Ubuntu Podcast Episode #2
We recorded the second ubuntupodcast today. You can see the video below via ustream, also enjoy the .mp3 and .ogg version for audio.
We recorded the second ubuntupodcast today. You can see the video below via ustream, also enjoy the .mp3 and .ogg version for audio.New Ubuntu Podcast.net Logo
Originally uploaded by tvma_nix
So this is the new logo for
http://ubuntupodcast.net
We shall resume normal recording schedule now that Josh’s life is a little more back to normal.
Ubuntu Weekly Newsletter #100
Some topics covered:
- Ubuntu Weekly Newsletter History
- UWN Past & Present Editors Podcast
- Mark Shuttleworth podcast
- Joining the UWN staff
- New Ubuntu QA team
- Call for nominations for Tech Board
- Alpha 3 soft freeze
- Next Ubuntu UDS
- Ubuntu stats
- LoCo news
- Ubuntu Forums news
- In the Press & Blogosphere
- Ubuntu-UK podcast #10
- UWN podcast transcriptions
- Upcoming Meetings & Events
- Updates & Security
This is a special Ubuntu Weekly Newsletter.
For our 100th edition, we cover the history of the UWN, a look back at previous UWNs, and discuss what the UWN has meant for people who have worked on it. Former and current staffers of UWN joined in for a podcast to discuss their experiences of contributing to the UWN and the impact of the UWN on the community. Mark Shuttleworth also provides his views on the Ubuntu Weekly Newsletter.
Links to the UWN Editors Podcast:
Links to Mark discussing the UWN:
If you are interested in writing for the UWN, join and introduce yourself to the the news team list.
If you have a story idea for the Weekly News, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!
Knives
While this is my blog, it is about open source, Linux, and computing topics. Every year or so, I like to take one post out of many, and dedicate it to a topic that I am close with. This time, it’s knives.
As a Boy Scout (leader these days) I know that my knife can be my best friend when in a jam. Whether it’s getting a fire started, defending myself, or building a shelter, I know I can depend on my knives to help me accomplish whatever I need to get done. Buck, Gerber (Legendary Blades, not baby food), and CRKT (Columbia River Knife and Tool), are just a few of my favorite brands. They all produce good knives, and are all very dependable. I’m not going to go into the details and basics of knives, but Buck knives has a good introductory page into knife types.
My personal favorite types of knives are lockblades and fixed blade knives. If you visit the above page, head to the bottom of the page where it says “Lockback Knives” and see all entries below for what folks mean by the term “lockblades.” There’s also another lock variation called midlock, which is like lockback, only with the lock mechanism in the middle of the knife. Simple, eh?
When purchasing a knife, be aware that Gerber does not measure their knife blades by the cutting edge, meaning from the base of the cutting edge straight to the height of the point, without following the curve of the blade. It’s misleading on the package. Recently, I purchased a Gerber knife, with a “4 inch blade” star printed on the package. I open it up, measure the cutting edge — 3 1/4 inches. Yeah, smaller than advertised, but it is actually a very good knife. This is the same situation with the other Gerber knives that I have purchased. It seems they measure the blades by several different points, and I have even read different (and wrong) blade lengths on their site. Let me reassure however, that Gerber makes very good knives, and I have been impressed with each one that I have purchased.
So which knife company is favorite? Buck. Why? Outside of making some really good knives, they are a Christian company. I wouldn’t be able to account for every worker on the factory level, but the management has always been keeping to faith to help guide their decisions in their daily lives. You can read the message Buck sends out in their knife boxes here. Several other reasons: Buck is a family owned company, and also still make several of their most popular knives in the USA, something that has become all to rare.
Now for some links!
BUCK:
GERBER:
http://www.gerbergear.com/index.php
CRKT:
Upgraded to WordPress 2.6.
Ahh, well, that wasn’t so bad. The upgrade process was pretty simple this time around, so I am running WordPress 2.6.
If there’s any issues with it that you notice, please let me know.
Latest Pidgin, Pidgin OTR, and updated GNOME metapackage.
Fixing a few problems in Hardy, I’ve published some new packages in the PPA for Unofficial Backports for Ubuntu. Available are:
- Pidgin 2.4.3, with support for plugins using the Mono runtime enabled.
- Pidgin-OTR 3.2.0, along with libotr 3.2.0, which is a little bit more out-of-the-way in terms of the user interface.
- An updated GNOME metapackage, making it possible to sudo apt-get install gnome without unresolved dependencies.
All of these are for Hardy. If you’d like these, and like to follow the repository’s future updates, add the following to a new file, /etc/apt/sources.list.d/uubp-ppa.list:
deb http://ppa.launchpad.net/unofficial-backports/ubuntu hardy main
deb-src http://ppa.launchpad.net/unofficial-backports/ubuntu hardy main
Then do the usual sudo apt-get update && sudo apt-get upgrade, and you’ll have the new stuff. If you’re running Pidgin, of course, restart it to run the new version.
Response to “The Ghost in Your Machine…”
I just read a surprisingly stupid and inaccurate article regarding “IPv6 [being a] gateway to hackers.” Aside from the obvious fact that they meant “crackers” and not “hackers,” (because crackers are the people that break security with malicious intent, while hackers are the people that create software programs and systems like operating systems, Web browsers, email clients, and so forth), Wired’s Threat Level blog is spreading FUD about IPv6, and to top it all off, giving bad advice (never, ever listen to anyone that seriously believes that software like Zone Alarm is going to protect you; only the operating system itself can do that, as Microsoft Corporation can attest to). Not to mention, the basic principle of separation of privileges pretty well mandates that if a given machine x needs to be protected by any given threat Y, that a third system, Z, should provide that protection. Routers are what need to be charged with protecting networks, not client workstations. Server machines that house data that cannot be leaked, should not be on publicly facing Internet machines. As an example, any site that regularly performs customer transactions via the Web should routinely clean their database on the Web server and move the database’s sensitive content to an internal system that isn’t accessible from the Web site nor the Internet, thereby mitigating what can be stolen in the event that there is a vulnerability lying around somewhere that can be exploited.
In any case, I was going to comment on the blog, but the comment got long-winded, so I am posting it here instead. You might want to head over and read the article first, of course.
I am not quite sure how to even begin responding to this article.
This piece stretches the truth a little bit. While many appliances and devices and even operating systems have support for IPv6, it’s only enabled by default when it’s possible to use. Many firewalls on networks like corporate networks use a whitelist policy to determine what goes in and out, for starters. Secondly, most organizations have not yet deployed Windows Vista, which has IPv6 enabled by default. Windows XP has a broken IPv6 implementation anyway, and while it’s possible to add functionality for tunneling into it, either protocol 41 is going to be blocked, or the strange-looking UDP tunnels will be; they’re not going to be part of the whitelist.
Furthermore, you seem to have neglected the fact that the application software which opens ports has to support IPv6 — and have that support turned on — in order for it to expose any sorts of vulnerability. Lastly, you call upon software firewalls functioning on known-insecure operating systems as a means of protection.
Were you on any TCP/IP networks before 1993? NAT hasn’t been around for a very long time, and NAT only came about due to the foresight of the industry realizing that IPv4 address space was shrinking too quickly. IPv6 won’t have NAT, to be sure, but IPv4 networks didn’t use to have it, either; they relied upon packet filtering at the edge of the network in order to maintain security. Network security will shift back to that model, just as it was back pre-NAT.
Any operating system secure enough to provide such services already does so, and this includes any sort of embedded devices which run those operating systems. For example, a router that is running any variant of the GNU/Linux operating system that has support for IPv6 enabled will be able to perform packet filtering for the internal network. This means that the router will have the ability to block packets based on the same criteria that NATs do. It can look for related connections, for example, and permit packets to and from. Networks which require machines to be segregated from the Internet will still have to be segregated in the most cautious of ways, nothing will change there.
It doesn’t matter if you’ve IPv4 machines behind a NAT that have external ports forwarded to them, or if you have a fully functional IPv6 network; the weakest link is still going to be the weakest link. ZoneAlarm and friends aren’t going to provide any level of real protection, and if they’re being trusted to do so, the person(s) implementing these solutions are of questionable network security background. In fact, they’re probably management types, and the decision to do it was probably based on advice from friends, advice from fellow managers, or buzzword compliance, or some mixture of the three.
Also, consider that most home and small office appliances do not have, and will not have, support for IPv6 tunneling through them. Special support has to be present for VPN passthrough on such commodity devices; support for Protocol 41 would be required, as well. For clients that use UDP tunneling, UDP with the external Internet has to be permitted, and that’s the same as VPN passthrough with the way many VPN clients are implemented these days; so, if people are using VPNs, they are already aware of the fact that they’ve opened up their networks to be creating tunnels to and from other networks.
The only way to keep a network secure is to use operating systems which are audited and reviewable systems, combined with software of the same caliber, combined with a router that knows how to drop packets that are harmful based on (in order of preference) whitelisting, greylisting, blacklisting, or even heuristic analysis. Combine with with strong, complex passphrases, and you have a secure system.
As for what is considered to be audited and reviewable, I would say that a GNU/Linux system would fit that bill. Considering that the average privilege escalation exploit in the kernel is closed anywhere between 6 to 36 hours after it is found, compared with Apple or Microsoft’s turnaround time on security-critical bugs (remember MS06-032?) which range from several weeks to several months, it seems fairly obvious what systems should be trusted to perform network routing and security functions… but I wouldn’t risk a network buy having weak links even close to attached to an outside, known-hostile network. If I have systems which _must_ be protected from the Internet at all costs, then the only thing that is going to move data back and forth between those systems and the Internet is the tried-and-true method of sneakernet. There is also the ability to have private nodes on an IPv6 network that do not have globally routable IPv6 addresses; combine that with a totally different Ethernet segment, and you can implement a single machine which acts as a gateway between the two networks, letting data flow in one direction but not the other. It’s not terribly hard to come up with secure solutions, given that simplicity and (what should be) common sense tend to make security a (relatively) easy thing to combat.
If you want to write a piece that will make people aware of security issues on their networks, why not write up a piece on the importance of open systems which are peer reviewed? Why not talk about the known benefits of such systems, and show how it’s worked in the world of academia for so long? Nary a thing is published in academia without peers performing reviews and fact-checking on it. The code that goes into operating systems can (and should!) be proofread in the same way, for the same reasons. After all, you wouldn’t trust papers published in a journal without them having cited sources and provided data such that you could verify the information yourself… why should you trust your operating system to do exactly what (and no more than) it claims to do, without seeing the references and data that is part of the system itself? Well, not everyone would—but when it’s possible, people *do*, and *that* is what increases the security of a system.
Upcoming Marketing Team Meeting - SpreadUbuntu
Some folks on the Marketing Team have been working on a SpreadUbuntu project. Rubén Romero sent out an email to schedule a meeting to discuss it:
Hello everyone,
The first coming Saturday 29th [actually 19th] of July at 21UTC we plan to hold a meeting in #ubuntu-marketing to talk and adjust our work around the SpreadUbuntu Project. Our focus this time will be in the DIY (Do-It-Yourself) repository with marketing and artwork material for the whole Ubuntu community. Any other SU related questions will be adressed as well.
We, the Spread Ubuntu team, have been working hard to consolidate all the previous work done by others and try to find a path for the future of the project. If you love Ubuntu and would like to help us build a site to spread it please join us:
- Launchpad - https://launchpad.net/~spreadubuntu
- UbuntuWiki - https://wiki.ubuntu.com/MarketingTeam/SpreadUbuntu
We need a lot of help in understanding bzr and launchpad in general, so if you are good at this you may give us a hand too
The project status is as follows:
- Previous DIY and SU projects in launchpad are assigned to us (the SU team) now
- We have a playground webserver by Houbsi to work with drupal and we have some mockups for the site and logo as well
- We have started using LaunchPad (LP) to track down task, blueprints ang getting to know bzr
- blueprint and the bazaar branch for the drupal template
- Launchpad will have the elements (using bzr as our DVCS) so we can track different versions and keep high quality versions of the material without killing the sites bandwidth or storage space
- The DIY site will have the latest copy of the elements as well as a database pointing to the original elements stored in LP (so they can be retrieved if the user wants)
- LP will be used for Material translation, change requests, questions & answers and material storage (through bazaar and probably a PPA)
- The Leonov project will be used as a start for our SUgui (a SU desktop client for designers/users) and we will implement plug-ins for it so elements can be edited from within the app (+/- 1 years from now)
See you this saturday in #ubuntu-marketing @ FreeNode
Best regards,
Rubén Romero
https://launchpad.net/~huayra
Annoyed with Emacs
I’m becoming a little annoyed with Emacs now. While it’s been pretty ok to use on a day-to-day basis for notes and other text chores, getting down and actually coding with it is quite, at least to me, annoying. My biggest problem is auto-indent. I can’t seem to shut this feature off to save my life, and it drives me insane. It seems to vary depending on the mode I’m in (php, python, etc), and the modes seem to override the settings in my .emacs file. While I do enjoy planner mode, the coding side of Emacs is basically annoying the heck out of me right now, and with what I’m working on, I’m thinking an IDE is going to suit me better in the long run. I may find the exact formula to change the behavior, but lately I’m not all that interested in that, rather than finding what’s going to be the most comfortable setup for me.
Wanted: Accurate Headlines
© dariuszka
I’m sure some folks have seen the pingdom post about the uptime of Microsoft, Apple, and Ubuntu “software update” servers over a 3 month period. Basically, the uptimes were: Microsoft, 100%; Apple, 99.9%, and Ubuntu, 98.64%. Pingdom states that they were tracking specific servers, and only the main Ubuntu archive. They point out that Ubuntu has lots of mirrors, but pingdom didn’t bother tracking any of them. So should the title of pingdom’s post really be “Microsoft’s software update beats Apple and Ubuntu?” How about “Microsoft beats Apple, Ubuntu in service reliability?”
Ok, ok, I’ll stop being a baby about it.
Wanted: Accurate Headlines
?? dariuszka
I’m sure some folks have seen the pingdom post about the uptime of Microsoft, Apple, and Ubuntu “software update” servers over a 3 month period. Basically, the uptimes were: Microsoft, 100%; Apple, 99.9%, and Ubuntu, 98.64%. Pingdom states that they were tracking specific servers, and only the main Ubuntu archive. They point out that Ubuntu has lots of mirrors, but pingdom didn’t bother tracking any of them. So should the title of pingdom’s post really be “Microsoft???s software update beats Apple and Ubuntu?” How about “Microsoft beats Apple, Ubuntu in service reliability?”
Ok, ok, I’ll stop being a baby about it.
A must read—for EVERYONE
I was going to post this last night, but I wanted some time to think about what I’d just finished reading before I decided to write about it here. Yesterday, I read Little Brother. It was an awesome, amazing read. It is also the only book that I have ever read entirely on my computer screen. Once I started reading it, I could not take it off my screen… which is pretty amazing, considering that I am not one to read entire books on my computer screen. I tend to like to read books in “dead-tree” form, away from my computer. Even technical books, though I tend to read those while I am at the computer.
The book tells the story of Marcus Yallow, a high-schooler, and his interactions with various governmental agencies. The story is set in California, in what can only be described as “potentially not very far in the future”. The telling of the story is direct and powerful.
Even better, the author of the book is very knowledgeable with regards to technology. Nearly every piece—if not every piece—of technology talked about in the book exists or has the potential to exist today. The story is not far fetched, it’s not fantasy, and it’s not surreal in the sense that it depends on things that we do not yet know. It is highly relevant, and everyone—children and adults alike—should read this book.
The story is also released by the author under the terms of a Creative Commons license. It can be copied and distributed on the Internet, or in any other medium, at will. The book is also published in traditional “dead-tree” format by Tor®, which publishes lots of science-fiction and fantasy books such as the Ender’s Game series of books. The author of the book also contributes to a wide variety of other publications, such as MAKE Magazine, which has all sorts of very nifty do-it-yourself type technology projects.
If you read nothing else, take the time to read Little Brother. It is thought-provoking and highly realistic, and well, well worth the read.
A must read???for EVERYONE
I was going to post this last night, but I wanted some time to think about what I’d just finished reading before I decided to write about it here. Yesterday, I read Little Brother. It was an awesome, amazing read. It is also the only book that I have ever read entirely on my computer screen. Once I started reading it, I could not take it off my screen??? which is pretty amazing, considering that I am not one to read entire books on my computer screen. I tend to like to read books in ???dead-tree??? form, away from my computer. Even technical books, though I tend to read those while I am at the computer.
The book tells the story of Marcus Yallow, a high-schooler, and his interactions with various governmental agencies. The story is set in California, in what can only be described as ???potentially not very far in the future???. The telling of the story is direct and powerful.
Even better, the author of the book is very knowledgeable with regards to technology. Nearly every piece???if not every piece???of technology talked about in the book exists or has the potential to exist today. The story is not far fetched, it’s not fantasy, and it’s not surreal in the sense that it depends on things that we do not yet know. It is highly relevant, and everyone???children and adults alike???should read this book.
The story is also released by the author under the terms of a Creative Commons license. It can be copied and distributed on the Internet, or in any other medium, at will. The book is also published in traditional ???dead-tree??? format by Tor??, which publishes lots of science-fiction and fantasy books such as the Ender???s Game series of books. The author of the book also contributes to a wide variety of other publications, such as MAKE Magazine, which has all sorts of very nifty do-it-yourself type technology projects.
If you read nothing else, take the time to read Little Brother. It is thought-provoking and highly realistic, and well, well worth the read.
My Perfect Desktop: Kubuntu KDE 4
The Kubuntu KDE 4 desktop has become my perfect desktop. It has all the functionality I could ask for, and I have added applications to supplement that effect.
1. KBlogger - Yup. It has to be the easiest application I have ever set up. I just entered my blog http address, my username and password, and hit “Autoconfigure”. BAM! I was in. I had all my information and was able to start blogging. There are more features than I can shake a stick at, and it even shows me what the post will actually look like by showing a web-view of my blog with the post preview. It is currently in an “alpha 2″ stage, so development is still on. Things seem to be very stable, however.
2. ThinkFree Office - I have used this free (as in no cost) office suite in the past, and it has always preformed well. It looks and acts like Microsoft Office in a way, and has an online service that integrates as well, all for free.
3. Stellarium - In my opinion, Stellarium is one of the better applications available for Linux. It shows the night sky as you would see it with the naked eye. It also shows the location of thousands of space objects in real time. Very, very cool if you like astronomy like me.
4. Konqueror - I know that Konq. is included by default as the web browser and optional file browser for KDE 4, but I was able to get flash working - something that is not easy to do. What I did (for those interested) is type “sudo apt-get build-dep flashplugin-nonfree, and then I installed the flash plugin “sudo apt-get install flashplugin” and then reboot. After that, it worked! So, now Konqueror is working as my default web browser. KBlogger comes in handy here because it works with the KDE applications, giving me more options that working with the plain-text editor for wordpress that I would be forced to use in Konqueror.
There are several more that I will write about soon, just as soon as I learn more about the system.
My Perfect Desktop: Kubuntu KDE 4
The Kubuntu KDE 4 desktop has become my perfect desktop. It has all the functionality I could ask for, and I have added applications to supplement that effect.
1. KBlogger - Yup. It has to be the easiest application I have ever set up. I just entered my blog http address, my username and password, and hit “Autoconfigure”. BAM! I was in. I had all my information and was able to start blogging. There are more features than I can shake a stick at, and it even shows me what the post will actually look like by showing a web-view of my blog with the post preview. It is currently in an “alpha 2″ stage, so development is still on. Things seem to be very stable, however.
2. ThinkFree Office - I have used this free (as in no cost) office suite in the past, and it has always preformed well. It looks and acts like Microsoft Office in a way, and has an online service that integrates as well, all for free.
3. Stellarium - In my opinion, Stellarium is one of the better applications available for Linux. It shows the night sky as you would see it with the naked eye. It also shows the location of thousands of space objects in real time. Very, very cool if you like astronomy like me.
4. Konqueror - I know that Konq. is included by default as the web browser and optional file browser for KDE 4, but I was able to get flash working - something that is not easy to do. What I did (for those interested) is type “sudo apt-get build-dep flashplugin-nonfree, and then I installed the flash plugin “sudo apt-get install flashplugin” and then reboot. After that, it worked! So, now Konqueror is working as my default web browser. KBlogger comes in handy here because it works with the KDE applications, giving me more options that working with the plain-text editor for wordpress that I would be forced to use in Konqueror.
There are several more that I will write about soon, just as soon as I learn more about the system.
© 2007 Canonical Ltd. Ubuntu and Canonical are registered trademarks of Canonical Ltd.