Agreguesi i feed

NewYorkCountryLawyer writes "Joel Tenenbaum has filed a reply brief in support of his petition for certiorari to the U.S. Supreme Court, in SONY BMG Music Entertainment v. Tenenbaum, trying to get the Court to take on the thorny issue of copyright statutory damages in the age of mp3 files and micropayments."

Read more of this story at Slashdot.

I have almost finished going through the various modules in Gcalctool and I realized its easier for me to first do a separate prototype for the history panel, which is the first major change for the application. This prototype would have an input box as well a separate text box above it. Whatever input is fed into the input box, that will appear on a line in the text box and immediately below it will be a value of 10.  This is repeated until exactly 6 different inputs have been fed. Upon feeding the 7th input the entire text box is cleared and only the seventh input is displayed. These inputs represent the values entered by a user into the calculator and the value of 10 represents exactly what the answer would be from the calculations. It is temporary and will be replaced by the actual answer value. Once this is done and I have gotten comments on it I will begin implementing this into the calculator itself.

StikyPad writes "Comcast is reportedly removing its oft-maligned 250GB data cap, but don't get too excited. In what appears to be an effort to capitalize on Nielsen's Law, the Internet's version of Moore's Law, Comcast is introducing tiered data pricing. The plan is to include 300GB with the existing price of service, and charge $10 for every 50GB over that limit. As with current policy, Xfinity On Demand traffic will not count against data usage, which Comcast asserts is because the traffic is internal, not from the larger Internet. There has, however, been no indication that the same exemption would apply to any other internal traffic. AT&T and Time Warner have tried unsuccessfully to implement tiered pricing in the past, meeting with strong push back from customers and lawmakers alike. With people now accustomed to, if not comfortable with, tiered data plans on their smartphones, will the public be more receptive to tiered pricing on their wired Internet connections as well, or will they once again balk at a perceived bilking?"

Read more of this story at Slashdot.

An anonymous reader writes "In the midst of Congressional races around the country, one stands out to techies. Thomas Massie, an MIT whiz kid who pioneered touch-based interfaces and founded SensAble Technologies in the 1990s, is the favorite to win the Republican nomination in his Kentucky district next week. SensAble was recently sold on the cheap, but in a new exclusive, Massie explains why he left the haptics firm years ago to lead a simpler life of farming, family, and guns — lots of guns. Along the way he built a solar-powered, off-the-grid house and became a local hero of the Tea Party. Now Massie is leading the charge to get more engineers into politics, and if he wins, he could be a force to be reckoned with in Washington, DC."

Read more of this story at Slashdot.

• More mail, pleasant call with Sean, an old friend, lunch. Team meeting, ESC meeting, Vojtech's staff meeting, call with Brian Green. Dinner, back to some typing.

Today IBM seems about to deliver on their promise of opening up the Symphony codebase. That is a good thing. It represents an important way-point, in the middle of a long process.

A long journey

I recall well meeting Don Harbison at the OpenOffice conference in Koper in 2005, and a memorable party during which I no doubt bored him to death by re-iterating the importance of working with the community, in the open and contributing your code. Then around April 2006, IBM Workplace 2.6 arrived: a proprietary product based on a version of the OpenOffice.org 1.x code-base. That was enabled by the non-copy-left SISSL license variant the code was under at the time. Fast fowarding to September 2007, Lotus Symphony appeared in beta, complete with an interview "IBM joins OpenOffice to widen it's reach" with Doug Heintzman, promising:

"IBM will dedicate a core team of 35 programmers in China to the OpenOffice project, but more people will be added as needed around the world, he said."

Around this time, we got some contributions of parts of the Symphony feature-set thrown-over-the wall. Sadly these were mostly vs. an obsolete code base, and were mostly not maintained or forward ported (though LibreOffice's current Lotus Word Pro filter was rescued from that dump). At the time I confess I was eager for IBM not to contribute anything towards propping up the fundamentally unjustly managed and structured OpenOffice.org project, with which I'd become utterly disillusioned.

As time passed, the waiting and suspense continued to build, in November 2008 at OOoCon Beijing I had the pleasure of meeting Michael Karasick, whose (keynote) gave an apologetic score-card for this contribution, and promised "we will be contributing". More time passed. By July 2011, the donation of the code was announced in a press release "IBM Donates Lotus Symphony Source Code to the Apache OpenOffice Project", and still no code.

Then, this week Don Harbison announced that IBM have signed a software grant agreement to the Apache project for the code, which is planned to appear in svn as a single, flat, code dump. At last ! the code will be read and the valuations independently assessed. I have fond memories of working together with Doug, Michael & Don, and I'm certain their commitments were sincerely given and meant on each occasion. I suspect the primary cause of the delay is degrees of embarrassing frustration inflicted by part of a corporate machine fearful of, and unused to the transition costs of open, community based development.

Every day, open and engaged ...

Of course, it is great when code that has been proprietary and closed is finally opened, and licensed in a way that LibreOffice can include it. While there is some sad level of duplication vs. work done in LibreOffice, there are also some nice sounding features that should be useable for our next release as/when we have re-licensed.

On the other hand, one of the real pleasures of working in LibreOffice is the collegial, interaction and co-operation with my much-appreciated colleages from Red Hat, SUSE, Canonical, Lanedo, Google and the hundreds of developers and other supporters that have contributed to the project since we started ~eighteen months ago. The credit these guys deserve, for their outstanding effort defies praise. In my book what looks like the boring, every-day, long-haul work of open interaction to achieve shared goals is worth immeasurably more. It may take time to hammer out results that I don't always agree with, but it is good.

Playing well with the community seems to me to mean a lot more than a one-off code-dump. It also means being willing to compromise and work constructively with others of differing ideological viewpoints, encouraging and motivating people to work together.

It means that companies should not horde their changes, to try to be first to the market. There should be direct contribution of the totality of bug fixes and improvements, as they are made, to an appropriate branch. Unfortunately, licensing is a factor here too. The Apache license, by providing you with the choice of when to release your code: "now ? later ? never ?" creates an economic incentive to horde and create a saleable, proprietary feature-edge. That in turn creates a disincentive for others to share. In contrast, a weak copy-left license pushes people inevitably towards sharing, working together, and a service & support based business model.

Hoping for good corporate citizens

So, what does this mean, if anything ? if this move signals a genuine change of heart, towards working collaboratively with the developer community in a sustained and non-proprietary fashion - releasing code changes as they are made and working fully in the open, that is good news. Of course, the most convincing way to make such a commitment to work well as peers with the community, is to join with the existing majority of the developers around the code-base, who are eager to work with IBM as part of LibreOffice. Indeed, more than that - I (and I suspect others) are anxious to make room for our friends from IBM: Peace, Love, LibreOffice ! However, that will inevitably mean making a few real compromises, working in community always requires that. One would be formalizing that intention to contribute well in the most convincing way: using the form of a source-code-license like the MPLv2 or LGPLv3+ which codify such good behaviour. That helps to ensure timely, collaborative code contribution from all players, protecting everyone independent of scale. Is it hard to make such a binding commitment ?

Failing that the option of competing with that community, while trying to build a track record from scratch as an enthusiastic believer in open development, collaboration, compromise, working as an equal, etc. may prove problematic. One canary here may be how this substantial code dump is treated. Will it be split up into individual, digestible features & commits, which can be merged individually into the existing Apache OpenOffice codebase. Or will a single, big, un-documented code commit be attempted ?

A conclusion or two

It looks like IBM will release six+ years of work by their development team; that is a good thing, it will be interesting to see what their sharp team has been up to over that time. Opening previously proprietary software is almost always a good thing, and it may provide our users with some improvements in due course.

In this historical context actions speak much louder than words, but are much harder to extrapolate into the future. Will we see a positive, constructive engagement moving forwards ? the best sign of that would be positive interaction with, compromise and re-unification with the vast majority of developers. An ongoing sadness for me is the lack of even contemplation of that.

Still, in the meantime the LibreOffice community is having fun preparing for it's 3.6 freeze with steady hacking progress; a prototype new feature page is in the process of getting built, though I suspect completing that will need to wait for some last minute features to get pushed. It's a great place to have fun, make a difference and get involved with Free Software, why not try an Easy Hack today ? every little helps.

Dante_J writes "Up to 100,000 DSL modems may lose access to DNS come July the 9th, due to scripted web interface changes made to them by DNSChanger. This and other disturbing details were raised by respected Internet elder Paul Vixie during a presentation at the AusCERT 2012 conference."

Read more of this story at Slashdot.

The topic of desktop customizations has always come up here at Largo.  I do spend time making changes to how the desktop works, but it's not a significant part of my day.  Most of my job entails debugging software and problems, and helping architect future technology.  Over the years my viewpoint has become that when people say they want "Microsoft Windows" what they really mean for the most part that they want to have a certain set of steps they have memorized on that operating system.  When people have their own computers they spend countless hours tinkering with it and then countless dollars buying software to move documents from one file format to another and hobble together something that works.  We in the computer business have done a horrible job with software design in that regard.  The things that are basic to us:  File system layouts, file formats and file sizes are exactly the thing that users struggle with the most.  I've mentioned before that when I was younger I always thought things would get better when the "computer generation" came into the workplace; but that hasn't happened at all.  I cannot overstate how much time users spend on "files".  In our case we also have the issue of users that log on for a few minutes a day and have never used computers in the past and have no desire to become proficient at them.  If the desktop was not modified there would be some issues that would come to the surface 1) Many many man hours spent looking for files, retyping 'lost' documents, etc  2) User customizations and settings that affect the desktop and cause it to fail.  3) An increasing desire to buy more and more software to 'fix' things that are happening because of skill 4) Failure because it's too hard.

The customizations therefore yield lower support calls and increased efficiencies by eliminating issues of file location, file type and file sizes from their work.  The design tries to create an environment where files in the right format and size are moved automatically between applications.

I posted a Glade screen a few days ago with the revamped Picture UI that comes up when you double-click on a photo or image.  It's moved past the vaporware stage and is now being tested by about 5 of us.  Still some issues to work out, but it's showing promise.  Python makes this all a breeze, but for end users these things are just so confusing.  It's not appropriate to try and get people into GIMP for these basic functions required to interact with software packages; they'll never get it -- and it's just silly to expect it.

The screen appears and it clearly shows the file size and number of pixels; which for most people mean nothing.  However the new feature is to estimate "suitability" for use in Evolution and LibreOffice which are the two primary areas that will receive images.  In the shot below the picture has been opened and it's way too big for document construction and for inserting in an email. 


The ResizeTo option is set to "Medium" and the image reduces and the file size drops substantially.  From here it can be emailed, placed into the clipboard or printed.  I disabled GIMP and EOG when it was reduced to avoid users opening the temporary buffer and making changes and then losing it because they don't save it to the right folder location.  The details of the enabling and disabling of buttons is still working through my head.


 There is a gotcha that I found with placing a picture into the clipboard; it seems like the parent application needs to stay open or the buffer is lost if the image is over a small size.  I tried to im.store() it but that doesn't seem to work either.  So for now when they click on [ To Clipboard ] they get a green checkmark indicating that it finished and then an intrusive dialog with instructions on how to continue.  Putting this message into the status line on the bottom would never be seen so I felt this was the best technique in this case.


I expect these changes to be fine tuned and then moved out to users next week.   I'm hopeful this will increase the usability and success of interacting with pictures.  With just a few lines of python, we should see benefit quickly.

Other Projects Updates From This Week:  

LibreOffice is running like a champ and very stable.  We have hardly gotten any support calls and it seems to have slipped right in like a champ and take over for OpenOffice.  I do wish that LibreOffice was hooked into bug-buddy so that I can see how often people are crashing.  We aren't getting calls about crashes, but I like to see them happen and have backtraces.

Novell came through for us and created a big GTK patch for some libraries that were not thread safe interacting with Evolution.  It was a merge of some upstream patches and we loaded them Wednesday.  Previously we would get about 3-5 crashes each day on just this one bug and so far I haven't received one.  As I have mentioned in the past, all backtraces and deadlocks come to me automatically. Very happy to see this improving.

SuseCon will be in Orlando this fall and some of us from Largo will attend. Federico has built a page with an early concept of a site visit to our City so that people can see technology in place.  The link is here.  If you have never seen centralized servers and how software works over remote display it's pretty cool stuff.  It's always nice to show the issues we deal with because I feel they represent issues seen in the enterprise.

New submitter PantherSE writes with an article at CNN about the geopolitical importance of labeling, excerpting thus: "Iran has threatened legal action against Google for not labeling the Persian Gulf on its maps 'Toying with modern technologies in political issues is among the new measures by the enemies against Iran, (and) in this regard, Google has been treated as a plaything,' Foreign Ministry spokesman Ramin Mehmanparast said Thursday, according to state-run Press TV. He added that 'omitting the name Persian Gulf is (like) playing with the feelings and realities of the Iranian nation.'"

Read more of this story at Slashdot.

An anonymous reader writes "After being the victim of a massive Distributed Denial of Service (DDoS) attack by an unknown party, The Pirate Bay has returned. An Anonymous traitor who goes by the name AnonNyre has claimed responsibility for the DDoS attack that kept the site offline for days."

Read more of this story at Slashdot.

An anonymous reader writes "Sen. Chuck Schumer, D-N.Y., has a status update for Facebook co-founder Eduardo Saverin: Stop attempting to dodge your taxes by renouncing your U.S. citizenship or never come to back to the U.S. again." See this earlier story on Saverin's plan to make the leap out of the U.S. tax system.

Read more of this story at Slashdot.

New submitter penmanglewood writes "I am a developer at a small IT company, and we primarily make software and games for the education market. I used to work with a team of developers, but for reasons outside the scope of this question, my boss and I are the only ones left. My boss says that our new strategy is to use outsourced developers to do the 'monkey work' for us. To me, this sounds like a bad idea. Do we give the developers access to our internal libraries? How will they be able to work on parts of our product without having access to our repository. I could think of a hundred more objections, but maybe I'm looking at it the wrong way. Is there a smart way to outsource development, or is it just a bad idea?"

Read more of this story at Slashdot.

parallel_prankster writes "Older adults who drank coffee — caffeinated or decaffeinated — had a lower risk of death [full paper is paywalled, at the New England Journal of Medicine] overall than others who did not drink coffee, according to a study by researchers from the National Cancer Institute (NCI), part of the National Institutes of Health, and AARP. Coffee drinkers were less likely to die from heart disease, respiratory disease, stroke, injuries and accidents, diabetes, and infections, although the association was not seen for cancer. These results from a large study of older adults were observed after adjustment for the effects of other risk factors on mortality, such as smoking and alcohol consumption. They also found that the association between coffee and reduction in risk of death increased with the amount of coffee consumed. Relative to men and women who did not drink coffee, those who consumed three or more cups of coffee per day had approximately a 10 percent lower risk of death. Researchers caution, however, that they can't be sure whether these associations mean that drinking coffee actually makes people live longer."

Read more of this story at Slashdot.

strawberryshakes writes "The death knell for IE6 was sounded a couple of years ago, but seems like some people just can't let go. Many UK government departments are still using IE6, which is so old — 11 years old to be exact — it can't cope with social media — which the government is trying to get its staff to use more to engage with citizens."

Read more of this story at Slashdot.

nonprofiteer writes "The Pentagon is increasingly transforming the military into an unmanned force, taking soldiers out of harm's way and replacing them with drones and robots. In 2011, it spent $6 billion on unmanned systems. The problem is that the unmanned systems don't work well together thanks to contractors building proprietary control systems (to lock government into exclusive relationships and to make extra money). A company called DreamHammer plans to have a solution to this — a universal remote control that could integrate all robots and drones into one control system. It would save money and allow anyone to build apps for drones. 'DreamHammer CTO Chris Diebner compares it with a smartphone OS — on which drones and features for those drones can be run like apps. Of course, Ballista is doing something on a much larger scale. It means that it takes fewer people to fly more drones and that new features can be rolled out without the need to develop and build a new version of a Predator, for example.'"

Read more of this story at Slashdot.

Dear Lazyweb,

is there a simple way to block some users who login with SSH to read /proc/<pid>/cmdline of processes they don't own? Or better yet: don't see these pids at all?

I know that there are PID namespaces, but they seem to require a special PID 1. Seems hard to get for a simple SSH login. (I wouldn't mind changing a user's shell. But brittle shell startup scripts wouldn't cut it.) systemd-nspawn wants to boot a full Linux distribution in a container and even then I'd be unsure how to wire it up so that it cannot be skipped. I wouldn't mind a read-only bind mount of the outermost Linux installation into a chroot environment, as long as the parent SSH process can get the user jailed into it securely. (No need for someone to be root in the chroot.)

I know that there are RBAC frameworks, but they're cumbersome to use. I don't need file labelling or path-based access control, as I do trust the Linux file permissions for this. I think SMACK wouldn't help here, AppArmor isn't really useable in Debian testing and TOMOYO is a tad crazy to use with its domain transitions through process invocations.

I bet that grsecurity would have something for me up its sleeve. But it's not in a Debian kernel. Even though I know how to compile my own kernel I'd only do that if everything else fails.

Thanks in advance for your help.

Dear Lazyweb,

is there a simple way to block some users who login with SSH to read /proc/<pid>/cmdline of processes they don't own? Or better yet: don't see these pids at all?

I know that there are PID namespaces, but they seem to require a special PID 1. Seems hard to get for a simple SSH login. (I wouldn't mind changing a user's shell. But brittle shell startup scripts wouldn't cut it.) systemd-nspawn wants to boot a full Linux distribution in a container and even then I'd be unsure how to wire it up so that it cannot be skipped. I wouldn't mind a read-only bind mount of the outermost Linux installation into a chroot environment, as long as the parent SSH process can get the user jailed into it securely. (No need for someone to be root in the chroot.)

I know that there are RBAC frameworks, but they're cumbersome to use. I don't need file labelling or path-based access control, as I do trust the Linux file permissions for this. I think SMACK wouldn't help here, AppArmor isn't really useable in Debian testing and TOMOYO is a tad crazy to use with its domain transitions through process invocations.

I bet that grsecurity would have something for me up its sleeve. But it's not in a Debian kernel. Even though I know how to compile my own kernel I'd only do that if everything else fails.

Thanks in advance for your help.

The awesome Jason Gerard DeRose interviewed Mark Shuttleworth at the Ubuntu Developer Summit (Quantal Quetzal edition) in Oakland California on Friday.

Our mascot Quincy (the most famous Quetzal) invites you to click the video below and watch Mark talk about software instrumentation, developer ultrabooks, high density ARM servers, and his favourite part of UDS-Q.

Thanks for putting this together, Jason. And extra points for not even flinching a bit when Quincy dropped in. ;)

--

Reminder: UDS-Q has ended and now I am free to fly! Chirp!

An anonymous reader writes "Google+ is a lonely place. At least according to a new study that paints the social networking site as a virtual tumbleweed town. Using information culled from the public timelines of 40,000 randomly selected members, data analysis firm RJMetrics found that the Google+ population, which currently numbers 170 million, is largely disengaged, with user activity rapidly decaying—at least when it comes to public posts. According to RJMetrics, 30 percent of first-time Google+ public posters don't post again. Of those who make five public posts, only 15 percent post again. The average time lapse between posts is 12 days, and RJMetrics cites a cohort analysis showing that members tend to make fewer public posts with each successive month. And the response to public posts on Google+ is extremely weak. The average post receives fewer than one reply, fewer than one '+1' (the equivalent to Facebook's 'Like'), and fewer than one re-share — basically most posts in the study did not garner any response."

Read more of this story at Slashdot.

jones_supa writes "RunCore announces the global launch of its InVincible solid state drive, designed for mission-critical fields such as aerospace or military. The device improves upon a normal SSD by having two strategies for the drive to quickly render itself blank. First method goes through the disk, overwriting all data with garbage. Second one is less discreet and lets the smoke out of the circuitry by driving overcurrent to the NAND chips. Both ways can be ignited with a single push of a button, allowing James Bond -style rapid response to the situation on the field."

Read more of this story at Slashdot.