Evil Home Stereo

Last Friday something happened at the Kulturhaus III&70 which happens every weekend in every bigger city of this world: A bunch of people went out to have some fun but one of them wasn’t let in by the bouncers. Not because he was drunk. Not because he wasn’t dressed decently. Just because he looks foreign.

But this time something was different: The group was a spontaneous meetup of members of the hospex site CouchSurfing. And the one who wasn’t admitted was Kyra’s flatmate. And Kyra decided not to walk away and shut up. Instead she posted to the Hamburg CouchSurfing group, asking for advice, and sent a mail to the place.

The reply was disappointing: Instead of an apology she received an excuse for the bouncer’s behaviour. Obviously there was some struggle between some foreign (probably Turkish) looking people and after that the bouncers decided not to let anybody with a similar cultural background into the place. This is quite a common countermeasure, and while understandable from the bouncer’s point of view, nonetheless discriminating against a lot of innocent people.

But instead of apologizing for the social collateral damage, the mail went on to justify this behaviour based on the increased propensity to violence among Turkish and African people.

Though this is even more discriminating, your average statistics (or your bouncer’s experience) might even endorse this attitude. And granted, there are places with worse door policies. But here we’ve got to have a look at the background of the III&70 and the picture it wants to represent in the public: The III&70 is supposed to be an open meeting point, both cultural and cross-cultural. They host the anniversary party of the Declaration of Human Rights organized Amnesty International Hamburg tonight. Their list of partners include the Festival der Kulturen and the leftish paper taz.

So especially a place like the III&70 with its alleged background and located in a mixed neighbourhood with its own issues should break new ground when it comes to handling violence amongst customers and not turn to racist solutions. Off the top of my head an in-house social worker comes to my mind. Other people might have better ideas, which might even be cheaper.

Back to the issue at hand: While a surreal discussion about the topic emerged (make up your own mind, most the chatter is in English), Kyra decided to contact the so-called media partners of the III&70. It wasn’t a long time coming and taz, Welt and MoPo printed an article and the III&70 had to release the following statement on their website:

Liebe Gäste,

wie jeder von euch jeden Tag und jeden Abend in der III&70 erleben kann, sind wir ein weltoffenes, interkulturelles und integratives Haus. Sowohl unter unseren Gästen, als auch unter unseren Teammitgliedern finden sich Menschen vieler verschiedener Nationalitäten, Religionen, und sexueller Orientierungen. Daran wird sich auch in Zukunft nichts ändern. Kommt vorbei und überzeugt euch selbst.

Gerade durch diese Offenheit kommt es gelegentlich zu Konflikten und Reibereien. Deswegen ist es notwendig schnell und entschlossen gegen jede Form von Aggressivität, Diskriminierung und Mackertum vorzugehen.

Am vergangenen Freitag ist es in unserem Haus zu einer handgreiflichen Auseinandersetzung unter Gästen gekommen, in die unsere Türsteher eingreifen mussten. Obwohl die Situation schließlich geklärt war, war die Anspannung nach wie vor groß. Das kann man zwar verstehen, trotzdem ist es nicht in Ordnung, wenn dadurch andere unbeteiligte Gäste unsensibel behandelt werden.

Dadurch, dass es bei uns keine einfachen Regeln für die Türsteher gibt, entstehen komplizierte Situationen, die in Stressphasen schnelle Entscheidungen von Einzelpersonen erfordern. Dabei können Fehler entstehen.

Wir stellen uns unserer Verantwortung für den Vorfall am Freitagabend und entschuldigen uns bei allen, die sich durch bestimmte Äußerungen oder bestimmtes Verhalten beleidigt oder diskriminiert gefühlt haben.

Da wir an unserer prinzipiellen Offenheit nichts ändern wollen und werden, lassen sich auch in Zukunft komplizierte Situationen und Konflikte nicht vermeiden und diese Herausforderung nehmen wir an. Einfach Lösungen und Antworten sind in diesem Zusammenhang populistisch- sowohl in der Presse als auch in der Praxis.

Euer III&70-Team

Additionally, a personal apology was sent. While both are more a justification as well and especially the last paragraph of the statement shows that they don’t see (or want to admit) shortcomings of the bouncer dictatorship principle and don’t look for a different solution, at least people are now able to form their own opinion. And maybe challenge the self-proclaimed status of the III&70 as an open, cross-cultural meetingpoint so they have to do their homework to live up to that picture.

Or not.

And the moral is? While its all good and fine if you commit time and money for starving children, tsunami victims and other people in need all around the world, you shouldn’t shut your eyes from the everyday racism and discrimination around you. And nothing will change if you don’t make it public: Be it via the classic media, platforms like your local Indymedia, social sites like CouchSurfing or BeWelcome, rating sites like Qype, local politicians or neighbourhood development organizations, or just your own blog. The possibilities are manyfold. Just don’t shut your eyes and your mouth.

I always thought with my OpenVPN server running on port 443 I can bypass any proxy or firewall allowing me to connect to HTTPS sites. Well, it seems like at this place there is some transparent proxy in place which actually inspects the TLS/SSL handshake and OpenVPN doesn’t exactly behave like HTTPS. Jabber works though, so it seems like I’ve got to find a way to encapsulate the VPN in a real TLS stream or something. Anybody an idea?

Judging from Google it seems like this is quite a common annoyance but nobody really knows how to get around it: If you use KDM as your login manager and temporarily login with a different X session than your default one, KDM will remember this and the next login will use your “previous” session.

That’s a nice feature per se, but annoying if you combine it with auto-login and a heavyweight session type like my dedicated VirtualBox session (more on that another day).

There’s a simple workaround though: Your previous session, is stored in the file ~/.dmrc. Just remove replace (if you remove it, login will fail) the Session option with Session=default in there and make it read-only:

sed -i -e '/\[Desktop\]/I,/\($\|^\[\)/{/^Session=/Is/=.*$/=default/}’ ~/.dmrc
chmod -w ~/.dmrc

From now on you’ll always be logged in with the system default.

I guess this is old news to most people, but I’m still excited: The combination of LVM and ext3 makes it possible to resize a partition while it is still mounted.

The short story:
root@TreeHouse:~# lvextend -L+1G /dev/hd/kubuntu
Extending logical volume kubuntu to 6.00 GB
Logical volume kubuntu successfully resized
root@TreeHouse:~# resize2fs /dev/hd/kubuntu
resize2fs 1.40.8 (13-Mar-2008)
Filesystem at /dev/hd/kubuntu is mounted on /; on-line resizing required
old desc_blocks = 1, new_desc_blocks = 1
Performing an on-line resize of /dev/hd/kubuntu to 1572864 (4k) blocks.
The filesystem on /dev/hd/kubuntu is now 1572864 blocks long.
That took maybe two seconds. Read the rest of this entry »

Nice. Times Online reports:

Customers in shopping centres are having their every move tracked by a new type of surveillance that [...] has already been installed in two shopping centres, including Gunwharf Quays in Portsmouth [...].

There’s no reason to worry of course:

Path Intelligence, the Portsmouth-based company which developed the technology, said its equipment was just a tool for market research. “There’s absolutely no way we can link the information we gather back to the individual,” a spokeswoman said.

Nobody would ever think to link your IMEI or IMSI number to your bonus card, your gift card or even your credit card number of course. And if anybody did so, they’d probably put a notice to an easy-to-find place, like an 8pt sign at the entrance or on the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard’.

How do you know that Linux becomes mainstream-ready? If stuff happens magically and you don’t know where to start debugging of course.

Seriously: I always had some issues accessing my digicam (an Olympus SP-700) from KDE (actually, Kubuntu): The system always first tried to access it via some magic camera device while it actually offers a standard usb-storage device. I always had to cancel the dialog which offered me to use the first one and wait for the second one to appear. Weird but it worked.

Since I upgraded to Kubuntu 8.04,  the workaround doesn’t help anymore. The second dialog never appears. Not even the /dev/sdx-device is created anymore. So it seems like I’ve actually got to start debugging that stuff. My guess is that its a weird clash between the HAL and/or udev and gphoto2. Ie. somehow gphoto2 (which creates those weird camera devices/mounts) thinks it should handle the camera while it is actually not necessary and the default handler would handle it just fine.

But debugging HAL/udev is actually not as easy as looking at some dmesg output. Looking at /etc/udev/rules.d didn’t help, seems like I’ve got to dig deeper and somehow get some debugging output from the daemons working in the background…

But I shouldn’t complain: Debugging got indeed a lot more complicated, almost as tangled as the Windows stuff. But while both systems work in 99% of all cases, in the remaining 1% I can at least have a look at the sources and grep some plain text config files.

I really like Debian. Or (K)Ubuntu which I actually use. And of course apt/dpkg. Great stuff. Almost as good as Portage, with the unbeatable advantage that you don’t have to compile all that stuff on your own

But can somebody please explain something to me?

Why does a little update in KDE packages always trigger such an update madness?

Like currently in kdepim:

debian/control: Added Conflict/Replaces on ksync for kitchensync. “ksync” gets shipped with kitchensync now. (LP: #133944)

That’s only two packages. Why do I have to update all the stuff coming from PIM? Actually, why do I have to update at all if its only metadata which was changed?

Or in kdebase:

* Stable release update, support new Flash in Konqueror
* Add kubuntu_9917_flash_xembed.diff, adds xembed support to Konqueror
* Add build-dep on libglib2.0-dev
* Closes LP: #184149

Great, flash should work again. But why do I have to download kdebase-data for that?

One of the reasons Gentoo switched to split ebuilds for KDE was the advantage that you didn’t have to download the whole package again just because only one small app like ksync was changed. Why does Portage manage to do that and the good olde dpkg not? Or does that only happen in gutsy-proposed? Can somebody enlighten me?

I was just musing if Adobe might soon face the same problem Xerox and Kleenex had: “I photoshop my cat pictures with Gimp!” when I stumbled upon this post at soup.io. Coincidence.

I guess the same might happen to the brand iPod. If I worked at a department store and somebody asked me for an iPod, I’d ask them first if they really want an iPod or just some kind of MP3-player (where even that term is wrong as most of those also play WMA or Ogg). Reminds me of Sony’s Walkman, though I’m not sure what exactly happened to that brand as they still use it nowadays.

While I wrote the previous post and did some googling I noticed that the ARD also has one of those pesky URL-redirectors. It is here. Try to attach any URL to the parameter called url, like this one. What’s the problem with redirectors on your website which allow people to redirect to arbitrary pages? There’s an article at Heise Security which explains it quite well (I don’t know whats worse, Google or a news site like the ARD).

So if you really think you need some automagic redirection like this (eg. to count outgoing clicks) please implement at least these easy rules:

• If its used by a form only (like in the Google case), make sure it works with POST only.
• If you want to use it in clickable links, check the Referer. Not every browser sets that header, in those cases show a static page which explains the user what is happening and offer him a link to actually exit.

Even more secure is to put every link ever used on your site in a database (you want to track the clicks anyway, right?) and add an id to the URL. Then people can only hop over your site when you posted that link yourself before.

Or just don’t do stuff like that.

Hmm… interesting, this link redirects to port 9185 on g4035180.swr.de. Not that this machine was accessible from the outside but if the rest of the CMS is written as bad as this part…

I took a mental note to write something on the topic ARD vs. BBC and Open Source and openness in general some time ago but never got around to actually do so. Until now. Why now? Because of BBC’s attendance at linux.conf.au. Why in English? Well, on the one hand because I can. On the other because I’m an attention whore and want it to appear on the Planet

If you don’t know what I’m talking about, ARD is the joint organization (most of) of German broadcasters under public law. As always, Wikipedia can tell you more. It’s financed by fees collected from anybody who owns a radio or a tv. All in all, it’s similar to the BBC. The main difference being that it’s not a single company but rather a federation of more-or-less independent entities. The main similarity? Same as between Germany and the UK I guess, both are rather conservative and slow in adopting changes. Especially in technology and transparency.

Both are taking first steps in the right (as defined by me) direction: The iPlayer might be a Windows-centric mess, but it’s a start. The ARD is working on a similar thing, called the Mediathek. I hope it will be better than the one the ZDF (the other German broadcaster under public law) opened to the public. (I just noticed that you can search it now, that’s a new feature.) Oh, and the ARD got a bunch of podcasts plus some kind of software called Podcast Mixer.

And there my praise stops and the complaints start (I wouldn’t be German if I didn’t find something to complain about, right?).

Don’t get me started that only a handful of radio programs are available as podcasts, everything else is just streamed (at least not in RealMedia anymore, but in MP3 and sometimes even Ogg). The really interesting stuff often isn’t available for download. Like the N-Joy Soundfiles and the full Zündfunk shows. (Hmm… seems like radioeins has a nice archive though.) Ok, most of the other stuff isn’t worth it anyway. But I’ve paid for it, so it would be nice if it was available. And don’t tell me about broadcasting rights, not in times where Amazon sells MP3s without copy protection and you can listen to full songs on Last.fm. If the podcast is interesting I’d even listen to the commercials on my MP3-player!

At least the people at ARD and ZDF think about releasing content as “Open Source”; whatever they mean with that, I hope they have a look how the BBC did it.

But, back to technology, the stuff which got me started. Remember that software Podcast Mixer? Well, obviously the ARD paid somebody to create it. Wouldn’t it be just fair if the source was available then? Maybe I could even port it to Linux and use it then. Ok, bad example, there’s a lot of better software freely available already. But there’s also a lot of other software created at the ARD as well.

I once worked for the NDR (the northern member of the ARD) and had to write a tool to implement access control for USB-devices under Windows. The team I worked at created a really easy-to-use tool to create, install, and auto-configure Windows images, all based on some Linux distro and Partimage. I had loved to use it at some other places I worked since then. And somebody else was working on an administration tool all the time, can’t remember what it was supposed to do. But all those people (including me) were payed by a public entity. By people’s money.

The same is actually true for government-created stuff as well, projects like LiMux are a start but definitely not enough. But I’ll stick with broadcasting for now.

In contrast, look at the BBC. On their website they’ve got their own Open Source area. And don’t be surprised if you search CPAN and stumble upon a Perl module created by a user called BBC (British Broadcasting Corporation). Well, I was, but I’d be even more surprised if there was one called ARD.

And have you ever heard about a blog called ARD Radio Labs? Nope, me neither, but BBC Radio Labs. (Hmm… seems like they’re still streaming with RealMedia, point for the ARD here.) blog.tagesschau.de is a start, but not comparable to a whole, well, let’s call it a Planet.

What else is there?

I heard the BBC managed to make DAB quite popular in the UK, by broadcasting some programmes digital-only. The ARD was just cut short of funds for digital radio by the KEF, the committee responsible for the ARD’s finances.

I read that 80% of the tv programmes of the BBC are already subtitled, they are aiming for 100% by April. ZDF is aiming for 25%, ZDF for 12% or less.

And I don’t know if the numbers have changed in the last few years, but at least in 2002 the BBC had more programs, more employees, but needed less funds.