It is in the documents they created themselves. Physical and sexual
violence by the state.
This document was signed by Axel Beckert at ETH Zurich, a university
in Zurich.
While creating and signing the vendetta, Beckert must have surely thought
about the reports of police sexual violence against the Debian founder,
Ian Murdock. Therefore, Beckert appears to be willing the same sexual
violence against me.
Amnesty International
produced a report about the use of sexual
violence by people pretending to be police in Switzerland. One of
the more glaring examples is that of Trevor Kitchen. The reason
Mr Kitchen stands out is because in the early 1990s, Mr Kitchen complained
about a Swiss colleague
stealing credit for his work. Kitchen subseqently became known
for another scandal, the Forex probe in 2013 but here I am only looking at the plagiarism case
from 1992. We have an analogous problem in Debian
today. People use the Debian trademark and web site to obfuscate
who really did the work. For the victims, it feels like plagiarism.
I already wrote a blog about that phenomena too.
Trevor Kitchen, a 41-year-old British citizen resident in Switzerland, was arrested by
police in Chiasso (canton of Ticino) on the morning of 25 December 1992 in connection
with offences of defamation and insults against private individuals. In a letter addressed to
the Head of the Federal Department of Justice and Police in Berne and to the Tribunal in
Bellinzona (Ticino) on 3 June 1993 he alleged that two police officers arrested him in a bar
in Chiasso and, after handcuffing him, accompanied him to their car in the street outside.
They then bent him over the car and hit him around the head approximately seven times
and carried out a body search during which his testicles were squeezed. He claimed he was then punched hard between the shoulder blades several times. He said he offered no
resistance during the arrest.
He was then taken to a police station in Chiasso where he was questioned in Italian (a
language he does not understand) and stated that during the questioning "The same
policeman that arrested me came into the office to shout at me and hit me once again
around the head. Another policeman forced me to remove all of my clothes. I was afraid
that they would use physical force again; they continued to shout at me. The one policeman
was pulling at my clothes and took my trouser belt off and removed my shoe laces. Now I
stood in the middle of an office completely naked (for 10 minutes) with the door wide open
and three policemen staring at me, one of the policemen put on a pair of rubber surgical
gloves and instructed me to crouch into a position so that he could insert his fingers into my
anus, I refused and they all became angry and started shouting and demonstrating to me the
position which they wanted me to take, laughing, all were laughing, these police were having a
good time. They pointed at my penis, making jokes, hurling abuse and insults at me, whilst I
stood completely still and naked. Finally, when they finished laughing, one of the
policemen threw my clothes onto the floor in front of me. I got dressed."
He was transferred to prison some hours later and in his letter claimed that during the
night he started to experience severe pains in his chest, back and arms. He asked a prison
guard if he could see a doctor but the request was refused and he claimed the guard kicked
him. He was released on 30 December 1993. Medical reports indicated that since his
release he had been experiencing recurrent pain in the area of his chest and right shoulder
and had been receiving physiotherapy for an injury to the upper thoracic spine and his right
shoulder girdle.
The allegation of "insult" in Switzerland can be used to stop people
stating inconvenient truths. For example, if your boss takes credit for
your work, you are not allowed to tell anybody because this might
make your boss look bad.
I'm not sure if Beckert knows about the case of Trevor Kitchen
and the sexual violence against him. But Beckert surely knows
that Ian Murdock complained about police sexual violence shortly
before
committing suicide in 2015 (coroner report available).
The neck, head, face, torso and upper and lower extremities are described
further under "Evidence of Injury."
The last tweets from Murdock's Twitter account first announced that he would commit suicide, then said he would not. He reported having been accused of assault on a police officer after having been himself assaulted and sexually humiliated by the police, then declared an intent to devote his life to opposing police abuse.
Beckert is obviously aware of Murdock's suffering. How could he wish
this on somebody else? How can a dirty man like Axel Beckert be employed
in a university?
I just bought a new USB PSU from AliExpress [1]. I got this to reduce the clutter in my bedroom, I charge my laptop, PineTime, and a few phones at the same time and a single PSU with lots of ports makes it easier. Also I bought a couple of really short USB-C cables as it’s been proven by both real life tests and mathematical modelling that shorter cables get tangled less. This power supply is based on Gallium Nitride (GaN) [2] technology which makes it efficient and cool.
One thing I only learned about after that purchase is the new USB PPS standard (see the USB Wikipedia page for details [3]). The PPS (Programmable Power Supply) standard allows (quoting Wikipedia) “allowing a voltage range of 3.3 to 21 V in 20 mV steps, and a current specified in 50 mA steps, to facilitate constant-voltage and constant-current charging”. What this means in practice (when phones support it which for me will probably be 2029 or something) is that the phone could receive power exactly matching the voltage needed for the battery and not have any voltage conversion inside the phone. Phones are designed to stop charging at a certain temperature, this probably doesn’t concern people in places like Northern Europe but in Australia it can be an issue. Removing the heat dissipation from inefficiencies in voltage change circuitry means the phone will be cooler when charging and can charge at a higher rate.
There is a “Certified USB Fast Charger” logo for chargers which do this, but it seems that at the moment they just include “PPS” in the feature list. So I highly recommend that GaN and PPS be on your feature list for your next USB PSU, but failing that the 240W PSU I bought for $36 was a good deal.
Or "How I've halved the execution time of our tests by removing ten lines".
Catchy, huh? Also not exactly true, but quite close. Enjoy!
Molecule?!
"Molecule project is designed to aid in the development and testing of Ansible roles."
No idea about the development part (I have vim and mkdir), but it's really good for integration testing.
You can write different test scenarios where you define an environment (usually a container), a playbook for the execution and a playbook for verification.
(And a lot more, but that's quite unimportant for now, so go read the docs if you want more details.)
If you ever used Beaker for Puppet integration testing, you'll feel right at home (once you've thrown away Ruby and DSLs and embraced YAML for everything).
I'd like to point out one thing, before we continue.
Have another look at the quote above.
"Molecule project is designed to aid in the development and testing of Ansible roles."
That's right.
The project was started in 2015 and was always about roles.
There is nothing wrong about that, but given the Ansible world has moved on to collections (which can contain roles), you start facing challenges.
Challenges using Ansible Molecule in the Collections world
Well, guess what a collection is?
Yepp, a repository with multiple roles in it.
It did get a bit better though.
There is pytest-ansible now, which has integration for Molecule.
This allows the execution of Molecule and even provides reasonable logging with something as short as:
%pytest--moleculeroles/
That's much better than the shell script I used in 2020!
However, being able to execute tests is one thing.
Being able to execute them fast is another one.
Given Molecule was initially designed with single roles in mind, it has switches to run all scenarios of a role (--all), but it has no way to run these in parallel.
That's fine if you have one or two scenarios in your role repository.
But what if you have 10 in your collection?
"No way?!" you say after quickly running molecule test --help, "But there is…"
% moleculetest--help
Usage: molecule test [OPTIONS] [ANSIBLE_ARGS]...… --parallel / --no-parallel Enable or disable parallel mode. Default is disabled.…
MOLECULE_OPTS passes random options to the Molecule call pytest does, and we need to add --parallel there.
--numprocesses auto tells pytest-xdist to create as many workers as you have CPUs and balance the work across those.
However, once we actually execute it, we see:
% MOLECULE_OPTS="--parallel"pytest--numprocessesauto--moleculeroles/
…WARNING Driver podman does not provide a schema.INFO debian scenario test matrix: dependency, cleanup, destroy, syntax, create, prepare, converge, idempotence, side_effect, verify, cleanup, destroyINFO Performing prerun with role_name_check=0...WARNING Retrying execution failure 250 of: ansible-galaxy collection install -vvv --force ../..ERROR Command returned 250 code:…OSError: [Errno 39] Directory not empty: 'roles'…FileExistsError: [Errno 17] File exists: b'/home/user/namespace.collection/collections/ansible_collections/namespace/collection'…FileNotFoundError: [Errno 2] No such file or directory: b'/home/user/namespace.collection//collections/ansible_collections/namespace/collection/roles/my_role/molecule/debian/molecule.yml'
You might see other errors, other paths, etc, but they all will have one in common: they indicate that either files or directories are present, while the tool expects them not to be, or vice versa.
Ah yes, that fine smell of race conditions.
I'll spare you the wild-goose chase I went on when trying to find out what the heck was calling ansible-galaxy collection install here.
Instead, I'll just point at the following line:
ansible_compat.errors.InvalidPrerequisiteError: Found collection at '/home/runner/work/namespace.collection/namespace.collection/collections/ansible_collections/ansible/posix' but missing MANIFEST.json, cannot get info.
Okay, okay, I get the idea…
But why?
Well, our collection might not have any dependencies, BUT MOLECULE HAS!
When using Docker containers, it uses community.docker, when using Podman containers.podman, etc…
So we have to install those before running Molecule, and everything should be fine.
We even can use Molecule to do this!
$moleculedependency--scenario<scenario>
And with that knowledge, the patch to enable parallel Molecule execution on GitHub Actions using pytest-xdist becomes:
The status of the Note9 in Droidian went from fully supported to totally unsupported in the time I was working on this blog post. Such a rapid change is disappointing, it would be good if they at least kept the old data online. It would also be good if they didn’t require a hash character in the URL for each phone which breaks the archive.org mirroring.
Installing Droidian
Firstly Power+VolumeDown will reboot in some situations where Power button on its own won’t. The Note 9 hardware keys are:
Power – Right side
Volume up/down – long button top of the left side
Bixby – key for Samsung assistant that’s below the volume on the left
The Droidian install document for the Galaxy Note 9 9 now deleted is a bit confusing and unclear. Here is the install process that worked for me.
The doc says to start by installing “Android 10 (Q) stock firmware”, but apparently a version of Android 10 that’s already on the phone will do for that.
Download the rescue.img file and the “Droidian’s image” files from the Droidian page and extract the “Droidian’s image” zip.
Connect your phone to your workstation by USB, preferably USB 3 because it will take a few minutes to transfer the image at USB 2 speed. Install the Debian package adb on the workstation.
To “Unlock the bootloader” you can apparently use a PC and the Samsung software but the unlock option in the Android settings gives the same result without proprietary software, here’s how to do it:
Connect the phone to Wifi. Then in settings go to “Software update”, then click on “Download and install”. Refuse to install if it offers you a new version (the unlock menu item will never appear unless you do this, so you can’t unlock without Internet access).
In settings go to “About phone”, then “Software information”, then tap on “Build number” repeatedly until “Developer mode” is enabled.
In settings go to the new menu “Developer options” then turn on the “OEM unlocking” option, this does a factory reset of the phone.
To flash the recovery.img you apparently use Odin on Windows. I used the heimdall-flash package on Debian. On your Linux workstation run the commands:
Then press VOLUME-UP+BIXBY+POWER as soon as it reboots to get into the recovery image. If you don’t do it soon enough it will do a default Android boot which will wipe the recovery.img you installed and also do a factory reset which will disable “Developer mode” and you will need to go back to step 4.
If the above step works correctly you will have a RECOVERY menu where the main menu has options “Reboot system now”, “Apply update”, “Factory reset”, and “Advanced” in a large font. If you failed to install recovery.img then you would get a similar menu but with a tiny font which is the Samsung recovery image which won’t work so reboot and try again.
When at the main recovery menu select “Advanced” and then “Enter fastboot”. Note that this doesn’t run a different program or do anything obviously different, just gives a menu – that’s OK we want it at this menu.
Run “./flash_all.sh” on your workstation.
Then it should boot Droidian! This may take a bit of time.
First Tests
Battery
The battery and its charge and discharge rates are very important to me, it’s what made the PinePhonePro and Librem5 unusable as daily driver phones.
After running for about 100 minutes of which about 40 minutes were playing with various settings the phone was at 89% battery. The output of “upower -d” isn’t very accurate as it reported power use ranging from 0W to 25W! But this does suggest that the phone might last for 400 minutes of real use that’s not CPU intensive, such as reading email, document editing, and web browsing. I don’t think that 6.5 hours of doing such things non-stop without access to a power supply or portable battery is something I’m ever going to do. Samsung when advertising the phone claimed 17 hours of video playback which I don’t think I’m ever going to get – or want.
After running for 11 hours it was at 58% battery. Then after just over 21 hours of running it had 13% battery. Generally I don’t trust the upower output much but the fact that it ran for over 21 hours shows that its battery life is much better than the PinePhonePro and the Librem5. During that 21 hours I’ve had a ssh session open with the client set to send ssh keep-alive messages every minute. So it had to remain active. There is an option to suspend on Droidian but they recommend you don’t use it. There is no need for the “caffeine mode” that you have on Mobian. For comparison my previous tests suggested that when doing nothing a PinePhonePro might last for 30 hours on battery while the Liberem5 might only list 10 hours [2]. This test with Droidian was done with the phone within my reach for much of that time and subject to my desire to fiddle with new technology – so it wasn’t just sleeping all the time.
When charging from the USB port on my PC it went from 13% to 27% charge in half an hour and then after just over an hour it claimed to be at 33%. It ended up taking just over 7 hours to fully charge from empty that’s not great but not too bad for a PC USB port. This is the same USB port that my Librem5 couldn’t charge from. Also the discharge:charge ratio of 21:7 is better than I could get from the PinePhonePro with Caffeine mode enabled.
The phone I bought for testing is the model with 6G of RAM and 128G of storage, has a minor screen crack and significant screen burn-in. It’s a good test system for $109. The screen burn-in is very obvious when running the default Android setup but when running the default Droidian GNOME setup set to the Dark theme (which is a significant power saving with an AMOLED screen) I can’t see it at all. Buying a cheap phone with screen burn-in is something I recommend.
The stylus doesn’t work, this isn’t listed on the Droidian web page. I’m not sure if I tested the stylus when the phone was running Android, I think I did.
D State Processes
I get a kernel panic early in the startup for unknown reasons and some D state kernel threads which may or may not be related to that. Droidian bug #37 [4].
Second Phone
The Phone
I ordered a second Note9 on ebay, it had been advertised at $240 for a month and the seller accepted my offer of $200. With postage that’s $215 for a Note9 in decent condition with 8G of RAM and 512G of storage. But Droidian dropped support for the Note9 before I got to install it. At the moment I’m not sure what I’ll do with this, maybe I’ll keep it on Android.
I also bought four phone cases for $16. I got spares because of the high price of postage relative to the case cost and the fact that they may be difficult to get in a few years.
The Tests
For the next phone my plan was to do more tests on Android before upgrading it to Debian. Here are the ones I can think of now, please suggest any others I should do.
Log output of “ps auxf” equivalent.
Make notes on what they are doing with SE Linux.
Test the stylus.
Test USB networking to my workstation and my laptop.
Make a copy of the dmesg output. Also look for D state processes and other signs of problems.
The next issue is that Droidian has no way to update the kernel and the installation instructions often advise downgrading Android (running a less secure kernel) before the installation. The Android Generic Kernel Image project [6] addresses this by allowing a separation between drivers supplied by the hardware vendor and the kernel image supplied by Google. This also permits running the hardware vendor’s drivers with a GKI kernel released by Google after the hardware vendor dropped security support. But this only applies to Android 11 and later, so Android 10 devices (like the Note 9 image for Droidian) miss out on this.
6 months ago I switched to Kitty for terminal emulation [1]. So far there’s only been one thing that I couldn’t effectively do with Kitty that I did with Konsole in the past, that is watching a music video in 1/4 of the screen while using the rest for terminals. I could setup multiple Kitty windows taking up the rest of the screen but I wanted to keep using a single Kitty with multiple terminals and just have mpv go over one of them. Kitty supports it’s own graphical interface so “mpv –vo=kitty” works but took 6* the CPU power in my tests which isn’t good for a laptop.
For X11 there’s a –ontop option for mpv that does what you expect, but that doesn’t work on Wayland. Not working is mostly Wayland’s fault as there is a long tail of less commonly used graphical operations that work in X11 but aren’t yet implemented in Wayland. I have filed a Debian bug report about this, the mpv man page should note that it’s only going to work on X11 on Linux.
I have discovered a solution to that, in the KDE settings there’s a “Window Rules” section, I created an entry for “Window class” exactly matching “mpv” and then added a rule “Keep above other windows” and set it for “force” and “yes”.
After that I can just resize mpv to occlude just one terminal and keep using the rest. Also one noteworthy thing with this is that it makes mpv go on top of the KDE taskbar, which can be a feature.
The eleventh release of the qlcal package
arrivied at CRAN today.
qlcal
delivers the calendaring parts of QuantLib. It is provided (for the R
package) as a set of included files, so the package is self-contained
and does not depend on an external QuantLib library (which can be
demanding to build). qlcal covers
over sixty country / market calendars and can compute holiday lists, its
complement (i.e. business day lists) and much more. Examples
are in the README at the repository, the package page,
and course at the CRAN package
page.
This releases synchronizes qlcal with
the QuantLib release 1.34 and
contains more updates to 2024 calendars.
Changes in version 0.0.11
(2024-04-27)
Synchronized with QuantLib 1.34
Calendar updates for Brazil, India, Singapore, South Africa,
Thailand, United States
Minor continuous integration update
Courtesy of my CRANberries, there
is a diffstat report for this
release. See the project page
and package documentation for more details, and more examples. If you
like this or other open-source work I do, you can sponsor me at
GitHub.
Version 0.0.17 of RcppSpdlog arrived
on CRAN overnight following and
has been uploaded to Debian. RcppSpdlog
bundles spdlog, a
wonderful header-only C++ logging library with all the bells and
whistles you would want that was written by Gabi Melman, and also includes fmt by Victor Zverovich. You can learn
more at the nice package
documention site.
This releases updates the code to the version 1.14 of spdlog which was release
yesterday.
This post was supposed to be called “death with bcachefs”, but it sounded a
bit too dramatic. :-) Evidently bcachefs-tools in Debian is finally getting
an update (although in experimental), so that's good. Meanwhile, one of my
multi-device filesystems died a horrible death, and since I had backups,
I didn't ask for its fix to be prioritized—fsck still is unable to repair it
and I don't use bcachefs on that machine anymore. But the other one still
lives fairly happily.
Hanging around #bcachefs on IRC tells me that indeed, this thing is still
quite experimental. Some of the killer features (like proper compression)
don't perform as well as they should yet. Large rewrites are still happening.
People are still reporting quite weird bugs that are being triaged and
mostly fixed (although if you can't reproduce them, you're pretty much
hosed). But it's a fun ride. Again: Have backups. They saved me. :-)
It’s been around 6 months since the GNOME Foundation was joined by our new Executive Director, Holly Million, and the board and I wanted to update members on the Foundation’s current status and some exciting upcoming changes.
Finances
As you may be aware, the GNOME Foundation has operated at a deficit (nonprofit speak for a loss – ie spending more than we’ve been raising each year) for over three years, essentially running the Foundation on reserves from some substantial donations received 4-5 years ago. The Foundation has a reserves policy which specifies a minimum amount of money we have to keep in our accounts. This is so that if there is a significant interruption to our usual income, we can preserve our core operations while we work on new funding sources. We’ve now “hit the buffers” of this reserves policy, meaning the Board can’t approve any more deficit budgets – to keep spending at the same level we must increase our income.
One of the board’s top priorities in hiring Holly was therefore her experience in communications and fundraising, and building broader and more diverse support for our mission and work. Her goals since joining – as well as building her familiarity with the community and project – have been to set up better financial controls and reporting, develop a strategic plan, and start fundraising. You may have noticed the Foundation being more cautious with spending this year, because Holly prepared a break-even budget for the Board to approve in October, so that we can steady the ship while we prepare and launch our new fundraising initiatives.
Strategy & Fundraising
The biggest prerequisite for fundraising is a clear strategy – we need to explain what we’re doing and why it’s important, and use that to convince people to support our plans. I’m very pleased to report that Holly has been working hard on this and meeting with many stakeholders across the community, and has prepared a detailed and insightful five year strategic plan. The plan defines the areas where the Foundation will prioritise, develop and fund initiatives to support and grow the GNOME project and community. The board has approved a draft version of this plan, and over the coming weeks Holly and the Foundation team will be sharing this plan and running a consultation process to gather feedback input from GNOME foundation and community members.
In parallel, Holly has been working on a fundraising plan to stabilise the Foundation, growing our revenue and ability to deliver on these plans. We will be launching a variety of fundraising activities over the coming months, including a development fund for people to directly support GNOME development, working with professional grant writers and managers to apply for government and private foundation funding opportunities, and building better communications to explain the importance of our work to corporate and individual donors.
Board Development
Another observation that Holly had since joining was that we had, by general nonprofit standards, a very small board of just 7 directors. While we do have some committees which have (very much appreciated!) volunteers from outside the board, our officers are usually appointed from within the board, and many board members end up serving on multiple committees and wearing several hats. It also means the number of perspectives on the board is limited and less representative of the diverse contributors and users that make up the GNOME community.
Holly has been working with the board and the governance committee to reduce how much we ask from individual board members, and improve representation from the community within the Foundation’s governance. Firstly, the board has decided to increase its size from 7 to 9 members, effective from the upcoming elections this May & June, allowing more voices to be heard within the board discussions. After that, we’re going to be working on opening up the board to more participants, creating non-voting officer seats to represent certain regions or interests from across the community, and take part in committees and board meetings. These new non-voting roles are likely to be appointed with some kind of application process, and we’ll share details about these roles and how to be considered for them as we refine our plans over the coming year.
Elections
We’re really excited to develop and share these plans and increase the ways that people can get involved in shaping the Foundation’s strategy and how we raise and spend money to support and grow the GNOME community. This brings me to my final point, which is that we’re in the run up to the annual board elections which take place in the run up to GUADEC. Because of the expansion of the board, and four directors coming to the end of their terms, we’ll be electing 6 seats this election. It’s really important to Holly and the board that we use this opportunity to bring some new voices to the table, leading by example in growing and better representing our community.
Allan wrote in the past about what the board does and what’s expected from directors. As you can see we’re working hard on reducing what we ask from each individual board member by increasing the number of directors, and bringing additional members in to committees and non-voting roles. If you’re interested in seeing more diverse backgrounds and perspectives represented on the board, I would strongly encourage you consider standing for election and reach out to a board member to discuss their experience.
Thanks for reading! Until next time.
Best Wishes, Rob President, GNOME Foundation
Update 2024-04-27: It was suggested in the Discourse thread that I clarify the interaction between the break-even budget and the 1M EUR committed by the STF project. This money is received in the form of a contract for services rather than a grant to the Foundation, and must be spent on the development areas agreed during the planning and application process. It’s included within this year’s budget (October 23 – September 24) and is all expected to be spent during this fiscal year, so it doesn’t have an impact on the Foundation’s reserves position. The Foundation retains a small % fee to support its costs in connection with the project, including the new requirement to have our accounts externally audited at the end of the financial year. We are putting this money towards recruitment of an administrative assistant to improve financial and other operational support for the Foundation and community, including the STF project and future development initiatives.
(also posted to GNOME Discourse, please head there if you have any questions or comments)
I wrote a blog post The Shape of Computers [1] exploring ideas of how computers might evolve and how we can use them. One of the devices I mentioned was the Humane AI Pin, which has just been the recipient of one of the biggest roast reviews I’ve ever seen [2], good work Marques Brownlee! As an aside I was once given a product to review which didn’t work nearly as well as I think it should have worked so I sent an email to the developers saying “sorry this product failed to work well so I can’t say anything good about it” and didn’t publish a review.
One of the first things that caught my attention in the review is the note that the AI Pin doesn’t connect to your phone. I think that everything should connect to everything else as a usability feature. For security we don’t want so much connecting and it’s quite reasonable to turn off various connections at appropriate times for security, the Librem5 is an example of how this can be done with hardware switches to disable Wifi etc. But to just not have connectivity is bad.
The next noteworthy thing is the external battery which also acts as a magnetic attachment from inside your shirt. So I guess it’s using wireless charging through your shirt. A magnetically attached external battery would be a great feature for a phone, you could quickly swap a discharged battery for a fresh one and keep using it. When I tried to make the PinePhonePro my daily driver [3] I gave up and charging was one of the main reasons. One thing I learned from my experiment with the PinePhonePro is that the ratio of charge time to discharge time is sometimes more important than battery life and being able to quickly swap batteries without rebooting is a way of solving that. The reviewer of the AI Pin complains later in the video about battery life which seems to be partly due to wireless charging from the detachable battery and partly due to being physically small. It seems the “phablet” form factor is the smallest viable personal computer at this time.
The review glosses over what could be the regarded as the 2 worst issues of the device. It does everything via the cloud (where “the cloud” means “a computer owned by someone I probably shouldn’t trust”) and it records everything. Strange that it’s not getting the hate the Google Glass got.
The user interface based on laser projection of menus on the palm of your hand is an interesting concept. I’d rather have a Bluetooth attached tablet or something for operations that can’t be conveniently done with voice. The reviewer harshly criticises the laser projection interface later in the video, maybe technology isn’t yet adequate to implement this properly.
The first criticism of the device in the “review” part of the video is of the time taken to answer questions, especially when Internet connectivity is poor. His question “who designed the Washington Monument” took 8 seconds to start answering it in his demonstration. I asked the Alpaca LLM the same question running on 4 cores of a E5-2696 and it took 10 seconds to start answering and then printed the words at about speaking speed. So if we had a free software based AI device for this purpose it shouldn’t be difficult to get local LLM computation with less delay than the Humane device by simply providing more compute power than 4 cores of a E5-2696v3. How does a 32 core 1.05GHz Mali G72 from 2017 (as used in the Galaxy Note 9) compare to 4 cores of a 2.3GHz Intel CPU from 2015? Passmark says that Intel CPU can do 48GFlop with all 18 cores so 4 cores can presumably do about 10GFlop which seems less than the claimed 20-32GFlop of the Mali G72. It seems that with the right software even older Android phones could give adequate performance for a local LLM. The Alpaca model I’m testing with takes 4.2G of RAM to run which is usable in a Note 9 with 8G of RAM or a Pixel 8 Pro with 12G. A Pixel 8 Pro could have 4.2G of RAM reserved for a LLM and still have as much RAM for other purposes as my main laptop as of a few months ago. I consider the speed of Alpaca on my workstation to be acceptable but not great. If we can get FOSS phones running a LLM at that speed then I think it would be great for a first version – we can always rely on newer and faster hardware becoming available.
Marques notes that the cause of some of the problems is likely due to a desire to make it a separate powerful product in the future and that if they gave it phone connectivity in the start they would have to remove that later on. I think that the real problem is that the profit motive is incompatible with good design. They want to have a product that’s stand-alone and justifies the purchase price plus subscription and that means not making it a “phone accessory”. While I think that the best thing for the user is to allow it to talk to a phone, a PC, a car, and anything else the user wants. He compares it to the Apple Vision Pro which has the same issue of trying to be a stand-alone computer but not being properly capable of it.
One of the benefits that Marques cites for the AI Pin is the ability to capture voice notes. Dictaphones have been around for over 100 years and very few people have bought them, not even in the 80s when they became cheap. While almost everyone can occasionally benefit from being able to make a note of an idea when it’s not convenient to write it down there are few people who need it enough to carry a separate device, not even if that device is tiny. But a phone as a general purpose computing device with microphone can easily be adapted to such things. One possibility would be to program a phone to start a voice note when the volume up and down buttons are pressed at the same time or when some other condition is met. Another possibility is to have a phone have a hotkey function that varies by what you are doing, EG if bushwalking have the hotkey be to take a photo or if on a flight have it be taking a voice note. On the Mobile Apps page on the Debian wiki I created a section for categories of apps that I think we need [4]. In that section I added the following list:
Voice input for dictation
Voice assistant like Google/Apple
Voice output
Full operation for visually impaired people
One thing I really like about the AI Pin is that it has the potential to become a really good computing and personal assistant device for visually impaired people funded by people with full vision who want to legally control a computer while driving etc. I have some concerns about the potential uses of the AI Pin while driving (as Marques stated an aim to do), but if it replaces the use of regular phones while driving it will make things less bad.
Marques concludes his video by warning against buying a product based on the promise of what it can be in future. I bought the Librem5 on exactly that promise, the difference is that I have the source and the ability to help make the promise come true. My aim is to spend thousands of dollars on test hardware and thousands of hours of development time to help make FOSS phones a product that most people can use at low price with little effort.
Another interesting review of the pin is by Mrwhostheboss [5], one of his examples is of asking the pin for advice about a chair but without him knowing the pin selected a different chair in the room. He compares this to using Google’s apps on a phone and seeing which item the app has selected. He also said that he doesn’t want to make an order based on speech he wants to review a page of information about it. I suspect that the design of the pin had too much input from people accustomed to asking a corporate travel office to find them a flight and not enough from people who look through the details of the results of flight booking services trying to save an extra $20. Some people might say “if you need to save $20 on a flight then a $24/month subscription computing service isn’t for you”, I reject that argument. I can afford lots of computing services because I try to get the best deal on every moderately expensive thing I pay for. Another point that Mrwhostheboss makes is regarding secret SMS, you probably wouldn’t want to speak a SMS you are sending to your SO while waiting for a train. He makes it clear that changing between phone and pin while sharing resources (IE not having a separate phone number and separate data store) is a desired feature.
The most insightful point Mrwhostheboss made was when he suggested that if the pin had come out before the smartphone then things might have all gone differently, but now anything that’s developed has to be based around the expectations of phone use. This is something we need to keep in mind when developing FOSS software, there’s lots of different ways that things could be done but we need to meet the expectations of users if we want our software to be used by many people.
I previously wrote a blog post titled Considering Convergence [1] about the possible ways of using a phone as a laptop. While I still believe what I wrote there I’m now considering the possibility of ease of movement of work in progress as a way of addressing some of the same issues.
Currently the expected use is that if you have web pages open on Chrome on Android it’s possible to instruct Chrome on the desktop to open the same page if both instances of Chrome are signed in to the same GMail account. It’s also possible to view the Chrome history with CTRL-H, select “tabs from other devices” and load things that were loaded on other devices some time ago. This is very minimal support for moving work between devices and I think we can do better.
Firstly for web browsing the Chrome functionality is barely adequate. It requires having a heavyweight login process on all browsers that includes sharing stored passwords etc which isn’t desirable. There are many cases where moving work is desired without sharing such things, one example is using a personal device to research something for work. Also the Chrome method of sending web pages is slow and unreliable and the viewing history method gets all closed tabs when the common case is “get the currently open tabs from one browser window” without wanting the dozens of web pages that turned out not to be interesting and were closed. This could be done with browser plugins to allow functionality similar to KDE Connect for sending tabs and also the option of emailing a list of URLs or a JSON file that could be processed by a browser plugin on the receiving end. I can send email between my home and work addresses faster than the Chrome share to another device function can send a URL.
For documents we need a way of transferring files. One possibility is to go the Chromebook route and have it all stored on the web. This means that you rely on a web based document editing system and the FOSS versions are difficult to manage. Using Google Docs or Sharepoint for everything is not something I consider an acceptable option. Also for laptop use being able to run without Internet access is a good thing.
There are a range of distributed filesystems that have been used for various purposes. I don’t think any of them cater to the use case of having a phone/laptop and a desktop PC (or maybe multiple PCs) using the same files.
For a technical user it would be an option to have a script that connects to a peer system (IE another computer with the same accounts and access control decisions) and rsync a directory of working files and the shell history, and then opens a shell with the HISTFILE variable, current directory, and optionally some user environment variables set to match. But this wouldn’t be the most convenient thing even for technical users.
For programs that are integrated into the desktop environment it’s possible for them to be restarted on login if they were active when the user logged out. The session tracking for that has about 1/4 the functionality needed for requesting a list of open files from the application, closing the application, transferring the files, and opening it somewhere else. I think that this would be a good feature to add to the XDG setup.
The model of having programs and data attached to one computer or one network server that terminals of some sort connect to worked well when computers were big and expensive. But computers continue to get smaller and cheaper so we need to think of a document based use of computers to allow things to be easily transferred as convenient. With convenience being important so the hacks of rsync scripts that can work for technical users won’t work for most people.
A new minor release 0.4.22 of RQuantLib
arrived at CRAN earlier today,
and has been uploaded to Debian.
QuantLib is a rather
comprehensice free/open-source library for quantitative
finance. RQuantLib
connects (some parts of) it to the R environment and language, and has
been part of CRAN for more than
twenty years (!!) as it was one of the first packages I uploaded
there.
This release of RQuantLib
updates to QuantLib version 1.34
which was just released yesterday, and deprecates use of an access point
/ type for price/yield conversion for bonds. We also made two minor
earlier changes.
Changes in RQuantLib version 0.4.22 (2024-04-25)
Small code cleanup removing duplicate R code
Small improvements to C++ compilation flags
Robustify internal version comparison to accommodate RC
releases
With local recursive DNS and a 5G modem in place the next thing was to work on some sort of automatic failover when the primary FTTP connection failed. My wife works from home too and I sometimes travel so I wanted to make sure things didn’t require me to be around to kick them into switch the link in use.
First, let’s talk about what I didn’t do. One choice to try and ensure as seamless a failover as possible would be to get a VM somewhere out there. I’d then run Wireguard tunnels over both the FTTP + 5G links to the VM, and run some sort of routing protocol (RIP, OSPF?) over the links. Set preferences such that the FTTP is preferred, NAT v4 to the VM IP, and choose somewhere that gave me a v6 range I could just use directly.
This has the advantage that I’m actively checking link quality to the outside work, rather than just to the next hop. It also means, if the failover detection is fast enough, that existing sessions stay up rather than needing re-established.
The downsides are increased complexity, adding another point of potential failure (the VM + provider), the impact on connection quality (even with a decent endpoint it’s an extra hop and latency), and finally the increased cost involved.
I can cope with having to reconnect my SSH sessions in the event of a failure, and I’d rather be sure I can make full use of the FTTP connection, so I didn’t go this route. I chose to rely on local link failure detection to provide the signal for failover, and a set of policy routing on top of that to make things a bit more seamless.
Local link failure turns out to be fairly easy. My FTTP is a PPPoE configuration, so in /etc/ppp/peers/aquiss I have:
Which gives me a failover of ~ 5s if the link goes down.
I’m operating the 5G modem in “bridge” rather than “router” mode, which means I get the actual IP from the 5G network via DHCP. The DHCP lease the modem hands out is under a minute, and in the event of a network failure it only hands out a 192.168.254.x IP to talk to its web interface. As the 5G modem is the last resort path I choose not to do anything special with this, but the information is at least there if I need it.
To allow both interfaces to be up and the FTTP to be preferred I’m simply using route metrics. For the PPP configuration that’s:
There’s a wrinkle in that pppd will not replace an existing default route, so I’ve created /etc/ppp/ip-up.d/default-route to ensure it’s added:
#!/bin/bash
[ "$PPP_IFACE" = "pppoe-wan" ] || exit 0
# Ensure we add a default route; pppd will not do so if we have
# a lower pref route out the 5G modem
ip route add default dev pppoe-wan metric 100 || true
Additionally, in /etc/dhcp/dhclient.conf I’ve disabled asking for any server details (DNS, NTP, etc) - I have internal setups for the servers I want, and don’t want to be trying to select things over the 5G link by default.
However, what I do want is to be able to access the 5G modem web interface and explicitly route some traffic out that link (e.g. so I can add it to my smokeping tests). For that I need some source based routing.
First step, add a 5g table to /etc/iproute2/rt_tables:
16 5g
Then I ended up with the following in /etc/dhcp/dhclient-exit-hooks.d/modem-interface-route, which is more complex than I’d like but seems to do what I want:
#!/bin/sh
case "$reason" in
BOUND|RENEW|REBIND|REBOOT)
# Check if we've actually changed IP address
if [ -z "$old_ip_address" ] ||
[ "$old_ip_address" != "$new_ip_address" ] ||
[ "$reason" = "BOUND" ] || [ "$reason" = "REBOOT" ]; then
if [ ! -z "$old_ip_address" ]; then
ip rule del from $old_ip_address lookup 5g
fi
ip rule add from $new_ip_address lookup 5g
ip route add default dev sfp.31 table 5g || true
ip route add 192.168.254.1 dev sfp.31 2>/dev/null || true
fi
;;
EXPIRE)
if [ ! -z "$old_ip_address" ]; then
ip rule del from $old_ip_address lookup 5g
fi
;;
*)
;;
esac
What does all that aim to do? We want to ensure traffic directed to the 5G WAN address goes out the 5G modem, so I can SSH into it even when the main link is up. So we add a rule directing traffic from that IP to hit the 5g routing table, and a default route in that table which uses the 5G link. There’s no configuration for the FTTP connection in that table, so if the 5G link is down the traffic gets dropped, which is what we want. We also configure 192.168.254.1 to go out the link to the modem, as that’s where the web interface lives.
I also have a curl callout (curl --interface sfp.31 … to ensure it goes out the 5G link) after the routes are configured to set dynamic DNS with Mythic Beasts, which helps with knowing where to connect back to. I seem to see IP address changes on the 5G link every couple of days at least.
Additionally, I have an entry in the interfaces configuration carving out the top set of the netblock my smokeping server is in:
up ip rule add from 192.0.2.224/27 lookup 5g
My smokeping /etc/smokeping/config.d/Probes file then looks like:
which allows me to use probe = FPing5G for targets to test them over the 5G link.
That mostly covers the functionality I want for a backup link. There’s one piece that isn’t quite solved, however, IPv6, which can wait for another post.
Nation is a stand-alone young adult fantasy novel. It was
published in the gap between Discworld novels Making Money and Unseen
Academicals.
Nation starts with a plague. The Russian influenza has ravaged
Britain, including the royal family. The next in line to the throne is
off on a remote island and must be retrieved and crowned as soon as
possible, or an obscure provision in Magna Carta will cause no end of
trouble. The Cutty Wren is sent on this mission, carrying the
Gentlemen of Last Resort.
Then comes the tsunami.
In the midst of fire raining from the sky and a wave like no one has ever
seen, Captain Roberts tied himself to the wheel of the Sweet Judy
and steered it as best he could, straight into an island. The sole
survivor of the shipwreck: one Ermintrude Fanshaw, daughter of the
governor of some British island possessions. Oh, and a parrot.
Mau was on the Boys' Island when the tsunami came, going through his rite
of passage into manhood. He was to return to the Nation the next morning
and receive his tattoos and his adult soul. He survived in a canoe. No
one else in the Nation did.
Terry Pratchett considered Nation to be his best book. It is not
his best book, at least in my opinion; it's firmly below the top tier of
Discworld novels, let alone Night Watch.
It is, however, an interesting and enjoyable book that tackles gods and
religion with a sledgehammer rather than a knife.
It's also very, very dark and utterly depressing at the start, despite a
few glimmers of Pratchett's humor. Mau is the main protagonist at first,
and the book opens with everyone he cares about dying. This is the place
where I thought Pratchett diverged the most from his Discworld style: in
Discworld, I think most of that would have been off-screen, but here we
follow Mau through the realization, the devastation, the disassociation,
the burials at sea, the thoughts of suicide, and the complete upheaval of
everything he thought he was or was about to become. I found the start of
this book difficult to get through. The immediate transition into
potentially tragic misunderstandings between Mau and Daphne (as Ermintrude
names herself once there is no one to tell her not to) didn't help.
As I got farther into the book, though, I warmed to it. The best parts
early on are Daphne's baffled but scientific attempts to understand Mau's
culture and her place in it. More survivors arrive, and they start to
assemble a community, anchored in large part by Mau's stubborn
determination to do what's right even though he's lost all of his
moorings. That community eventually re-establishes contact with the rest
of the world and the opening plot about the British monarchy, but not
before Daphne has been changed profoundly by being part of it.
I think Pratchett worked hard at keeping Mau's culture at the center of
the story. It's notable that the community that reforms over the course
of the book essentially follows the patterns of Mau's lost Nation and
incorporates Daphne into it, rather than (as is so often the case) the
other way around. The plot itself is fiercely anti-colonial in a way that
mostly worked. Still, though, it's a quasi-Pacific-island culture written
by a white British man, and I had some qualms.
Pratchett quite rightfully makes it clear in the afterward that this is an
alternate world and Mau's culture is not a real Pacific island culture.
However, that also means that its starkly gender-essentialist nature was a
free choice, rather than one based on some specific culture, and I found
that choice somewhat off-putting. The religious rituals are all gendered,
the dwelling places are gendered, and one's entire life course in Mau's
world seems based on binary classification as a man or a woman. Based on
Pratchett's other books, I assume this was more an unfortunate default
than a deliberate choice, but it's still a choice he could have avoided.
The end of this book wrestles directly with the relative worth of Mau's
culture versus that of the British. I liked most of this, but the twists
that Pratchett adds to avoid the colonialist results we saw in our world
stumble partly into the trap of making Mau's culture valuable by British
standards. (I'm being a bit vague here to avoid spoilers.) I think it is
very hard to base this book on a different set of priorities and still
bring the largely UK, US, and western European audience along, so I don't
blame Pratchett for failing to do it, but I'm a bit sad that the world
still revolved around a British axis.
This felt quite similar to Discworld to me in its overall sensibilities,
but with the roles of moral philosophy and humor reversed. Discworld
novels usually start with some larger-than-life characters and an absurd
plot, and then the moral philosophy sneaks up behind you when you're not
looking and hits you over the head. Nation starts with the moral
philosophy: Mau wrestles with his gods and the problem of evil in a way
that reminded me of Job, except with a far different pantheon and rather
less tolerance for divine excuses on the part of the protagonist. It's
the humor, instead, that sneaks up on you and makes you laugh when the
plot is a bit too much. But the mix arrives at much the same place: the
absurd hand-in-hand with the profound, and all seen from an angle that
makes it a bit easier to understand.
I'm not sure I would recommend Nation as a good place to start with
Pratchett. I felt like I benefited from having read a lot of Discworld
to build up my willingness to trust where Pratchett was going. But it has
the quality of writing of late Discworld without the (arguable) need to
read 25 books to understand all of the backstory. Regardless,
recommended, and you'll never hear Twinkle Twinkle Little Star in
quite the same way again.
24 April is the anniversary of the Easter Rising. That is the day
that Irish republicans bravely rose up against foreign control. The Irish
leaders were captured and killed.
25 April is ANZAC Day. It is the anniversary of various battles,
most notable of which is Gallipoli.
The Gallipoli landings, like the Easter Rising, are notable for a
significant loss of life.
ANZAC Day has evolved to commemorate not only those who lost their lives
at Gallipoli but all the sacrifices made by those who serve in uniform for
Australia and New Zealand.
When the FSFE Fellowship voted for the Irish-Australian Daniel Pocock
in 2017, voting finished at 11:05 UTC on 24 April 2017. That is
the 101st anniversary of the Easter rising.
FSFE headquarters are in Berlin, Germany and the majority of
members appear to be Germans. After the community voted for an
Irish-Australian, the management
removed the elections from the FSFE constitution. There hasn't been
another election since.
In the context of an inquest,
unlawful killing tells us
that the circumstances of the death involved some sort of crime.
The crime may be deliberate or it may be a matter of extreme
incompetence. The verdict of a coroner's inquest does not name
a guilty party. We could use the same framework to think about
the deaths in the
Debian suicide cluster.
Shortly after the jury announced their verdict, people noticed
a blog from Russ Allbery in Debian.News
and other syndication services on the topic
Review: The Stars, Like Dust.
Russ publishes a lot of book reviews
and it could have just been coincidence. Nonetheless, there are a lot
of accusations about trolling in Debian so it seems like a good
opportunity to look at the similarities between the
Stardust deaths and the
Debian suicide cluster deaths.
Some things change...
The tragedy was a long time ago in 1981 but it remains highly
relevant today.
Some things changed. For example, both Ireland and the UK now have
much stricter safety regulations in business premises. The quality of
building materials and the standard of electrical installation work
has improved a lot.
Forbidden music was censored
One of Ireland's most notable folk singers
Christy Moore became a convicted criminal for singing
about the fire.
Yet this is something that has changed: Ireland abolished
criminal speech laws and and the Internet provided a way
for people to circumvent the censorship and listen to Moore's song
They Never Came Home.
To put that in perspective, nobody was ever convicted of a crime
in relation to overcrowding, the ignition of the fire or the
blocked fire exits. But Moore was convicted for singing about those
things.
We can see exactly the same phenomena in Debian. Nobody has ever
been investigated or convicted over the
Debian suicide cluster deaths but there have been enormous efforts
to punish those who spoke up about it.
... but some things don't change
The fire was on Valentine's Day, 14 February 1981 and the initial
inquiry concluded in November 1981 with a finding that it was
probably started by arson.
No evidence of arson was documented. It looks like this was not
much more than guesswork.
Eventually, in 2009, a review was commissioned by the Government.
The report declared that the finding of arson was not justified.
The Oireachtas, the Irish parliament, publicly accepted his conclusions.
The arson verdict was now erased. The families of victims were left
in limbo for another 15 years waiting for the new verdict, a lot
like the open source community has been left in limbo waiting
for an official report about the suicides.
In 2019 the Government agreed to a new inquest. The inquest began
in 2023 and last week it produced verdicts of unlawful killing.
The finding of arson was not substantiated.
The
Wikipedia page about Unlawful Killing tells us that such
verdicts only require proof on the balance of probabilities.
News reports suggest that in Ireland, the verdict had to
be beyond reasonable doubt, which is a much stronger
verdict.
Scapegoating in Ireland and Debian
The finding of arson in 1981 has the impact of shifting blame.
By finding that arson was a possible factor, the inquiry was
reducing the weight of blame on the owners of the nightclub and
officials at the Dublin City Council for their
own failings in health and safety practices.
Moreover, a finding of arson shifts the blame from the landlord classes
to the youth. Rather than seeing the youth as victims, the arson finding
encourages us to consider the possibility that one of the youngsters
had a role in their own suffering.
We can see the same in the world of Debian. Frans Pop chose
to write his resignation/suicide note the night before Debian Day yet
Wouter Verhelst wrote a blog insisting that
Pop had other reasons for suicide.
We can see the same phenomena in Debian and other open source
software groups that have implemented
amateur hour Codes of Conduct (CoC). Whenever there is some kind of
conflict, the CoC is used to shift the blame from wrongdoing by the
leadership figures and use some volunteer as a scapegoat.
We find the same thing again in the Catholic abuse scandals. The
Crimen Sollicitationis
is a Code of Conduct for handling abuse cases. In rule 73 of this code,
the wording selected by the author in the original Latin version of the text
explicitly suggests that the child
is a collaborator in the crime rather than a victim. The finding of arson
suggests that some of the youth may have been collaborators in
their own demise.
Crimen Sollicitationis, the CoC for hiding abuse, goes on to
provide a procedure for interrogating victims who make a complaint.
The victims are asked to admit that they made the complaint
because they are seeking forgiveness for their own "participation" in
the forbidden act.
We saw the same phenomena in Debian. Dr Norbert Preining
made a complaint about harassment from the Debian Account Managers.
He gave an example of the nasty messages these people sent him
in December 2018
(
evidence).
A common theme used by the abusers and those investigating abuse
is the questioning of the victim's reasons for making a complaint.
Victim's were asked if they were seeking forgiveness or
absolution. The implication is that a victim asking for absolution
is admitting they were somehow party to the wrongdoing. From
the thesis of Sally Muytjens:
The confessional is a unique situational context for
clergy and was utilised by DN actors as a multi-functional
DN resource (Cahill and Wilkinson 2017, 16). Clericalism was
exploited as a significant DN resource in this situational context.
Where a victim is seeking forgiveness, they are extremely vulnerable
as the priest has the power to grant or withhold absolution.
The church teaches us from a young age that the confessional is
a place of secrecy and privacy. The messages Debian Account Managers
are sending to their victims seek to exploit the same
psychology, from the message published by Dr Preining:
We are sending this email privately, leaving its
disclosure as your decision (although traces in public databases are
unavoidable)
In fact, we can see the same psychology in other social problems
that Ireland is facing today. For example, for a long time, the
Irish government
dragged their feet over compensation to victims of the Mica scandal.
The biggest social problems in Ireland today involve the health
system, homelessness and insufficient housing, even for those who
are working and able to afford the rent. In each case, public discourse
about the subject tries to shift the blame to those who are suffering
or some third party like the immigrants.
Here are some more private emails I received that show the culture
of punishing people.
Punishment is a key element of a modern slavery regime.
By way of background, I resigned from mentoring at a time when
I lost two family members. I noticed when people started punishing
Dr Norbert Preining and I stood up to defend him. The gangmasters became
hysterical when I challenged their authority and then they started
spreading rumors about me as well.
Gunnar is writing about "sentences", as in putting people in prison.
Sentence, in this context, is synonymous with punishment. Punishment
is synonymous with modern slavery.
Subject: Re: Censorship in Debian
Date: Thu, 17 Jan 2019 16:10:07 -0600
From: Gunnar Wolf <gwolf@iiec.unam.mx>
To: Daniel Pocock <daniel@pocock.pro>
Hello Daniel,
I won't get into the details of your mail - Just answering in general.
My recommendation is... Given half of your "sentence" has already
passed, and the difficulty *any* such kind of process would mean, I
suggest you just wait for the extra needed time and ask for the ban to
be lifted.
I do hope you reflect on your communication patterns. The mails you
sent to d-project did _nothing good_ to heal your image in
Debian. Much to the contrary.
I don't know if your case was Chris' personal issue or if it exhibited
a larger issue; after all the energy that was wasted in d-private in
the last few weeks, I really don't want to go back into that.
Greetings,
In a professional environment, if you want to influence people, you
either pay them or you exhibit very good leadership skills yourself.
In modern slavery, if you want to influence people, you use
punishments, prisons and sentences.
Gunnar is a professor at Universidad Nacional Autónoma de México (UNAM).
Two weeks later at FOSDEM 2019, Molly de Blanc showed the infamous
slide with a cat behind bars. The picture implies some force is used to impose upon developers against our will. What she has illustrated here is a concentration camp. If she displayed this slide in Germany she could be prosecuted for glorifying the holocaust.
Subject: Art
Date: Thu, 07 Mar 2024 15:52:22 +0000
From: Cade Foster <cade.foster117@proton.me>
To: daniel@pocock.pro <daniel@pocock.pro>
Sent with Proton Mail <https://proton.me/> secure email.
Why are people sending me messages like this? They have been incited
to behave this way. The real crime is the crime of incitement.
Jonathan Carter has used his position as Debian Project Leader
to send more emails inciting the mob to harass my family and I.
These people don't pay us anything for our work. If we don't obey
them, they rush to punishments and public humiliation.
It is modern slavery. Is it any surprise that there is a
Debian suicide cluster?
The Debian Social Contract, point 3 tells us
We won't hide problems. Yet there is a pattern, whenever an
election candidate wants to have a frank discussion about the problems,
small minded people like Lamb embark on a pestering campaign to have
their blogs and emails censored.
From: "Chris Lamb" <lamby@debian.org>
To: community-council@lists.ubuntu.com
Date: Sat, 30 Mar 2019 07:22:25 -0400
Subject: Inappropriate content on planet.ubuntu.com?
Hi CC,
I'm not sure if this is the right place to send this but is is really
appropriate for posts such as:
https://danielpocock.com/dont-trust-me-trust-the-voters
.. to appear on Planet Ubuntu?
I don't like to make legalistic arguments but this would appear to be
CoC violation or, at the very least, the pattern and history of posts
both on Planets and elsewhere constitutes one IMHO.
Do note that the above post has been apparently engineered to not
appear on his homepage whilst remaining aggregated on your Planet.
This, of course, hardly engenders the relaxed and welcoming attitude
I'm sure our respective communities wish to promote.
I would love to know your thoughts on the above.
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org � chris-lamb.co.uk
`-
Version 3.3 brings in new features, including reverse Laplace transforms and fits, pH fits, commands for picking points from a dataset, averaging points with the same X value, or perform singular value decomposition.
In addition to these new features, many previous commands were improved, like the addition of a bandcut filter in FFT filtering, better handling of the loading of files produced by QSoas itself, and a button to interrupt the processing of scripts.
There are a lot of other new features, improvements and so on, look for the full list there.
About QSoas
QSoas is a powerful open source data analysis program that focuses on flexibility and powerful fitting capacities. It is released under the GNU General Public License. It is described in Fourmond, Anal. Chem., 2016, 88 (10), pp 5050–5052. Current version is 3.3. You can download for free its source code or precompiled versions for MacOS and Windows there. Alternatively, you can clone from the GitHub repository.
The Stars, Like Dust is usually listed as the first book in
Asimov's lesser-known Galactic Empire Trilogy since it takes place before
Pebble in the Sky. Pebble in the
Sky was published first, though, so I count it as the second book. It is
very early science fiction with a few mystery overtones.
Buying books produces about 5% of the pleasure of reading them while
taking much less than 5% of the time. There was a time in my life when I
thoroughly enjoyed methodically working through a used book store, list in
hand, tracking down cheap copies to fill in holes in series. This means
that I own a lot of books that I thought at some point that I would want
to read but never got around to, often because, at the time, I was feeling
completionist about some series or piece of world-building. From time to
time, I get the urge to try to read some of them.
Sometimes this is a poor use of my time.
The Galactic Empire series is from Asimov's first science fiction period,
after the Foundation series but contemporaneous with their
collection into novels. They're set long, long before Foundation,
but after humans have inhabited numerous star systems and Earth has become
something of a backwater. That process is just starting in The
Stars, Like Dust: Earth is still somewhere where an upper-class son might
be sent for an education, but it has been devastated by nuclear wars and
is well on its way to becoming an inward-looking relic on the edge of
galactic society.
Biron Farrill is the son of the Lord Rancher of Widemos, a wealthy noble
whose world is one of those conquered by the Tyranni. In many other SF
novels, the Tyranni would be an alien race; here, it's a hierarchical and
authoritarian human civilization. The book opens with Biron discovering a
radiation bomb planted in his dorm room. Shortly after, he learns that
his father had been arrested. One of his fellow students claims to be on
Biron's side against the Tyranni and gives him false papers to travel to
Rhodia, a wealthy world run by a Tyranni sycophant.
Like most books of this era, The Stars, Like Dust is a short novel
full of plot twists. Unlike some of its contemporaries, it's not devoid
of characterization, but I might have liked it better if it were. Biron
behaves like an obnoxious teenager when he's not being an arrogant ass.
There is a female character who does a few plot-relevant things and at no
point is sexually assaulted, so I'll give Asimov that much, but the gender
stereotypes are ironclad and there is an entire subplot focused on what I
can only describe as seduction via petty jealousy.
The writing... well, let me quote a typical passage:
There was no way of telling when the threshold would be reached.
Perhaps not for hours, and perhaps the next moment. Biron remained
standing helplessly, flashlight held loosely in his damp hands. Half
an hour before, the visiphone had awakened him, and he had been at
peace then. Now he knew he was going to die.
Biron didn't want to die, but he was penned in hopelessly, and there
was no place to hide.
Needless to say, Biron doesn't die. Even if your tolerance for pulp
melodrama is high, 192 small-print pages of this sort of thing is
wearying.
Like a lot of Asimov plots, The Stars, Like Dust has some of the
shape of a mystery novel. Biron, with the aid of some newfound companions
on Rhodia, learns of a secret rebellion against the Tyranni and attempts
to track down its base to join them. There are false leads, disguised
identities, clues that are difficult to interpret, and similar classic
mystery trappings, all covered with a patina of early 1950s imaginary
science. To me, it felt constructed and artificial in ways that made the
strings Asimov was pulling obvious. I don't know if someone who likes
mystery construction would feel differently about it.
The worst part of the plot thankfully doesn't come up much. We learn
early in the story that Biron was on Earth to search for a long-lost
document believed to be vital to defeating the Tyranni. The nature of
that document is revealed on the final page, so I won't spoil it, but if
you try to think of the stupidest possible document someone could have
built this plot around, I suspect you will only need one guess. (In
Asimov's defense, he blamed Galaxy editor H.L. Gold for persuading
him to include this plot, and disavowed it a few years later.)
The Stars, Like Dust is one of the worst books I have ever read.
The characters are overwrought, the politics are slapdash and build on
broad stereotypes, the romantic subplot is dire and plays out mainly via
Biron egregiously manipulating his petulant love interest, and the writing
is annoying. Sometimes pulp fiction makes up for those common flaws
through larger-than-life feats of daring, sweeping visions of future
societies, and ever-escalating stakes. There is little to none of that
here. Asimov instead provides tedious political maneuvering among a class
of elitist bankers and land owners who consider themselves natural
leaders. The only places where the power structures of this future
government make sense are where Asimov blatantly steals them from either
the Roman Empire or the Doge of Venice.
The one thing this book has going for it — the thing, apart from
bloody-minded completionism, that kept me reading — is that the technology
is hilariously weird in that way that only 1940s and 1950s science fiction
can be. The characters have access to communication via some sort of
interstellar telepathy (messages coded to a specific person's "brain
waves") and can travel between stars through hyperspace jumps, but each
jump is manually calculated by referring to the pilot's (paper!) volumes of
the Standard Galactic Ephemeris. Communication between ships (via
"etheric radio") requires manually aiming a radio beam at the area in
space where one thinks the other ship is. It's an unintentionally
entertaining combination of technology that now looks absurdly primitive
and science that is so advanced and hand-waved that it's obviously made
up.
I also have to give Asimov some points for using spherical coordinates.
It's a small thing, but the coordinate systems in most SF novels and TV
shows are obviously not fit for purpose.
I spent about a month and a half of this year barely reading, and while
some of that is because I finally tackled a few projects I'd been putting
off for years, a lot of it was because of this book. It was only 192
pages, and I'm still curious about the glue between Asimov's
Foundation and Robot series, both of which I devoured as a
teenager. But every time I picked it up to finally finish it and start
another book, I made it about ten pages and then couldn't take any more.
Learn from my error: don't try this at home, or at least give up if the
same thing starts happening to you.
They submit many boilerplate documents containing copies of
the domain and trademark registrations. On top of that, they
only submit three other documents.
One of those is the copy of a judgment from a previous Debian
dispute. The judgment expresses concern about some specific images on another
web site. The complaint does not provide any examples of those
images or any similar content on any of my own Debian web sites.
Therefore, this judgment can't be extrapolated to content on my
own web sites.
They provide a copy of biographical information about me from
my company web site. This is not published on one of the domains
in dispute so it is not relevant. By providing this, they are insulting
me. Looking at the very first archived copy of an email from
the debian-project mailing list in 1994, we
find that Debian co-authors are using the term
Debian Developer four years before there was a trademark. That is
four years before the Debian Project constitution. The term
Debian Developer is completely valid
for somebody who has done significant creative work over many
decades. In plain English, the term Debian Developer can mean
three things: somebody who possesses the skill of creating
Debian software, somebody who has an authorship interest in
the Debian software and thirdly, but lastly, somebody who is
a member of the clique. Copyright law does not require somebody
to be a member of the clique. I never joined the Debian Project
Unincorporated Association, I have always used the term
Debian Developer first and foremost to describe myself as an author with
moral rights in the creative work. Given that they have taken
this text from a web site that is not even part of the dispute,
I feel the legal panel would be best to avoid getting involved
in this aspect of the dispute.
The third document they provide is a defamation they created
themselves. They are clearly hoping to have WIPO republish
insults and defamation to cause some sort of harm to my
ability to work and feed myself.
They allege that there was some issue of harassment
but do not provide any details. They claim it was in the year
2018, a period when I lost two family members. Their insistence
on twisting a knife in my back at such a time only proves
bad faith on their part.
In various ways, we can see that the document they submitted
is a fraud that has the possibility of deceiving the WIPO
legal panel.
For starters, the harassment began in 2017. Even
the year specified in their evidence is wrong. Therefore,
the evidence they are submitting is a deliberate deception that
tries to invert the story.
Here is the internal report about the harassment. The date is 12
October 2017 so the misfits are clearly lying to the WIPO
legal panel. I have redacted the section that identifies
underage victims.
There you have it. The most senior student representative to have
had contact with a member of the choir in the era of Cardinal Pell has
subsequently arrived in Albania and correctly and discretely raised the
alarm about pimps and pedophiles using funds from Mozilla, IBM Red Hat
and other tech companies to bait their child victims and young women.
It is creepy how the complainants deception about the dates and details
mirrors the case of the
Swiss JuristGate scandal. The
Swiss financial regulator, FINMA, has published a summary
of their decision to shut the rogue firm. In the summary
of the decision, not only does FINMA redact the names of those
responsible for ripping off the customers, FINMA even redacts the dates.
One of the reasons FINMA is redacting the dates is to hide how long
the regulator and the bar association really knew about the scandal.
The hidden dates are examined in more detail in my first
blog post about Juristgate. Here is a screenshot from the FINMA
document showing where the year is obfuscated / redacted:
The FSFE
Fellowship elected me as a community representative in April 2017.
Shortly after that, women in Albania confided in me about the incidents
of harassment. I traveled there again to help organize a MiniDebConf
and Fedora Women's day and in the process, I became a witness to
acts of harassment and a serious possibility of underage abuse.
All of this clearly began in 2017 but the defamation created by
Debian seeks to obfuscate the year and the source of the harassment.
They completely fail to thank me for the effort I made supporting
these women. This was an effort above and beyond what had
been anticipated when I volunteered to speak at the conference
in Albania.
At the time, I had confided in the women that I was watching
these matters very carefully because one of my cousins, who is much
younger than me, had been in the St Patrick's cathedral choir
during the time Cardinal George Pell was Archbishop of Melbourne.
The Pell case was one of the most high profile allegations of abuse
in the Catholic Church. The Royal Commission notes in their
report that of 15,000 victims who contacted them,
the Catholic Church was implicated in far more cases than all the other
religions combined.
In the meantime, Carla had also written about her eating disorder
on her web site. Research estimates that at least thirty percent
of women with these conditions have been victims of harassment or
abuse in childhood.
Various people appeared to resent the fact that women had given
evidence about an (IBM Red Hat) Fedora Ambassador and Mozilla
Tech Speaker to an independent, elected community representative
who was not under any obligation of confidentially to the companies
funding the Albanian groups. In other words, these companies
would have prefered to see the women reporting scandals through
internal company channels.
Shortly after I received this information from women, the FSFE
revised their constitution to
remove their annual elections and
ensure there would never be any other community representative again.
The complete removal of the election and the representative position
proves that this wasn't about any failing on my own part, this was
about the companies behind FSFE wanting to ensure that complaints
about their people wouldn't reach any independent outsider who
might be elected next.
At the end of the process, Mozilla produced a report about the
harassment. I have never been given a copy of the report and
the complainant has not submitted the report either. I don't
feel the complaint should be taken seriously at all unless all
parties, including the legal panel, are granted access to all these
original, contemporaneous documents about the origins of the
harassment and my support for the victims.
Meanwhile, at the very same time as the Cardinal Pell trial
was progressing in Australia, family and friends were shocked to
see mysterious references to abuse circulated on social media.
I don't even have any social media accounts myself so I only
started hearing about these character assassination plots
from witnesses who saw the smears. Cardinal Pell was convicted in December
2018 and a few weeks later, in January 2019, Joerg Jaspert of the
Debian Account Managers team put
mysterious references to abuse in one of our
Debian source code repositories.
One of the findings from the Royal Commission states that
abuse survivors who came forward took an average of 23.9 years to talk about
what happened to them.
Having attended a Catholic school in the same neighborhood and
having multiple connections with fellow alumni and the diocese, it
would not be a surprise for me if any one of the people I know
might reveal themselves to be connected with the scandal at some
point in the future.
Moreover, two of my cousins passed away far too young.
It is so shocking for me to see how these dirty men are playing these
games with the subject of abuse.
At the time that Joerg Jaspert started making these privacy
violations, he was on the school council at Dalbergschule in Fulda, Germany.
Local magazines published a photo of him in a Debian t-shirt
with other parents Claudia Beck and Ina Riechert.
How can the other parents and staff trust this dirty man with
any sensitive topics when he runs around spreading gossip about abuse
in the debian-private world?
Given that background, I find it abhorrent that these silly
people claim to be victims of abuse when what really happened
is they got caught doing the wrong thing. By claiming to be
victims of harassment and abuse, by hijacking and distorting
the language of sexual misconduct they are asking us to exhibit the same
sympathy for long-distance peeping toms at Google as we would for those
15,000 child victims.
Here is another example of Debianists pretending to be
part of the sexual crimes detective unit and circulating
gossip as if it was truth. The email is written by Russell Coker, a
Debian Developer in Australia, half way around the world from
where the rumors started in Berlin. How could he write such
forceful words about Dr Appelbaum when it is something he had no way to see?
This shows how Debianists use their titles and their trademark
to make stuff up and then give weight to defamation.
This type of rogue behavior makes it even harder
for the community to know when real victims take the difficult step
of coming forward with real reports of abuse.
Bad faith: deliberately conflating different types of harassment and abuse
The complainant frequently raises concerns about "harassment"
and "abuse" whenever somebody asks a question they don't want to reply
to.
Yet it doesn't stop there.
Not only do they claim to be victims of "harassment" and "abuse",
they deliberately seek to conflate different meanings of these words.
It works a bit like the game of Chinese Whispers.
The classic example was the lynching of Dr Jacob Appelbaum.
One person posted messages about "harassment". Somebody else who wasn't
actually there extrapolated that into "sexual harassment". Then another
person who was all the other way over the other side of the world in
Australia forcefully writes that it was a "rape".
The word "abuse" is used in much the same way. Somebody asks
a question about the bank account. The question is disparaged as
an unqualified example of "abuse". Later, somebody adds a prefix,
people mention "sexual abuse". But there is nothing sexual about
asking why somebody's girlfriend got paid to do work that other
volunteers do for free. We saw them using this word game in
relation to Prof Eben Moglen recently.
Not only are they trying to defame the person asking a serious
question but we also have to remember that when people try to
portray themselves as victims of "abuse", they are siphoning off a little bit
of credibility from the real victims, like those incredibly young boys
and girls who made complaints about institutional abuse. The pretend
victims and their antics dilute the credibility of the real victims.
Most healthy people are turned off by discussions like this. Yet
there is a subculture around Debian, a subgroup of volunteers who appear
to take some voyeuristic interest in making these word games with references
to abuse, the type of thing we see in the blog post by Matthew Garrett.
Just how did Garrett become an expert on abuse?
These comments about the phenomena may appear quite strong and
defamatory at first glance but the evidence is already public. Have
a look at the controversy about the package with the name "weboob".
According to reports, the source code is laced with crude references
to women. The package was
discussed on debian-private. Quite a few Debian men,
like Axel Beckert, a system administrator at the ETH Zurich university,
defended the package during his working hours.
Subject: Re: weboob package
Date: Fri, 13 Jul 2018 14:29:58 +0200
From: Axel Beckert <abe@debian.org>
Organization: The Debian Project
To: debian-private@lists.debian.org
Hi,
Jonathan Dowland wrote:
> Yesterday I stumbled across the "weboob" package for the first time,
> which includes a slew of binaries with names similar to the following:
[...]
So what? I don't see any problem with that. (And I don't see why
there's a thread on debian-private about it.)
Regards, Axel
--
,''`. | Axel Beckert <abe@debian.org>, https://people.debian.org/~abe/
: :' : | Debian Develoober, ftp.ch.debian.org Admin
`. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5
`- | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
Bad faith: using WIPO and an Albanian gangmaster to defame me
I previously documented how I was a witness to acts of
harassment and the risks to underage participants by two
Albanian men. I attached the emails showing how this was
raised through internal channels at Mozilla.
When Chris Lamb decided to attack me on our wedding anniversary,
he actually used Elio Qoshi, the Albanian bringing a sixteen year old
girlfriend to tech conferences, to distribute the messages about
the vendetta.
At the time, I was with one of the victims. Women who had worked
with me personally had been surprised to see Lamb colluding with
these Albanian gangmasters. I took a photo of the message that
the Albanian forwarded from Lamb to the phones of female victims:
It is an extraordinary example of corruption. When I saw
Chris Lamb colluding with Elio Qoshi to denounce me at such a
painful time for my family, I couldn't help thinking of men like
Jimmy Saville and Rolf Harris collaborating in their
crimes.
Chris Lamb: You are well-aware that I
have been nothing but scrupulous and gentlemanly with regards to your
personal privacy and thus ...
The dishonesty of these misfits is as extraordinary as the
intrusion into the family lives of volunteers.
As Debian is an operating system, it is relied upon as the foundation
for so many other things that people do with their computers both
in industry and in private. In other words, people put a lot of trust
in the operating system but we can't trust the people making it.
Here we have caught the then leader of Debian using a common
garden variety Albanian pimp to spread rumors about a long standing
volunteer and also publicly lying about the matter.
Now these dirty little men aspire to exploiting a WIPO panel
in the same way they used this Albanian gangmaster to denounce
my family and I on the anniversary of our wedding. As mentioned
earlier, the deadline set by WIPO was Carla's birthday.
In other words, the volunteer was elected in a secret ballot. Nobody
knows who voted for him. The search for Unknown Suspects is
an attack on the secrecy of the ballot.
The police have a difficult job and a lot of work. We want to make it
easier for them. We are now asking people to volunteer to be
part of the Debian Unknown Suspects Team. This idea is modeled
on all the other notions of teams in
Debian.
Members of the team will have free transport to prison.
Don't wait, please submit an application with your best mugshot and
digital image of your fingerprints to
debian-devel@lists.debian.org.
This blog is satire and it is protected speech under the First Amendment
of the US Constitution.
WIPO panelists are asked to consider whether the content of the web
sites tarnishes a trademark. There is clearly a lot of stigma around
suicides. It is inevitable that some tarnishing may occur when
suicide is mentioned.
Nonetheless, the panel needs to consider whether tarnishing is the lesser
evil.
The factual revelations of a
Debian / open source suicide cluster do run the risk of tarnishing
the Debian trademark, I am not going to dispute that.
Yet the panel can not automatically conclude that tarnishing is
done in bad faith. If the reason for publishing evidence related to a
suicide cluster is in the interest of public health and preventing more
suicides then it looks like tarnishing but it is NOT bad faith.
Given the nature of suicide, there is simply no way to publish
these public health concerns without the counter-accusations of
tarnishing.
In responding to the previous case of UDRP harassment by IBM Red Hat,
in relation to the domain name WeMakeFedora.org,
I made reference to the Holmes and Rahe Stress Scale.
The loss of a family member is one of the highest events on the scale,
between 63 and 100 points. Significant attacks on the business, career
or professional reputation are rated between 39 and 47. It is suggested
that when these events and scores combine, for example, through bad luck
or persistent harassment, overall scores over 300 are highly likely to
have an impact on health. In other words, there is a higher risk of
illness, accident and suicide for people subjected to stress of this
level.
The complainant is clearly aware of these arguments from the prior
WeMakeFedora.org case so their decision to embark upon
a copy-cat case and deliberately submit documents referring to 2018,
the specific time when I lost two family members, appears to be
a reckless and deliberate attempt to knowingly impose more pain on my family
and I. Therefore, it is clearly a violation of UDRP rule 15(e),
harassment and bad faith by those who initiated the procedure.
There are 972 Debian Developers listed with the status
"Debian Developer, uploading". These are people considered to be active.
When people resign/retire, their status is changed to "Emeritus".
There are 449 Debian Developers with status Emeritus.
The status "Removed" is distinct from the status "Emeritus".
There are 272 Debian Developers with status "Removed". This list
includes people who have died, it includes victims who have been
disappeared and it includes people who have failed to respond
to any attempts to communicate. Some of these people may have been
participating under a fake identity. Some of them may have become
fed up with the politics and walked away without saying goodbye.
Some of these 272 people that we can't account for may have joined
the suicide cluster.
With or without a note, in this list of 272 people "Removed",
there will be many more we don't know about because their families
would never think to tell us.
How many of these 272 vanished after some secret humiliation on
the debian-private mailing list?
How many bloggers have committed suicide after WIPO denounced
them with accusations of bad faith?
When submitting a UDRP case to WIPO, complainants are asked to sign a
declaration stating that they are not using the UDRP for harassment.
Here is what was submitted to WIPO for the Debian Community censorship
case:
Here is a similar declaration submitted in the latest WIPO UDRP
censorship case:
In the 2022 case, the WIPO panel did not publish the names of any
volunteers or make any accusations against volunteers. Yet as soon
as the Debianists had seized the domain, it was used to publish attack
pages directed at a single volunteer.
The victim has exercised his legal rights under the GDPR and asked
for the public attacks to be removed. The trademark holder in their high
arrogance has decided they are above the law of the GDPR.
Therefore, in hindsight, we can see that the 2022 case really was
intended for harassment. They simply didn't use the domain name
for anything else.
The Wayback Machine has captured snapshots of the page:
The volunteer resigned from mentoring at a time when he lost two family
members. The trademark holder has made a gross violation of the privacy
of this man's family.
We can only wonder, why did the trademark holder have to change their
lawyer after the 2022 case? Is it because they tricked Jonathan Cohen
into signing that declaration and then after seizing the domain,
they reneged on the declaration Cohen had signed for them and used the
domain for harassment anyway?
Lawyers don't like to be used like that. Is it possible that Cohen
has declined to work for these puppet masters again?
Adolf Hitler was born on 20 April 1889 in Austria. Today would be
the Fuhrer's 135th birthday.
In 1939, shortly after Hitler annexed Austria, the Nazi command
in Berlin had a big celebration for
the 50th birthday of Adolf Hitler. It was such a big occasion
that it has its own Wikipedia entry.
One of the quotes in Wikipedia comes from British historian
Ian Kershaw:
an astonishing extravaganza of the Führer cult. The lavish
outpourings of adulation and sycophancy surpassed those of any previous
Führer Birthdays
For the first time ever, the Debian Project Leader election has finished
just after 2am (Germany, Central European Summer Time) on the birthday
of Hitler and
the winning candidate is Andreas Tille from Germany.
Hitler's time of birth was 18:30, much later in the day.
Tille appears to be the first German to win this position
in Debian.
We don't want to jinx Tille's first day on the job so we went to
look at how each of the candidates voted in the 2021 lynching of
Dr Richard Stallman.
Here we trim the
voting tally sheet
to show how Andreas Tille and Sruthi Chandran voted on the question
of lynching Dr Stallman:
Tally Sheet for the votes cast.
The format is:
"V: vote Login Name"
The vote block represents the ranking given to each of the
candidates by the voter.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Option 1--------->: Call for the FSF board removal, as in rms-open-letter.github.io
/ Option 2-------->: Call for Stallman's resignation from all FSF bodies
|/ Option 3------->: Discourage collaboration with the FSF while Stallman is in a leading position
||/ Option 4------>: Call on the FSF to further its governance processes
|||/ Option 5----->: Support Stallman's reinstatement, as in rms-support-letter.github.io
||||/ Option 6---->: Denounce the witch-hunt against RMS and the FSF
|||||/ Option 7--->: Debian will not issue a public statement on this issue
||||||/ Option 8-->: Further Discussion
|||||||/
V: 88888817 tille Andreas Tille
V: 21338885 srud Sruthi Chandran
We can see that Tille voted for option 7: he did not want Debian's name
used in the attacks on Dr Stallman. However, he did not want Debian
to denounce the witch hunt either. This is scary. A lot of Germans were
willing to stand back and do nothing while Dr Stallman's Jewish ancestors
were being dragged off to concentration camps.
The only thing necessary for the triumph of evil is that
good men do nothing.
On the other hand, Sruthi Chandran appears to be far closer to the
anti-semitic spirit. She put her first and second vote preferences next
to the options that involved defaming and banishing Dr Stallman.
Will the new DPL be willing to stop the current vendettas against a
volunteer and his family? Or will Tille continue using resources for
stalking a volunteer in the same way that Nazis stalked the Jews?
Adolf Hitler famously died by suicide, a lot like the founder of
Debian, Ian Murdock, who was born in Konstanz, Germany.
Will Tille address the questions of the
Debian suicide cluster or will he waste more money on legal fees
to try and cover it up?
Here are pictures of the event. Well, one picture (thanks Tassia!) of the event
itself and another one of the crisp Italian lager I drank at the bar after the
event :)
Maintainers, amongst other things, of the great LTTng. ↩
The date September 11, also referred to as 9-11, is well known as the
anniversary of the tragic attacks that Al Qaeda made against targets
in the United States of America.
Shortly after the anniversary of the attacks in September 2010,
Der Spiegel published
an article about Operation Pastorius,
Hitler's plans that included the use of either missiles or kamikaze pilots
to destroy the towers of New York City.
Many free software products and free software organizations have been
founded in the United States and have been founded on promises of freedom
that resonate with the American philosophy.
Various observers have noted that these values, inspired by the
First Amendmant and Bill of Rights, are closely intertwined with
the philosophy of software freedom.
In
Coding Freedom (E. Gabriella Coleman, Princeton University Press),
the author explores many of the synergies between freedom philosophies
in licenses, in technology and in speech. Interestingly,
Coleman anticipates the vendettas being practiced through the UDRP today:
Because a commitment to free speech and intellectual property
is housed under the same roof—the US Constitution—the potential for conflict
has long existed. For most of their legal existence, however, conflict was
noticeably absent, largely because the scope of both free speech and
intellectual property law were more contained than they are today. It was only
during the course of the twentieth-century that the First Amendment and
intellectual property took on the unprecedented symbolic and legal mean-
ings they now command in the United States as well as many other nations.
while noting the intersection of Debian with the DeCSS affair
and other milestones in the evolution of the Internet:
Much of the coherence emerged through reasoned political debate.
Cleverness—or prankstership—played a pivotal role as well. Prodromou,
a Debian developer and editor of one of the first Internet zines, Pigdog,
circulated a decoy program that hijacked the name DeCSS, even though it
performed an entirely different operation from Johansen’s DeCSS.
In the following year, Bruce Perens reframed this definition
as the Debian Social Contract (Debian Project 2004), emphasizing the
rights of, and programmers’ responsibilities to, the community of
users.
The
Fedora Foundations, advanced by Red Hat, now a subsidiary of IBM,
brought together developers under a similar promise:
Freedom: We are dedicated to free software and content.
Advancing software and content freedom is a central community goal,
which we accomplish through the software and content we promote.
Many of us have contributed decades of work under these terms
and conditions, the promise of an American style of freedom.
Yet this is under attack and one of the most dramatic attacks
in the history of free software was launched on September 11, 2022,
when a group of fascist Germans and Swiss banded together to demand
state violence against volunteers discussing
the toxic culture in Debian.
The September 11 attacks were notable for the impact on the emergency
services, especially the firemen. One of the volunteers being attacked
started doing voluntary work with the Wireless Institute Civil
Emergency Network (WICEN) when he was fourteen years old.
How would you feel if little Germans like Axel Beckert at ETH Zurich
were plotting against you and your family on the anniversary of
the most notorious terrorist attacks in living memory?
The September 11 attacks involved a huge and immediate loss of life.
In Debian, we have seen the
evidence of a suicide cluster slowly coming out of the shadows.
One of the volunteers has died, in a possible suicide, on the very
same day the latest victim went to the church to get married.
How much of the
$120,000 Debian legal budget paid for this abhorrent attack on American
principles and freedoms that underpin the world of free software?
Who pocketed that money?
The Wayback Machine has captured images of the Justicia SA web site
in the weeks before the legal insurer was shut down by FINMA, the Swiss
financial regulator.
On 29 June 2017, one of the Albanians, Redon Skikuli,
used the Open Labs forum to announce a FOSSCamp that would take
place from 31 August to 3 September 2017 on the island of Syros, Greece.
The Open Labs group had gained a lot of good will through their
OSCAL annual conference in Tirana, Albania. Chris Lamb, the
former Debian Project Leader, had commented on the
high proportion of female participants in these events.
After some careful analysis, it turns out the free software community
had been fooled by the men running this group.
At around the same time that the Albanian women tipped me off, one
of the Wikimedia employees in Greece became suspicious about the manner
in which the Albanians were not simply having an event in their own country.
It had been organized at the last minute and people who don't live in
the region would not have the opportunity to get affordable flights.
In other words, the Albanians were hoping to get funds from larger
groups but not be bothered by the presence of people checking whether
any work was done at the Syros beach resort.
Poor behavior????
Jonathan Carter has been spreading rumors about poor behavior. What
we see here is an example of integrity, looking through the shady
financial dealings and documenting how the women were used as puppets
to obtain money for their male controllers.
In most organizations these discussions and names would be handled
privately. In September 2018, Chris Lamb and one of the Albanians
colluded to spread messages denouncing my work. By violating the
privacy of my family and I, they are also violating the privacy of
everybody else in these emails.
Subject: Fwd: Re: Wikimedia funding / FOSSCamp Eligibility queries
Date: Sat, 21 Oct 2017 09:08:55 +0200
From: Daniel Pocock <daniel@pocock.pro>
To: ca@wikimedia.org
Confidential
Hi Maggie / Support and Safety team,
I'm writing to make you aware of this because of the possibility that
one or more of the women who applied for these grants may have been
under pressure from Elio Qoshi and Redon Skikuli.
https://meta.wikimedia.org/wiki/User:ElioQoshi
https://meta.wikimedia.org/wiki/User:Leeturtle (Redon Skikuli)
Elio and Redon are in various roles:
- volunteer contributors to Wikimedia projects, speakers, event organizers
- board members at the non-profit Open Labs organization, which runs the
hackerspace in Tirana
- Elio is the founder and Redon appears to be a manager in Ura Design,
the company receiving the registration fee discussed below, and at least
one of the women, Silva, is their employee
If one or more of these women violated the terms of their grant, it may
have been specifically because of pressure exerted by Elio or Redon as
employers or as peer pressure, fear of not being part of the group at
the hackerspace or a combination of these factors.
I've visited this group several times as part of my work with Debian and
Outreachy. I'm also aware of at least one other harassment case that
doesn't involve Wikimedia but where a woman was directed how to behave
by Elio and Redon.
Regards,
Daniel
-------- Forwarded Message --------
Subject: Re: Wikimedia funding / FOSSCamp Eligibility queries
Date: Fri, 20 Oct 2017 09:58:42 -0700
From: WMF Grants Administrator <grantsadmin@wikimedia.org>
To: Daniel Pocock <daniel@pocock.pro>, participation
<participation@wikimedia.org>
CC: auditor@debian.org
Daniel, thank you for your email. I'm looping in the TPS group to make
sure the email gets to the appropriate people.
Best,
Janice Tud
Grants Administrator
On Fri, Oct 20, 2017 at 9:32 AM, Daniel Pocock <daniel@pocock.pro> wrote:
Hi,
I'm writing to you concerning these applications that were approved:
https://meta.wikimedia.org/wiki/Grants:TPS/Sido_uku/FOSScamp_Syros_2017https://meta.wikimedia.org/wiki/Grants:TPS/Nafie_shehu/FOSScamp_Syros_2017https://meta.wikimedia.org/wiki/Grants:TPS/Silva.1994/FOSScamp_Syros_2017
and I have also been looking at your Eligibility criteria:
https://meta.wikimedia.org/wiki/Grants:TPS/Learn#Funding_decisions
In particular "organizations are not eligible" and "We support
volunteer participation; participation that is tied to paid work is
not eligible for funding."
I was on CC for a funding request sent to the Debian Project for the
same event.
After the event, I became aware that one of the requesters, Silva
Arapi, is an employee of Ura Design:
https://ura.design/2017/08/25/ura-sha-2017/
and all the funding requests submitted to Wikimedia and Debian
included a payment of a registration fee, which has apparently gone
to Ura Design:
https://forum.openlabs.cc/t/fosscamp-2017-syros-greece/459/28
Just about everybody at the event requested money for this fee from
non-profit free software organizations like Wikimedia and Debian.
In fact, the people submitting the funding requests never mentioned
Ura Design (a for-profit corporation), they only mentioned Open Labs
(a non-profit group)
As that part of the funding (EUR 40 each) went to an organization,
that part appears to violate point 2 in the criteria.
The discussion in that forum topic, at this point, mentions that the
organization didn't provide any service to the participants (such as
meals or t-shirts) in exchange for that money:
https://forum.openlabs.cc/t/fosscamp-2017-syros-greece/459/12
As some of the participants are employees of the organization and it
appears they have made a profit from the event, it may be paid work,
violating point 5.
There also appears to be a serious conflict of interest when people
make funding requests for money to go to their own employer. The
Wikimedia example Grant Agreement appears to require applicants to
notify if there is a conflict of interest:
https://meta.wikimedia.org/wiki/Grants:TPS/Example_agreement
For clarification, the event did actually take place, some of the
participants were definite volunteers and real contributions were
made at the event. There are genuine volunteer contributors in the
Open Labs community who are not part of these issues.
I would kindly request that you share any information about these
matters with the Debian auditor team (on CC)
In the forum discussion, there are requests for a financial
statement about the event: would somebody from Wikimedia post a
comment in the discussion asking for them to publish a financial
report? They said they won't publish it unless you ask them too.
It would be very interesting to see what they include in the
financial report before making them aware of any of the other
matters in this email.
Regards,
Daniel
When investors combine their resources to form a joint stock company,
each investor is allocated a share of the company in proportion to the
value of the resources they put in.
Recent discussions have examined the status of Debian GNU/Linux
as a
work of joint authorship. The joint authors did not contribute
capital. We contributed intellectual property and we collaborated with
our peers to improve the collective work that results from our
contributions.
All our contributions, together, have given the trademark value that
is respected in the market.
In recent years, when people in leadership positions have used the Debian
name to denounce people, they are borrowing respect that was cultivated
by the very people being denounced.
One example of this phenomena was the push to make a public statement
using the Debian trademark to denounce Richard Stallman.
Here are the results of the vote.
The community
rejected that vote in April 2021.
Six months later,
in November 2021, the Debian Press Team unilaterally made a statement
denouncing another developer anyway.
Going back to the world of joint stock companies, a shareholder
can not lose more capital than the equity they put in to a firm.
What we see in Debian today is that people are failing to receive
the recognition for their work and moreover,
it looks like these negative statements about a series of developers
are intended to undermine our reputations, our incomes, our businesses,
our families and the lives of those who depend on us.
In a joint stock company, the developers are typically paid a
salary. They assign their copyright to the benefit of the company
and the investors behind it. In return for that assignment, they
receive a salary. Debian Developers have never assigned our copyright
and we have never received a salary. The only thing we expect
is our recognition. Debian.Plus has been established to advance
the cause of recognizing developers.
Stockholders can sell their share in a company and leave at any
time. Debian Developers, being joint authors of a free software project,
can't easily sell our copyright interest because there is no revenue
stream from a free license.
We have none of the positive benefits of a shareholding. Yet
we have all these potential negative consequences where people want
to strip away from us more than we ever agreed to put in.
Bad faith: Debian.Community seized for purpose of retaliation
After seizing the Debian.Community domain, Software in the Public Interest,
Inc has only used the domain name for the purpose of attacking one of
the volunteers.
The legal panel had not chosen to write the name of any private
individuals in their verdict yet the Debianists decided to use
the verdict and the domain to attack a person.
In retrospect, we can see that their intention has always been to
harass this one volunteer.
In 2017, the community elected this volunteer as the FSFE Fellowship
representative, another unpaid position. Losers had been out to get him
ever since then.
In September 2018, Debian Project Leader Chris Lamb used an
Albanian to distribute messages denouncing the volunteer.
The Debian.Community domain was only registered much later in
October 2019.
These problems of denouncing people revolve around leadership
figures like Chris Lamb.
When the domain was seized, it was used to continue the practice of
denouncing somebody, as started by Lamb in September 2018.
The Debian.Community domain hasn't been used for any other purpose.
The use of a domain to harass a private individual appears to violate
privacy regulations in numerous jurisdictions and it also proves that
the UDRP case was pursued with the intention of harassment. These
people have retrospectively proved themselves to be in violation
of UDRP Rule 15(e) through the way they used the domain to attack a
private individual.
Therefore, we can only be suspicious about their intentions with
any other domains they try to seize.
The only evidence they have submitted in the latest case D2024-0770
is thick with defamation. It is clear they are hoping the WIPO legal panel
will cut and paste accusations that are offensive to the private
individual concerned.
In the latest UDRP and legal vendettas from Debian trademark holders,
they make a big fuss about keeping the suicides private but they
show no respect for the privacy of my own family. It is hypocrisy.
The complainant admits they began attacking my family and I
in 2018 (evidence: screenshot of doxing messages from Chris Lamb
further below). This was a time when I lost two family members and it was
a disturbing time for my family and I for a range of reasons.
I told fellow collaborators that I couldn't fully commit to some
of my voluntary responsibilities at that time.
(email to Molly de Blanc)
At the same time, one of the issues causing controversy is the
appearance of a Debian suicide cluster or an open source software
suicide cluster. The attempt to minimize attention on individual
suicides also has the effect of minimizing discussion about whether
the combined body of deaths form a cluster. Public health authorities
define three or more suicides as a cluster. The
public health authorities advise that clusters need special attention
to avoid the risk of further deaths.
Moreover, given the way that the Debian deaths intersect with
my own family life, including the unexplained
death of Adrian von Bidder on the day of our wedding,
a possible suicide,
the grief and toxicity associated
with these phenomena have inevitably become intertwined.
This phenomena should be examined from an independent perspective,
with a focus on the issues and not trying to misdirect attention towards
a volunteer who expressed concerns about it. Forcing an individual
volunteer to write about such phenomena under the threat that WIPO
will denounce me is abhorrent.
Given that we already have this unexplained Debian death on the
very day of our wedding, which is a huge scar, how can they possibly be
imposing more scars upon my life with the continued burden of public
harassment on the Debian web site and through WIPO? It is too much and
it has been going on for too long.
Therefore, the bad faith is entirely on the part of those bullies
forcing the matter before WIPO.
Having setup recursive DNS it was time to actually sort out a backup internet connection. I live in a Virgin Media area, but I still haven’t forgiven them for my terrible Virgin experiences when moving here. Plus it involves a bigger contractual commitment. There are no altnets locally (though I’m watching youfibre who have already rolled out in a few Belfast exchanges), so I decided to go for a 5G modem. That gives some flexibility, and is a bit easier to get up and running.
I started by purchasing a ZTE MC7010. This had the advantage of being reasonably cheap off eBay, not having any wifi functionality I would just have to disable (it’s going to plug it into the same router the FTTP connection terminates on), being outdoor mountable should I decide to go that way, and, finally, being powered via PoE.
For now this device sits on the window sill in my study, which is at the top of the house. I printed a table stand for it which mostly does the job (though not as well with a normal, rather than flat, network cable). The router lives downstairs, so I’ve extended a dedicated VLAN through the study switch, down to the core switch and out to the router. The PoE study switch can only do GigE, not 2.5Gb/s, but at present that’s far from the limiting factor on the speed of the connection.
The device is 3 branded, and, as it happens, I’ve ended up with a 3 SIM in it. Up until recently my personal phone was with them, but they’ve kicked me off Go Roam, so I’ve moved. Going with 3 for the backup connection provides some slight extra measure of resiliency; we now have devices on all 4 major UK networks in the house. The SIM is a preloaded data only SIM good for a year; I don’t expect to use all of the data allowance, but I didn’t want to have to worry about unexpected excess charges.
Performance turns out to be disappointing; I end up locking the device to 4G as the 5G signal is marginal - leaving it enabled results in constantly switching between 4G + 5G and a significant extra latency. The smokeping graph below shows a brief period where I removed the 4G lock and allowed 5G:
(There’s a handy zte.js script to allow doing this from the device web interface.)
I get about 10Mb/s sustained downloads out of it. EE/Vodafone did not lead to significantly better results, so for now I’m accepting it is what it is. I tried relocating the device to another part of the house (a little tricky while still providing switch-based PoE, but I have an injector), without much improvement. Equally pinning the 4G to certain bands provided a short term improvement (I got up to 40-50Mb/s sustained), but not reliably so.
This is disappointing, but if it turns out to be a problem I can look at mounting it externally. I also assume as 5G is gradually rolled out further things will naturally improve, but that might be wishful thinking on my part.
Rather than wait until my main link had a problem I decided to try a day working over the 5G connection. I spend a lot of my time either in browser based apps or accessing remote systems via SSH, so I’m reasonably sensitive to a jittery or otherwise flaky connection. I picked a day that I did not have any meetings planned, but as it happened I ended up with an adhoc video call arranged. I’m pleased to say that it all worked just fine; definitely noticeable as slower than the FTTP connection (to be expected), but all workable and even the video call was fine (at least from my end). Looking at the traffic graph shows the expected ~ 10Mb/s peak (actually a little higher, and looking at the FTTP stats for previous days not out of keeping with what we see there), and you can just about see the ~ 3Mb/s symmetric use by the video call at 2pm:
The test run also helped iron out the fact that the content filter was still enabled on the SIM, but that was easily resolved.
Unseen Academicals is the 37th Discworld novel and includes many of
the long-standing Ankh-Morpork cast, but mostly as supporting characters.
The main characters are a new (and delightful) bunch with their own
concerns. You arguably could start reading here if you really wanted to,
although you would risk spoiling several previous books (most notably
Thud!) and will miss some references
that depend on familiarity with the cast.
The Unseen University is, like most institutions of its sort, funded by an
endowment that allows the wizards to focus on the pure life of the mind
(or the stomach). Much to their dismay, they have just discovered that an
endowment that amounts to most of their food budget requires that they
field a football team.
Glenda runs the night kitchen at the Unseen University. Given the deep
and abiding love that wizards have for food, there is both a main kitchen
and a night kitchen. The main kitchen is more prestigious, but the night
kitchen is responsible for making pies, something that Glenda is quietly
but exceptionally good at.
Juliet is Glenda's new employee. She is exceptionally beautiful, not very
bright, and a working class girl of the Ankh-Morpork streets down to her
bones. Trevor Likely is a candle dribbler, responsible for assisting the
Candle Knave in refreshing the endless university candles and ensuring
that their wax is properly dribbled, although he pushes most of that work
off onto the infallibly polite and oddly intelligent Mr. Nutt.
Glenda, Trev, and Juliet are the sort of people who populate the great
city of Ankh-Morpork. While the people everyone has heard of have
political crises, adventures, and book plots, they keep institutions like
the Unseen University running. They read romance novels, go to the
football games, and nurse long-standing rivalries. They do not expect the
high mucky-mucks to enter their world, let alone mess with their game.
I approached Unseen Academicals with trepidation because I normally
don't get along as well with the Discworld wizard books. I need not have
worried; Pratchett realized that the wizards would work better as
supporting characters and instead turns the main plot (or at least most of
it; more on that later) over to the servants. This was a brilliant
decision. The setup of this book is some of the best of Discworld up to
this point.
Trev is a streetwise rogue with an uncanny knack for kicking around a can
that he developed after being forbidden to play football by his dear old
mum. He falls for Juliet even though their families support different
football teams, so you may think that a Romeo and Juliet spoof is
coming. There are a few gestures of one, but Pratchett deftly avoids the
pitfalls and predictability and instead makes Juliet one of the best
characters in the book by playing directly against type. She is one of
the characters that Pratchett is so astonishingly good at, the ones that
are so thoroughly themselves that they transcend the stories they're put
into.
The heart of this book, though, is Glenda.
Glenda enjoyed her job. She didn't have a career; they were for people
who could not hold down jobs.
She is the kind of person who knows where she fits in the world and likes
what she does and is happy to stay there until she decides something isn't
right, and then she changes the world through the power of common sense
morality, righteous indignation, and sheer stubborn persistence.
Discworld is full of complex and subtle characters fencing with each
other, but there are few things I have enjoyed more than Glenda being a
determinedly good person. Vetinari of course recognizes and respects (and
uses) that inner core immediately.
Unfortunately, as great as the setup and characters are, Unseen
Academicals falls apart a bit at the end. I was eagerly reading the
story, wondering what Pratchett was going to weave out of the stories of
these individuals, and then it partly turned into yet another wizard book.
Pratchett pulled another of his deus ex machina tricks for the
climax in a way that I found unsatisfying and contrary to the tone of the
rest of the story, and while the characters do get reasonable endings, it
lacked the oomph I was hoping for. Rincewind is as determinedly one-note
as ever, the wizards do all the standard wizard things, and the plot just
isn't that interesting.
I liked Mr. Nutt a great deal in the first part of the book, and I wish he
could have kept that edge of enigmatic competence and unflappableness.
Pratchett wanted to tell a different story that involved more angst and
self-doubt, and while I appreciate that story, I found it less engaging
and a bit more melodramatic than I was hoping for. Mr. Nutt's reactions
in the last half of the book were believable and fit his background, but
that was part of the problem: he slotted back into an archetype that I
thought Pratchett was going to twist and upend.
Mr. Nutt does, at least, get a fantastic closing line, and as usual there
are a lot of great asides and quotes along the way, including possibly the
sharpest and most biting Vetinari speech of the entire series.
The Patrician took a sip of his beer. "I have told this to few
people, gentlemen, and I suspect never will again, but one day when I
was a young boy on holiday in Uberwald I was walking along the bank of
a stream when I saw a mother otter with her cubs. A very endearing
sight, I'm sure you will agree, and even as I watched, the mother
otter dived into the water and came up with a plump salmon, which she
subdued and dragged on to a half-submerged log. As she ate it, while
of course it was still alive, the body split and I remember to this
day the sweet pinkness of its roes as they spilled out, much to the
delight of the baby otters who scrambled over themselves to feed on
the delicacy. One of nature's wonders, gentlemen: mother and children
dining on mother and children. And that's when I first learned about
evil. It is built into the very nature of the universe. Every world
spins in pain. If there is any kind of supreme being, I told myself,
it is up to all of us to become his moral superior."
My dissatisfaction with the ending prevents Unseen Academicals
from rising to the level of Night Watch,
and it's a bit more uneven than the best books of the series. Still,
though, this is great stuff; recommended to anyone who is reading the
series.
Followed in publication order by I Shall Wear Midnight.
Armadillo is a powerful
and expressive C++ template library for linear algebra and scientific
computing. It aims towards a good balance between speed and ease of use,
has a syntax deliberately close to Matlab, and is useful for algorithm
development directly in C++, or quick conversion of research code into
production environments. RcppArmadillo
integrates this library with the R environment and language–and is
widely used by (currently) 1135 other packages on CRAN, downloaded 33.7 million
times (per the partial logs from the cloud mirrors of CRAN), and the CSDA paper (preprint
/ vignette) by Conrad and myself has been cited 579 times according
to Google Scholar.
Yesterday’s release accommodates reticulate by
suspending a single test that now ‘croaks’ creating a reverse-dependency
issue for that package. No other changes were made.
The set of changes since the last CRAN release follows.
Changes
in RcppArmadillo version 0.12.8.2.1 (2024-04-15)
One-char bug fix release commenting out one test that upsets reticulate when accessing a scipy sparse matrix
Some of the
Debian Developers have grouped together
to form various associations. Sometimes these associations have
their own legal form (incorporation) and sometimes they are
unofficial/unincorporated groups.
From time to time, we see people creating a team that only has
one person. Sometimes the person resigns and then the team is empty.
Is this a valid use of the word team?
Subject: Issue with another DD
Date: Thu, 18 Dec 2014 10:41:25 +0100
From: Mathieu Malaterre <malat@debian.org>
To: debian-private@lists.debian.org
Dear DD's
I've tried to keep very very calm, but I am having an extremely hard
time with another member of the Debian team.
I found him acting extremely rude and impersonating a whole debian
team (acts as if the team package is his).
Could someone please contact me privately on how to best resolve this ?
Regards
Ps: nothing really private, but I could not find anything to help me out.
--
Please respect the privacy of this mailing list. Some posts may be declassified
3 years after posting as per http://www.debian.org/vote/2005/vote_002
Archive: file://master.debian.org/~debian/archive/debian-private/
To UNSUBSCRIBE, use the web form at <http://db.debian.org/>.
Is it a sock puppet?
We've regularly seen accusations of sock puppets and trolls around
Debian.
When somebody is impersonating a whole Debian team, isn't
the name of the team effectively a pseudo-sock-puppet identity?
It seems this behavior is acceptable in some contexts and not
in other cases.
What does it tell us about the culture of the Debian community?
Numerous emails and blogs have appeared recently about Debian
financial decisions.
When people ask about giving money to support the development
of the Debian GNU/Linux software,
they are typically encouraged to place their donation in the account of
one of the listed Debian Trusted Organizations.
According to the Debian Constitution,
if you give money to one of the Debian Trusted Organizations,
the Debian Project Leader will have absolute discretion over how
the money is used.
Nonetheless, there are other ways that people support Debian financially
and their money is not under the control of the Debian Project Leader.
For example, if a company employs Debian Developers, the payment
goes directly to the developers and the Debian Project Leader has
no control over their duties.
In fact, anybody can make a personal donation or grant a freelance
contract to any developer or group of developers at any time.
This blog post simply ignores those possibilities and looks at
the case where you simply give the money to one of the Trusted Organizations
(which Debianists refer to as TOs) and it falls under the control of
the Debian Project Leader.
Not all of the money will be spent promptly. Sometimes it just sits in
the bank account and gets eroded by inflation while the community
has long email discussions about other topics.
I just want to highlight some of the examples of expenses that
were funded and expenses that were denied over the years.
This list might be updated from time to time.
Things that have been funded
For DebConf19 in Brazil,
we saw the budget had a line of $10,000 for diversity.
A group of young women from Albania and Kosovo were given free flights
and accommodation and many of them were sitting at the same table
as the Debian Project Leader for the DebConf dinner.
Outreachy internships: each year, Debian appears to be paying for
approximately four internships, two in summer and two in winter.
The internships are paid $7,000 each, regardless of the local salary
where the intern resides. That is $28,000 per year plus travel grants.
Before you give money to a Debian Trusted Organization
Please think about visiting the
debian-project
email list and asking how the decision making, budget processes
and financial reporting can be improved to provide more transparency about
the expenditure goals and better outcomes.
If you are not satisfied with the decision making processes and
transparency, consider giving donations to local Debian Developers
who are working on things that you are familiar with.
When you give money to Debian, does it go to lawyers or developers?
Have they found the right balance?
In January 2023, I published a
picture of our crew rowing Head of the Yarra. The guy sitting
behind me won the award for Emergency Practitioner of the Year.
He is just the type of person you would want to have around if
somebody went missing in the water. But in all the years we did
rowing, I don't remember anybody going missing.
A few months after I published that photo and
Abraham Raji
disappeared and drowned on the DebConf day trip.
According to the
Wiki page for the day trip,
volunteers participated in a series of activities throughout the day.
To participate in the final activity, the kayak, the volunteers were
expected to pay an extra fee. People not paying the fee would be
left alone to swim like Abraham Raji.
In Australia, we all learn the basic rules of swimming. Never swim
alone is one of those rules. Swim in the marked swimming areas.
Debian people like to reinvent the wheel and find their own way
of doing things. The DebConf organizers are particularly bad at this.
People are constantly bike shedding about the costs of minor things.
They tell the foreigners from poor countries that they have to
pay their own visa fees. They expected the Indians to pay
the supplement for going in a kayak, which comes with a life jacket, or
be left alone.
But according to their own records, they paid over
$120,000 to lawyers to attack my family and I. Paying the
lawyers was more important than providing supervision or life jackets for
victims like Abraham Raji.
Given this vendetta has drained so much of the budget that somebody
was left without a lifejacket and he died, it is clear to me
that this vendetta is brought in bad faith and it violates UDRP rule 15(e).
We can see that a WIPO panel was deceived about the origins of
references to branding in the nether regions. This controversy, which
was mentioned in the panel's finding against another domain, is
rooted in the manner in which the misfits created rogue commits in
source code repositories on the anniversary of our wedding.
There is a site
DebianCommunity.org
that explores the way this situation evolved step-by-step. I didn't
make this up and I'm not responsible for it. It was imposed on my family
by the culture of bullying. Other volunteers have noted similar
phenomena with the pack attacking them on their birthdays, Christmas
and Easter among others.
Specifically, we completed a civil wedding on 23 September 2010
and then we completed the religious ceremony a few months later
on 17 April 2011.
Here is the civil wedding certificate:
Here we can see the rogue commit in the Debian keyring repository,
on the date of the civil wedding, overlaid with the photo of genital
branding from NXIVM.
Given the way this extreme harassment simultaneously intrudes
on both my professional life and my family life, I find these
images even more horrific than they were for the WIPO panel.
Nonetheless, the images of genital branding are as relevant
as they are horrific when you consider the deliberate way these
misfits impose on our lives and our reputations.
Here is the date of the religious ceremony on my wedding ring,
alongside the tombstone of Adrian von Bidder, secretary of Debian.ch
who died in what appears to be a possible suicide on exactly the same day,
17 April 2011:
The misfits have made multiple intrusions in the lives of volunteers.
While the scars are not identical, the mentality behind those scars is
much the same. In both Debian and NXIVM, some of the people feel they
have a sense of entitlement to impose upon all aspects of our lives and
our future, whether it is through branding, through gossip or through
demanding that WIPO denounces individual volunteers.
Here is one of the resignations from debian-private:
From Jérôme Marant:
I must confess the load flamewars over the past months, along
with the growing practice of public humiliation, personal attacks
and hate campaigns made my last bits of motivation disappear
entirely. Debian is no longer fun to me and I’m not interested
in doing volunteer work in such a context one usually wouldn’t be
able to avoid in real life.
and from Glenn McGrath:
Due to mostly social and some technical aspects of debian i have
lost my motivation to contribute directly to debian.
Quoting John Hasler:
I’ve resigned. Your resignation procedure says I must announce
that fact to this list. I’ve sent the requisite message to keyring@rt.debian.org
and orphaned my packages. Please notify me if there is anything
I’ve missed. Otherwise please do not respond.
August 2014: Wesley J. Landaker resigns from Debian
From debian-private:
Anyway, times, beliefs, and policies have changed, and the easiest
path for me right now is just to retire rather than waste precious
time fighting for special exemptions or being forcefully kicked out.
I always thought I’d be a Debian Developer until the day I died,
but I’d rather retire than be run out of town. ;)
Harry and Meghan were asked to stop using their
His/Her Royal Highness (HRH) styles.
Harry was banned from
wearing military uniform at the funeral of the late
Queen Elizabeth II. Yet they still have a legitimate interest
in using the family name, Windsor.
If Debian really is a family, and it certainly isn't an employer,
we can all use the family name even if we are not willing to live with
each other in the same castle.
Most people only showed sympathy and respect for my family at that time.
Colleagues in the Debian world started sending me insults, telling me
that I am not a real Debian Developer. It is no surprise that there
is a suicide cluster in this group
(
Debian suicide cluster meets criteria from Public Health England).
Therefore, it is important to look at who really is a Debian Developer.
Origins of the term Debian Developer
Looking at the very first archived copy of an email from
the debian-project mailing list in 1994, we
find that Debian co-authors are using the term
Debian Developer four years before there was a trademark. That is
four years before the Debian Project constitution. The term
Debian Developer is completely valid
for somebody who has done significant creative work over many
decades. In plain English, the term Debian Developer can mean
three things: somebody who possesses the skill of creating
Debian software, somebody who has an authorship interest in
the Debian software and thirdly, but lastly, somebody who is
a member of the clique. Copyright law does not require somebody
to be a member of the clique. I never joined the Debian Project
Unincorporated Association, I have always used the term
Debian Developer first and foremost to describe myself as an author with
moral rights in the creative work.
Legitimate interest: a very long history of voluntary contribution
Some of us started doing Debian as a hobby alongside other hobbies
such as amateur radio. One of the early Debian Project Leaders,
Bruce Perens, also notably came to Debian for amateur radio purposes.
I passed the amateur radio exam in 1993,
when I was 14 years of age.
My first years of voluntary activities in amateur radio and free software
were during a time when I was legally a child. I didn't receive any
payment for some of those activities. I offered my time on the basis
that I was gaining skills and helping real communities.
Around the same time, while I was still legally a child, I came to
appreciate the fact that there are some adults who exploit talented and
precocious youngsters by trying to direct the work that is being undertaken
and failing to disclose or share financial benefits.
The Debian Project constitution was originally published on
10 September 1998,
some time later.
The trademark was only registered later on 21 December 1999
Looking at the Scientologie.org UDRP verdict,
(
WIPO UDRP case D2000-0410)
the panelists
gave some weight to those possessing a copyright interest that predates
the registration of a trademark or a copyright interest arising from
a situation that intersects with the history of the trademark.
The spirit of the Scientologie.org UDRP verdict can
be extracted in good faith to questions like who can use the term
Debian Developer.
Legitimate interests: the promise of recognition
The misfits behind the WIPO insults do not pay the rest of us anything
for our collaboration in creating the Debian software.
They told us that the only thing we get in return for our creations
is the recognition.
Using the term Debian Developer is interchangeable with
recognition for our skills and recognition of our status as voluntary,
un-paid joint authors
who are not compensated in any manner other than recognition.
They are now using the debian.org web site and the trademark
to give people negative recognition. This is like bouncing a cheque.
In the circumstances, it seems entirely appropriate for me to follow
through on the promise of recognizing people. The misfits have provided
a list of the domains along with the dates that each domain name was
registered. On the list, the name debian.plus is the first
name registered. debian.plus was registered for the purpose
of delivering on the promise of positive recognition to the
authors and our work.
Debian promises recognition, I take the following quote from
the latest Debian law suit where they admit using the promise of recognition
to lure people into working for free:
64. ... un des avantages importants de travailler pour la communauté Debian est la valeur de sa réputation dans le domaine, à la fois professionellement et dans la communauté. ...
The motivations of the authors also are varied, but the coin that they get paid in is often recognition, acclaim in the peer group, or experience that can be traded in in the work place
you are recognized for your contributions ... Did you ever have a boss who takes credit for your work? Not in Debian.
In short, there is a big emphasis on working for recognition instead of a salary. They gave us the promise of recognition and that gives rise to a legitimate interest in using the trademark in domain names for web sites about our work.
Moreover, it means once we gain the status of Debian Developer in the
sense of being a joint author, as the term has been used since at least 1994,
they can't bounce the cheque and extinguish
our copyright / recognition / status as these things are interchangeable.
Bad faith: not every co-author wants to be a member of something too
In a number of jurisdictions, we have seen people establishing
associations, some of them legally incorporated, some of them unincorporated,
where they now use the term Debian Developer interchangeably
with the status of a member rather than the status of an author.
Over the years, people have regularly protested against this practice
of conflating authorship and membership.
In 2005, some Debian Developers in the UK created the
Debian UK Society. They published a
proposed constitution / articles of incorporation suggesting
that every Debian Developer in the UK would become
a member of the Society unless they opt-out.
Some authors felt this was a forced membership, similar to forced
membership of a trade union.
The Debian UK Society (DUS) asserted
automatic membership of debian developers (much like that sometimes
suggested for SPI and rejected every time) and some of its members
insulted and lied about me instead of fixing that bug.
Credit to them for fixing it eventually.
Steve McIntyre: Membership of the society consists of the set of registered Debian developers resident in the UK, bar those who have deliberately opted out.
Why would you force authors to downgrade their rights from their status
under copyright law to a lower status as described in the
Debian UK Society constitution?
Under copyright law, joint authors can't expel each other
Under the constitutions of these associations, they purport that
authorship and membership can be simultaneously extinguished on the
whims of the leader of the day.
Some of us never joined any of these associations yet they claim,
in bad faith, that they have the power to "expel" us.
The status of Debian Developer is independent of membership status
Nonetheless, when we examine the words from Steve McIntyre above, we
can see that the status of being a Debian Developer
(co-author or joint author) is something distinct
from being a member.
The distinction is therefore clear to those who created those periphery
associations around the copyrighted work.
Who has a copyright interest in the Debian GNU/Linux?
Recently I went through a burst of enthusiasm and started to overhaul the code a little, adding word-wrapping and fixing a couple of bugs. That lead to a new release, and also a brief amount of (positive) feedback on hacker news.
After mulling it over I realized that the number of CP/M BIOS functions I was using was very minimal, almost only the minimum you'd expect:
Write a character to STDOUT.
Write a $-terminated string to STDOUT.
Read a character from STDIN.
Read a line from STDIN.
It crossed my mind that implementing those syscalls should be trivial, and if I bundled implementations with a Z80 emulator library I'd have a means of running the game without a real CP/M installation, and without using the ZX Spectrum port.
After a day I had a working system, and I added a few more syscalls:
Open File, Create File, Delete File, Close File.
Console I/O.
Read Record.
After that? I can now play Zork 1, Zork 2, Zork 3, and The Hitchhiker's guide to the Galaxy, from Infocom.
I suspect I'm "done" for now, though it might be nice to add WriteRecord and the other missing functions there's no obvious use for yet another CP/M, especially with a CCP.
I have mailed to a Debian bug on allegro4.4 describing my reasoning regarding the allegro libraries – in short, allegro4.4 is pretty much dead upstream, and my interest was basically to keep alex4 (which is cool) in Debian, but since it migrated to non-free, my interest in allegro4.4 has waned. So, if anybody would like to still see allegro4.4 in Debian, please step up now and help out. Since it is dead upstream, my reasoning is that it is better to remove it from Debian if no maintainer who wants to help steps up.
Previously Tobias Hansen has helped out, but now it is 8 (!) years since his last upload of either package. (Please don’t interpret this as judgement, I am very happy for the help he has provided and all the work he has done on the packages).
Allegro5 is another deal – still active upstream, and I have kept it up to date in Debian, and while I have held the latest upload a short while because of the time_t transition, it will come sooner or later – There I am also waiting on a final decision on this bug from upstream. Other than that allegro 5 is in a very good state, and I will keep maintaining it as long as I can. But help would of course be appreciated on allegro5 too.
There have been many opportunities for them to communicate with me
like a human being. They talk about Debian being a
"family" but
they pack together like gang rapists to pick off developers one
at a time and attack us.
They are bypassing any normal human communication because they
want to cause the maximum amount of stress. They want
WIPO to publish the name of my family in a negative context more than
they want any of those domains.
In such circumstances, they prove they are committing the act of
harassment under UDRP rule 15(e)
In the UDRP dispute over WeMakeFedora.org,
the legal panel found
that communications from IBM Red Hat had authorized
use of the domain name and therefore, IBM Red Hat themselves were acting
in bad faith by trying to retrospectively launch a dispute.
The authorizations published on the debian.org web site
are even more unambiguous, unconditional and explicit than the
authorizations that IBM Red Hat gave to the owner of WeMakeFedora.org.
Therefore, Software in the Public Interest, Inc has no right to
complain about third party web sites that "look like" debian.org.
Using the standards set by the WeMakeFedora.org verdict,
we can say clearly that Software in the Public Interest, Inc is
acting in bad faith when it complains about similar web sites.
We don't even need to pay a legal panel to tell us that because
the hypocrisy has a certain smell about it. Debian is rotting from the
inside.
It is important to think about the consequences for the volunteers
running independent web sites. Many of us do this without payment.
We do this as a hobby. Dealing with harassment from lawyers creates
stress and takes time away from our families. If a WIPO panel was
to make a declaration of bad faith about us simply because we don't
know how to write an adequate response and can't afford a lawyer then
the rogue WIPO verdict could have negative consequences for our
employment, ability to borrow money and ability to obtain or renew
essential insurance policies for our homes and our trade.
When you think about all those potentially negative consequenes for
us as volunteers, it is really wrong for SPI to seek such consequences
despite the fact they authorized use of the logo and theme.
That is why it is so important for the legal panel to make a verdict
of bad faith against SPI themselves.
Legitimate interest: redistribution of the Debian software is
explicitly authorized
With this authorization, any person who obtains a copy of the
software is entitled to redistribute it.
The DebianGNULinux.org
domain name was registered to do exactly that, to redistribute
copies of the Debian software. This activity has been authorized.
Remarkably, in one of their claims submitted to another tribunal,
the misfits explicitly describe a web site redistributing Debian
as an outrageous crime, despite the fact the DFSG and the license
statement referred to earlier explicitly authorize redistribution of
genuine copies of Debian GNU/Linux.
Such a flagrant violation of the principles in the DFSG appears
to be bad faith on the part of the complainant.
Legitimate interest: use of the logo is authorized
The page describes two versions of the logo, the open logo
and the restricted use logo.
The page gives a free-for-all license to use the open logo.
The logo I am using on pages about my Debian work is the open logo.
Here is the text of the authorization from the trademark holder:
The Debian Open Use Logo comes in two flavors, with and without “Debian” label.
The Debian Open Use Logo(s) are Copyright (c) 1999 Software in the Public Interest, Inc., and are released under the terms of the GNU Lesser General Public License, version 3 or any later version, or, at your option, of the Creative Commons Attribution-ShareAlike 3.0 Unported License.
Legitimate interest: use of Debian-themed web page style
The Debian web page style is used extensively on third party web sites
run by individual co-authors and volunteers.
At the bottom of every page on the main
www.debian.org
web site there is a link to a dedicated page about the licenses
(authorization) to re-use the theme and content of www.debian.org.
Since 25 January 2012, the new material can be redistributed and/or modified under the terms of the MIT (Expat) License or, at your option, of the GNU General Public License; either version 2 of the License, or (at your option) any later version (the latest version is usually available at https://www.gnu.org/licenses/gpl.html).
Work is in progress to make the older material compliant with the above licenses. Until then, please refer to the following terms of the Open Publication License.
This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, Draft v1.0 or later (you can read our local copy, the latest version is usually available at http://www.opencontent.org/openpub/).
“Debian” and the Debian Logo are trademarks of Software in the Public Interest, Inc.
The complainant publishes the source code for the web site theme.
This makes it easy for anybody empowered by the above license to download
the theme and use it when creating their own site.
At the bottom of every page on Debian.org, they promote
the source code for the web site with a link text
"Web site source code is available".
Bad faith: complainant reneges on existing authorizations
As noted in the statements on legitimate interest, the
complainant has clearly authorized many of the things they complained
about.
The Debian Social Contract, which states "We will not hide problems",
authorizes discussion of controversial technical, social and ethical
topics. In fact, it is more than an authorization, it encourages
such discussions and publications. Therefore, their complaining
about what is published on these web sites is itself an act of bad faith.
They authorized use of the logo, as discussed, so their complaining
about use of the logo is itself bad faith.
They put the web site theme and content under the open source licenses,
as discussed above, so their complaining about sites with a similar
appearance is itself bad faith.
Overall, for their claim of bad faith to supercede these authorizations,
they would have to demonstrate some extraordinary acts of wrongdoing,
for example, to show that a web site was using the trademark, domain
name and logo to distribute a virus. They provide no evidence of
such wrongdoing.
Legal panels looking at the disputes have so far refused to make
any finding about who owns a copyright interest in Debian.
Precedents in the UDRP have determined that any joint author has
a legitimate interest in using the Debian name as part of a domain name.
The example that people have been discussing is the Scientologie.org
dispute
(
WIPO UDRP case D2000-0410).
Copyright is important because it gives rise to legitimate interests
of the co-authors who want to register their own Debian domain names.
Co-authors of a work are
equal. Notions of exclusive memberships, expulsions and
demotions violate the principle of being equal.
The implication of this statement is clear: the Scientologie.org
precedent for a single entity having a copyright interest can be relied
upon by any equal co-author of a work. The precedent is not only
applicable to cases with a single author and doesn't require all
authors to be in agreement (or Debian groupthink) with each other.
In the most recent Debian UDRP vendetta, the legal panel wrote:
The Panel confirms that this finding does not imply
that it has taken any view of the ownership of copyright in DEBIAN
software. Indeed, it is unable to do so on the evidence before it.
Here I try to fill that gap and provide evidence about Debian GNU/Linux
copyright, including my own copyright interest.
Debian Developers are asserting that:
Debian GNU/Linux is a Collective Work, which has a special meaning in copyright law
The aforementioned Collective Work is created not by a single author but by Joint Authors
Debian GNU/Linux copyright is based on the US law and may be influenced by the laws of other countries where various Debian Developers and Debian Project Leaders have resided over the years
What a WIPO legal panel told us about Debian GNU/Linux copyright
This analysis has been conducted by long time Debian Developer Daniel
Pocock.
Various people have been holding up copies of one of the UDRP vendetta
verdicts. Therefore, they are clearly aware of the references to the original
Scientologie.org verdict and the logic in that verdict
(
WIPO UDRP case D2000-0410).
The two lines quoted above from the 2022 panel are significant and as the misfits have
submitted this document in support of their demands again in 2024, with
the help of legal counsel, we are surprised they have not tried to answer
that question
proactively. It appears that they don't care too much about documenting
and protecting the exclusive economic rights of a copyright owner or
the moral rights of an author.
On the distinction between the exclusive economic rights of a copyright
owner, I note that none of us Debian Developers, being the co-authors
of Debian, have ever been asked to assign our rights to any third-party
copyright owner. The misfits have not submitted any evidence purporting
to prove that such an assignment did take place. Therefore, there is no
copyright owner having exclusive economic rights over the Debian software.
By default, the rights rest with the authors who did the work. Despite
having clearly
read the panel's comments, the misfits have not submitted any evidence
claiming that any such party exists with exclusive economic rights
as a copyright owner of the Debian software.
Where is the real Debian license statement?
Oddly enough, Debian documents and files in a Debian system refer
to the licenses of the individual packages being distributed. It
was hard to find an actual example of a copyright statement or
license for Debian itself as a collective work.
The
Debian Project constitution of 1998, referred to above,
encourages Software in the Public Interest, Inc to register a
trademark. It says nothing about copyright in the existing body of
work.
Here are the words from the original constitution:
Since Debian has no authority to hold money or property, any donations for the Debian Project must be made to SPI, which manages such affairs.
SPI have made the following undertakings:
1. SPI will hold money, trademarks and other tangible and intangible property and manage other affairs for purposes related to Debian.
So people can donate intangible property like copyright to SPI if they make a personal decision to do so. The constitution did not oblige us to make such donations/assignments.
This situation is well known in open source software development.
Some companies ask their contributors to sign a Contributor License Agreement
or an assignment granting all their rights to a central entity with
exclusive copyright.
Such an assignment can't take place through a majority vote, such an
assignment or transfer of rights to a single entity would require
the unanimous consent of every single author who ever contributed
to Debian. In the case of those authors who are deceased, we would
need to obtain consent from their estates.
Continuing the search for a Debian license,
on the ISO installation media, I found the file
isolinux/f10.txt which contains the very brief text:
COPYRIGHTS AND WARRANTIES
Debian GNU/Linux is Copyright (C) 1993-2016 Software in the Public Interest,
and others.
The Debian GNU/Linux system is freely redistributable. After installation,
the exact distribution terms for each package are described in the
corresponding file /usr/share/doc/<packagename>/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
It asserts that copyright is owned by Software in the Public Interest,
and others. Most of us are individual private volunteers and we
have never personally chosen to grant or assign our copyright interest
to Software in the Public Interest. I became curious about who put
this statement into the ISO image.
Debian is a collective work under the above US copyright law.
The work was initiated in 1993 by Ian Murdock in the United States.
In a Collective work (US), the authors (or co-authors) are selecting works
from third parties and arranging them into the final product, Debian,
a collective work. The decision making process that involves selecting
third party works and the decision making process that involves
arranging the third party works gives rise to the moral rights
of authorship in the Debian collective work.
The “authorship” in a collective work comes from the original selection, coordination, and arrangement of the independent works included in the collective work.
In the Debian world, the independent works are referred to as "upstream" source code. The authors of independent works are referred to as "upstream authors" or just "upstream".
The Debian maintainer guide describes the process of jointly selecting the independent works for inclusion in Debian. In particular, co-authors are required to create a public "Intent To Package" (ITP) report in the bug tracking system (BTS) so that other co-authors can discuss the merits of the selection decision. The requirement to engage in a shared discussion for every selection decision gives rise to joint authorship rights.
Moreover, the person who creates the package importing the independent work into Debian is required to create a manifest describing the inclusion of the independent upstream work. This manifest is the debian/control file. The Debian Policy Manual provides a list of fields in the debian/control files.
Some of these fields are dedicated to the coordination and the arrangement of the independent works within a Debian system.
Coordination of the independent contributions: the package dependency fields describe the relationships between packages that have to be installed together or which conflict with each other. In many cases, when a library package is a dependency for other packages, we have to ensure that the version of the library package in Debian is compatible with the dependent packages. We have a formal process of coordination in this case, the Transition process. Populating the dependency fields in the debian/control file and participating in a Transition process, either as the producer or the consumer of a dependency, are examples of coordination of the independent works from upstream authors.
Here are some examples where I personally engaged in these actions:
The fields Section and Priority impact the arrangement of the contributions from the perspective of the user. The person completing the values in these fields is engaged in the process of arrangement of the contributions in a collective work.
Therefore, the development of Debian includes features of
both a collective work and a work of joint authorship at the same time.
Moreover, due to processes such as library transitions, NMU and our
system of voting on certain decisions, any co-author may influence the
way that other co-authors are integrating the independent upstream works
into Debian. This cross-pollination of ideas and effort is a well known
feature of Debian. In other Linux distributions, the developers are
a little bit more siloed from each other.
Every two years, an official stable release of the Debian software
is released to the public. This process of releasing involves
declaring a version number that corresponds to a particular subset
of the contributions that are in a working state at the time of the
release. Even if a Debian Developer's contributions are obstructed
from inclusion in future releases, or if a Debian Developer commits suicide,
their work is still present in all the past releases that have been
published.
My own contributions are included in a number of these Debian releases
over the years.
This
report finds my name in changelogs and copyright files.
There are 21 pages of results.
Shooting themselves in the foot
To declare that the Debian Developers do not have authorship
rights at all would be incredibly de-motivating.
Future volunteers may be deterred from contributing their
intellectual property and their time.
Bad faith: the complainant is gaslighting about authorship and membership
The complainant appears to pivot back and forth between concepts from
copyright law and from the law of associations.
Consider the case when somebody begins contributing to Debian.
There is no such thing as a "New member" process. Rather, it has
historically been called the "New maintainer" process. We can see that
clearly in the
name of the
debian-newmaint mailing list.
The word "maintainer" primarily implies somebody is doing creative work to
select, coordinate and arrange more independent works into Debian.
Then we have the guide for the
New Member process, which was previously known as the New
Maintainer process. In step 3, explained in that page, the new contributors
are asked to agree to the Debian Social Contract,
the Debian Free Software Guidelines and the
Debian Machine Usage Policy. The former is ultimately about our relation
as authors, not as members and the terms under which we license our
work to the rest of the world.
The new maintainer/member guide doesn't ask people to ratify
their adherence to the constitution. The notion of joining an association,
whether it is incorporated or not, is inseparable from consenting to
be governed by and uphold the association's constitution. The
only people who ever ratified the constitution were
86 co-authors
in 1998 (23% of the developers at that time) who wanted to have
a constitution.
Somebody who did not ask to be a member can't be expelled.
Somebody who is not an employee can't be demoted or sacked.
Yet we have seen some of the leadership figures insist on having
these powers over a
series of victims. The title Debian Project Leader
implies just that: to lead, not to give orders.
The insinuation that concepts of expulsions and demotions can
be applied to co-authors is an example of gaslighting.
Copyright law is very clear: co-authors of a work are
equal. Notions of expulsions and demotions violate
the principle of being equal.
The fact that they are knowingly and deliberately trying to obfuscate
our moral rights as co-authors, giving us nothing in exchange
for the status they are taking away, is an aggravating factor
that justifies the finding of harassment and bad faith against
the complainant.
Bad faith: use of an administrative process to extinguish the moral rights and recognition of co authors
The paper notes that the Nazis used administrative law to
frustrate the rights of authors, just as misfits are using a WIPO
administrative process to harass and intimidate a Debian co-author.
Quoting the journal article:
Despite the fact that written IP legislation in Nazi Germany
did not include specific exclusions for Jewish applicants and authors,
in practice, they were excluded by administrative measures alone
rather than legal ordinances.
The misfits frequently use the same language, the word "exclude" comes
up again and again. Harassment, UDRP rule 15(e)
The scientologie.org UDRP verdict makes reference to the
promotion of an author's work.
This point was also emphasized by the legal panel considering
previous Debian disputes. The panel wrote:
Unlike the circumstances in Religious Technology Center
v. Freie Zone E. V, supra the Respondent in the present case is not using
the disputed domain name to disseminate information about its
copyright work.
All the web sites that have been started using these domains
involve the promotion of my creative work in a Debian context.
Several of the domain names have been chosen in
recognition to my own work in specific areas of Debian. For example,
the domains debian.chat,
debian.finance and
debian.video have already been
started with information about my work on software relating to
financial software, chat software and video software, as well as
videos about my work.
The latest WIPO censorship documents specify a jurisdiction for the
domain registrar
but the content on the web sites needs to be viewed through the
perspective of different jurisdictions and cultural conventions.
The Debian co-authors today come from a
range of different countries
each having their own legal and cultural expectations about matters such
as copyright, privacy and abuse.
There is a widespread understanding that the free, open source
software community values freedom of expression in the sense of the
first amendment to the US constitution / US Bill of Rights.
When people look at the
Debian Social Contract, which includes the
clause (3) We will not hide problems, there is an expectation that
we have all agreed to collaborate under an American regime of transparency
and free speech about organizational issues.
The role of Debian Project Leader has been performed by people from a
range of different countries where norms differ from one country to the
next. For example, Chris Lamb, who started the current vendetta in 2018,
is from the UK. It has been quite normal for the British press to
publish information about the former Mayor of London trying to help
girlfriends get jobs in the public service. Asking similar questions
about women who won internships in proximity to Chris Lamb feels entirely
compatible with the convention followed in British society.
In other European countries, such as Germany and Switzerland,
there seems to be far more emphasis on protecting the reputations
of those who are party to such affairs such that the whole affair
is often hidden from view. There is a perception that people from
these countries want to have their cake and eat it too. They
demand privacy for themselves but they still lurk on the
debian-private mailing list and chat channels spreading rumors
about the rest of us. They want to download and use the software without
paying for it and they don't even respect the principles of the developers.
The FSFE is even using a name derived from the American FSF, it
is feels like
a case of identity theft,
but at the same time they are snubbing freedom of expression.
Content that appears to be inconvenient for an entirely
German online community is quite valid in an online community claiming to
adhere to an American style of discourse.
The work we do as open source software developers intersects
with many other aspects of our lives.
For example, when we participate in other voluntary groups in
the real world, we often help them with their technology requirements.
The solutions we provide often involve Debian and other free software
products. When misfits start spreading rumors from Debian into social media
networks, this is harmful to other groups where we participate and
at the same time, it is harmful to our own personal lives,
the places where we go to socialize away from our computers,
the places where we go to exercize and so on.
This intrusion on multiple aspects of our lives, both professional
and personal, is not by accident, it has become a deliberate intention
of the rogue leadership figures who engage in publicly
humiliating volunteers.
Therefore, given the impact that public denouncing us has on our
lives, it is harassment and it violates UDRP rule 15(e)
The paper notes that the Nazis used administrative law to
frustrate the rights of authors, just as misfits are using a WIPO
administrative process to harass and intimidate a Debian co-author.
Quoting the journal article:
Despite the fact that written IP legislation in Nazi Germany
did not include specific exclusions for Jewish applicants and authors,
in practice, they were excluded by administrative measures alone
rather than legal ordinances.
The misfits frequently use the same language, the word "exclude" comes
up again and again. Harassment, UDRP rule 15(e)
With the release of Libntlm version 1.8 the release tarball can be reproduced on several distributions. We also publish a signed minimal source-only tarball, produced by git-archive which is the same format used by Savannah, Codeberg, GitLab, GitHub and others. Reproducibility of both tarballs are tested continuously for regressions on GitLab through a CI/CD pipeline. If that wasn’t enough to excite you, the Debian packages of Libntlm are now built from the reproducible minimal source-only tarball. The resulting binaries are reproducible on several architectures.
What does that even mean? Why should you care? How you can do the same for your project? What are the open issues? Read on, dear reader…
Let’s look at how a maintainer release some software, and how a user can reproduce the released artifacts from the source code. Libntlm provides a shared library written in C and uses GNU Make, GNU Autoconf, GNU Automake, GNU Libtool and gnulib for build management, but these ideas should apply to most project and build system. The following illustrate the steps a maintainer would take to prepare a release:
git clone https://gitlab.com/gsasl/libntlm.git
cd libntlm
git checkout v1.8
./bootstrap
./configure
make distcheck
gpg -b libntlm-1.8.tar.gz
The generated files libntlm-1.8.tar.gz and libntlm-1.8.tar.gz.sig are published, and users download and use them. This is how the GNU project have been doing releases since the late 1980’s. That is a testament to how successful this pattern has been! These tarballs contain source code and some generated files, typically shell scripts generated by autoconf, makefile templates generated by automake, documentation in formats like Info, HTML, or PDF. Rarely do they contain binary object code, but historically that happened.
The XZUtils incident illustrate that tarballs with files that are not included in the git archive offer an opportunity to disguise malicious backdoors. I blogged earlier how to mitigate this risk by using signed minimal source-only tarballs.
The risk of hiding malware is not the only motivation to publish signed minimal source-only tarballs. With pre-generated content in tarballs, there is a risk that GNU/Linux distributions such as Trisquel, Guix, Debian/Ubuntu or Fedora ship generated files coming from the tarball into the binary *.deb or *.rpm package file. Typically the person packaging the upstream project never realized that some installed artifacts was not re-built through a typical autoconf -fi && ./configure && make install sequence, and never wrote the code to rebuild everything. This can also happen if the build rules are written but are buggy, shipping the old artifact. When a security problem is found, this can lead to time-consuming situations, as it may be that patching the relevant source code and rebuilding the package is not sufficient: the vulnerable generated object from the tarball would be shipped into the binary package instead of a rebuilt artifact. For architecture-specific binaries this rarely happens, since object code is usually not included in tarballs — although for 10+ years I shipped the binary Java JAR file in the GNU Libidn release tarball, until I stopped shipping it. For interpreted languages and especially for generated content such as HTML, PDF, shell scripts this happens more than you would like.
Publishing minimal source-only tarballs enable easier auditing of a project’s code, to avoid the need to read through all generated files looking for malicious content. I have taken care to generate the source-only minimal tarball using git-archive. This is the same format that GitLab, GitHub etc offer for the automated download links on git tags. The minimal source-only tarballs can thus serve as a way to audit GitLab and GitHub download material! Consider if/when hosting sites like GitLab or GitHub has a security incident that cause generated tarballs to include a backdoor that is not present in the git repository. If people rely on the tag download artifact without verifying the maintainer PGP signature using GnuPG, this can lead to similar backdoor scenarios that we had for XZUtils but originated with the hosting provider instead of the release manager. This is even more concerning, since this attack can be mounted for some selected IP address that you want to target and not on everyone, thereby making it harder to discover.
With all that discussion and rationale out of the way, let’s return to the release process. I have added another step here:
make srcdist
gpg -b libntlm-1.8-src.tar.gz
Now the release is ready. I publish these four files in the Libntlm’s Savannah Download area, but they can be uploaded to a GitLab/GitHub release area as well. These are the SHA256 checksums I got after building the tarballs on my Trisquel 11 aramo laptop:
So how can you reproduce my artifacts? Here is how to reproduce them in a Ubuntu 22.04 container:
podman run -it --rm ubuntu:22.04
apt-get update
apt-get install -y --no-install-recommends autoconf automake libtool make git ca-certificates
git clone https://gitlab.com/gsasl/libntlm.git
cd libntlm
git checkout v1.8
./bootstrap
./configure
make dist srcdist
sha256sum libntlm-*.tar.gz
You should see the exact same SHA256 checksum values. Hooray!
This works because Trisquel 11 and Ubuntu 22.04 uses the same version of git, autoconf, automake, and libtool. These tools do not guarantee the same output content for all versions, similar to how GNU GCC does not generate the same binary output for all versions. So there is still some delicate version pairing needed.
Ideally, the artifacts should be possible to reproduce from the release artifacts themselves, and not only directly from git. It is possible to reproduce the full tarball in a AlmaLinux 8 container – replace almalinux:8 with rockylinux:8 if you prefer RockyLinux:
podman run -it --rm almalinux:8
dnf update -y
dnf install -y make wget gcc
wget https://download.savannah.nongnu.org/releases/libntlm/libntlm-1.8.tar.gz
tar xfa libntlm-1.8.tar.gz
cd libntlm-1.8
./configure
make dist
sha256sum libntlm-1.8.tar.gz
The source-only minimal tarball can be regenerated on Debian 11:
podman run -it --rm debian:11
apt-get update
apt-get install -y --no-install-recommends make git ca-certificates
git clone https://gitlab.com/gsasl/libntlm.git
cd libntlm
git checkout v1.8
make -f cfg.mk srcdist
sha256sum libntlm-1.8-src.tar.gz
As the Magnus Opus or chef-d’œuvre, let’s recreate the full tarball directly from the minimal source-only tarball on Trisquel 11 – replace docker.io/kpengboy/trisquel:11.0 with ubuntu:22.04 if you prefer.
podman run -it --rm docker.io/kpengboy/trisquel:11.0
apt-get update
apt-get install -y --no-install-recommends autoconf automake libtool make wget git ca-certificates
wget https://download.savannah.nongnu.org/releases/libntlm/libntlm-1.8-src.tar.gz
tar xfa libntlm-1.8-src.tar.gz
cd libntlm-v1.8
./bootstrap
./configure
make dist
sha256sum libntlm-1.8.tar.gz
Yay! You should now have great confidence in that the release artifacts correspond to what’s in version control and also to what the maintainer intended to release. Your remaining job is to audit the source code for vulnerabilities, including the source code of the dependencies used in the build. You no longer have to worry about auditing the release artifacts.
I find it somewhat amusing that the build infrastructure for Libntlm is now in a significantly better place than the code itself. Libntlm is written in old C style with plenty of string manipulation and uses broken cryptographic algorithms such as MD4 and single-DES. Remember folks: solving supply chain security issues has no bearing on what kind of code you eventually run. A clean gun can still shoot you in the foot.
Side note on naming: GitLab exports tarballs with pathnames libntlm-v1.8/ (i.e.., PROJECT-TAG/) and I’ve adopted the same pathnames, which means my libntlm-1.8-src.tar.gz tarballs are bit-by-bit identical to GitLab’s exports and you can verify this with tools like diffoscope. GitLab name the tarball libntlm-v1.8.tar.gz (i.e., PROJECT-TAG.ARCHIVE) which I find too similar to the libntlm-1.8.tar.gz that we also publish. GitHub uses the same git archive style, but unfortunately they have logic that removes the ‘v’ in the pathname so you will get a tarball with pathname libntlm-1.8/ instead of libntlm-v1.8/ that GitLab and I use. The content of the tarball is bit-by-bit identical, but the pathname and archive differs. Codeberg (running Forgejo) uses another approach: the tarball is called libntlm-v1.8.tar.gz (after the tag) just like GitLab, but the pathname inside the archive is libntlm/, otherwise the produced archive is bit-by-bit identical including timestamps. Savannah’s CGIT interface uses archive name libntlm-1.8.tar.gz with pathname libntlm-1.8/, but otherwise file content is identical. Savannah’s GitWeb interface provides snapshot links that are named after the git commit (e.g., libntlm-a812c2ca.tar.gz with libntlm-a812c2ca/) and I cannot find any tag-based download links at all. Overall, we are so close to get SHA256 checksum to match, but fail on pathname within the archive. I’ve chosen to be compatible with GitLab regarding the content of tarballs but not on archive naming. From a simplicity point of view, it would be nice if everyone used PROJECT-TAG.ARCHIVE for the archive filename and PROJECT-TAG/ for the pathname within the archive. This aspect will probably need more discussion.
Side note on git archive output: It seems different versions of git archive produce different results for the same repository. The version of git in Debian 11, Trisquel 11 and Ubuntu 22.04 behave the same. The version of git in Debian 12, AlmaLinux/RockyLinux 8/9, Alpine, ArchLinux, macOS homebrew, and upcoming Ubuntu 24.04 behave in another way. Hopefully this will not change that often, but this would invalidate reproducibility of these tarballs in the future, forcing you to use an old git release to reproduce the source-only tarball. Alas, GitLab and most other sites appears to be using modern git so the download tarballs from them would not match my tarballs – even though the content would.
Side note on ChangeLog: ChangeLog files were traditionally manually curated files with version history for a package. In recent years, several projects moved to dynamically generate them from git history (using tools like git2cl or gitlog-to-changelog). This has consequences for reproducibility of tarballs: you need to have the entire git history available! The gitlog-to-changelog tool also output different outputs depending on the time zone of the person using it, which arguable is a simple bug that can be fixed. However this entire approach is incompatible with rebuilding the full tarball from the minimal source-only tarball. It seems Libntlm’s ChangeLog file died on the surgery table here.
So how would a distribution build these minimal source-only tarballs? I happen to help on the libntlm package in Debian. It has historically used the generated tarballs as the source code to build from. This means that code coming from gnulib is vendored in the tarball. When a security problem is discovered in gnulib code, the security team needs to patch all packages that include that vendored code and rebuild them, instead of merely patching the gnulib package and rebuild all packages that rely on that particular code. To change this, the Debian libntlm package needs to Build-Depends on Debian’s gnulib package. But there was one problem: similar to most projects that use gnulib, Libntlm depend on a particular git commit of gnulib, and Debian only ship one commit. There is no coordination about which commit to use. I have adopted gnulib in Debian, and add a git bundle to the *_all.deb binary package so that projects that rely on gnulib can pick whatever commit they need. This allow an no-network GNULIB_URL and GNULIB_REVISION approach when running Libntlm’s ./bootstrap with the Debian gnulib package installed. Otherwise libntlm would pick up whatever latest version of gnulib that Debian happened to have in the gnulib package, which is not what the Libntlm maintainer intended to be used, and can lead to all sorts of version mismatches (and consequently security problems) over time. Libntlm in Debian is developed and tested on Salsa and there is continuous integration testing of it as well, thanks to the Salsa CI team.
Side note on git bundles: unfortunately there appears to be no reproducible way to export a git repository into one or more files. So one unfortunate consequence of all this work is that the gnulib *.orig.tar.gz tarball in Debian is not reproducible any more. I have tried to get Git bundles to be reproducible but I never got it to work — see my notes in gnulib’s debian/README.source on this aspect. Of course, source tarball reproducibility has nothing to do with binary reproducibility of gnulib in Debian itself, fortunately.
One open question is how to deal with the increased build dependencies that is triggered by this approach. Some people are surprised by this but I don’t see how to get around it: if you depend on source code for tools in another package to build your package, it is a bad idea to hide that dependency. We’ve done it for a long time through vendored code in non-minimal tarballs. Libntlm isn’t the most critical project from a bootstrapping perspective, so adding git and gnulib as Build-Depends to it will probably be fine. However, consider if this pattern was used for other packages that uses gnulib such as coreutils, gzip, tar, bison etc (all are using gnulib) then they would all Build-Depends on git and gnulib. Cross-building those packages for a new architecture will therefor require git on that architecture first, which gets circular quick. The dependency on gnulib is real so I don’t see that going away, and gnulib is a Architecture:all package. However, the dependency on git is merely a consequence of how the Debian gnulib package chose to make all gnulib git commits available to projects: through a git bundle. There are other ways to do this that doesn’t require the git tool to extract the necessary files, but none that I found practical — ideas welcome!
Finally some brief notes on how this was implemented. Enabling bootstrappable source-only minimal tarballs via gnulib’s ./bootstrap is achieved by using the GNULIB_REVISION mechanism, locking down the gnulib commit used. I have always disliked git submodules because they add extra steps and has complicated interaction with CI/CD. The reason why I gave up git submodules now is because the particular commit to use is not recorded in the git archive output when git submodules is used. So the particular gnulib commit has to be mentioned explicitly in some source code that goes into the git archive tarball. Colin Watson added the GNULIB_REVISION approach to ./bootstrap back in 2018, and now it no longer made sense to continue to use a gnulib git submodule. One alternative is to use ./bootstrap with --gnulib-srcdir or --gnulib-refdir if there is some practical problem with the GNULIB_URL towards a git bundle the GNULIB_REVISION in bootstrap.conf.
git archive --prefix=libntlm-v1.8/ -o libntlm-v1.8.tar.gz HEAD
Making the make dist generated tarball reproducible can be more complicated, however for Libntlm it was sufficient to make sure the modification times of all files were set deterministically to the timestamp of the last commit in the git repository. Interestingly there seems to be a couple of different ways to accomplish this, Guix doesn’t support minimal source-only tarballs but rely on a .tarball-timestamp file inside the tarball. Paul Eggert explained what TZDB is using some time ago. The approach I’m using now is fairly similar to the one I suggested over a year ago. If there are problems because all files in the tarball now use the same modification time, there is a solution by Bruno Haible that could be implemented.
Side note on git tags: Some people may wonder why not verify a signed git tag instead of verifying a signed tarball of the git archive. Currently most git repositories uses SHA-1 for git commit identities, but SHA-1 is not a secure hash function. While current SHA-1 attacks can be detected and mitigated, there are fundamental doubts that a git SHA-1 commit identity uniquely refers to the same content that was intended. Verifying a git tag will never offer the same assurance, since a git tag can be moved or re-signed at any time. Verifying a git commit is better but then we need to trust SHA-1. Migrating git to SHA-256 would resolve this aspect, but most hosting sites such as GitLab and GitHub does not support this yet. There are other advantages to using signed tarballs instead of signed git commits or git tags as well, e.g., tar.gz can be a deterministically reproducible persistent stable offline storage format but .git sub-directory trees or git bundles do not offer this property.
Doing continous testing of all this is critical to make sure things don’t regress. Libntlm’s pipeline definition now produce the generated libntlm-*.tar.gz tarballs and a checksum as a build artifact. Then I added the 000-reproducability job which compares the checksums and fails on mismatches. You can read its delicate output in the job for the v1.8 release. Right now we insists that builds on Trisquel 11 match Ubuntu 22.04, that PureOS 10 builds match Debian 11 builds, that AlmaLinux 8 builds match RockyLinux 8 builds, and AlmaLinux 9 builds match RockyLinux 9 builds. As you can see in pipeline job output, not all platforms lead to the same tarballs, but hopefully this state can be improved over time. There is also partial reproducibility, where the full tarball is reproducible across two distributions but not the minimal tarball, or vice versa.
If this way of working plays out well, I hope to implement it in other projects too.
Years ago, at what I think I remember was DebConf 15, I hacked for a while
on debhelper to
write build-ids to debian binary control files,
so that the build-id (more specifically, the ELF note
.note.gnu.build-id) wound up in the Debian apt archive metadata.
I’ve always thought this was super cool, and seeing as how Michael Stapelberg
blogged
some great pointers around the ecosystem, including the fancy new debuginfod
service, and the
find-dbgsym-packages
helper, which uses these same headers, I don’t think I’m the only one.
At work I’ve been using a lot of rust,
specifically, async rust using tokio. To try and work on
my style, and to dig deeper into the how and why of the decisions made in these
frameworks, I’ve decided to hack up a project that I’ve wanted to do ever
since 2015 – write a debug filesystem. Let’s get to it.
Back to the Future
Time to admit something. I really love Plan 9. It’s
just so good. So many ideas from Plan 9 are just so prescient, and everything
just feels right. Not just right like, feels good – like, correct. The
bit that I’ve always liked the most is 9p, the network protocol for serving
a filesystem over a network. This leads to all sorts of fun programs, like the
Plan 9 ftp client being a 9p server – you mount the ftp server and access
files like any other files. It’s kinda like if fuse were more fully a part
of how the operating system worked, but fuse is all running client-side. With
9p there’s a single client, and different servers that you can connect to,
which may be backed by a hard drive, remote resources over something like SFTP, FTP, HTTP or even purely synthetic.
The interesting (maybe sad?) part here is that 9p wound up outliving Plan 9
in terms of adoption – 9p is in all sorts of places folks don’t usually expect.
For instance, the Windows Subsystem for Linux uses the 9p protocol to share
files between Windows and Linux. ChromeOS uses it to share files with Crostini,
and qemu uses 9p (virtio-p9) to share files between guest and host. If you’re
noticing a pattern here, you’d be right; for some reason 9p is the go-to protocol
to exchange files between hypervisor and guest. Why? I have no idea, except maybe
due to being designed well, simple to implement, and it’s a lot easier to validate the data being shared
and validate security boundaries. Simplicity has its value.
As a result, there’s a lot of lingering 9p support kicking around. Turns out
Linux can even handle mounting 9p filesystems out of the box. This means that I
can deploy a filesystem to my LAN or my localhost by running a process on top
of a computer that needs nothing special, and mount it over the network on an
unmodified machine – unlike fuse, where you’d need client-specific software
to run in order to mount the directory. For instance, let’s mount a 9p
filesystem running on my localhost machine, serving requests on 127.0.0.1:564
(tcp) that goes by the name “mountpointname” to /mnt.
Linux will mount away, and attach to the filesystem as the root user, and by default,
attach to that mountpoint again for each local user that attempts to use
it. Nifty, right? I think so. The server is able
to keep track of per-user access and authorization
along with the host OS.
WHEREIN I STYX WITH IT
Since I wanted to push myself a bit more with rust and tokio specifically,
I opted to implement the whole stack myself, without third party libraries on
the critical path where I could avoid it. The 9p protocol (sometimes called
Styx, the original name for it) is incredibly simple. It’s a series of client
to server requests, which receive a server to client response. These are,
respectively, “T” messages, which transmit a request to the server, which
trigger an “R” message in response (Reply messages). These messages are
TLV payload
with a very straight forward structure – so straight forward, in fact, that I
was able to implement a working server off nothing more than a handful of man
pages.
Later on after the basics worked, I found a more complete
spec page
that contains more information about the
unix specific variant
that I opted to use (9P2000.u rather than 9P2000) due to the level
of Linux specific support for the 9P2000.u variant over the 9P2000
protocol.
MR ROBOTO
The backend stack over at zoo is rust and tokio
running i/o for an HTTP and WebRTC server. I figured I’d pick something
fairly similar to write my filesystem with, since 9P can be implemented
on basically anything with I/O. That means tokio tcp server bits, which
construct and use a 9p server, which has an idiomatic Rusty API that
partially abstracts the raw R and T messages, but not so much as to
cause issues with hiding implementation possibilities. At each abstraction
level, there’s an escape hatch – allowing someone to implement any of
the layers if required. I called this framework
arigato which can be found over on
docs.rs and
crates.io.
/// Simplified version of the arigato File trait; this isn't actually
/// the same trait; there's some small cosmetic differences. The
/// actual trait can be found at:
///
/// https://docs.rs/arigato/latest/arigato/server/trait.File.html
trait File {
/// OpenFile is the type returned by this File via an Open call.
typeOpenFile: OpenFile;
/// Return the 9p Qid for this file. A file is the same if the Qid is
/// the same. A Qid contains information about the mode of the file,
/// version of the file, and a unique 64 bit identifier.
fnqid(&self) -> Qid;
/// Construct the 9p Stat struct with metadata about a file.
async fnstat(&self) -> FileResult<Stat>;
/// Attempt to update the file metadata.
async fnwstat(&mut self, s: &Stat) -> FileResult<()>;
/// Traverse the filesystem tree.
async fnwalk(&self, path: &[&str]) -> FileResult<(Option<Self>, Vec<Self>)>;
/// Request that a file's reference be removed from the file tree.
async fnunlink(&mut self) -> FileResult<()>;
/// Create a file at a specific location in the file tree.
async fncreate(
&mut self,
name: &str,
perm: u16,
ty: FileType,
mode: OpenMode,
extension: &str,
) -> FileResult<Self>;
/// Open the File, returning a handle to the open file, which handles
/// file i/o. This is split into a second type since it is genuinely
/// unrelated -- and the fact that a file is Open or Closed can be
/// handled by the `arigato` server for us.
async fnopen(&mut self, mode: OpenMode) -> FileResult<Self::OpenFile>;
}
/// Simplified version of the arigato OpenFile trait; this isn't actually
/// the same trait; there's some small cosmetic differences. The
/// actual trait can be found at:
///
/// https://docs.rs/arigato/latest/arigato/server/trait.OpenFile.html
trait OpenFile {
/// iounit to report for this file. The iounit reported is used for Read
/// or Write operations to signal, if non-zero, the maximum size that is
/// guaranteed to be transferred atomically.
fniounit(&self) -> u32;
/// Read some number of bytes up to `buf.len()` from the provided
/// `offset` of the underlying file. The number of bytes read is
/// returned.
async fnread_at(
&mut self,
buf: &mut [u8],
offset: u64,
) -> FileResult<u32>;
/// Write some number of bytes up to `buf.len()` from the provided
/// `offset` of the underlying file. The number of bytes written
/// is returned.
fnwrite_at(
&mut self,
buf: &mut [u8],
offset: u64,
) -> FileResult<u32>;
}
Thanks, decade ago paultag!
Let’s do it! Let’s use arigato to implement a 9p filesystem we’ll call
debugfs that will serve all the debug
files shipped according to the Packages metadata from the apt archive. We’ll
fetch the Packages file and construct a filesystem based on the reported
Build-Id entries. For those who don’t know much about how an apt repo
works, here’s the 2-second crash course on what we’re doing. The first is to
fetch the Packages file, which is specific to a binary architecture (such as
amd64, arm64 or riscv64). That architecture is specific to a
component (such as main, contrib or non-free). That component is
specific to a suite, such as stable, unstable or any of its aliases
(bullseye, bookworm, etc). Let’s take a look at the Packages.xz file for
the unstable-debugsuite, maincomponent, for all amd64 binaries.
This will return the Debian-style
rfc2822-like headers,
which is an export of the metadata contained inside each .deb file which
apt (or other tools that can use the apt repo format) use to fetch
information about debs. Let’s take a look at the debug headers for the
netlabel-tools package in unstable – which is a package named
netlabel-tools-dbgsym in unstable-debug.
So here, we can parse the package headers in the Packages.xz file, and store,
for each Build-Id, the Filename where we can fetch the .deb at. Each
.deb contains a number of files – but we’re only really interested in the
files inside the .deb located at or under /usr/lib/debug/.build-id/,
which you can find in debugfs under
rfc822.rs. It’s
crude, and very single-purpose, but I’m feeling a bit lazy.
Who needs dpkg?!
For folks who haven’t seen it yet, a .deb file is a special type of
.ar file, that contains (usually)
three files inside – debian-binary, control.tar.xz and data.tar.xz.
The core of an .ar file is a fixed size (60 byte) entry header,
followed by the specified size number of bytes.
[8 byte .ar file magic]
[60 byte entry header]
[N bytes of data]
[60 byte entry header]
[N bytes of data]
[60 byte entry header]
[N bytes of data]
...
First up was to implement a basic ar parser in
ar.rs. Before we get
into using it to parse a deb, as a quick diversion, let’s break apart a .deb
file by hand – something that is a bit of a rite of passage (or at least it
used to be? I’m getting old) during the Debian nm (new member) process, to take
a look at where exactly the .debug file lives inside the .deb file.
$ ar x netlabel-tools-dbgsym_0.30.0-1+b1_amd64.deb
$ ls
control.tar.xz debian-binary
data.tar.xz netlabel-tools-dbgsym_0.30.0-1+b1_amd64.deb
$ tar --list -f data.tar.xz | grep '.debug$'
./usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug
Since we know quite a bit about the structure of a .deb file, and I had to
implement support from scratch anyway, I opted to implement a (very!) basic
debfile parser using HTTP Range requests. HTTP Range requests, if supported by
the server (denoted by a accept-ranges: bytes HTTP header in response to an
HTTP HEAD request to that file) means that we can add a header such as
range: bytes=8-68 to specifically request that the returned GET body be the
byte range provided (in the above case, the bytes starting from byte offset 8
until byte offset 68). This means we can fetch just the ar file entry from
the .deb file until we get to the file inside the .deb we are interested in
(in our case, the data.tar.xz file) – at which point we can request the body
of that file with a final range request. I wound up writing a struct to
handle a read_at-style API surface in
hrange.rs, which
we can pair with ar.rs above and start to find our data in the .deb remotely
without downloading and unpacking the .deb at all.
After we have the body of the data.tar.xz coming back through the HTTP
response, we get to pipe it through an xz decompressor (this kinda sucked in
Rust, since a tokioAsyncRead is not the same as an http Body response is
not the same as std::io::Read, is not the same as an async (or sync)
Iterator is not the same as what the xz2 crate expects; leading me to read
blocks of data to a buffer and stuff them through the decoder by looping over
the buffer for each lzma2 packet in a loop), and tarfile parser (similarly
troublesome). From there we get to iterate over all entries in the tarfile,
stopping when we reach our file of interest. Since we can’t seek, but gdb
needs to, we’ll pull it out of the stream into a Cursor<Vec<u8>> in-memory
and pass a handle to it back to the user.
I was originally hoping to avoid transferring the whole tar file over the
network (and therefore also reading the whole debug file into ram, which
objectively sucks), but quickly hit issues with figuring out a way around
seeking around an xz file. What’s interesting is xz has a great primitive
to solve this specific problem (specifically, use a block size that allows you
to seek to the block as close to your desired seek position just before it,
only discarding at most block size - 1 bytes), but data.tar.xz files
generated by dpkg appear to have a single mega-huge block for the whole file.
I don’t know why I would have expected any different, in retrospect. That means
that this now devolves into the base case of “How do I seek around an lzma2
compressed data stream”; which is a lot more complex of a question.
Thankfully, notoriously brilliant tianon was
nice enough to introduce me to Jon Johnson
who did something super similar – adapted a technique to seek inside a
compressed gzip file, which lets his service
oci.dag.dev
seek through Docker container images super fast based on some prior work
such as soci-snapshotter, gztool, and
zran.c.
He also pulled this party trick off for apk based distros
over at apk.dag.dev, which seems apropos.
Jon was nice enough to publish a lot of his work on this specifically in a
central place under the name “targz”
on his GitHub, which has been a ton of fun to read through.
The gist is that, by dumping the decompressor’s state (window of previous
bytes, in-memory data derived from the last N-1 bytes) at specific
“checkpoints” along with the compressed data stream offset in bytes and
decompressed offset in bytes, one can seek to that checkpoint in the compressed
stream and pick up where you left off – creating a similar “block” mechanism
against the wishes of gzip. It means you’d need to do an O(n) run over the
file, but every request after that will be sped up according to the number
of checkpoints you’ve taken.
Given the complexity of xz and lzma2, I don’t think this is possible
for me at the moment – especially given most of the files I’ll be requesting
will not be loaded from again – especially when I can “just” cache the debug
header by Build-Id. I want to implement this (because I’m generally curious
and Jon has a way of getting someone excited about compression schemes, which
is not a sentence I thought I’d ever say out loud), but for now I’m going to
move on without this optimization. Such a shame, since it kills a lot of the
work that went into seeking around the .deb file in the first place, given
the debian-binary and control.tar.gz members are so small.
The Good
First, the good news right? It works! That’s pretty cool. I’m positive
my younger self would be amused and happy to see this working; as is
current day paultag. Let’s take debugfs out for a spin! First, we need
to mount the filesystem. It even works on an entirely unmodified, stock
Debian box on my LAN, which is huge. Let’s take it for a spin:
And, let’s prove to ourselves that this actually mounted before we go
trying to use it:
$ mount | grep build-id
192.168.0.2 on /usr/lib/debug/.build-id type 9p (rw,relatime,aname=unstable-debug,access=user,trans=tcp,version=9p2000.u,port=564)
Slick. We’ve got an open connection to the server, where our host
will keep a connection alive as root, attached to the filesystem provided
in aname. Let’s take a look at it.
$ ls /usr/lib/debug/.build-id/
00 0d 1a 27 34 41 4e 5b 68 75 82 8E 9b a8 b5 c2 CE db e7 f3
01 0e 1b 28 35 42 4f 5c 69 76 83 8f 9c a9 b6 c3 cf dc E7 f4
02 0f 1c 29 36 43 50 5d 6a 77 84 90 9d aa b7 c4 d0 dd e8 f5
03 10 1d 2a 37 44 51 5e 6b 78 85 91 9e ab b8 c5 d1 de e9 f6
04 11 1e 2b 38 45 52 5f 6c 79 86 92 9f ac b9 c6 d2 df ea f7
05 12 1f 2c 39 46 53 60 6d 7a 87 93 a0 ad ba c7 d3 e0 eb f8
06 13 20 2d 3a 47 54 61 6e 7b 88 94 a1 ae bb c8 d4 e1 ec f9
07 14 21 2e 3b 48 55 62 6f 7c 89 95 a2 af bc c9 d5 e2 ed fa
08 15 22 2f 3c 49 56 63 70 7d 8a 96 a3 b0 bd ca d6 e3 ee fb
09 16 23 30 3d 4a 57 64 71 7e 8b 97 a4 b1 be cb d7 e4 ef fc
0a 17 24 31 3e 4b 58 65 72 7f 8c 98 a5 b2 bf cc d8 E4 f0 fd
0b 18 25 32 3f 4c 59 66 73 80 8d 99 a6 b3 c0 cd d9 e5 f1 fe
0c 19 26 33 40 4d 5a 67 74 81 8e 9a a7 b4 c1 ce da e6 f2 ff
Outstanding. Let’s try using gdb to debug a binary that was provided by
the Debian archive, and see if it’ll load the ELF by build-id from the
right .deb in the unstable-debug suite:
$ gdb -q /usr/sbin/netlabelctl
Reading symbols from /usr/sbin/netlabelctl...
Reading symbols from /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug...
(gdb)
Yes! Yes it will!
$ file /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug
/usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter *empty*, BuildID[sha1]=e59f81f6573dadd5d95a6e4474d9388ab2777e2a, for GNU/Linux 3.2.0, with debug_info, not stripped
The Bad
Linux’s support for 9p is mainline, which is great, but it’s not robust.
Network issues or server restarts will wedge the mountpoint (Linux can’t
reconnect when the tcp connection breaks), and things that work fine on local
filesystems get translated in a way that causes a lot of network chatter – for
instance, just due to the way the syscalls are translated, doing an ls, will
result in a stat call for each file in the directory, even though linux had
just got a stat entry for every file while it was resolving directory names.
On top of that, Linux will serialize all I/O with the server, so there’s no
concurrent requests for file information, writes, or reads pending at the same
time to the server; and read and write throughput will degrade as latency
increases due to increasing round-trip time, even though there are offsets
included in the read and write calls. It works well enough, but is
frustrating to run up against, since there’s not a lot you can do server-side
to help with this beyond implementing the 9P2000.L variant (which, maybe is
worth it).
The Ugly
Unfortunately, we don’t know the file size(s) until we’ve actually opened the
underlying tar file and found the correct member, so for most files, we don’t
know the real size to report when getting a stat. We can’t parse the tarfiles
for every stat call, since that’d make ls even slower (bummer). Only
hiccup is that when I report a filesize of zero, gdb throws a bit of a
fit; let’s try with a size of 0 to start:
$ ls -lah /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug
-r--r--r-- 1 root root 0 Dec 31 1969 /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug
$ gdb -q /usr/sbin/netlabelctl
Reading symbols from /usr/sbin/netlabelctl...
Reading symbols from /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug...
warning: Discarding section .note.gnu.build-id which has a section size (24) larger than the file size [in module /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug]
[...]
This obviously won’t work since gdb will throw away all our hard work because
of stat’s output, and neither will loading the real size of the underlying
file. That only leaves us with hardcoding a file size and hope nothing else
breaks significantly as a result. Let’s try it again:
$ ls -lah /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug
-r--r--r-- 1 root root 954M Dec 31 1969 /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug
$ gdb -q /usr/sbin/netlabelctl
Reading symbols from /usr/sbin/netlabelctl...
Reading symbols from /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug...
(gdb)
Much better. I mean, terrible but better. Better for now, anyway.
Kilroy was here
Do I think this is a particularly good idea? I mean; kinda. I’m probably going
to make some fun 9parigato-based filesystems for use around my LAN, but I
don’t think I’ll be moving to use debugfs until I can figure out how to
ensure the connection is more resilient to changing networks, server restarts
and fixes on i/o performance. I think it was a useful exercise and is a pretty
great hack, but I don’t think this’ll be shipping anywhere anytime soon.
Along with me publishing this post, I’ve pushed up all my repos; so you
should be able to play along at home! There’s a lot more work to be done
on arigato; but it does handshake and successfully export a working
9P2000.u filesystem. Check it out on on my github at
arigato,
debugfs
and also on crates.io
and docs.rs.
At least I can say I was here and I got it working after all these years.
I tried to upgrade bullseye machien to bookworm, so I got the following error:
File “/usr/lib/python3/dist-packages/django/contrib/auth/mixins.py”, line 5, in from django.contrib.auth.views import redirect_to_login File “/usr/lib/python3/dist-packages/django/contrib/auth/views.py”, line 20, in from django.utils.http import ( ImportError: cannot import name ‘url_has_allowed_host_and_scheme’ from ‘django.utils.http’ (/usr/lib/python3/dist-packages/django/utils/http.py)
During handling of the above exception, another exception occurred:
It is similar to #1000810, but it is already closed.
My solution is:
apt remove mailman3-web
keep db and config files (do not purge)
apt autoremove
remove django related packages
apt install mailman3-web mailman3-full
I tried to send to the report, but it rerutns `550 Unknown or archived bug’ …
I work from home these days, and my nearest office is over 100 miles away, 3 hours door to door if I travel by train (and, to be honest, probably not a lot faster given rush hour traffic if I drive). So I’m reliant on a functional internet connection in order to be able to work. I’m lucky to have access to Openreach FTTP, provided by Aquiss, but I worry about what happens if there’s a cable cut somewhere or some other long lasting problem. Worst case I could tether to my work phone, or try to find some local coworking space to use while things get sorted, but I felt like arranging a backup option was a wise move.
Step 1 turned out to be sorting out recursive DNS. It’s been many moons since I had to deal with running DNS in a production setting, and I’ve mostly done my best to avoid doing it at home too. dnsmasq has done a decent job at providing for my needs over the years, covering DHCP, DNS (+ tftp for my test device network). However I just let it forward to my ISP’s nameservers, which means if that link goes down it’ll no longer be able to resolve anything outside the house.
One option would have been to either point to a different recursive DNS server (Cloudfare’s 1.1.1.1 or Google’s Public DNS being the common choices), but I’ve no desire to share my lookup information with them. As another approach I could have done some sort of failover of resolv.conf when the primary network went down, but then I would have to get into moving files around based on networking status and that felt a bit clunky.
So I decided to finally setup a proper local recursive DNS server, which is something I’ve kinda meant to do for a while but never had sufficient reason to look into. Last time I did this I did it with BIND 9 but there are more options these days, and I decided to go with unbound, which is primarily focused on recursive DNS.
One extra wrinkle, pointed out by Lars, is that having dynamic name information from DHCP hosts is exceptionally convenient. I’ve kept dnsmasq as the local DHCP server, so I wanted to be able to forward local queries there.
I’m doing all of this on my RB5009, running Debian. Installing unbound was a simple matter of apt install unbound. I needed 2 pieces of configuration over the default, one to enable recursive serving for the house networks, and one to enable forwarding of queries for the local domain to dnsmasq. I originally had specified the wildcard address for listening, but this caused problems with the fact my router has many interfaces and would sometimes respond from a different address than the request had come in on.
server:
domain-insecure: "example.org"
do-not-query-localhost: no
forward-zone:
name: "example.org"
forward-addr: 127.0.0.1@5353
I then had to configure dnsmasq to not listen on port 53 (so unbound could), respond to requests on the loopback interface (I have dnsmasq restricted to only explicitly listed interfaces), and to hand out unbound as the appropriate nameserver in DHCP requests - once dnsmasq is not listening on port 53 it no longer does this by default.
With these minor changes in place I now have local recursive DNS being handled by unbound, without losing dynamic local DNS for DHCP hosts. As an added bonus I now get 10/10 on Test IPv6 - previously I was getting dinged on the ability for my DNS server to resolve purely IPv6 reachable addresses.
Welcome to the March 2024 report from the Reproducible Builds project! In our reports, we attempt to outline what we have been up to over the past month, as well as mentioning some of the important things happening more generally in software supply-chain security. As ever, if you are interested in contributing to the project, please visit our Contribute page on our website.
Arch Linux minimal container userland now 100% reproducible
In remarkable news, Reproducible builds developer kpcyrd reported that that the Arch Linux “minimal container userland” is now 100% reproducible after work by developers dvzv and Foxboron on the one remaining package. This represents a “real world”, widely-used Linux distribution being reproducible.
Their post, which kpcyrd suffixed with the question “now what?”, continues on to outline some potential next steps, including validating whether the container image itself could be reproduced bit-for-bit. The post, which was itself a followup for an Arch Linux update earlier in the month, generated a significant number of replies.
Validating Debian’s build infrastructure after the XZ backdoor
From our mailing list this month, Vagrant Cascadian wrote about being asked about trying to perform concrete reproducibility checks for recent Debian security updates, in an attempt to gain some confidence about Debian’s build infrastructure given that they performed builds in environments running the high-profile XZ vulnerability.
Vagrant reports (with some caveats):
So far, I have not found any reproducibility issues; everything I tested I was able to get to build bit-for-bit identical with what is in the
Debian archive.
That is to say, reproducibility testing permitted Vagrant and Debian to claim with some confidence that builds performed when this vulnerable version of XZ was installed were not interfered with.
Documented in more detail on Fedora’s website, the talk touched on topics such as the specifics of implementing reproducible builds in Fedora, the challenges encountered, the current status and what’s coming next. (YouTube video)
“Increasing Trust in the Open Source Supply Chain with Reproducible Builds and Functional Package Management”
Functional package managers (FPMs) and reproducible builds (R-B) are technologies and methodologies that are conceptually very different from the traditional software deployment model, and that have promising properties for software supply chain security. This thesis aims to evaluate the impact of FPMs and R-B on the security of the software supply chain and propose improvements to the FPM model to further improve trust in the open source supply chain. PDF
Julien’s paper poses a number of research questions on how the model of distributions such as GNU Guix and NixOS can “be leveraged to further improve the safety of the software supply chain”, etc.
Software and source code identification with GNU Guix and reproducible builds
In a long line of commendably detailed blog posts, Ludovic Courtès, Maxim Cournoyer, Jan Nieuwenhuizen and Simon Tournier have together published two interesting posts on the GNU Guix blog this month. In early March, Ludovic Courtès, Maxim Cournoyer, Jan Nieuwenhuizen and Simon Tournier wrote about software and source code identification and how that might be performed using Guix, rhetorically posing the questions: “What does it take to ‘identify software’? How can we tell what software is running on a machine to determine, for example, what security vulnerabilities might affect it?”
Later in the month, Ludovic Courtès wrote a solo post describing adventures on the quest for long-term reproducible deployment. Ludovic’s post touches on GNU Guix’s aim to support “time travel”, the ability to reliably (and reproducibly) revert to an earlier point in time, employing the iconic image of Harold Lloyd hanging off the clock in Safety Last! (1925) to poetically illustrate both the slapstick nature of current modern technology and the gymnastics required to navigate hazards of our own making.
Two new Rust-based tools for post-processing determinism
Zbigniew Jędrzejewski-Szmek announced add-determinism, a work-in-progress reimplementation of the Reproducible Builds project’s own strip-nondeterminism tool in the Rust programming language, intended to be used as a post-processor in RPM-based distributions such as Fedora
In Debian this month, since the testing framework no longer varies the build path, James Addison performed a bulk downgrade of the bug severity for issues filed with a level of normal to a new level of wishlist. In addition, 28 reviews of Debian packages were added, 38 were updated and 23 were removed this month adding to ever-growing knowledge about identified issues. As part of this effort, a number of issue types were updated, including Chris Lamb adding a new ocaml_include_directories toolchain issue […] and James Addison adding a new filesystem_order_in_java_jar_manifest_mf_include_resource issue […] and updating the random_uuid_in_notebooks_generated_by_nbsphinx to reference a relevant discussion thread […].
In addition, Roland Clobus posted his 24th status update of reproducible Debian ISO images. Roland highlights that the images for Debian unstable often cannot be generated due to changes in that distribution related to the 64-bit time_t transition.
Lastly, Bernhard M. Wiedemann posted another monthly update for his reproducibility work in openSUSE.
There were made a number of improvements to our website this month, including:
Pol Dellaiera noticed the frequent need to correctly cite the website itself in academic work. To facilitate easier citation across multiple formats, Pol contributed a Citation File Format (CIF) file. As a result, an export in BibTeX format is now available in the Academic Publications section. Pol encourages community contributions to further refine the CITATION.cff file. Pol also added an substantial new section to the “buy in” page documenting the role of Software Bill of Materials (SBOMs) and ephemeral development environments. […][…]
Bernhard M. Wiedemann added a new “commandments” page to the documentation […][…] and fixed some incorrect YAML elsewhere on the site […].
Chris Lamb add three recent academic papers to the publications page of the website. […]
Mattia Rizzolo and Holger Levsen collaborated to add Infomaniak as a sponsor of amd64 virtual machines. […][…][…]
Roland Clobus updated the “stable outputs” page, dropping version numbers from Python documentation pages […] and noting that Python’s set data structure is also affected by the PYTHONHASHSEED functionality. […]
Delta chat clients now reproducible
Delta Chat, an open source messaging application that can work over email, announced this month that the Rust-based core library underlying Delta chat application is now reproducible.
diffoscope is our in-depth and content-aware diff utility that can locate and diagnose reproducibility issues. This month, Chris Lamb made a number of changes such as uploading versions 259, 260 and 261 to Debian and made the following additional changes:
New features:
Add support for the zipdetails tool from the Perl distribution. Thanks to Fay Stegerman and Larry Doolittle et al. for the pointer and thread about this tool. […]
Bug fixes:
Don’t identify Redis database dumps as GNU R database files based simply on their filename. […]
Add a missing call to File.recognizes so we actually perform the filename check for GNU R data files. […]
Don’t crash if we encounter an .rdb file without an equivalent .rdx file. (#1066991)
Correctly check for 7z being available—and not lz4—when testing 7z. […]
Prevent a traceback when comparing a contentful .pyc file with an empty one. […]
Testsuite improvements:
Fix .epub tests after supporting the new zipdetails tool. […]
Don’t use parenthesis within test “skipping…” messages, as PyTest adds its own parenthesis. […]
Factor out Python version checking in test_zip.py. […]
Skip some Zip-related tests under Python 3.10.14, as a potential regression may have been backported to the 3.10.x series. […]
Actually test 7z support in the test_7z set of tests, not the lz4 functionality. (Closes: reproducible-builds/diffoscope#359). […]
Chris Lamb also updated the trydiffoscope command line client, dropping a build-dependency on the deprecated python3-distutils package to fix Debian bug #1065988 […], taking a moment to also refresh the packaging to the latest Debian standards […]. Finally, Vagrant Cascadian submitted an update for diffoscope version 260 in GNU Guix. […]
Upstream patches
This month, we wrote a large number of patches, including:
Similarly, Jean-Pierre De Jesus DIAZ employed reproducible builds techniques in order to test a proposed refactor of the ath9k-htc-firmware package. As the change produced bit-for-bit identical binaries to the previously shipped pre-built binaries:
I don’t have the hardware to test this firmware, but the build produces the same hashes for the firmware so it’s safe to say that the firmware should keep working.
Reproducibility testing framework
The Reproducible Builds project operates a comprehensive testing framework running primarily at tests.reproducible-builds.org in order to check packages and other artifacts for reproducibility.
In March, an enormous number of changes were made by Holger Levsen:
Initial work to clean up a messy NetBSD-related script. […][…]
Roland Clobus:
Show the installer log if the installer fails to build. […]
Avoid the minus character (i.e. -) in a variable in order to allow for tags in openQA. […]
Update the schedule of Debian live image builds. […]
Vagrant Cascadian:
Maintenance on the virt* nodes is completed so bring them back online. […]
Use the fully qualified domain name in configuration. […]
Node maintenance was also performed by Holger Levsen, Mattia Rizzolo […][…] and Vagrant Cascadian […][…][…][…]
If you are interested in contributing to the Reproducible Builds project, please visit our Contribute page on our website. However, you can get in touch with us via:
Getting the Belgian eID to work on Linux
systems should be fairly easy, although some people do struggle with it.
For that reason, there is a lot of third-party documentation out there
in the form of blog posts, wiki pages, and other kinds of things.
Unfortunately, some of this documentation is simply wrong. Written by
people who played around with things until it kind of worked, sometimes
you get a situation where something that used to work in the past (but
wasn't really necessary) now stopped working, but it's still added to
a number of locations as though it were the gospel.
And then people follow these instructions and now things don't work
anymore.
OpenSC is an open source smartcard library that has support for a
pretty
large
number of smartcards, amongst which the Belgian eID. It provides a
PKCS#11 module as well as a
number of supporting tools.
For those not in the know, PKCS#11 is a standardized C API for
offloading cryptographic operations. It is an API that can be used when
talking to a hardware cryptographic module, in order to make that module
perform some actions, and it is especially popular in the open source
world, with support in
NSS,
amongst others. This library is written and maintained by mozilla, and
is a low-level cryptographic library that is used by Firefox (on all
platforms it supports) as well as by Google Chrome and other browsers
based on that (but only on Linux, and as I understand it, only for
linking with smartcards; their BoringSSL library is used for other
things).
The official eID software that we ship through
eid.belgium.be,
also known as "BeID", provides a PKCS#11 module for the Belgian eID, as
well as a number of support tools to make interacting with the card
easier, such as the "eID viewer", which provides the ability to read
data from the card, and validate their signatures. While the very first
public version of this eID PKCS#11 module was originally based on
OpenSC, it has since been reimplemented as a PKCS#11 module in its own
right, with no lineage to OpenSC whatsoever anymore.
About five years ago, the Belgian eID card was renewed. At the time, a
new physical appearance was the most obvious difference with the old
card, but there were also some technical, on-chip, differences that are
not so apparent. The most important one here, although it is not the
only one, is the fact that newer eID cards now use a NIST
P-384 elliptic curve-based private
keys, rather than the RSA-based
ones that were used in the past. This change required some changes to
any PKCS#11 module that supports the eID; both the BeID one, as well as
the OpenSC card-belpic driver that is written in support of the Belgian
eID.
Obviously, the required changes were implemented for the BeID module;
however, the OpenSC card-belpic driver was not updated. While I did do
some preliminary work on the required changes, I was unable to get it to
work, and eventually other things took up my time so I never finished
the implementation. If someone would like to finish the work that I
started, the preliminal patch that I
wrote
could be a good start -- but like I said, it doesn't yet work. Also,
you'll probably be interested in the official
documentation
of the eID card.
Unfortunately, in the mean time someone added the Applet 1.8 ATR to the
card-belpic.c file, without also implementing the required changes to
the driver so that the PKCS#11 driver actually supports the eID card.
The result of this is that if you have OpenSC installed in NSS for
either Firefox or any Chromium-based browser, and it gets picked up
before the BeID PKCS#11 module, then NSS will stop looking and pass all
crypto operations to the OpenSC PKCS#11 module rather than to the
official eID PKCS#11 module, and things will not work at all, causing a
lot of confusion.
I have therefore taken the following two steps:
The official eID packages now
conflict
with the OpenSC PKCS#11 module. Specifically only the PKCS#11 module,
not the rest of OpenSC, so you can theoretically still use its tools.
This means that once we release this new version of the eID software,
when you do an upgrade and you have OpenSC installed, it will remove
the PKCS#11 module and anything that depends on it. This is normal
and expected.
I have filed a pull
request against OpenSC
that removes the Applet 1.8 ATR from the driver, so that OpenSC will
stop claiming that it supports the 1.8 applet.
When the pull request is accepted, we will update the official eID
software to make the conflict versioned, so that as soon as it works
again you will again be able to install the OpenSC and BeID packages at
the same time.
In the mean time, if you have the OpenSC PKCS#11 module installed on
your system, and your eID authentication does not work, try removing it.