Distros Going Their Own Way

Lemme take the opportunity to express my serious dislike about a particular habit in the open source world, frequently seen performed by various distros (and by distro I then mean in the wider sense, not limited to only Linux distros):

They fix problems by patching code in projects they ship/offer, but they don’t discuss the problem upstream and they don’t ship their patch upstream. In fact, in one particular case in a project near to me (make a guess!) I’ve even tried to contact the patch author(s) over the years but they’ve never responded so even though I know of their patch, I can’t get anyone to explain to me why they think they need it…

So hello hey you packagers working on distros! When you get a bug report that clearly is a problem with the particular tool/project and that isn’t really a problem with your particular distro’s way of doing things, please please please forward it upstream or at least involve the actual project team behind the tool in the discussions around the bug and possible solutions. And if you don’t do that, the very least you should do is to make sure the patches you do and apply are forwarded upstream to the project team.

How else are we gonna be able to improve the project if you absorb the bug reports and you keep fixes hidden? That’s not a very open source’ish attitude, methinks.

Recent example that triggered this post.

File Based Music Players Going Extinct?

Ok, I have a range of various hardware players that run Rockbox that can play all the music I have in my stored collection. But when I’m in front of my Linux box I prefer using the computer to play the music,my 4 rockbox targets not only because then I can select from all my music (that don’t fit on most of my players) and I have quick and easy access to changing the volume or skipping to the next song etc.

Here’s the thing: I use xmms for this (and I want to mention explictly that I don’t mean xmms2). I know this will make most of you reading this go what? and then suggest a billion other players. I know xmms is pretty much abandoned developer-wise and it doesn’t do gapless playback and has all sort of other drawbacks (including the silly winamp-mimicing GUI). I’ve seen that it’s even been discussed to get dumped from the debian packages (although people similar-minded to me spoke up and prevented this).

xmms screenshotI want a simple player with a GUI that can play songs from a mere directory. I want to point out a root dir and it could play all songs in there recursively. I’ve tried several different players over time, but I always go back to this simple xmms one simply for the reason that all the new and fancy players seem to be so focused on getting the music into a database and then arranging and viewing it all based on their tags and what not. I really really don’t want no database or anything, I just want my player to play everything in the dir I ask it to. And I want it to be available in a debian package preferably.

Any recommendations?

Conference in my living room

a kids drawing easel thing by IKEAToday (uh make that yesterday since we’re now past midnight here…) around lunch I drove my two kids over to my parents in law and got back to my house to host four friends (associated with a company that shall remain nameless in this blog – at least for now) coming over to discuss some work stuff.

It was great fun sitting in my living room chatting for a few hours, having a cup of coffee and instead of using a fancy company white board I brought my kids’ drawing easel (oh we love IKEA). The picture is the actual model we used, called “MÃ…LA”.

And we did indeed manage to get some good decisions done and some proper architectural stuff set. Admittedly, my kids’ drawing pens were a bit thin and not as thick and “powerful” as the ordinary office white board pends tend to be.

Rockbox Downloads Jan 2008

It’s time again for a check and analysis of the download trends of the build.rockbox.org web site, with comparisons with how things were at my previous count from October 2007.

Rockbox!

During this month, 112034 downloads were counted, which is almost a 10% increase since october’s 102127 – and as you’ll see below almost the entire increase was basically due to a boosted interest in the Sansa E200. There’s been no new port offered for download during this time, there are still 26 packages. The downloads were distributed as follows (the position changes are within () and the previous period’s download counts are within []):

  1. (+1) sansae200 27325 [18788]
  2. (-1) ipodvideo 21453 [20721]
  3. (+1) ipodvideo64mb 13904 [12780]
  4. (-1) ipodnano 13419 [13228]
  5. (+7) sansac200 3490 [2841]
  6. (-) gigabeatf 3410 [3522]
  7. (+1) ipodcolor 3316 [3287]
  8. (-3) h300 3306 [3614]
  9. (+2) ipod4gray 3249 [2896]
  10. (-1) ipodmini2g 3087 [3083]
  11. (-4) iaudiox5 2933 [3340]
  12. (-2) h120 2521 [2924]
  13. (+1) ipod3g 1993 [1624]
  14. (-1) ipodmini1g 1713 [1647]
  15. (+1) h10_5gb 1458 [1524]
  16. (-1) h10 1413 [1624]
  17. (-) ipod1g2g 1246 [1384]
  18. (-) player 730 [834]
  19. (-) recorder 558 [692]
  20. (-) iaudiom5 380 [422]
  21. (+1) h100 328 [345]
  22. (-1) recorder8mb 292 [354]
  23. (+1) fmrecorder 189 [222]
  24. (-1) recorderv2 175 [222]
  25. (-) ondiofm 96 [113]
  26. (-) ondiosp 50 [96]

Of course, if we count the two different ipod video builds combined, it alone is 35357 downloads (31.6%)! Apart from the E200 climb, I think the only significant change in the table above is the other SanDisk player in the selection, the Sansa C200 series which climed 7 positions due to its 23% download increase.

The top-5 downloads are all portalplayer based, and here’s a more complete look at how the builds are split up on main architectures (october’s shares within parentheses):

  1. portalplayer 97066 downloads 86.6% (83.6%)
  2. coldfire 9468 downloads 8.45% (10.4%)
  3. samsung 3410 downloads 3.0% (3.4%)
  4. sh1 2533 downloads 1.9% (2.5%)

The harddrive based builds are still more popular, but the flash ones are gaining:

  1. HDD models 67654 downloads 60.4% (65.7%)
  2. flash models 44380 downloads 39.6% (34.5%)

The top-8 downloads are for targets featuring color LCDs, and thy certainly are popular when checking download spread on target LCD types:

  1. Color 92494 downloads (82.6%)
  2. Greyscale 17450 downloads (15.6%)
  3. Monocrome 1360 downloads (1.2%)
  4. Charcell 730 downloads (0.7%)

Like last time, this doesn’t include any custom builds, builds from download.rockbox.org nor release builds from www.rockbox.org. Take all this as indications, not absolute facts.

curl and libcurl 7.18.0

cURL

I’m happy to announce the 103rd curl release: curl and libcurl 7.18.0.

No less than 35 persons beside myself contributed with info, reports and/or code to make the release as it turned out. We’ve added a bunch of new features and we’ve solved well over 30 different bugs. This is the news:

Changes:

Bugfixes:

  • curl-config –features and –protocols show the correct output when built with NSS, and also when SCP, SFTP and libz are not available
  • free problem in the curl tool for users with empty home dir
  • curl.h version 7.17.1 problem when building C++ apps with MSVC
  • SFTP and SCP use persistent connections
  • segfault on bad URL
  • variable wrapping when using absolutely huge send buffer sizes
  • variable wrapping when using debug callback and the HTTP request wasn’t sent in one go
  • SSL connections with NSS done with the multi-interface
  • setting a share no longer activates cookies
  • Negotiate now works on auth and proxy simultaneously
  • support HTTP Digest nonces up to 1023 letters
  • resumed ftp upload no longer requires the read callback to return full buffers
  • no longer default-appends ;type= on FTP URLs thru proxies
  • SSL session id caching
  • POST with callback over proxy requiring NTLM or Digest
  • Expect: 100-continue flaw on re-used connection with POSTs
  • build fix for MSVC 9.0 (VS2008)
  • Windows curl builds failed file truncation when retry downloading
  • SSL session ID cache memory leak
  • bad connection re-use check with environment variable-activated proxy use
  • –libcurl now generates a return statement as well
  • socklen_t is no longer used in the public includes
  • time zone offsets from -1400 to +1400 are now accepted by the date parser
  • allows more spaces in WWW/Proxy-Authenticate: headers
  • curl-config –libs skips /usr/lib64
  • range support for file:// transfers
  • libcurl hang with huge POST request and request-body read from callback
  • removed extra newlines from many error messages
  • improved pipelining
  • improved OOM handling for data url encoded HTTP POSTs when read from a file
  • test suite could pick wrong tool(s) if more than one existed in the PATH
  • curl_multi_fdset() failed to return socket while doing CONNECT over proxy
  • curl_multi_remove_handle() on a handle that is in used for a pipeline now break that pipeline
  • CURLOPT_COOKIELIST memory leaks
  • progress meter/callback during http proxy CONNECT requests
  • auth for http proxy when the proxy closes connection after first response

Tracking Swedish officials’ web use

I thought I’d just mention Patrik Wallström’s interesting project named Creeper. He basically offers a URL for an image to display on the site you run/admin, and then his server checks which IP addresses that gets the image and then cross-checks those addresses against a list of IP ranges of known swedish organizations, government agencies, political party headquarters and more.

An ingenious way to get some degree of knowledge about who looks at what and when. At least if a large enough amount of people display the Creeper icon: Creeper icon

HTML is all downhill from here

Ok, so we’re now officially over the hill. HTML4 was as good as we could make HTML, and the proof of this is the mighty insane and crazy mess W3C shows in their HTML 5 draft from January 22nd 2008.W3C logo

I mean, you can possibly (I mean if you hold on to your chair hard and really really try to extend your mind and be open) show sympathy and understanding for far-fetched stuff like “ping” and “prefetch” (or for that matter “author” and “contact”), but when they come to editing, drag-and-drop and how to deal with undo they certainly lost me. My favorite chapter in the draft is however this:

Broadcasting over Bluetooth

It takes a while just to suck up the concept of a HTML draft discussing broadcasting data. Over bluetooth. Man, these guys must have the best meetings!

My Antispam Measures

I get a fair share of spam. I have something like 10 working private email addresses, I’m listed as recipient in numerous email aliases and they all end up in the same physical mailbox where I read them. I’ve also had my existing emails for many years and I’ve shown and used them publicly on the internet all the time. I’m a major spam email target now. A good day I get just 2000 spams, but bad days I’ve been well over 13000 spam emails.A can with spam

My biggest friends in this combat are: spamassassin and procmail.

I’ll describe how I have things setup, not as much as to inspire others but more to be able to get feedback from you on how I can or perhaps should improve my setup to get an even better email life.

  • I consider all mails with spam points >= 3 to be spam. I’ve also tweaked my spamassassin user_prefs to be harsher on (pure) HTML mail and a few other rules, and I’ve added a couple of my own rules to catch spams that previously did slip through a little too easy.
  • First, I filter out mail from trusted mailing lists that have their own antispam measures.
  • I catch what appears to be bounces (I have a huge regex) and if it looks like a bounce to an address I don’t send email from I nuke it immediately (and those could be a true bounce are saved in a dedicated mbox)
  • I have a white-list system that marks all incoming mails from previously marked friends as coming from a friend.
  • Mails from non-friends are passed through spamassassin. Those with spam points higher than N are put in the ‘hispam’ folder – of course with the intention that these are very very very unlikely to every have any false positives and can almost surely be deleted without check. N is currently 10 but I ponder on lowering it somewhat. Spams with less points than N are put in the ‘spam’ folder, and I need to check that before I kill it because it happens that I get occasional false positives that end up there.
  • So, mails that aren’t from friends (or from a trusted mailing list) and aren’t marked as spam are then stored in the ‘suspicious’ mailbox
  • Mails from friends or from trusted lists go directly into my mailbox, or into a dedicated mailbox (for lists with somewhat high traffic volumes).
  • Oh, a little additional detail: I “mark” my own outgoing mails with an additional custom header with no point whatsoever but to be able to detect when someone/something sends me mail using my own address…

My weakest point in all this right now is the fact that I don’t spam-check white-listed mails at all, so spams that are sent to me using my friends’ email addresses go through and annoy me.

BTW, I did use bogofilter in the past and for a while I actually ran both in parallel (both trained with rougly the same spam/ham boxes for the Bayes stuff) but quite heavily testing I performed at that time (a few years ago) showed that spamassissin caught a lot more spams than bogofilter, while bogofilter only caught a few extra so I dropped it then.

curl with NSS and Fedora

Dave Jones blogged about his recent problems with curl on Fedora 8. It seems to be a problem somewhere in or related to the NSS library, that Fedora links curl to for SSL/TLS these days.cURL

What I find a bit annoying with this situation, is that I’m using Debian unstable and I’m dist-upgrading fairly frequently to be able to run on the bleeding edge and yet I don’t have the equivalent NSS version Fedora has and what’s perhaps worse is: I don’t even know how to get it and build my own local version! Is Fedora using their own patched version of this (rhetorical question as I’m quite sure they are)? Is it possible to get that version or patch so that I can build it and test on my non- Fedora development machine(s) ?

So, even though it really isn’t my problem or my issue to deal with, I couldn’t even try out his problem on my own!

tech, open source and networking