Category Archives: Development

HTTP implementations

I previously mentioned on the libcurl mailing list, that Mark Nottingham in the IETF HTTP Working Group has initiated the work on putting together an overview of all (interesting) existing HTTP implementations

Of course curl is included in the bunch, or rather libcurl, but I would also urge you all to step forward and provide further details on other implementations you worked on or know of!

Portably Yours

Archos PlayerOne day in late 2001 I had a talk with my brother Björn and our mutual friend Linus about how their portable MP3 player was very cool but the software/firmware on it was rather limited and lame in many ways. (Correct, I didn’t own any portable music player at that time). As usual, we brought up the idea about being able to hack it yourself and oh how good couldn’t you make it then? Not very long afterwards, we had a mailing list setup for discussing how to reverse engineer and improve the Archos Player firmware. Personally, I had no device yet but it sounded like good fun so I subscribed and participated from the start. After a few months, I got myself an Archos Recorder to be able to get down on the metal too, and the Recorder was also slightly different and thus brought some more challenges to the team.

Archos Recorder

Archos RecorderThe Recorder was a step forwards since it provided better sound and a (gasp!) graphical LCD. Some of the first work I did in the Rockbox project was to work on the code for the LCD, to bring text to it using fonts and to provide line drawing routines etc. Keeping the entire screen in a separate “frame buffer” that is updated to the screen with a lcd_update() call was an early design decision that has stuck ever since.

We took the Rockbox a long way supporting more and more of the early SH-based Archos targets, including the V2s, the FM and the Ondio series. But eventually of course the models started to get hard to get and out of production. It was time to start looking into moving to other targets, and other targets would more or less force us into a world with software audio codecs!

I got my original Recorder stolen, but I had it replaced and put in a 80GB disk and it was much rejoicing.

iriver h140

iriver h140We did scan the market for targets that used somewhat standard components for which we could get specs and docs and we found the iriver h1x0 series and the work began. As usual we got plenty of help from everywhere and it didn’t take too long to show the nay-sayers that we could indeed transition Rockbox into the future with software codecs. We also took it to the h3x0 series with its color screen not that long after and my golly, didn’t an entirely new world of opportunities open? 40GB of disk was just about enough to hold most of my music collection.

iAudio X5

iAudio X5What’s the fun of Rockbox if I couldn’t follow along? I got the iAudio X5 early on in the porting effort and joined in and got my first color-screen target. Of course I didn’t like how the mere 20GB disk narrowed what music I was bringing with me, but hey some sacrifices had to be made for the greater good of advancing Rockbox! 😉

Rockbox was now booming and flourishing, coming to new targets all over and getting more and more developers involved.

Sansa E260

Sandisk Sansa e260A guy from SanDisk contacted us asking about a Rockbox port to their Sansa E200 series, and even though they sent me a bunch of targets etc they never provided any docs or actual help on the effort of porting Rockbox to these babies. Not even the figuring out the firmware format, as that was instead made by our own secret super-hero MrH.

Meizu M6

Time flies and soon enough (like in the late 2007) none of the targets Rockbox ran fine on were no longer being manufactured and started to get hard to get in shops all over the world. The eternal race to get Rockbox ported to a currently manufactured model of course just got more important.

It was almost two years since I got the Sansa e200 series from SanDisk and it was time to join in the efforts of bringing Rockbox to some Meizus. The amount of interested people and the existence of a (leaked) data sheet for the main SoC helped me settle for buying this.

Cowon D2

As I’ve already explained, I bought a D2 too at the same time I got the Meizu so that I could do comparison for people and just play around some extra.

Of course, my timing is dubious as I got my two new targets exactly at the same period in my life when I went back to work (almost) full-time from having been on paternity leave for six months. Together with my extra “admin duties” such as the euro devcon and gsoc 2008 happening, I really haven’t had much time to actually dive into low-level fiddling with the ports yet. Hopefully I soon get adjusted and get some time to really help out.

Coverity’s open source bug report

The great guys at scan.coverity.com published their Open Source Report 2008 in which they detail findings about source code they’ve monitored and how quality and bug density etc have changed over time since they started scanning over 250 popular open source projects. curl is one of the projects included.

Some highlights from the report:

  • curl is mentioned as one of the (few) projects that fixed all defects identified by coverity
  • from their start, the average defect frequency has gone down from one defect per 3333 lines of code to one defect per 4000 lines
  • they find no support to backup the old belief that there’s a correlation between function length and bug count
  • the average function length is 66 lines

And the top-5 most frequently detected defects are:

  1. NULL Pointer Dereference 28%
  2. Resource Leak 26%
  3. Unintentional Ignored Expressions 10%
  4. Use Before Test (NULL) 8%
  5. Buffer Overrun (statically allocated) 6%

For all details and more fun reading, see the full Open Source Report 2008 (1MB pdf)

Blaming Debian packaging

I happened to read the blog post called Open-Source Security Idiots which really is having a go at the poor Debian maintainer of OpenSSL for causing the recent much debated OpenSSL security problem in Debian and Debian-based distros.

While I think the author Steven J. Vaughan-Nichols is mostly correct about his criticism, I think he’s being far too specific and trying to pinpoint Debian and claiming that to be a single specific bad distro (and his additional confused complaint on Firefox vs Iceweasel just made the article lose focus).

As someone who’s involved in a bunch of projects that are being packed by a range of Linux distros, I can’t but to disagree. This habit of changing packages without passing the changes upstream is wide-spread and not limited to changes done by maintainers since it also includes mere bug reports. It is something that just about every distro is doing to at least some extent. It varies from package to package and over time, but given an overview I honestly can’t say that there’s a single specific distro that is worse than the others. It is a disease that follows the distros and we must all help out to exterminate it.

Of course, the upstream projects also need to be aware of this and help pushing packagers of their software to behave.

My phone does not replace my Rockbox

I have one of them mp3 capable mobile phones and I have a 4GB NAND flash inserted in it that is packed with music I like. Yet I never end up using it as a music player.

I see people everywhere use their phones for music and I repeatedly read and hear the soon coming death of the portable music player being predicted not far away by opinion-expressing know-it-allers.

My phone plays mp3 files just fine, but there are several reasons why I don’t use it for that. The primary one being that it gets a lousy battery run-time if I do that, and if I’d run down the battery all the way when listening to music then how would I be able to use the phone for regular voice? With a separate (Rockbox) device I can listen to music until the last drop of power goes out without hampering my communication abilities.

In my particular case, my phone’s lack of a proper standard USB port and it’s lack of anything but “full speed” (and yes full speed is less than high speed and is a lot slower than it sounds) when connecting it using the custom cable to my Linux box are two more reasons. Not to mention that it has this “database-only” approach to the music which I really don’t like – but yeah, I can learn to live with it.

Besides, it’ll be a while longer until I can hack my phone to run Rockbox and thus work the way I want it. Let’s hope Android or OpenMoko or similar efforts actually make it possible one day.

Swedish Top Developers?

I find it hilarious that IDG.se out of all publications put together the “best developers in Sweden” and lists the top-75 ones (article in Swedish). It is funny because IDG is not exactly a place flooding over with technical (or any kind of in-depth) knowledge, so obviously they got this list by getting input from others and how on earth can they then compare person A against person B when they’ve been mentioned by different sources? Also, just lumping every kind of “developer” into the same pile and then trying to order them is also an interesting challenge. Clearly some of these devs are more project managers, theorists and similar, while others are hardcore kernel-hackers, C coders or Java dudes.

I don’t mean to bash the people present on this list, as I’m sure I would also liked being present if I had been that. I just think the list fits so well into IDG’s style of populistic journalism. The audience wants top-lists, let’s give them another one!

Or perhaps I’m just jealous that I’m not included! 😉

D2 vs M6 given a few days use

A lot of people have asked me about my opinions on and comparisons between these babies, the Cowon D2 and the Meizu M6, and here’s my take. Of course a lot of this involves the original firmwares’ functionalities as that’s what I’ve been using on them so far. The Rockbox port for the D2 is progressing at great speed but isn’t yet capable of producing sound, and the Meizu port still has a long way to go (since it’s still in its infancy with research and reverse engineering being the primary doings atm).

Cowon D2

Touch screen isn’t really the best idea for a portable media player I’d say, but I must confess that the UI with “pop-up” buttons is rather nifty. See this little video for a grasp on how it works:

I haven’t used it a lot but the UI is working nicely and is fairly easy to use. I haven’t yet got myself an SD card to insert and try out, but I should soon! It does have visible tiny little screws that shows it could be disassembled quite possibly without too much efforts. Some of my other Rockbox friends are interested in the D2 quite a lot because it comes in a DAB model too, but my version is limited to FM radio only and even

Meizu M6

Next to the D2 this baby feels extremely small. It also has no visible screws or anything that reveals how it could be disassembled! The bootup procedure is first a bit silly since you need to hold down the PLAY key for a while but it doesn’t actually start until you release it, and you don’t know exactly how long you need to hold it. But then I think it proceeds nicely with the screen not even showing that it started, apart from a little “Loading…” text.

The M6 doesn’t use a touch screen but instead they have a “weirdo” slider pad with four button areas. Most of everything in the UI that goes up and down, like moving in menus, changing values, changing volume etc is done by letting a finger slide on the pad. This could’ve been a nice way of input if it wasn’t far too sensitive and thus I always seem to miss my goal menu item and have to go up and down several times before I manage to “hit” my target. Quite annoying!

Of course one downside with this player that isn’t a surprise at all but can be stressed, is the lack of any expansion slot so the original 8GB I got is all this unit is ever gonna see.

Conclusion

I think I end up liking the D2 somewhat more, mostly because of the slider on the M6 being annoying and that the D2 is expandable. The D2 also has a nicer OF (original firmware), but that’s not really what I care about since I plan to run Rockbox on both. Unfortunately I’ve not had a lot of spare time for actually getting into the hacking recently so right now I can’t comment on that much. I’ve seen interesting progress done by others in the mean time though!

I cannot say that the D2 is twice as good as the M6 so I’d actually say that M6 is a better value purchase.

Ok, that’s it for now. These are my first impressions, I’ll try to come up with some further ones later on after some more usage and hopefully some real rockboxing on them

How to hack firmwares and get away with it

It is with interest we in the Rockbox camp checked out the recent battle in Creative land where they shot down a firmware (driver really) hack by the hacker Daniel_K as seen in this forum thread.

We’re of course interested since we do a lot of custom firmwares for all sorts of targets by all sorts of companies, and recently there are efforts in progress on the Creative series of players so could this take-down move possibly be a threat to us?

But no.

In the Rockbox community we have already since day one struggled to never ever release anything, not code nor images or anything else, that originates from a company or other property owner. We don’t distribute other’s firmwares, not even parts of them.

For several music players the install process involves patching the original firmware file and flashing that onto the target. But then we made tools that get the file from the source, or let the user himself get the file from the right place, and then our tool does the necessary magic.

I’m not the only one that think Daniel Kawakami should’ve done something similar. If he would just have released tools and documentation written entirely by himself, that would do the necessary patching and poking on the drivers that the users could’ve downloaded from Creative themselves, then big bad Creative wouldn’t have much of legal arguments to throw at Daniel. It would’ve saved Daniel from this attack and it would’ve taken away the ammunition from Creative.Lots of Rockbox Targets

I’m not really defending Creative’s actions, although I must admit it wasn’t really a surprising action seeing that Daniel did ask for money (donations) for patching and distributing derivates of Creative’s software.

So far in our 6+ years of history, the Rockbox project has been target of legal C&D letter threats multiple times, but never from one of the companies for which targets we develop firmwares for. It has been other software vendors: two game companies (Tetris Company and PopCap games) fighting to prevent us from using their trademarked names (and we could even possibly agree that our name selections were a bit too similar to the original ones) and AT&T banning us from distributing sound files generated with their speech engine software. Both PopCap and Tetris of course also waved with laywers saying that we infringed on their copyrights on “game play” and “look” and what not, but they really have nothing on us there so we just blanked-faced them on those silly demands.

The AT&T case is more of a proof of greedy software companies having very strict user licenses and we really thought we had a legitimate license that we could use to produce output and distribute for users – sound files that are to a large extent used by blind or visually impaired users to get the UI spelled out. We pleaded that we’re an open source, no-profit, no-money really organization and asked for permission, but were given offers to get good deals on “proper” licenses for multiple thousands of dollars per year.

Ok, so the originating people of the Rockbox project is based in Sweden which may also be a factor as we’re not as vulnerable to scary US company tactics where it seems they can sue companies/people who then will have to spend a fortune of their own money just to defend themselves and then you have to counter-sue to get any money back even if you were found not guilty in the first case. Neither is Rockbox an attempt to circumvent any copy protections, as if it were it would have violated laws in multiple countries and regions. Also, reverse engineering is perfectly legal in many regions of the world contrary to what many people seem to believe.

If this isn’t sticking your chin out, then what is? 😉

Update 4-apr-2008: Creative backpedals when their flame thrower backfired.