Let's Push Things Forward

One of the highlights for me each GUADEC Gran Canaria Desktop Summit is FreeFA - the casual soccer tournament for geeks!

As of now, our roster looks a little short. If you're interested, log in, then register by adding yourself to the wiki page!

I'll see you on the field!

PS: we could probably use a couple volunteer photographers. I could only find about 10 photos on Flickr for 3 years of tournaments!

When it comes to security, I consider myself a moderate. On the modern scale from "I'll never regret posting these drunken photos of myself on Facebook, right?" to "I forge my own steel helmets because the government WANTS you to think tin foil is enough", I'm somewhere in the middle. I don't have a real problem with putting some personal information "in the cloud", since I trust the service providers to only display my phone number and mailing address to my friends (as I've requested). But I use different passwords everywhere and quickly replaced all my private SSH keys when I lost a USB drive that contained them.

(Though, admittedly, I'm fortunate in that nothing I'm interested in is illegal nor terribly controversial. So there isn't much beyond passwords, private keys, and private communications that I'd care about being out in the open.)

The other day, in an effort to reduce some clutter on my desk, I got some new, USB-powered hard disks for my personal back-ups to replace the big, loud, failing disks I currently use. So, knowing it's a privacy risk to dispose of hard disks without properly erasing them, I started some research into secure-deletion software. (Again, I'm not paranoid enough to incinerate the disks with thermite.)

The man page for wipe(1) brought up this little gem:

Be aware that harddisks are quite intelligent beasts those [sic] days.
...

I hereby speculate that harddisks can use the spare remapping area to secretly make copies of your data. Rising totalitarianism makes this almost a certitude. It is quite straightforward to implement some simple filtering schemes that would copy potentially interesting data. Better, a harddisk can probably detect that a given file is being wiped, and silently make a copy of it, while wiping the original as instructed.

(Emphasis mine)

Well, I hereby speculate that the author of that section has a very warped sense of other peoples' interest in their personal data. Unless you're a celebrity or involved in some very shady dealings (or your government is in terrible shape), I don't think anyone cares much about what's on your hard drive. And somehow I doubt any of those apply to the original author.

I really wonder what it is about the software field that makes some people go off the deep end with respect to privacy and security. Maybe the fact that we typically have a greater degree of control within our own domain than those in other fields? Or understanding that, after the locks are opened, it's possible to have your privacy invaded very rapidly nowadays (regardless of how likely it is, especially with the right locks and all but the worst locking practices)?

At any rate, your security is only compromised when someone cares more about copying your data than you care to secure it. A tiny bit of security goes a long way to locking out attackers. And beyond that point, you have to accept that you can't prevent this scenario:



CC-BY-NC 2.5, XKCD

Update: just to clarify, I don't think most people actually do live up to what I consider adequate/moderate security practices. Eg, I'll bet most used hard drives (inside a computer or otherwise) sold on eBay aren't even reformatted, much less properly erased.

In a continuing effort to stay busy and/or away from home, a couple weeks after being in Australia, I'm going to FOSDEM!



If you know me, and you're going, say hi. If you don't know me, say hi and let me know what cool project you're working on!

I should arrive early enough to attend the beer summit Friday night and the Gnome beer summit Saturday night.

This weekend I got back from a great time in Hobart, Tasmania for linux.conf.au. Rob went into a lot of detail, so I'll just reiterate that meeting up with old and new friends is always a lot of fun.

This time I even got to have a friendly conversation with Linus Torvalds on the way to the Cascade Brewery for dinner Thursday night. He's really a nice guy in person (don't let the mailing list flames fool you), and he struck up a conversation without even knowing who I was. I think it says a lot about an industry when some of the most well-respected people are so approachable. (Forgetting for a moment how unapproachable some of the non-contributors are.)

Enough talk - enjoy the pictures and video!



Kangaroos love it. by Pierre-Luc.




I'll go out on a limb and guess that the Cascade Brewery is a little more lush than most.




A traditional Australian foodstuff: babies.




(All photos and videos in this post are by me unless otherwise noted.)

Update: Some feed readers, including Planet Gnome, swallow embedded video, so if you'd like to see the ones in this post, just click through on the title.

One day you're sitting at home, the next you're half-way around the world donating money to help out carnivorous marsupials and shave a 27-year-old beard.

It's a shame when life is this predictable.

Along with all of my friends, family, so many people across the country, and even more around the world, I'm thrilled that Barack Obama will be the next President of the United States. With the support of Democrat-controlled Senate and House of Representatives, hopefully he and the rest of our country can help undo the damage of the last eight years. And maybe even get us moving forward in areas we're still competitive in!

If you haven't yet, set aside about 20 minutes and watch his fantastic acceptance speech.

Like he said, it will be an uphill battle. It's a lot harder to build things up than tear them down and our economy, civil rights, and world standing need more than a little clean-up.

---

In other positive developments:

California (my home and current state) passed propositions to build high-speed rail lines between northern and southern parts of the state (the number everyone quotes is 2 hours and 40 minutes between San Francisco and LA, though the due date is the year 2030) and another to raise minimum standards for the treatment of farm animals.

The state of Washington approved a proposition allowing doctor-assisted suicide for terminal patients with approval from 3 doctors, allowing them the dignity to escape a painful end of their life; Michigan approved a proposition to allow stem-cell research.

And California, Colorado, and South Dakota upheld women's rights to abortion.

---

Ironically and sadly, at the same time we made history by electing our first African-American president, Arizona, California, and Florida banned gay marriage (and Arkansas banned adoption of children by non-married couples, designed by the promoters to prevent adoption by gay couples).

I still don't see what's so hard to understand about equal rights. There's no difference between banning inter-racial marriage and gay marriage; in both cases, a privileged majority spent time and effort to make life less enjoyable for a minority causing absolutely no threat to their own happiness (they'll also both be legal, in time). It's the ultimate in selfishness and moral depravity championed mostly by the religious right (who have the gall to claim they're the models of ethical achievement).

On the other hand, with the exception of Florida's, these propositions just barely passed. So if equality hasn't won yet, it's getting much closer. And with any luck, the new Executive and Legislative branches of our government can help grease the rails for future progress.

Update: used a better link to the speech.

I'm not the only one to appreciate a great Nine Inch Nails concert.

Last Friday they played in Oakland, so I leapt at the opportunity. And they were amazing, as always (2 hours of intense, nearly non-stop music. I don't know how they do it). They sound better live than most bands sound in the studio and nothing compares to their visuals:



Wall of static - during the song, Trent was able to "punch holes" in the display, so you could see him as he moved around stage - he could even "throw" the hole. Hard to describe, but really cool.



Earlier in the set, when you find out the "black curtain" they brought down is actually a giant display (set up here to look like the performers are in the middle of candle flames).



Appropriately, they had mellow ambient backgrounds for the songs from Ghosts I-IV.

Even the technology they used was fascinating - a large part of the visuals were 3 LED curtains at different depths in the stage. The pixels that weren't lit up were black or nearly transparent, if there were strong lights behind them, which allowed for really cool effects. The performance seemed to even want to show it off - they showed touch capability (theoretically it could have been faked, but the timing between presses and reaction were perfect, so I kind of doubt it) and at one point, a stage hand "erased" arbitrary sections of the display with a wide beam of light.

I couldn't find any photos of it (or, unfortunately, any videos), but the coolest effect of the night was when they hid everyone behind the front curtain. It showed some blue mountain peaks (almost like 3D wave visualizations) which began rising and falling in time to the drumming, and slowly drifting. About half-way into the song, there suddenly was a giant yellow microphone overlaid, then Trent Reznor's face - they were taking a live night vision video feed and superimposing it.

I really hope they release a tour DVD :)

For an idea of what they sounded like live, check out this rehearsal video.

All photos licensed by Nine Inch Nails.

Federico,

git rebase -i has quickly become one of my favorite git features for all the reasons you state, plus one of my common work-flows:

1. refactor existing code (commenting out lines that I plan to remove). Check that it works. Commit.
   
2. cut commented code. Check that it works. Commit.

I tend to comment old lines instead of cutting them immediately, because I often realize I needed some of them or that my new idea isn't quite workable. With git rebase -i, I can squash those two commits together before pushing them to the mainline repo.

And, of course, it's nice to look like I can refactor hundreds of lines flawlessly in a single commit :) (I've done that in subversion, but it takes painfully long to ensure you haven't broken anything before you commit)


In other news, the Telepathy repositories are being converted from darcs to git. Score another point for git in the endless DVCS debate!

Wouter,

Vincent definitely got last place in the ice cream death match, but he's decided to change the rules:

Vincent denying his loss

For everyone coming to GUADEC in Istanbul, here's a little photo preview:









For everyone who can't make it: sorry!

What's better than a fresh release of Soylent? Two fresh releases of Soylent!

Soylent 0.1.8 - Tastes better than the original

This release is just a quick bug-fix that should make Soylent run better out-of-the-box.

Changes

• Fix the installation path of the glade file (Florian)

Contributing/Contact

For any bug reports, questions, comments, feature proposals, etc., head
to the Soylent development mailing list: Soylent development mailing list

Release Tarball

http://netdrain.com/soylent/soylent-0.1.8.tar.gz
md5sum: 606792c4a090906f5249f08a39d3bf09

It's time again for a new release of Soylent!



Soylent 0.1.6 - Ready and rarin' ta go!

This release brings a lot of little improvements, most notably contact editor bug fixes, a few UI clean-ups, and a fantastic logo by Hylke Bons!



Perhaps most importantly, this release hints at a big push in the near future: libsoylent, which we plan to be a simple-yet-powerful way to integrate easy people-based interaction into your desktop application. The code in the 0.1.6 tarball is mostly stubs, and the API is far from finalized, but look forward to early previews in the following releases.

I'll be giving a talk on Soylent: Past, Present, and Future in a couple of weeks at GUADEC in Istanbul, Turkey. If you're going to be at GUADEC, make sure not to miss it!

Changes

• Added a Project logo (Hylke Bons)
  
• UI clean-ups:
  
  • Add a regular menubar
    
  • Move editing options from button bar to Edit menu to save space
    
  • Add presence-setting menu
• Install a proper .desktop file, so Soylent shows up in the Applications menu
  
• Clean up autotools config (Gilles Dartiguelongue)
  
• Squash lingering Person Editor bugs
  
• Code clean-ups in anticipation for libsoylent
  
• Initial libsoylent stubs (Sven Pfaller)

Warning

Soylent is still a work-in-progress. Though I don't think it has any serious data-mangling/deleting bugs, you should assume it does. Back up ~/.evolution before you install this release.

There's also a laundry list of Known Bugs (see the README).

Contributing/Contact

For any bug reports, questions, comments, feature proposals, etc., head
to the Soylent development mailing list: Soylent development mailing list

Release Tarball

http://netdrain.com/soylent/soylent-0.1.6.tar.gz
md5sum: e8f262f3edbf7ae53e5c522703c88f80

James,

I think you may be right that we may not switch to a single DVCS any time soon, but I don't think it's for lack of a clear winner.

The majority of Gnome developers pushing for DVCS seem to favor git (with bazaar at a distant second). Major open source projects (many related to Gnome) have already adopted git (most freedesktop.org projects, X.org, Linux, Ruby on Rails, OLPC), so there's plenty of experience both using git for large projects and migrating from another VCS.

At any rate, I think there are few people who disagree that DVCS of some kind could improve Gnome development (most interestingly, I think, is the possibility for changes that don't fit nicely into a few commits or a single release cycle).

I'm not claiming that I fully understand all sides of the argument (git is the only DVCS I've used), but the only arguments against git that seem valid are cross-platform issues (which seem to be less significant than they used to be) and migration issues (which we would have moving to any new VCS, and as Federico suggested, shouldn't necessarily be that bad).


I wish it were as simple as just providing mirrors or translation services to let developers use any VCS they like, but any translation between VCSes is going to be imperfect. So using x-to-Subversion really isn't ideal - especially when you're going from a DVCS to Subversion, flattening branches and commits and losing original author attribution in the process.

I know I'm not alone in saying that a migration to git would be a major step forward for Gnome and one that few contributors would regret.

Update 1: link to cgit.fd.o, as suggested by Daniel

Sven just posted the draft for the libsoylent API (the soon-to-be-rockin' "People library").

Basic design goals

• People cohesion!:
  
  • Consuming applications won't have to manually associate peoples' accounts on various protocols (which is actually a lot tougher than it sounds)
  
  
• Make it trivial to:
  
  • Read and (where applicable) write contacts' attributes
    
  • Start a synchronous or asynchronous communication channel with any contact
  
  
• Base around libebook's EVCard:
  
  • Gets us vCard's flexible support for arbitrary key/value pairs
    
  • Brings the benefits of vCard's wide adoption in software in general
    
  • Shares the standard Gnome addressbook with Evolution and the rest of the desktop
  
  
• Simplicity:
  
  • Should be easier to use than EVCard directly yet avoid EContact's inflexibility
    
  • Leverage Telepathy's power while limiting its exposure to the libsoylent-consuming app

We'd really appreciate any and all constructive feedback (preferably on the mailing list, but comments in either of our blogs are, of course, welcome).

If you work on an app that could be enhanced with simple, powerful access to people and their metadata, I've got some questions for you:

• Is the API missing anything that you would expect you'd need (convenience functions included)
  
• Do you see any fundamental design flaws?
  
• Does some function just plain look weird? Let us know! :)

Collabora headquarters. Well, that is, the view from HQ.


Last week I visited the main Collabora office in Cambridge, UK. Saturday, we were lucky to get some really nice weather, so we (and half the town, it seemed) went punting on the River Cam.



Alban's first attempt at punting ran us into a couple other boaters (Rob's face says it all), but they're pretty sturdy, so no harm done. For the record, my punting mostly looked like a tight zig-zag - more side-to-side than forward.




One of the 27 +/- 5 colleges in the University of Cambridge.




Don't dare cross under Daf's bridge.


Check out the rest of the set.

At the beginning of the month, I started work at Collabora. Already, it's been challenging, intellectually stimulating, and a lot of fun. I'm really happy to finally work full-time at an open source company with a bunch of smart people :)

I'm telecommuting from the bay area, so I haven't made an intercontinental move. Though I have moved out of San Francisco and into an apartment with a couple friends in my home town (Livermore, California). So I'm paying half the rent and have twice the space as I did in SF (not to mention not fighting twice-weekly for parking). Not too bad.

And a couple weeks ago, I got a preview of the hot Livermore summer that I haven't really experienced since high school. It hit 38 degrees °C (100 °F), making my cold-weather co-workers insanely jealous.

I'm very pleased to announce that Soylent has a project in the Google Summer of Code 2008!

Sven Pfaller will be specifying and implementing libsoylent based on the people-related functionality in Soylent. Once we have libsoylent, we should be able to really integrate people into the Gnome Desktop.

I'll be mentoring Sven, and this project is a part of Gnome's Summer of Code projects.

Yesterday, after a fantastic closing day of LugRadio Live USA 2008, many of us stuck around at the bar downstairs. Drinks with friends is always fun; doubly fun when it's the eclectic band of merry geeks I've come to love from conferences like GUADEC and the Gnome Boston Summit. But yesterday it got kicked up a notch.

Karaoke.

Most notably, a live Rickroll and Sandy Armstrong's touching rendition of The Carpenter's Superstar (dedicated to aforepictured Aaron Bockover).

Somewhere, in a LugRadio Live USA 2008 attendee's video camera is corroborating evidence (with bonus footage of me cackling like a hyena in the background).

To whom it may concern: Please, share the magic with the world! :)

After a few months' worth of massive code clean up, we're proud to
present a new release of Soylent:

Soylent 0.1.4 - Nothing has changed. Everything has changed.

How much is "everything"? Since 0.1.2, we've added 5286 removed 3232 net
lines. Version 0.1.2 had 4964 lines. We've replaced everything on the
car but the paint.

As the release name suggests, there aren't many user-visible changes to
this release, but the re-write should make development a whole lot less
painful.

So if you've been holding back until the code is readable, your time has
come!

Changes

• Massive code clean up:
  
  • Carefully check nearly every function return value
    
  • Make custom functions return meaningful values
    
  • Organize functions within files much better
    
  • Use consistent function names
    
  • Use consistent style
    
  • Should make the code base much easier to work with
• Fix a handful of misc. Person Editor bugs

WARNING

Soylent is still a work-in-progress. Though I don't think it has any serious data-mangling/deleting bugs, you should assume it does. Back up ~/.evolution before you install this release.

There's also a laundry list of Known Bugs (see the README).

Contributing/Contact

For any bug reports, questions, comments, feature proposals, etc., head
to the Soylent development mailing list: Soylent development mailing list

Release Tarball

http://netdrain.com/soylent/soylent-0.1.4.tar.gz
md5sum: 21f7104bfe2f9e4646c81154dc53a9e8

Some of you may or may not have noticed that there hasn't been a Soylent release in a little while.

It's not for a lack of development - I've actually been hacking on Soylent (albeit slowly) since the last release.

The good news: I've been fairly productive in the work I have done, and it should help a lot in the long run (especially for other contributors).

The bad news: This work hasn't included any new features, so it won't look or act very different for regular users.

I've put a lot of time and effort into refactoring and generally cleaning up the Soylent code base. That is, everything should be name much more consistently, the code should be easy to navigate, and most importantly, nearly every function with a meaningful return value is checked. This should also make the code much easier to test and split into a separate library.

In the time since I started Soylent, I've learned a whole lot about coding best practices (especially in C). Unfortunately, Soylent had become a bunch of hacks that reflected my "state of the art" at the time of each hack, which lead to an inconsistent pile of code.

SO — the cleanup process is nearly complete, and the next release of Soylent should be a whole lot easier for developers to dive into. After that, I'll be jumping head-first into cool and useful new ideas I've had on the back burner :)