’t like India (as to live here) slightly revolting. See the excerpt/take on Dale Kennedy ‘s The Magic Mountains: Hill Stations and the British Raj. Berkeley: University of California Press, 1996. xv + 264 pp. . A look at the list of hill stations of divided India is enough to tell that there were lot of places which either were founded by the Britishers or they chose to live there. And this is not all, there are supposed to lot of beautiful places even in Pakistan, especially in North East Frontier, Swat for instance. While today it’s infamous for Taliban and Islamic Terrorism, there was a time it was known for its beauty.

The second most difficult mountain in the world – K2, Pakistan

Trivia – After Everest, K2 is the smaller one although whatever I have read of people’s accounts, most people who ascended all 14 8,000 metre peaks say K2 is technically more tougher than Everest and after Everest has the highest casualty rate.

Also places like the disputed North half of Pakistan Occupied Kashmir, Gilgit–Baltistan, Extreme northern Punjab of Pakistan , Northern half of Khyber-Pakhtunkhawa province and Northern Balochistan all of these places would have been more than conducive to the Britishers as it is near to the British climate (snow and pleasant weather all year round). It really is a pity that Pakistan chose to become a terrorist state where it could have become one of the more toured places of Asia. I really feel nauseous and sad at the multiple chances that Pakistan frittered away, it could have been something else.


Filed under: Miscellenous Tagged: #bash-completion, #British Raj, #contributions, #debian, #debian-policy, #Debian-QA, #Hill Stations, #India Independance Movement, #lintian, #obsolete-conffiles, #unknown-horizons, #weather, #World History, adequate, Pakistan, tourism

Steinar H. Gunderson: Nageru loopback test

23 January, 2017 - 05:47

Nageru, my live video mixer, is in the process of gaining HDMI/SDI output for bigscreen use, and in that process, I ran some loopback tests (connecting the output of one card into the input of another) to verify that I had all the colorspace parameters right. (This is of course trivial if you are only sending one input on bit-by-bit, but Nageru is much more flexible, so it really needs to understand what each pixel means.)

It turns out that if you mess up any of these parameters ever so slightly, you end up with something like this, this or this. But thankfully, I got this instead on the very first try, so it really seems it's been right all along. :-)

(There's a minor first-generation loss in that the SDI chain is 8-bit Y'CbCr instead of 10-bit, but I really can't spot it with the naked eye, and it doesn't compound through generations. I plan to fix that for those with spare GPU power at some point, possibly before 1.5.0 release.)

intrigeri: My first (public) blog ever

23 January, 2017 - 03:23

Hi there! Welcome to the first (public) blog I've ever had.

Lars Wirzenius: Improving debugging via email, followup

22 January, 2017 - 22:50

Half a year ago I wrote a blog post about debugging over email. This is a follow-up.

The blog post summarised:

  • Have an automated way to collect all usual informaion needed for debugging: versions, config and log files, etc.

  • Improve error messages so the users can solve their issues themselves.

  • Give users better automated diagnostics tools.

Based on further thinking and feedback, I add:

  • When a program notices a problem that may indicate a bug in it, it should collect the necessary information itself, automatically, in a way that the user just needs to send to the developers / support.

  • The primary goal should be to help people solve their own problems.

  • A secondary goal is to make the problem reproducible by the developers, or otherwise make it easy to fix bugs without access to the original system where the problem was manifested.

I've not written any code to help with this remote debugging, but it's something I will start experimenting with in the near future.

Further ideas welcome.

Elena 'valhalla' Grandi: New pajama

22 January, 2017 - 20:54
New pajama

I may have been sewing myself a new pajama.

http://social.gl-como.it/photos/valhalla/image/81b600789aa02a91fdf62f54a71b1ba0

It was plagued with issues; one of the sleeve is wrong side out and I only realized it when everything was almost done (luckily the pattern is symmetric and it is barely noticeable) and the swirl moved while I was sewing it on (and the sewing machine got stuck multiple times: next time I'm using interfacing, full stop.), and it's a bit deformed, but it's done.

For the swirl, I used Inkscape to Simplify (Ctrl-L) the original Debian Swirl a few times, removed the isolated bits, adjusted some spline nodes by hand and printed on paper. I've then cut, used water soluble glue to attach it to the wrong side of a scrap of red fabric, cut the fabric, removed the paper and then pinned and sewed the fabric on the pajama top.
As mentioned above, the next time I'm doing something like this, some intervacing will be involved somewhere, to keep me sane and the sewing machine happy.

Blogging, because it is somewhat relevant to Free Software :) and there are even sources https://www.trueelena.org/clothing/projects/pajamas_set.html#downloads, under a DFSG-Free license :)

Dirk Eddelbuettel: Updated Example Repo for RMarkdown and Metropolis/Mtheme

21 January, 2017 - 21:27

During useR! 2016, Nick Tierney had asked on Twitter about rmarkdown and metropolis about whether folks had used RMarkdown-driven LaTeX Beamer presentations. My firm hell yeah answer, based on having used mtheme outright or in local mods, lead to this blog post of mine describing this GitHub repo I quickly set up. The blog post and the repo have some more details on how I do this, in particular about local packages (also with source on GitHub) for the non-standard fonts I use.

This week I got around to updating the repo / example a little by making the default colours (in my example) a little less awful, and a page on blocks and, most importantly, turning the example into the animated gif below:

And thanks to the beautiful tint package -- also see its repo and CRAN package --- I now know how to create a template package. So if there is interest (and spare time), we could build a template package for RStudio too.

With that, may I ask a personal favour of anybody still reading the post? Please do not hit my twitter handle with questions for support. All my code is an GitHub, and issue tickets there are much preferred. Larger projects like Rcpp also have their own mailing lists, and it is much better to use those. And if you like neither, maybe ask on StackOverflow. But please don't spam my Twitter handle. Thank you.

Clint Adams: Strangers with candy

21 January, 2017 - 20:37

This.

Posted on 2017-01-21 Tags: barks

Pages

Creative Commons License ลิขสิทธิ์ของบทความเป็นของเจ้าของบทความแต่ละชิ้น
ผลงานนี้ ใช้สัญญาอนุญาตของครีเอทีฟคอมมอนส์แบบ แสดงที่มา-อนุญาตแบบเดียวกัน 3.0 ที่ยังไม่ได้ปรับแก้