Evil Home Stereo

Judging from Google it seems like this is quite a common annoyance but nobody really knows how to get around it: If you use KDM as your login manager and temporarily login with a different X session than your default one, KDM will remember this and the next login will use your “previous” session.

That’s a nice feature per se, but annoying if you combine it with auto-login and a heavyweight session type like my dedicated VirtualBox session (more on that another day).

There’s a simple workaround though: Your previous session, is stored in the file ~/.dmrc. Just remove replace (if you remove it, login will fail) the Session option with Session=default in there and make it read-only:

sed -i -e '/\[Desktop\]/I,/\($\|^\[\)/{/^Session=/Is/=.*$/=default/}’ ~/.dmrc
chmod -w ~/.dmrc

From now on you’ll always be logged in with the system default.

I guess this is old news to most people, but I’m still excited: The combination of LVM and ext3 makes it possible to resize a partition while it is still mounted.

The short story:
root@TreeHouse:~# lvextend -L+1G /dev/hd/kubuntu
Extending logical volume kubuntu to 6.00 GB
Logical volume kubuntu successfully resized
root@TreeHouse:~# resize2fs /dev/hd/kubuntu
resize2fs 1.40.8 (13-Mar-2008)
Filesystem at /dev/hd/kubuntu is mounted on /; on-line resizing required
old desc_blocks = 1, new_desc_blocks = 1
Performing an on-line resize of /dev/hd/kubuntu to 1572864 (4k) blocks.
The filesystem on /dev/hd/kubuntu is now 1572864 blocks long.
That took maybe two seconds. Read the rest of this entry »

Nice. Times Online reports:

Customers in shopping centres are having their every move tracked by a new type of surveillance that [...] has already been installed in two shopping centres, including Gunwharf Quays in Portsmouth [...].

There’s no reason to worry of course:

Path Intelligence, the Portsmouth-based company which developed the technology, said its equipment was just a tool for market research. “There’s absolutely no way we can link the information we gather back to the individual,” a spokeswoman said.

Nobody would ever think to link your IMEI or IMSI number to your bonus card, your gift card or even your credit card number of course. And if anybody did so, they’d probably put a notice to an easy-to-find place, like an 8pt sign at the entrance or on the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard’.

How do you know that Linux becomes mainstream-ready? If stuff happens magically and you don’t know where to start debugging of course.

Seriously: I always had some issues accessing my digicam (an Olympus SP-700) from KDE (actually, Kubuntu): The system always first tried to access it via some magic camera device while it actually offers a standard usb-storage device. I always had to cancel the dialog which offered me to use the first one and wait for the second one to appear. Weird but it worked.

Since I upgraded to Kubuntu 8.04,  the workaround doesn’t help anymore. The second dialog never appears. Not even the /dev/sdx-device is created anymore. So it seems like I’ve actually got to start debugging that stuff. My guess is that its a weird clash between the HAL and/or udev and gphoto2. Ie. somehow gphoto2 (which creates those weird camera devices/mounts) thinks it should handle the camera while it is actually not necessary and the default handler would handle it just fine.

But debugging HAL/udev is actually not as easy as looking at some dmesg output. Looking at /etc/udev/rules.d didn’t help, seems like I’ve got to dig deeper and somehow get some debugging output from the daemons working in the background…

But I shouldn’t complain: Debugging got indeed a lot more complicated, almost as tangled as the Windows stuff. But while both systems work in 99% of all cases, in the remaining 1% I can at least have a look at the sources and grep some plain text config files.

I really like Debian. Or (K)Ubuntu which I actually use. And of course apt/dpkg. Great stuff. Almost as good as Portage, with the unbeatable advantage that you don’t have to compile all that stuff on your own

But can somebody please explain something to me?

Why does a little update in KDE packages always trigger such an update madness?

Like currently in kdepim:

debian/control: Added Conflict/Replaces on ksync for kitchensync. “ksync” gets shipped with kitchensync now. (LP: #133944)

That’s only two packages. Why do I have to update all the stuff coming from PIM? Actually, why do I have to update at all if its only metadata which was changed?

Or in kdebase:

* Stable release update, support new Flash in Konqueror
* Add kubuntu_9917_flash_xembed.diff, adds xembed support to Konqueror
* Add build-dep on libglib2.0-dev
* Closes LP: #184149

Great, flash should work again. But why do I have to download kdebase-data for that?

One of the reasons Gentoo switched to split ebuilds for KDE was the advantage that you didn’t have to download the whole package again just because only one small app like ksync was changed. Why does Portage manage to do that and the good olde dpkg not? Or does that only happen in gutsy-proposed? Can somebody enlighten me?

I was just musing if Adobe might soon face the same problem Xerox and Kleenex had: “I photoshop my cat pictures with Gimp!” when I stumbled upon this post at soup.io. Coincidence.

I guess the same might happen to the brand iPod. If I worked at a department store and somebody asked me for an iPod, I’d ask them first if they really want an iPod or just some kind of MP3-player (where even that term is wrong as most of those also play WMA or Ogg). Reminds me of Sony’s Walkman, though I’m not sure what exactly happened to that brand as they still use it nowadays.

While I wrote the previous post and did some googling I noticed that the ARD also has one of those pesky URL-redirectors. It is here. Try to attach any URL to the parameter called url, like this one. What’s the problem with redirectors on your website which allow people to redirect to arbitrary pages? There’s an article at Heise Security which explains it quite well (I don’t know whats worse, Google or a news site like the ARD).

So if you really think you need some automagic redirection like this (eg. to count outgoing clicks) please implement at least these easy rules:

• If its used by a form only (like in the Google case), make sure it works with POST only.
• If you want to use it in clickable links, check the Referer. Not every browser sets that header, in those cases show a static page which explains the user what is happening and offer him a link to actually exit.

Even more secure is to put every link ever used on your site in a database (you want to track the clicks anyway, right?) and add an id to the URL. Then people can only hop over your site when you posted that link yourself before.

Or just don’t do stuff like that.

Hmm… interesting, this link redirects to port 9185 on g4035180.swr.de. Not that this machine was accessible from the outside but if the rest of the CMS is written as bad as this part…

I took a mental note to write something on the topic ARD vs. BBC and Open Source and openness in general some time ago but never got around to actually do so. Until now. Why now? Because of BBC’s attendance at linux.conf.au. Why in English? Well, on the one hand because I can. On the other because I’m an attention whore and want it to appear on the Planet

If you don’t know what I’m talking about, ARD is the joint organization (most of) of German broadcasters under public law. As always, Wikipedia can tell you more. It’s financed by fees collected from anybody who owns a radio or a tv. All in all, it’s similar to the BBC. The main difference being that it’s not a single company but rather a federation of more-or-less independent entities. The main similarity? Same as between Germany and the UK I guess, both are rather conservative and slow in adopting changes. Especially in technology and transparency.

Both are taking first steps in the right (as defined by me) direction: The iPlayer might be a Windows-centric mess, but it’s a start. The ARD is working on a similar thing, called the Mediathek. I hope it will be better than the one the ZDF (the other German broadcaster under public law) opened to the public. (I just noticed that you can search it now, that’s a new feature.) Oh, and the ARD got a bunch of podcasts plus some kind of software called Podcast Mixer.

And there my praise stops and the complaints start (I wouldn’t be German if I didn’t find something to complain about, right?).

Don’t get me started that only a handful of radio programs are available as podcasts, everything else is just streamed (at least not in RealMedia anymore, but in MP3 and sometimes even Ogg). The really interesting stuff often isn’t available for download. Like the N-Joy Soundfiles and the full Zündfunk shows. (Hmm… seems like radioeins has a nice archive though.) Ok, most of the other stuff isn’t worth it anyway. But I’ve paid for it, so it would be nice if it was available. And don’t tell me about broadcasting rights, not in times where Amazon sells MP3s without copy protection and you can listen to full songs on Last.fm. If the podcast is interesting I’d even listen to the commercials on my MP3-player!

At least the people at ARD and ZDF think about releasing content as “Open Source”; whatever they mean with that, I hope they have a look how the BBC did it.

But, back to technology, the stuff which got me started. Remember that software Podcast Mixer? Well, obviously the ARD paid somebody to create it. Wouldn’t it be just fair if the source was available then? Maybe I could even port it to Linux and use it then. Ok, bad example, there’s a lot of better software freely available already. But there’s also a lot of other software created at the ARD as well.

I once worked for the NDR (the northern member of the ARD) and had to write a tool to implement access control for USB-devices under Windows. The team I worked at created a really easy-to-use tool to create, install, and auto-configure Windows images, all based on some Linux distro and Partimage. I had loved to use it at some other places I worked since then. And somebody else was working on an administration tool all the time, can’t remember what it was supposed to do. But all those people (including me) were payed by a public entity. By people’s money.

The same is actually true for government-created stuff as well, projects like LiMux are a start but definitely not enough. But I’ll stick with broadcasting for now.

In contrast, look at the BBC. On their website they’ve got their own Open Source area. And don’t be surprised if you search CPAN and stumble upon a Perl module created by a user called BBC (British Broadcasting Corporation). Well, I was, but I’d be even more surprised if there was one called ARD.

And have you ever heard about a blog called ARD Radio Labs? Nope, me neither, but BBC Radio Labs. (Hmm… seems like they’re still streaming with RealMedia, point for the ARD here.) blog.tagesschau.de is a start, but not comparable to a whole, well, let’s call it a Planet.

What else is there?

I heard the BBC managed to make DAB quite popular in the UK, by broadcasting some programmes digital-only. The ARD was just cut short of funds for digital radio by the KEF, the committee responsible for the ARD’s finances.

I read that 80% of the tv programmes of the BBC are already subtitled, they are aiming for 100% by April. ZDF is aiming for 25%, ZDF for 12% or less.

And I don’t know if the numbers have changed in the last few years, but at least in 2002 the BBC had more programs, more employees, but needed less funds.

There’s a relatively new KDE mailinglist called scm-interest. They are discussing about a potential new (distributed) SCM system for KDE (well, duh, thats what the name says). Should be interesting to follow these people as any software which can manage KDE’s massive codebase (they tend to convert everything back to KDE 1) should scale very well in any other possible case.

The list is now available on GMANE, the archives are imported, starting with Thiago’s introduction. Happy procrastinating!

Nächsten Dienstag ist Demo gegen die Vorratsdatenspeicherung. Ich werde wahrscheinlich da sein. Andere Leute auch, unter anderem ein gewisser Dieter Braun der mich die letzten Tage mit folgender Mail vollspammt:

Demokratie in Gefahr. STASI WELCOME BACK.

Demonstration am 6.11.2007 in jeder Grossstadt!
http://www.vorratsdatenspeicherung.de

Achtung, nur noch 6 Tage bis zur Abstimmung im Deutschen Bundestag!
Noch 60 Tage bis zur totalen Protokollierung der Telekommunikation…

Die Demokratie ist in Gefahr!

Werden Sie aktiv! www.freiheitstattangst.de

Bitte verteilen Sie diesen Aufruf! Es sollte verziehen werden, dass dieser
Aufruf per E-Mail versendet wird. Es handelt sich um eine einmalige Mail
zur Rettung der Freiheit und Demokratie gegen den Verfolgungswahn.

Und nicht nur er ist am spammen. Da trudeln schon seit einiger Zeit unverlangt Mails zu diesem Thema in meinem Postfach ein. Bisher habe ich die Leute freundlich per Mail darauf hingewiesen, dass das Mist ist. Der Dieter hat dem ganzen jetzt aber die Krone aufgesetzt, da er sich für diese Aktion anscheinend eine Adressliste für Teuer Geld gekauft hat (zumindest geht der Müll unter anderem an die verseuchte Support-Adresse eines meiner alten Projekte) und zum Versenden nicht die Google Mail-Server benutzt sondern entweder sich bei einem Botnet eingekauft hat oder Tor benutzt. Oder viel in Asien am reisen ist.

Daher diesmal eine öffentliche Antwort:

Lieber Dieter,

ich finde es ja toll, dass Du Dich so für bzw. gegen die Vorratsdatenspeicherung einsetzt. Deine Spam-Aktionen sind jedoch eher kontraproduktiv. Du schreibst “Es sollte verziehen werden, dass dieser Aufruf per E-Mail versendet wird. Es handelt sich um eine einmalige Mail zur Rettung der Freiheit und Demokratie gegen den Verfolgungswahn.”

Nein, es sollte nicht verziehen werden. Zum Einen ist es keine einmalige Mail sondern ich habe bereits vier davon bekommen, mit verschiedenen Subjects an verschiedenen Tagen an die selbe Adresse. Zum Anderen ist jede unerwünscht erhaltene Mail Spam, vor Allem wenn sie massenhaft verschickt wird. Und ob sie nun gut gemeint ist oder nicht ist da ziemlich egal.

Der Herr Schäuble rangiert bei mir schon ziemlich weit unten auf der Beliebtheitsskala. Aber noch darunter kommen die Spammer. Weit darunter.

Ich weiß nicht, wo Du die Empfängeradressen her hast. Aber wenn Du Dir eine Adressliste gekauft hast, dann unterstützt Du damit das ganze beschissene Spam-Business.

Hinzu kommt noch, dass inzwischen doch einige Leute was dazugelernt haben. Mit der Ansage “Bitte verteilen Sie diesen Aufruf!” passt Deine Mail gut in die beliebten “Hilfe! Ich wurde von Aliens entführt.” oder Madeleine Hoaxes. Soll heißen, eine solche Mail hat bei intelligenten Leuten (also genau jenen die sich prinzipiell für das Thema interessieren) genau den gegenteiligen Effekt.

Bitte lass also diesen Mist.

Danke,

Malte

Normalerweise würde ich ja in Betracht ziehen, dass das Ganze nur ein Joe-Job ist. Aber der wäre dann doch sehr dilletantisch. Wobei… wäre den entsprechenden Herren durchaus zuzutrauen.