IT All Falls Down

For how long has the world’s IT been running naked, with anyone on the network able to take over the whole system?“it’s high impact and easy to exploit. And if you are exploited, the price is high, irrespective of any damage the attacker does: The only way to remediate is to rebuild the domain from scratch. Don’t let this happen to you.” Any length of time is too long. Yesterday, M$ told the world they were naked and now system administrators are scurrying around to make sure every system running InActive Directory has a patch. Meanwhile, the bad guys have been out there a while compromising whatever they could phish into.

Monoculture is dangerous whether it affects the survival of you progeny, your supply of food or your IT. Don’t let it happen to you. Use Debian GNU/Linux widely to avoid monoculture in IT.

This makes the occasional flaw in GNU/Linux pale into insignificance. What will M$’s apologists write now? That M$ has the One True Way to do IT? That the problem is fixed? That it’s the user’s fault??? Ignore them and think for yourself. M$ has let down the world in a big way. Would you continue to do business with the locksmith who installed a useless lock on your front door? Would you continue to do business with the car-maker who cranked out ten million lemons even after discovering the problem? Would you permit your daughter to date a guy with a history of vehicular crashes? Would you do business with a company that can’t rely on its own software? Don’t do it. Get software that works for you, not M$, M$’s “partners” and the bad guys. Get Debian GNU/Linux.

See Details emerge on Windows Kerberos vulnerability.

Posted in technology | Tagged , , , , , , , | 4 Comments

300,000

300K. That’s how many folks have taken the Intro to Linux course offered by The Linux Foundation. “we were able to offer our Intro to Linux course for free to nearly 300,000 people from all over the world. While the United States ranks first in the number of students taking Intro to Linux, it only represents about 30 percent of all class participants. The top geographies include the U.S., India, United Kingdom, Brazil and Spain.” That’s about half the population of Winnipeg, my nearest big city. That’s several times the size of the Canadian armed forces. It’s 50% more than the number of people involved in the invasion of Normandy. I would call it significant.

What are those folks going to do with that knowledge? Install GNU/Linux on their PC? Set up a computer lab? Migrate some department or organization to GNU/Linux? Perhaps, but one of the second or third tier of obstacles to wider adoption of GNU/Linux has been the availability of local people with the requisite skills. I remember my first exposure to GNU/Linux. It took days of reading and days of trying stuff to get a working system. Without the web I likely would not have been able to do it. The actual installation was trivial when I was armed with just a little knowledge. Now, thanks again to the web, GNU/Linux is mass-producing skilled people. I like it. With my knowledge I was able to install GNU/Linux hundreds of times. 300K people could install GNU/Linux millions of times or buy and install GNU/Linux systems millions of times. Expect increased growth in adoption of GNU/Linux everywhere.

See Introducing 300,000 People to Linux.

Posted in technology | Tagged , , , , , , | 21 Comments

Another Racket Run By M$

Oh dear! The city of Arnhem, the place with the Bridge Too Far, where paratroopers died because of the folly of higher ranks, is now involved in another less costly but egregious disaster.“To compensate for not having adequately licensed the software used by the town’s civil servant’s who were working from home, Arnhem has paid 600,000 euro for new licences. These allow the use of the ubiquitous proprietary office software for the next three years, says the city’s CIO, Simon Does.
“It makes no sense not to use these licences, so we’ve stopped looking for alternatives”, the CIO told the European Commission’s Open Source Observatory and Repository (OSOR). Possible alternatives would have been LibreOffice or Apache OpenOffice, two closely related open source office suites.”
The city was caught using unlicensed copies of M$’s office suite…

The folly? Instead of beating a path to LibreOffice ASAP, they meekly paid for a new set of licences thus increasing their lock-in and delaying progress. This still exposes them to further audits, further rounds of licence-upgrading, and the longer they use M$’s stuff the harder it will become to escape. Already it’s tough because many of their other applications depend on M$’s office suite. You don’t solve a problem you created by continuing to make the same mistakes. They do have the future possibility of migrating to FLOSS like LibreOffice in the future but this is a missed opportunity and will raise the cost of future migrations to FLOSS.

Shortsighted IT makes Arnhem part of its own problems with M$. If they’d gone to openoffice.org and LibreOffice years ago, none of this would have happened. Want to bet the cost of migration would have been less than the cost of the “fine” many years ago?

See Licence fine forces town to drop move to alternative office tools.

Posted in technology | Tagged , , | 41 Comments

OneRNG

With the recent discussion here of randomness/entropy, it’s timely that a story emerges of a guy“there’s an avalanche diode, which generates entropy from the quantum noise of its own operation. “That’s not some scary quantum effect that’s hard to understand”, Campbell said, “but it’s a a particularly random type of noise”.
Second, there’s a radio receiver, which Campbell explained to Vulture South picks up noise, of which OneRNG retains the least significant bit, so as “to guard against a third party generating a signal” to try and defeat the randomness of the entropy.”
planning to ship an open-design random number generator.

The hardware is familiar to me. I’ve been doing electronics since the 1960s. He’s using a Zener diode as a noise-source and a radio receiver to pick it up. I think that’s kind of silly because it might open up the process to non-random radio sources. I know about those. I used to work in a cyclotron laboratory where every cable had 28MHz RF dancing on it. I would just pick up the noise directly with a wide-band amplifier and sample it periodically and digitize the stream with an ADC or even a Schmitt trigger. Compare with the average value of the signal and the odds are equal for ones and zeroes.

Whatever. The real issue is the bandwidth of the device and the quality of the data. Any decent computer system may need tons of random bits to do the job. I guess it will work fine for salting more productive methods like multiplicative congruence and descendents (I’ve used RANDU, one of the worst, on a S/360…) but it would not be the best for XORing with data-streams. With the necessity of random number generation in IT these days, it’s a wonder that every CPU or motherboard does not have a really great generator built in.

See Meet OneRNG: a fully-open entropy generator for a paranoid age.

Posted in technology | Tagged | 3 Comments

Decisions About Small Cheap Computers

So, M$ is competing on price for small cheap legacy computers these days. That’s OK, but at least you, the consumer, now have a choice you didn’t have a few years ago.“your account information is all stored in Google’s cloud, so you can immediately personalize any Chromebook to your profile simply by logging into your Google account. There’s also a guest account, so someone else can log in, use the Chromebook, and when they log out all that profile information simply vanishes.
This makes the Chromebook a maintenance dream. There are no updates. There are no antivirus programs. There is no maintenance whatsoever except power up and powering down once in a while.”
David Gewirtz has a pretty good piece on the choices. Basically, he suggests, it comes down to what you want to do with your machine. If you absolutely must run applications that need that other OS, pity you, poor slave, then so be it but for everything else, there’s a ChromeBook and one option he omits, installing GNU/Linux on that ChromeBook. You can do that. ChromeOS is basically a browser running on GNU/Linux so it’s already there underneath and if you can write to the storage device or get root access some way, the machine is yours. You can also do that with the freebie small cheap computers bearing M$’s stuff although there’s no need, for the hardware isn’t terribly different. Both Intel and ARMed versions are available.

I would stick with the ChromeBooks lest M$ get any richer/more powerful/abusive. There’s a rumour that $149 ChromeBooks will soon be here. That might still be the deciding factor.

See How to decide between a $199 Windows notebook and a Chromebook.

Posted in technology | Tagged , , , , , , | 33 Comments

FLOSS and Advertising

I notice the folks who ship Fedora GNU/Linux are irate about FireFox doing some advertising on the “new tab” page…

I checked mine and the “tiles” are all about pages that I visit frequently. I don’t see any ads at all. Besides, that page is sitting open but unwatched by me all day long sometimes. When I do type CTRL-tab, it’s often to type in a URI or search and I’m only on it for a few seconds. I doubt it’s very effective advertising but if Mozilla can sell the spot, more power to them. This is nothing about software Freedom. It’s just creative use of what could be wasted space on a special screen. Who cares? Not I. Some bills have to be paid and if the advertiser is willing to pay them instead of me paying them, it’s all good. I do hope there’s some relevance in any ads that do come my way…

Since most folks don’t sell licences/copies for FLOSS, why can’t they sell advertising, physical copies or provide some other service to make a living? It’s OK to make a living last time I checked and FLOSS is OK with that.

See Fedora Linux Set to Abandon Firefox over Advertising Issue..

Posted in technology | Tagged , , , , | 4 Comments

FLOSS And Government In India

FLOSS is the right way to do IT for everyone. Governments may feel FLOSS is unnecessary/different/unusual at their peril. Sooner or later“Indian government software applications are set to make the shift to open source, potentially boosting the pace at which such programmes are developed, and leading to millions of dollars in savings by moving away from proprietary systems.” the cost and complexity of diverse non-Free softwares will bite them, whether it is at budget-time or upgrade-time or just lack of flexibility as their system evolves and their jurisdiction grows.

In India, the governments have had a lot of serious high-priority problems but now that the old regimes, the wars of independence/separation/clash of cultures are receding consideration of the way forward is first and foremost. A very high priority is to modernize and to adopt IT widely in government. India is a huge country with many regions, languages, and cultures. It needs governments with all the necessary IT to make the country manageable. At the same time, many people and regions in India are impoverished and lacking education. Enter FLOSS. With FLOSS, India can afford many more client computers and servers for the same effort/expense. With FLOSS, India can implement one system in IT and replicate it a thousand times all across the country for little more than the cost of the hardware. That allows India to do more with IT and change IT more rapidly.

The present central government and many state governments have adopted GNU/Linux and FLOSS applications widely and while spending $billions annually on IT can get a lot more IT per $billion. Every customized application that is FLOSS in one government can be adapted by every other government and region for zero licensing cost. Further, FLOSS allows the major amount of tweaking that is required to support all the languages and cultures of the country. Non-Free software just doesn’t work for India any more than it works for other countries who may feel that throwing more money at non-Free software is the answer to any problem.

See Govt logs into open source policy to cut software costs.

Posted in technology | Tagged , , , , , | 16 Comments

Networked File Storage And That Other OS

Users of that other OS and Ed Bott are in anguish over M$ tweaking how “8” deals with synced files to/from the cloud.“I rely on being able to see all the files on my OneDrive through Explorer, whether they are synced locally or not; if this integration is lost there is no advantage to using OneDrive over any other cloud. Please add the option for power users to continue to see all files and use an icon overlay to show which are local & which cloud” As a long-time user of GNU/Linux (UNIX-like OS) and NFS, I chuckle at this. If you have a huge file-system that won’t fit on the local client computer, just mount the networked file-system on the local file-system and you don’t need to worry about syncing. Just access the files with your normal tools… If you need greater security, use SSHFS.

The one sticking point is loss of network connectivity. Who has that problem these days anyway? The desktop/notebook PC is usually on a copper LAN with a connection to the Internet. The small cheap computer is usually only used when in range of a wifi or wireless network. Further, NFS mounted hard just keeps trying after an interruption of connectivity so a brief interruption is no problem at all as long as the machines are not powered down. The “little woman” uses this all the time for our local cloud. See the Linux man page or read about SSHFS.

I remember M$ “syncing” our files back in the day. I had a roaming profile with ~1gB of stuff on my desktop… Yep. The stupid system tried to copy every file it could find to my local desktop wherever I roamed. I had to remember which PC I used in the lab or there would be a long wait. That kind of thing is just stupid as the number of files we own increases and the total size of storage reaches hundreds of GB or even TB. Syncing everything makes no sense yet M$ keeps trying. They just don’t get small cheap mobile computers. They don’t understand their users.

So, you can choose to be jerked around on a chain to M$ or you can use what’s tried and true and unlikely to change any time soon. Use Debian GNU/Linux. It will work for you. There’s a reason the Internet runs on GNU/Linux. It’s a great networked OS having these problems solved decades ago. There’s no need at all to use an OS designed by salesmen. GNU/Linux will automatically cache a local copy of files you use, so there’s no need for M$ or anyone else to guess which files to use to clog up your network.

See Testers protest abrupt changes in Windows 10's OneDrive sync.

Posted in technology | Tagged , , , , , , , | 10 Comments

Continental Drift Continues

While there are many hotspots in the GNU/Linux landscape, usage of GNU/Linux on the desktop is still spotty around the world. There are millions of GNU/Linux desktops but they are in clusters rather than widely spread.

  1. Antarctica – 37.5%
  2. Europe – 1.81%
  3. South America – 1.43%
  4. North America – 1.25%
  5. Oceania – 0.98%
  6. Asia – 0.8%
  7. Africa – 0.8%

A few governments, businesses, organizations and individuals are enjoying the benefits while others pay too much for their IT and lack the flexibility to get the best performance from their investment in IT. We’ve come a long way compared to five years ago, but there is a long way to go until Free Software approaches its maximum benefit to humanity.

The Digital Divide is rapidly being closed in Africa, South America and Asia. European governments are doing a great job in promoting FLOSS so I expect huge growth there sooner rather than later. At the moment ODF is widely used in Europe and GNU/Linux is on many servers. Governments in Europe have eliminated many barriers to adoption so they should be able to deploy many more GNU/Linux desktops shortly. North American governments have done little outside of a few departments. The government of Canada has done little more than bring GNU/Linux to the table let alone recommend or approve it. In Asia, the big stories are China and India. China has jerked M$’s chain and made noise about GNU/Linux but has yet to follow through with widespread usage. It’s as if the Cultural Revolution never happened for IT. India, on the other hand has developed and recommended its own distro to good effect and Dell and others are distributing GNU/Linux desktops, notebooks and Android/Linux tablets widely. Africa is developing rapidly but only in small part adopting GNU/Linux. Ethiopia is using it in schools. Kenya is using it in the infrastructure. Despite cost of IT being a huge factor in an emerging market folks are still buying that other OS. South America is showing that pattern too as Venezuela, Brazil and Uruguay revel in GNU/Linux desktops and local OEMs ship them but still web stats lag.

Part of the slowness is due to the desktop becoming less relevant and new purchases are Android/Linux but the huge inventory of legacy PCs is ripe for migration to GNU/Linux. The death of XP caused good growth but only a small fraction went with GNU/Linux.

Effectively the Digital Divide is changing rather than being eliminated. There is a large group clinging to that other OS on legacy PCs and a much larger group adopting new IT based on Android/Linux. This eliminates barriers which should facilitate migration to GNU/Linux but instead we have a gradual pace of change rather than a revolution. It’s happening but in slow motion.

Posted in technology | 6 Comments

Happy New Year!… Or Maybe Not If You’re M$

M$ sweated the ~$1K box back in the old days but managed by anticompetitive moves to squeeze OEMs.“Digitimes Research expects Lenovo’s and Asustek’s 11.6-inch Chromebooks to be priced at US$149, 25% lower than the US$199 of the C720 from Acer, the largest Chromebook vendor currently.
The new price point will further reduce notebooks’ ASPs and also put strong pressure on Microsoft, which launched an inexpensive licensing project in 2014, looking to halt Chromebook’s development.”
At near $100 that won’t work any longer. M$ will have to pay OEMs to compete with what’s in the pipe for next year, according to Digitimes. Digitimes has spies in all the supply-chains and expects ARMed RK3288 devices to come in at $149, about what M$ used to charge for a licence. The way M$’s CEO expressed love for GNU/Linux M$ may just accept competition gracefully this time in the hope that some clouds will run their software. Good luck to them… :-)

Chuckle. If they have at least 4gB RAM, I might buy one and retire Beast to the server-room for back-ups or private cloud work. Beast has a 45nm 95W CPU and 5 fans. That doesn’t belong near humans. This development will be the final step in freeing many humans from Wintel.

See Lenovo, Asustek to launch US$149 Chromebook.

Posted in technology | Tagged , , , , , , , , | Leave a comment

Joey Hess, Developer Of 18 Years With Debian Departs – Second Edition

This is a duplicate of the article below so that comments can work again. Some comments may be lost

The strife in the Debian community has had another casualty, Joey Hess.“If I have one regret from my 18 years in Debian, it’s that when the Debian constitution was originally proposed, despite seeing it as dubious, I neglected to speak out against it. It’s clear to me now that it’s a toxic document, that has slowly but surely led Debian in very unhealthy directions.” He’s been there working hard since nearly the beginning but he’s fed up with the bickering/second-guessing/friction involved in the process these days. In messages on the debian-devel list, he describes his frustration with arguing about systemd for nearly two years and now, just weeks before the freeze of Jessie, users are up in arms.

I can see his point, but users are not developers and don’t read debian-devel. I don’t usually. It’s not surprising that users vent the same frustrations about systemd that developers did. There are a lot more users than developers, thousands of times more, and they need to be considered in making radical change to their operating system, something near and dear… Still everyone’s life goes through stages and it may well have been time for Joey Hess to move on for other reasons as well. I expect Debian will survive and it may survive by taking some of Joey Hess’ advice. Probably the worst thing that could happen is more developers leaving, followed closely by some kind of fork and revolution in the splinter group.

Perhaps it’s time that Debian reform it’s social contract/internal procedures to deal with dissent by better means than personal attacks on the lists or departures of key people. Democracy/fairness works but sometimes gets off the rails when conflicting groups try to have their way at the expense of others. It’s not enough just to have a mechanism to break deadlocks. It’s important to respect minorities of users as it is to respect the majority of developers. One only needs to see the USAian government to see how extremism and disrespect can go way overboard. We don’t want Debian to go that way.

See so long and thanks for all the fish.

Posted in technology | Tagged , , | 28 Comments

Problem With This Site

I was editing a comment and somehow messed up the configuration. No comments will show for the post on Joey Hess quitting Debian. The others seem OK. Working on it…

Posted in technology | Leave a comment