Linux

One of the things I dislike about using Irssi in a terminal window on OS X is that I often miss the screen flash when someone mentions my name in IRC. With some fancy SSH tunneling (maybe more on that some other issue) and a really cool pop-up notification tool, if someone mentions my name, I can't miss it. more>>

We are working on a powerful vision with Ubuntu; to build a convergent Operating System that runs on phones, tablets, desktops, and TVs. A core part of this vision is that this is a platform and ecosystem that you can influence, improve, and be a part of, significantly more-so than our competitors. One consistent piece of feedback we have seen from carriers and handset manufacturers is a a greater desire for platform competition and participation on helping to shape and define the ecosystem. A key goal for Ubuntu is to satisfy these needs. Today we launched the the Ubuntu Carrier Advisory Group (CAG) which includes Deutsche Telekom, Everything Everywhere, Telecom Italia, Korea Telecom, LG UPlus, Portugal Telecom, and SK Telecom as founding members. Wide industry participation in the group will help us to prioritize the delivery of new Ubuntu features, and grow an ecosystem of software, services and devices that meets that need. The CAG provides regular meetings that take place regularly and typically include a briefing by Canonical or a partner company, followed by feedback from carriers. Members can bring domain specialists to calls for each relevant topic covered. Topics planned for discussion in the CAG forum include: Differentiation for OEMs and operators. Developer ecosystems and application portability. HTML5 standards, performance and compatibility. Marketplaces for apps, content and services. Revenue share models for publishers, operators, and OEMs. Payment mechanisms and standards. Platform fragmentation. Consumer and enterprise market segments and positioning. CAG members can also launch Ubuntu devices before non-members in local markets. The first two launch partners will be selected from within the group, with the next wave following six months later; non-members will face a substantial wait to gain access to the platform. Members will have early knowledge of silicon, as well as OEM and ODM partners involved in the Ubuntu mobile initiative. The Carrier Advisory Group is chaired independently of Canonical by David Wood, who has 25 years’ experience in the mobile industry, including leadership roles at Psion, Symbian and Accenture. He has wide experience with collaborative advisory groups, and twice served on the board of directors of the Open Mobile Alliance (OMA). David has this to say about the CAG: “The mobile industry still needs an independent platform that enables innovation and differentiation. That platform is Ubuntu. The Carrier Advisory Group will have the opportunity to influence the Ubuntu roadmap, and take full advantage of the potential this emerging platform.” If you are a carrier interested in helping shape Ubuntu’s mobile strategy and being part of the CAG, click here.

Qedward writes with an excerpt at TechWorld about a new project from Jon "Maddog" Hall, which is about to launch in Brazil: "The vision of Project Cauã is to promote more efficient computing following the thin client/server model, while creating up to two million privately-funded high-tech jobs in Brazil, and another three to four million in the rest of Latin America. Hall explained that Sao Paolo in Brazil is the second largest city in the Western Hemisphere and has about twelve times the population density of New York City. As a result, there are a lot of people living and working in very tall buildings. Project Cauã will aim to put a server system in the basement of all of these tall buildings and thin clients throughout the building, so that residents and businesses can run all of their data and applications remotely." Read more of this story at Slashdot.

How To Use PHP 4.4.9 (FastCGI) With Apache & ISPConfig 3 (Debian Wheezy) Since ISPConfig 3.0.5, it is possible to use multiple PHP versions on one server and select the optimal PHP version for a website. If you have some very old websites on your server, they might not work with PHP5, but only with PHP4. This tutorial shows how to build PHP 4.4.9 as a FastCGI version for use with Apache2 on a Debian Wheezy server. This PHP version can be used together with the default PHP (installed through apt) in ISPConfig.

The original HTC Desire is one of an exclusive coterie of phones that have achieved the highest honour a phone can enjoy: a five star TechRadar review. We don't think the HTC Desire 200 will quite manage to reach the same heady heights as its forefather, but for a budget phone, its specs are not too shabby. We're looking at a 1GHz Snapdragon S1 processor with 512MB of DDR1 and 4GB of onboard storage (expandable with microSD). Audio smartsHTC is pushing the handset's audio smarts, boasting Beats Audio and bundling "our highest quality in-ear headset" with the handset. The HTC Desire 200 also comes with a 5MP camera which HTC says is super intuitive to use, and runs HTC Sense over Android (although HTC hasn't deigned to tell us which iteration). Wonderfully, HTC has provided an illustration of the handset's size, pegging it at 'a bit bigger than a credit card': No word yet from HTC on availability or pricing - but for something this small and with these level of specs, we're thinking HTC should channel Flo-rida and go low low low low low low low.

Many people are taking a fresh look at IT security strategies in the wake of the NSA revelations. One of the issues that comes up is the need for stronger encryption, using public key cryptography instead of just passwords. This is sometimes referred to as certificate authentication, but certificates are just one of many ways to use public key technology. One of the core decisions in this field is the key size. Most people have heard that 1024 bit RSA keys have been cracked and are not used any more for web sites or PGP. The next most fashionable number after 1024 appears to be 2048, but a lot of people have also been skipping that and moving to 4096 bit keys. This has lead to some confusion as people try to make decisions about which smartcards to use, which type of CA certificate to use, etc. The discussion here is exclusively about RSA key pairs, although the concepts are similar for other algorithms (although key lengths are not equivalent) The case for using 2048 bits instead of 4096 bits Some hardware (many smart cards, some card readers, and some other devices such as Polycom phones) don't support anything bigger than 2048 bits. Uses less CPU than a longer key during encryption and authentication Using less CPU means using less battery power (important for mobile devices) Uses less storage space: while not an issue on disk, this can be an issue in small devices like smart cards that measure their RAM in kilobytes rather than gigabytes So there are some clear benefits of using 2048 bit keys and not just jumping on the 4096 bit key bandwagon The case for using 4096 bits For some types of attack, security is not just double, it is exponential. 4096 is significantly more secure in this scenario. If an attack is found that allows a 2048 bit key to be hacked in 100 hours, that does not imply that a 4096 bit key can be hacked in 200 hours. The hack that breaks a 2048 bit key in 100 hours may still need many years to crack a single 4096 bit key Some types of key (e.g. an OpenPGP primary key which is signed by many other people) are desirable to keep for an extended period of time, perhaps 10 years or more. In this context, the hassle of replacing all those signatures may be quite high and it is more desirable to have a long-term future-proof key length. The myth of certificate expiration Many types of public key cryptography, such as X.509, offer an expiry feature. This is not just a scheme to force you to go back to the certificate authority and pay more money every 12 months. It provides a kind of weak safety net in the case where somebody is secretly using an unauthorised copy of the key or a certificate that the CA issued to an imposter. However, the expiry doesn't eliminate future algorithmic compromises. If, in the future, an attacker succeeds in finding a shortcut to break 2048 bit keys, then they would presumably crack the root certificate as easily as they crack the server certificates and then, using their shiny new root key, they would be in a position to issue new server certificates with extended expiry dates. Therefore, the expiry feature alone doesn't protect against abuse of the key in the distant future. It does provide some value though: forcing people to renew certificates periodically allows the industry to bring in new minimum key length standards from time to time. In practical terms, content signed with a 2048 bit key today will not be valid indefinitely. Imagine in the year 2040 you want to try out a copy of some code you released with a digital signature in 2013. In 2040, that signature may not be trustworthy: most software in that era would probably see the key and tell you there is no way you can trust it. The NIST speculates that 2048 bit keys will be valid up to about the year 2030, so that implies that any code you sign with a 2048 bit key today will have to be resigned with a longer key in the year 2029. You would do that re-signing in the 2048 bit twilight period whi

The paper Bootstrapping Software Distributions , co-authored with Johannes Schauer has been accepted for publication in the proceedings of CBSE 2013, Vancouver, Canada, June 17-21, 2013. AbstractNew hardware architectures and custom co-processor extensions are introduced to the market on a regular basis. While it is relatively easy to port a proprietary software stack to a new platform, FOSS distributions face major challenges. Bootstrapping distributions proved to be a yearlong manual process in the past due to a large amount of dependency cycles which had to be broken by hand. In this paper we propose an heuristic-based algorithm to remove build dependency cycles and to create a build order for automatically bootstrapping a binary based software distribution on a new platform.

Recently, there's been discussions on IRC and the debian-devel mailing list about how to notify users, typically from a cron script or a system daemon needing to tell the user their hard drive is about to expire. The current way is generally "send email to root" and for some bits "pop up a notification bubble, hoping the user will see it". Emailing me means I get far too many notifications. They're often not actionable (apt-get update failed two days ago) and they're not aggregated. I think we need a system that at its core has level and edge triggers and some way of doing flap detection. Level interrupts means "tell me if a disk is full right now". Edge means "tell me if the checksums have changed, even if they now look ok". Flap detection means "tell me if the nightly apt-get update fails more often than once a week". It would be useful if it could extrapolate some notifications too, so it could tell me "your disk is going to be full in $period unless you add more space". The system needs to be able to take in input in a variety of formats: syslog, unstructured output from cron scripts (including their exit codes), snmp, nagios notifications, sockets and fifos and so on. Based on those inputs and any correlations it can pull out of it, it should try to reason about what's happening on the system. If the conclusion there is "something is broken", it should see if it's something that it can reasonably fix by itself. If so, fix it and record it (so it can be used for notification if appropriate: I want to be told if you restart apache every two minutes). If it can't fix it, notify the admin. It should also group similar messages so a single important message doesn't drown in a million unimportant ones. Ideally, this should be cross-host aggregation. The notifications should be possible to escalate if they're not handled within some time period. I'm not aware of such a tool. Maybe one could be rigged together by careful application of logstash, nagios, munin/ganglia/something and sentry. If anybody knows of such a tool, let me know, or if you're working on one, also please let me know.

So, regarding my cry for help... I did get several replies and did more research on my own. The TL;DR up to now is "I have a fully functioning device with no input method and my data may well die on it": The device is passphrase-protected and encrypted so I can't simply connect an USB cable and use MTP. I can't connect a mouse or keyboard as LG, in their endless wisdom, didn't design the USB port with enough power in mind so it can't support USB OTG on its own. Google then removed USB OTG support from the Nexus 4's kernel. It's not as if powered USB hubs existed so this is obviously the correct path of action. While I can install new programs via Google Play, Android 4.0 and above prevents newly installed programs to start without user interaction. LG points towards a third-party service for out-of-warranty repairs and as part of their Terms of Service, you have to forfeit all data as they "always update the software", i.e. they will prolly ship random other devices to you on a regular basis instead of what you sent in. The Nexus 4 is running stock Android, locked bootloader and all The last two options I see are Try to find a way to get a custom ROM onto the device with the help of USB cable and physical buttons only without destroying the encrypted data (yeah, right...) Try and source a display so I can repair the device myself. But as not even ifixit.com offers a howto or parts... I suspect this may fail. And I can not even be reached under my normal number as I don't dare turning the device off and/or removing the SIM as that may prevent me from recovering with the running device, somehow.

When the Syrian Electronic Army hacked The Onion’s twitter account, what did they do to cause panic and mayhem? Post real news stories?