11-10-09 08:07:06

It seems the US-centric world of date geeks have noticed the 09/10/11 12:34:56 time stamp, but I prefer doing the dates in the only order that makes sense, the ISO8601 order: year month day hour minute second. So I have to celebrate the same day at a different time!

So this time just happened. Move on.

RMS to Stockholm – November 8th

On November 8th 2011, foss-sthlm has the honors of welcoming Richard M Stallman to Stockholm and we invite you all to come and listen to what he has to say. RMS, as he is commonly known, is of course the founding father of both GNU and FSF and he has served his role of non-compromising believer in and the torch-bearer of the Free Software movement ever since he started it.

Date: November 8
Time: 18:00
Where: Aula Magna at Stockholm University

To get to enjoy this talk, and to be able to perhaps ask a question of your own, you must register and book your seat. You do this by going to the foss-sthlm nov2011 web page and reading the instructions.

We have this required booking concept for this only to make sure that we don’t overbook the room. Please make sure that you “return” tickets that you won’t use. Please help us pull this event through in an excellent manner.

This event is made possible thanks to our sponsors South Pole AB and DSV. We arrange this in cooperation with the great FSCONS team.

Update: we switched to a much bigger place!

Haxx, the second year

Last year I posted my report of what I and my fellows did at Haxx after the first year of true and real independence. As I probably mentioned before, we registered our company 1997 but it was just a side project for over a decade.Haxx logo

Now, when we’re slowly approaching two years it is time to look back and what we’ve done during the past twelve months and what we’re doing right now.

We have firmly established ourselves even more as expert developers within embedded systems. We’re over and over again being hired by the teams that themselves are hired by companies to provide services or products. During the last twelve months, we’ve written software and software designs for a huge medical equipment company, a small video equipment manufacturer, a major international telecom, a market-leading embedded systems provider and a global chip manufacturer. We’ve debugged simulation software, designed video streaming servers, done video subtitling magic, poked on Linux kernel code and we’ve done old-school 8051 and 16bit x86 assembly. I’ve also managed to do a Embedded Linux development (in user-space) training course – twice. All this, in just the past year!

Haxx was (and presented) at FSCONS in Gothenburg, we went to (and presented at) FOSDEM in Brussels and we went to the Rockbox devcon in London. We did lots of work within the foss-sthlm community.

Oh, and we’ve revamped our logo and graphical design.

Haxx consists of three full-time employed senior expert embedded systems consultants. We’ve all been in the industry for over twenty years: Daniel Stenberg, Björn Stenberg and Linus Nielsen Feltzing.

We continuously work with partners in the area to reach out to new and existing customers. As we’re very small and rather spend our time on working in our actual assignments we appreciate the help with sales and marketing. If you’re in the Stockholm area and ever end up needing devoted and skilled embedded software hackers, call us!

I’m gonna do my very best to make sure we get another great year! I’ll report back and tell you how it went.

curl meetup at Fosdem 2012

The FOSDEM 2012 dates were recently revealed (4-5 February 2012).

A pint of guinness

I’d be happy to arrange a get-together for libcurl hackers at Fosdem this year. To me, Brussels, Belgium seems mid-europe enough to be able to attract a bunch of us:

  • libcurl application users/authors
  • libcurl binding hackers
  • libcurl contributors
  • … and everyone else who’s doing related activities or who just is interested

Potential subjects to discuss at such a meeting:

  • what’s the most important stuff libcurl still lacks?
  • what’s the least documented/understood parts of libcurl?
  • are there shared problems several/many libcurl bindings have to solve?
  • can we improve how we work/develop libcurl and bindings?
  • what kind of beer is best at a curl meetup?
  • [fill in your own curl related subject]

I would like at least 4-5 people voicing interest for this to be worthwhile for me to actually try to do anything. Please speak up on the libcurl mailing list, tweet me or mail me privately! The more people that are interested, the more planning and stuff we’ll do for it.

Network hardware deaths

Things went southwards already this morning. My wife was about to work from home and called me before 8am asking for help to get online as the wireless Internet access setup didn’t work for her.

As this has happened at some occasions before she knew she might need to reboot the wifi router to get things running again. So she did. Only this time, when she inserted the power plug again there was not a single LED turning on. None. She yanked it out again and re-inserted it. Nothing.

Okay, so she was not able to use the wifi and the router was dead.

At lunch, I took a short walk in the sunshine to my nearest “Kjell & Co” and got myself a new wifi router and brought it back with me home after work and immediately replaced the dead one with the new shiny one. I ran upstairs (most of my network gear is under the staircase on the bottom floor while my main computer andlink DIR 635d work space is on the upper floor), configured the new router with the static IP and those things that need to be there and…

…weird, I still can’t access the Internet!

I then decided to do the power recycle dance with the ADSL modem as well. I could see how the “WAN” led blinked, turned stable and then I could actually successfully send several ping packets (that got responses) before the connection broke again and the WAN led on the modem was again switched off. I retried the power cycle procedure but the led stayed off.

I called customer support for my ADSL service (Bredbandsbolaget) and they immediately spotted how old my modem is, indicating that it was probably the reason for the failure and set me up to receive a free replacement unit within 2-3 days.

This left me with several problems still nudging my brain:

  1. Why would suddenly two devices standing next to each other, connected with a cat5, break on the same day when they both have been running flawlessly like this for years? I had perfect network access when I went to bed last night and there were no power outages, lightning strikes or similar.
  2. Why and how could the customer service so quickly judge that the reason was the age of my modem? I get the sense they just knee-jerk the replacement unit because of the age of mine and there’s a rather big risk that when I plug in the new modem in a few days it will show the same symptoms…
  3. 2-3 days!! Gaaaah. Thank God I can tether with my phone, but man 3G may be nice and all but its not like my trusty old 12mbit ADSL I tend to get. Not to mention that the RTT is much worse and that’s a factor for me who use quite a lot of SSH to remote machines.

I guess I will find out when the new hardware arrives. I may get reason to write a follow-up then. I hope not!

Update on September 23rd:

A new ADSL modem arrived just two days after my call and yay, it could sync and I could use internet. Unfortunately something was still wrong though as my telephone didn’t work (I have a IP-telephony service that goes through the ADSL box). I took me until Sunday to call customer service again, and on Tuesday a second replace modem arrived which I installed on Thursday and… now even the phone works!

I never figured out why both devices died, but the end result is that my 802.11n wifi works properly with speeds above 6.5MB/sec in my house.

curl 7.22.0

Another release of curl and libcurl just happened. 7.22.0 is released.

Apart from the 28 something documented bug fixes, we introduce a range of changes that could be noteworthy:

  • Added CURLOPT_GSSAPI_DELEGATION – remember that we explicitly disabled GSSAPI delegation in our previous release due to a security problem. Now we introduce an option for the application to control exactly how to behave.
  • Added support for NTLM delegation to Samba’s winbind daemon helper ntlm_auth. This lets libcurl use the external helper program to do things like NTLM single-sign on.
  • Display notes from setup file in testcurl.pl – provides a way for test clients to provide more information back to the centralized test summary on the primary server.
  • BSD-style lwIP TCP/IP stack experimental support on Windows – there are still flaws in lwIP on windows that prevents it from working properly
  • OpenSSL: Use SSL_MODE_RELEASE_BUFFERS if available – this is basically a way to ask OpenSSL to use less memory
  • –delegation was added to set CURLOPT_GSSAPI_DELEGATION – simply the new option exported to the command line tool
  • nss: start with no database if the selected database is broken – a slightly modified behavior
  • telnet: allow programatic use on Windows – basically making the windows implementation in sync with how the non-windows version already has worked for quite some time

This release is this great thanks to 25 friendly contributors.

cURL

generic opt-in spam lists don’t exist

The last couple of days I’ve received a number of Swedish spam emails and I started digging up the Swedish companies behind them. The vast majority of all spams I get and have gotten during the years are English, so the Swedish ones stand out and they are a relatively new thing.

There seems to be a range of companies that now offer “email marketing” as a service to other companies. And there are lots of companies apparently willing to use such services. The other day the somewhat respected ISP company Crystone for example went ahead and spammed “a few hundred K recipients (link to a Swedish-speaking forum). I’ve long been annoyed by the repeated spam mails I get from the company Jajja, which apart from being in the snake oil business (SEO) seems to be a legitimate business that wants to be taken seriously. Of course, they have a shady history of bad business ethics (link to Swedish article about Jajja doing blog-comment spamming in 2007).

A can with spamCrystone’s excuse for their spam outburst was that they had bought this list of “verified” and “opt-in” addresses (from big-time spammer company mailcom.se) so they were quite surprised when large amounts of people started complaining and whining about their spam. mailcom.se, unsurprisingly, on their site boast to also have Jajja as customers. I have emailed mailcom.se and complained in strongly worded terms. I expect no response or effect.

Hejsan

Detta är ett av tjogtals (hundratals?) spam email jag fått från er. Ni har hittat/köpt denna email-address genom web-scraping och ni och era kunder är inget annat än spammare. Det är illegalt i Sverige och att betrakta som ett vedervärt sätt att försöka marknadsföra någonting.

Fy skäms!

The above is the email text I sent. It could be translated into English like:

Hello

This is one of the many (hundreds?) spam emails I’ve received from you. You found / bought this email address by web-scraping and you and your customers are nothing but spammers. It is illegal in Sweden and to be regarded as a horrible way of trying to market anything.

Shame on you!

Newsflash: there is no such thing as a blanket list with verified and opt-in email addresses. You may get people to opt-in for a particular and well explained purpose, but nobody ever asked anyone if they wanted to get stupid market emails from Crystone without compensation. Who would have opted-in to something like that?

Legality? People here in Sweden are quick to point out that sending market emails to companies and other business is not illegal here. Although, as is easily proven, these guys don’t know who they target as their list clearly is created by old fashioned web scraping techniques and they send to anyone, individuals and companies – without discrimination. Besides, my biggest complaints against spam is that it is a nuisance and a pain, if it is illegal or not is not the biggest concern to me. Spam is spam no matter what.

I’ve also explicitly tweeted about the spam service provided by quicknet.se. They’re at least somewhat open about it and add a header in their outgoing mails claiming them to be from “QuicNet_AB” (notice how the letter k is absent). I’ve received several spams via their domain gallerian.org so there’s no doubt who’s behind them. These mails also have ended up targeted to email addresses that are without any doubt harvested from the web. An employee of quicknet responded to me (in Swedish), apparently surprised by my allegations but I’ve received no further info. But frankly, I don’t care what excuse they can come up with. It will only be something lame as this is not a mistake.

Other seemingly popular Swedish spam companies include epostservice.se/com, epostarna.se and so on. I wish more people will react on the spam and object to the companies that buy these services (in good faith or not) and to the companies that provide these services. Tell them it’s all spam, no matter what excuses they can figure out!

PS. Yes, this is the same Crystone I’ve written about before

A libcurl postergirl?

google for libcurl

If you click the image you’ll see a full-resolution screendump for my recent search for “libcurl” on google. Where did that (image of a) girl come from? Judging from where it appears on the results page right next to the information about the cURL project you can’t but assume that she’s somehow related to the project.

That’s of course not true. When moving the mouse over the image I get a tooltip with a funny “hair curling” URL and that’s also where a click on the image takes me.

A mighty weird way of presenting a search result if you ask me!

I like a good firmware bump

So I have this TV that I got for Christmas 2009. As it happens the guys at Philips clearly kept fixing the software and removed bugs after that moment. No surprise there really. I’ve been an embedded software developer for some twenty years by now. I know that software never gets “done” and that what ships in products is only what seems to be “good enough” at some point in time. Sometimes of course not even that good.

So the other day I took a photo of my TV firmware version. It shows how the firmware was made in April 2009. I did it during a discussion with a friend who happens to have the exact same TV as I do, and it then of course turns out he has a different (newer) firmware.

Oh right, I wonder if I can upgrade to a newer one? Once I’ve mastered the maze of the Philips web site I eventually found a download link and PDFs that told me how to. The list of fixes since my version was extensive and I noticed a few flaws mentioned that I have actually experienced!

The TV firmware download was a whopping 43MB. I realize this is because it is a full-fledged Linux system with kernel and God knows what else they’ve crammed in there. I decided to give it a closer check! The result of that was a little disappointing. It is quite clearly encrypted after some basic initial header.

hexdump -C firmware image

The data that starts on offset 0x220 is not x86 instructions and in fact nothing in the beginning of the file looks like x86 code (I just ran a quick “objdump -D –target binary -m i386” on the file). Of course, I don’t know what architecture my TV runs so perhaps even checking for x86 is wrong. I know MIPS is popular in DVDs, settop-boxes and related graphics stuff but…. Nah, I decided it really wasn’t worth the effort so I stopped investigating. I have no real intention of hacking on it anyway.

So I instead proceeded to the actual procedure of upgrading the thing.

Unzip the zip file and put the file in the root dir of a FAT32-formatted usb-stick. The instructions of course didn’t say it needs to be FAT32 but I used that and it worked, and I just smug in the dark to how a manufacturer like this just assumes that we would have FAT32 on our usb-sticks…

But I digress. When I inserted the upgrade USB, the TV switched itself off, was dark for a short while and then turned itself on again and showed the firmware upgrade screen.

The process was very fast, just like 30-40 seconds or something like that and then it was done and asked me to remove the “media” and restart. Of course we know that a usb stick is “media” so I removed it from the TV set.

The instructions were very clear that to “restart” the TV I must only press the ON/OFF button on the remote once and only once. So I was careful to do just that… 😉

Nothing strange happened, but after a brief moment of black screen the regular and familiar interface.

I jumped into the firmware version menu to check it out and yes, it shows an updated version now:

I did a quick check to see if I could detect my previous quirks now, but they may really be gone. They’ve been related to sound through HDMI and some graphical “glitches” when feeding the TV with full HD from a laptop.

So, with this firmware that was shipped many months after I got my TV, I seem to have gotten a better product.

I haven’t yet tested this new version to a significant degree so I don’t know yet if I’ve gotten some new nasty side-effects from it, as sometimes these kinds of firmware upgrades really cause you pain when something that formerly used to work so good suddenly turns out to not work that good any longer.

curl, open source and networking