After 10 months of work, over a thousand contributions by 60 or so contributors, we’ve finally released LXC 1.0!
You may have followed my earlier series of blog post on LXC 1.0, well, everything I described in there is now available in a stable release which we intend to support for a long time.
In the immediate future, I expect most of LXC upstream will focus on dealing with the bug reports and questions which will no doubt follow this release, then we’ll have to discuss what our goals for LXC 1.1 are and setup a longer term roadmap to LXC 2.0.
But right now, I’m just happy to have LXC 1.0 out, get a lot more users to play with new technologies like unprivileged containers and play with our API in the various languages we support.
Thanks to everyone who made this possible!
Yesterday, in a conference call with the press followed immediately by a public Town Hall with the community, Canonical announced the first two hardware manufacturers who are going to ship Ubuntu on smartphones!
Now many have speculated on why we think we can succeed where so many giants have failed. It’s a question we see quite a bit, actually. If Microsoft, RIM/Blackberry and HP all failed, what makes us think we can succeed? It’s simple math, really. We’re small. Yeah, that’s it, we’re just small.
Unlike those giants who tried and failed, we don’t need to dominate the market to be successful. Even just 1% of the market would be enough to sustain and continue the development of Ubuntu for phones, and probably help cover the cost of developing it for desktops too. The server side is already paying for itself. Because we’re small and diversified, we don’t need to win big in order to win at all. And 1%, that’s a very reachable target.
So, as readers of my blog would have noticed in the past, We have sold Kubuntu polo shirts.
There were some comments that there were none for ladies – We now have a very limited stock for ladies so all you ladies who would like a Kubuntu polo, come and grab yours now!
There is also a new, limited stock for the men as well.
I am sure that you have all seen the exciting news about the first partners to ship Ubuntu smart-phones. For those who haven’t seen it:
19th February 2014, London: Canonical today announces it has signed agreements with mobile device manufacturers bq (www.bqreaders.com) (Spain) and Meizu (China) to bring Ubuntu smartphones to consumers globally. Canonical is working with these partners to ship the first Ubuntu devices on the latest hardware in 2014. Ubuntu has also received significant support from the world’s biggest carriers, some of which intend to work with OEM partners to bring phones to market this year.
Development programmes have begun with the partners to provide smartphones with a superior user experience on mid to high end hardware for consumers around the world. Devices will be available to buy online through bq, Meizu and at Ubuntu.com.
Today was a hectic day, starting with our Ubuntu town hall hangout and spent in a wealth of meetings. As such I haven’t had a chance to write a blog post about this announcement yet, but I wanted to throw something out on my blog before I go to bed.
Naturally this is tremendously exciting news. As I posted about before, 2013 was an intense year as we not only started building our convergent platform, but also the many inter-connecting pieces too such as our SDK, image based updates, Mir, app developer platform, platform services, app insulation, developer portal, and more. As a result of this work, since May 2013 I have been running Ubuntu full-time on my phone and we are in great shape.
In the last year my team has been heavily focused on building a new community; our Ubuntu app developer community. I have directed many resources in my team here for a number of reasons that I believe are of strategic importance to the future health, growth, and opportunity of Ubuntu and our community.
Firstly, we want Ubuntu to instill a level of simplicity, elegance, and power that is not just present in the default platform, dash, scopes, and services, but also emphasized across the apps that users want to use. This means kickstarting a new generation of apps inspired by the design and development principles that are driving our convergence vision and using a simple and powerful app developer platform so devs can go from idea to app store as quickly and easily as possible.
Secondly, I personally believe that apps are key to our success. I suspect that OEMs and carriers will be even more motivated by a platform with great apps and a powerful developer platform, I believe that users will be attracted to a platform with great apps, and I believe that developers will want to build apps for a platform that is both fun to use and develop for.
Thirdly, I believe there is a huge opportunity to refine and innovate in so many areas of our app developer platform and community. Everything from the tooling to knowledge and support to publishing can be optimized and refined to build the very best developer platform.
As such, in my peanut-sized brain the apps are where much of my team’s strategy should be focused.
I am delighted by the progress we are making here. As I wrote about a few days ago, there is lots of wonderful work going on and fresh features and improvements landing soon. Our Ubuntu app developer platform is growing in leaps and bounds and I am really proud of the efforts of so many people.
Now, while I am proud of where we are today, I am not going to compromise until we have the best developer platform in the world.
So, how does this all relate to the bq and Meizu news?
Well, this news starts the ball rolling on the first set of devices that are going to be hitting the market. This in-turn will result in a general consumer audience starting to use Ubuntu on smart-phones. While today we have thousands of developers flashing their phones with Ubuntu and eagerly writing apps and using other people’s apps, the injection of general consumers will build even more motivation and momentum for our app developers to create apps they are truly proud of and that will be of interest to a new generaton of Ubuntu smart-phone users. As a musician I can tell you that having an audience makes everything that much more worthwhile, and I think it is the same our developers who are about to get a new audience growing around them.
These are tremendously exciting times. Our vision is ambitious but every day the momentum grows and I delighted you are all joining the journey with us. Let’s do this, friends!
I'm flabbergasted (is that even a word?) that no one on the Planet blogged about this (yet). That's definitively un-awesome. I *did* see posts about stuff absolutely unrelated to Ubuntu though: fictional TV series from days gone by and databases that I don't need. Why, oh why?
Anyways... Today, Mark, Jono, and Rick announced that there are two (2) manufacturers that will be making phones with Ubuntu pre-installed later this year.
Now *that* is news that is worthy of Planet Ubuntu. And more than that: It's AWESOME!
You should give this video a watch!
I was rather excited to receive my box set of Doctor Who: Dark Eyes 2 today. Not just because it’s the follow-up to the BBC Audio Drama Award-winning first series. Here’s the splendid artwork that accompanies the 4 CD release:
You see the photographs of Nicola Walker from Spooks on the box, album art and even the disk itself? I took those! Thanks to the design wizardry of Damien May they blend seamlessly with the photographs of Paul McGann, Ruth Bradley and Alex Macqueen in costume that they already had. It’s tremendously exciting to see one’s efforts printed on an actual BBC authorised CD.
Nick Briggs (Executive Producer and voice of the Daleks) asked if I could attend the recording session at the studio to photograph Nicola, Alex, Ruth and other cast members. Not knowing exactly what I would encounter when I got there, I tried to cover all the possibilities. I ended up shooting using off camera flash to get the dramatic lighting suitable for the covers and album art, and natural light for the more straight-forward shots. It was fascinating to see how a complex audio drama is recorded, and yes, the lunches at the Big Finish studios are every bit as good as they are made out to be!
I can see more of my photos of Ruth (below), Alex and Nicola in issue 60 of Big Finish’s free magazine, Vortex. Dark Eyes 2 is available now from bigfinish.com. I suppose I better go and listen to it now!Pin It
Before Christmas, I announced that MongoDB was planning to celebrate its own version of “March Madness” called MongoDB March Madness, an event featuring 27 of our European MongoDB User Groups. This is the second annual March MUG Madness, and we’re thrilled that the number of requests to take part has only continued to grow.
March Madness is an annual Division 1 college basketball tournament in the U.S. which leads up to the NCAA (National Collegiate Athletic Association) Finals. MongoDB March Madness does not have much to do with the basketball game, however, since the event is happening in March, the name fits quite well!
I wasn’t sure how many would take part in the Madness, it’s been a lot of fun to organise and even more to see the various engineers take part in the event, each bringing with them their own style and ideas to the MUGs so no two talks are alike.
It’s been great to see the MUGs tell their stories, show their previous events and want to take part in the madness. I hope this trend continues and even more take part next year! If you don’t know about MongoDB or want to learn more it’s a great opportunity to attend and meet some of our engineers.
In a series of 12 posts, I’ll make the case for Ubuntu as the platform of choice for public clouds, enterprise clouds and related scale-out initiatives.
Cloud computing is largely being defined on public clouds today. There are a range of initiatives for private cloud computing – some proprietary, some open – but for sheer scale and traction, the game today is all about public cloud services. Azure, AWS, a range of offerings from telco’s and service providers together with innovative takes on the concept from hardware OEMs have been the leading edge of the cloud market for the past five years. We do expect private clouds to flourish around OpenStack, but we expect the gene pool of innovation to stay on the public clouds for some time.
And what do people run on public clouds? By substantial majority, most of that innovation, most of that practical experience and most of the insights being generated are on Ubuntu.
Digital Ocean, the fastest growing new challenger in the US public cloud market, published definitive statistics on the share of operating systems that customers choose on their cloud:
AWS hasn’t spoken publicly on the topic but there are a number of measurements by third parties that provide some insight. For example, SCALR offer a management service that is used by enterprises looking for more institutional management control of the way their teams use Amazon. One might think that an enterprise management perspective would be skewed away from Ubuntu towards traditional, legacy enterprise Linux, but in fact they find that Ubuntu is more than 70% of all the images they see, three times as popular as CentOS.
There is no true safety in numbers, but there is certainly reassurance. Using a platform that is being used by most other people means that the majority of the content you find about how to get things done efficiently is immediately relevant to you. Version skew – subtle differences in the versions of components that are available by default on your platform of choice – is much less of an issue if the guidebook you are reading assumes you’re on the same platform they used.
There is also the question of talent – finding people to get amazing things done on the cloud is a lot easier if you let them use the platforms they have already grown comfortable with. They can be more productive, and there are many more of them around to hire. Talking to companies about cloud computing today it’s clear their biggest constraint is knowledge acquisition; the time it takes to grow own internal skills or to hire in the necessary skills to get the job done. Building on Ubuntu gives you a much broader talent and knowledge base to work with. Training your own team to use Ubuntu if they are familiar with another Linux is a relatively minor switch compared to the fundamental challenge of adopting a IAAS-based architecture. Switching to Ubuntu is the fastest way to tame that dragon, and the economics are great, too.
That’s why we see many companies that have been doing Linux one way for a decade switching to Ubuntu when they switch to the cloud. Even if what they are doing on the cloud is essentially the same as something they already do on another platform, it’s “easier with Ubuntu on the cloud”, so they switch.
Today I reached another milestone in my open source journey: I got my first package uploaded into Debian’s archives. I’ve managed to get packages uploaded into Ubuntu before, and I’ve attempted to get one into Debian, but this is the first time I’ve actually gotten a contribution in that would benefit Debian users.
I couldn’t have done with without the the help and mentorship of Paul Tagliamonte, but I was also helped by a number of others in the Debian community, so a big thank you to everybody who answered my questions and walked me through getting setup with things like Alioth and re-learning how to use SVN.
One last bit of fun, I was invited to join the Linux Unplugged podcast today to talk about yesterday’s post, you can listen it it (and watch IRC comments scroll by) here: http://www.jupiterbroadcasting.com/51842/neckbeard-entitlement-factor-lup-28/
I like tagged tiling window managers. I like tiling because it lets me avoid tedious window move+resize. I like tagged wm because I can add multiple tags to windows so that different tag views can show different subsets of my windows – irc and mail, irc and task1, task1 and browsers, task2 and email…
Unity doesn’t tile, but has the grid plugin which is quite nice. But what about a tagged view? There used to be a compiz plugin called group. In the past when I’ve tried it it didn’t seem to quite fit my needs, but beyond that I couldn’t find it in recent releases.
I briefly considered building it straight into unity, but I really just wanted something to work with < 1 hr work. So I implemented it as a script, winmark. Winmark takes a single-character mark (think of marking in vi, ma, 'a) and stores or restores the layout of the currently un-minimized windows under that mark (in ~/.local/share/winmark/a). Another tiny c program grabs the keyboard to read a mark character, then calls winmark with that character.
So now I can hit shift-F9 a to store the current layout, set up a different layout, hit shift-f9 b to store that, then restore them with F9 a and F9 b.
I’m not packaging this right now as I *suspect* this is the sort of thing noone but me would want. However I’m mentioning it here in case I’m wrong. The source is at lp:~serge-hallyn/+junk/markwindows.
There’s definite room for improvement, but I’ve hit my hour time limit, and it is useful as is Potential improvements would include showing overlay previews as with application switching, and restoring the stacking order.
This is post 10 out of 10 in the LXC 1.0 blog post series.Logging
Most LXC commands take two options:
- -o, –logfile=FILE: Location of the logfile (defaults to stder)
- -l, –logpriority=LEVEL: Log priority (defaults to ERROR)
The valid log priorities are:
FATAL, ALERT and CRIT are mostly unused at this time, ERROR is pretty common and so are the others except for TRACE. If you want to see all possible log entries, set the log priority to TRACE.
There are also two matching configuration options which you can put in your container’s configuration:
They behave exactly like their command like counterparts. However note that if the command line options are passed, any value set in the configuration will be ignored and instead will be overridden by those passed by the user.
When reporting a bug against LXC, it’s usually a good idea to attach a log of the container’s action with a logpriority of at least DEBUG.API debugging
When debugging a problem using the API it’s often a good idea to try and re-implement the failing bit of code in C using liblxc directly, that helps get the binding out of the way and usually leads to cleaner stack traces and easier bug reports.
It’s also useful to set lxc.loglevel to DEBUG using set_config_item on your container so you can get a log of what LXC is doing.Testing
Before digging to deep into an issue with the code you are working on, it’s usually a good idea to make sure that LXC itself is behaving as it should on your machine.
To check that, run “lxc-checkconfig” and look for any missing kernel feature, if all looks good, then install (or build) the tests. In Ubuntu, those are shipped in a separate “lxc-tests” package. Most of those tests are expecting to be run on an Ubuntu system (patches welcome…) but should do fine on any distro that’s compatible with the lxc-ubuntu template.
Run each of the lxc-test-* binaries as root and note any failure. Note that it’s possible that they leave some cruft behind on failure, if so, please cleanup any of those leftover containers before processing to the next test as unfortunately that cruft may cause failure by itself.Reporting bugs
The primary LXC bug tracker is available at: https://github.com/lxc/lxc/issues
You may also report bugs directly through the distributions (though it’s often preferred to still file an upstream bug and then link the two), for example for Ubuntu, LXC bugs are tracked here: https://bugs.launchpad.net/ubuntu/+source/lxc
If you’ve already done some work tracking down the bug, you may also directly contact us on our mailing-list (see below).Sending patches
We always welcome contributions and are very happy to have such an active development community around LXC (Over 60 people contributed to LXC 1.0). We don’t have many rules governing contributions, we just ask that your contributions be properly licensed and that you own the copyright on the code you are sending us (and indicate so by putting a Signed-off-by line in your commit).
As for the licensing, anything which ends up in the library (liblxc) or its bindings must be LGPLv2.1+ or compatible with it and not adding any additional restriction. Standalone binaries and scripts can either be LGLPv2.1+ (the project default) or GPLv2. If unsure, LGPLv2.1+ is usually a safe bet for any new file in LXC.
Patches may be sent using two different ways:
- Inline to the email@example.com (using git send-email or similar)
- Using a pull request on github (we will then grab the .patch URL and treat it as if they were e-mails sent to our list)
The primary way of contacting the upstream LXC team is through our mailing-lists. We have two, one for LXC development and one for LXC users questions:
- lxc-devel: https://lists.linuxcontainers.org/listinfo/lxc-devel
- lxc-users: https://lists.linuxcontainers.org/listinfo/lxc-users
For more real-time discussion, you can also find a lot of LXC users and most of the developers in #lxcontainers on irc.freenode.net.Final notes
So this is my final blog post before LXC 1.0 is finally released. We’re currently at rc3 with an rc4 coming a bit later today and a final release scheduled for tomorrow evening or Thursday morning.
I hope you have enjoyed this blog post series and that it’ll be a useful reference for people deploying LXC 1.0.
It’s that time of the year where elections are needed for 2 available moderator positions on Ask Ubuntu.
Here are the list of nominees, if you have 150 rep on the site you can cast a vote.
The primary closes in 3 days, after which the election begins. Please take the time to read the statements from each of the candidates and cast a vote!
Here at Kubuntu we try our very best to backport releases of KDE Software Compilation and major pieces of KDE software to the latest stable and LTS release. Our backports archive does indeed have the latest 4.12.2 release. For those of a more conservative preference the updates archive has bug fix release 4.11.5 which is also put into the main saucy-updates archive after some testing has shown it is free of regressions.
At the Ubucon at Southern California Linux Expo on Friday, February 21st I’ll be doing a presentation on 5 ways to get involved with Ubuntu today. This post is part of a series where I’ll be outlining these ways that regular users can get involved with while only having minimal user-level experience with Ubuntu.
Back in 2007 I joined the Ubuntu Pennsylvania team and kicked off my work as a local Ubuntu advocate. Our first projects back then included an installfest in collaboration with a local recycling facility, deployment of Ubuntu systems for a girls organization and the launching of an LTSP-based project for an adult learning center.
Over the years, I’ve continued with my passion for promoting Ubuntu and its various flavors (particularly Xubuntu) through local teams, presentations and community-developed promotional materials. You can too!LoCo Teams
Ubuntu Local Community (LoCo) teams are regionally-based groups of Ubuntu advocates and supporters who get together in order to support users in their geographical region and promote Ubuntu in their local area with groups and at conferences.
Over the years I’ve had the pleasure of participating in various events by LoCo teams. In 2009 I was invited to present at the Ubuntu Release Event in Waterloo, New York. While traveling in 2010 I got off my flight and attended the release party put on by the Ireland team for Maverick Meerkat in Dublin.
In my own teams (Pennsylvania, and now California) I’ve participated in a variety of events, including:
Training for a deployment for girls in Philadelphia (and brief impromptu chat about being a woman in tech) in 2007:
Staffing a booth at the Central Pennsylvania Open Source Convention (CPOSC) in 2009:
Staffing a booth at the outdoor community event, Solano Stroll, in Berkeley, California in 2011:
And a booth at the Southern California Linux Expo in 2013 (another one is coming up this week!):
I have really enjoyed working with LoCo teams and would like to impress upon anyone reading this: Anyone can help with a team. Teams from all over the world are listed over on http://loco.ubuntu.com/teams/ and even if your team isn’t all that active right now, you can jump right in and help out. When I began contributing to my team in Pennsylvania I’d only been using Ubuntu for a couple years on a laptop (not even on my main system!) and hadn’t really spent a lot of time in the community, within a couple of months I was not only helping organize events, but also presenting at events.Presentations
This article is the final one in a 5 part series that I’m writing leading up to the Southern California Linux Expo where I’ll be presenting at the Ubucon. I’ve been presenting at Ubucon for the past several years on various topics from community involvement to running OpenStack on Ubuntu – and you can too!
Up on SpreadUbuntu I have uploaded my Introduction to Ubuntu talk that I frequently give at a local IT Tech class on Linux. I’ve shared it so others can take, adapt and present themselves:
I’m currently excited to see a colleague in the Ubuntu community is currently doing just that so he can add in a tour of Unity using this slide deck as a base.
Giving presentations at LUGs around release time or at conferences is a great way to get out there and directly talk to folks about Ubuntu. Topics are wide open, from introduction an to Ubuntu, your favorite tips about effectively using Unity or talking about the latest features that users can anticipate in the new release.
Also, giving presentations isn’t that scary. Just make sure you prepare in advance and practice, you’ll be ok :)Promotional Material
I have pretty much no artistic talent, but back in 2010 I asked my friend Martin Owens to create a poster that I could use for an upcoming conference and he really came through with a “Reasons to Love Ubuntu” poster that I continue to use to this day, available here:
This year I worked with Pierre van Male of the StartUbuntu project who developed a flyer for their project. I pulled in the artistic talents of Pasi Lallinaho of the Xubuntu team and together we created a version of the flyer that we’re using to promote Ubuntu and Xubuntu, I’ve printed out a pile of them to bring along to a conference this week:
You can download the source here:
It’s also been translated into a few other languages, see this recent Xubuntu website post for more.
As you can see, I’m linking to SpreadUbuntu.org throughout this post. It’s a great resource for sharing posters, flyers, presentations and more between teams and I use it a lot for my own materials. Unfortunately a lot of the content is out-dated and I think the site has largely lost interest by most of the community. I’d love to see others using this resource more!
Finally, there’s the Ubuntu Advocacy Kit, a project that I’d like to see really take off. Currently it’s pretty limited in content, but with a handful of dedicated contributors it could be turned into a really valuable resource for the whole community, so if you’re interested in materials and advocacy, have a look at that project.Previous posts in this series
Nothing new to report this week.
Release Metrics and Incoming Bugs
Release metrics and incoming bug data can be reviewed at the following link:
Milestone Targeted Work Items
4 work items
2 work items
1 work item
1 work item
6 work items
Status: Raring Development Kernel
We have packaged our 3.13.0-9.29 Trusty kernel and uploaded to our
canonical-kernel-team ppa. This primarily pulls in the latest v3.13.3
upstream stable updates. We have also started tracking the v3.14 kernel
and have recently rebased our unstable branch to v3.14-rc3.
Important upcoming dates:
Thurs Feb 20 – Feature Freeze (~2 dayss away)
Thurs Feb 27 – Beta 1 (~1 week away)
Thurs Mar 27 – Final Beta (~5 weeks away)
Thurs Apr 03 – Kernel Freeze (~6 weeks away)
The current CVE status can be reviewed at the following link:
Status: Stable, Security, and Bugfix Kernel Updates – Saucy/Quantal/Precise/Lucid
Status for the main kernels, until today (Nov. 26):
- Lucid – Prep’ing kernels
- Precise – Prep’ing kernels
- Quantal – Prep’ing kernels
Saucy – Prep’ing kernels
Current opened tracking bugs details:
For SRUs, SRU report is a good source of information:
Open Discussion or Questions? Raise your hand to be recognized
No open discussions.
Q: Why should I care about randomness? A: Because entropy is important!
- Choosing hard-to-guess random keys provide the basis for all operating system security and privacy
- SSL keys
- SSH keys
- GPG keys
- /etc/shadow salts
- TCP sequence numbers
- dm-crypt keys
- eCryptfs keys
- Entropy is how your computer creates hard-to-guess random keys, and that's essential to the security of all of the above
- Interrupt requests
- HDD seek timing
- Network activity
- Web cams
- Touch interfaces
- TPM chips
- Entropy Keys
- Pricey IBM crypto cards
- Expensive RSA cards
- USB lava lamps
- Geiger Counters
- Light/temperature sensors
- And so on
- In Linux, /dev/random and /dev/urandom are interfaces to the kernel’s entropy pool
- Basically, endless streams of pseudo random bytes
- Some utilities and most programming languages implement their own PRNGs
- But they usually seed from /dev/random or /dev/urandom
- Sometimes, virtio-rng is available, for hosts to feed guests entropy
- But not always
- See random(4)
- When a Linux system starts up without much operator interaction, the entropy pool may be in a fairly predictable state
- This reduces the actual amount of noise in the entropy pool below the estimate
- In order to counteract this effect, it helps to carry a random seed across shutdowns and boots
- See /etc/init.d/urandom
dd if=/dev/urandom of=$SAVEDFILE bs=$POOLBYTES count=1 >/dev/null 2>&1
...Q: And what exactly is a random seed?A: Basically, its a small catalyst that primes the PRNG pump.
- Let’s pretend the digits of Pi are our random number generator
- The random seed would be a starting point, or “initialization vector”
- e.g. Pick a number between 1 and 20
- say, 18
- Now start reading random numbers
- Not bad...but if you always pick ‘18’...
- Computers are inherently deterministic
- And thus, bad at generating randomness
- Real hardware can provide quality entropy
- But virtual machines are basically clones of one another
- ie, The Cloud
- No keyboard or mouse
- IRQ based hardware is emulated
- Block devices are virtual and cached by hypervisor
- RTC is shared
- The initial random seed is sometimes part of the image, or otherwise chosen from a weak entropy pool
Q: Surely you're just being paranoid about this, right?A: I’m afraid not...Analysis of the LRNG (2006)
- Little prior documentation on Linux’s random number generator
- Random bits are a limited resource
- Very little entropy in embedded environments
- OpenWRT was the case study
- OS start up consists of a sequence of routine, predictable processes
- Very little demonstrable entropy shortly after boot
- iSec Partners designed a simple algorithm to attack cloud instance SSH keys
- Picked up by Forbes
- Minding Your P’s and Q’s: Detection of Widespread Weak Keys in Network Devices
- Comprehensive, Internet wide scan of public SSH host keys and TLS certificates
- Insecure or poorly seeded RNGs in widespread use
- 5.57% of TLS hosts and 9.60% of SSH hosts share public keys in a vulnerable manner
- They were able to remotely obtain the RSA private keys of 0.50% of TLS hosts and 0.03% of SSH hosts because their public keys shared nontrivial common factors due to poor randomness
- They were able to remotely obtain the DSA private keys for 1.03% of SSH hosts due to repeated signature non-randomness
- Dual Elliptic Curve Deterministic Random Bit Generator
- Ratified NIST, ANSI, and ISO standard
- Possible backdoor discovered in 2007
- Bruce Schneier noted that it was “rather obvious”
- Documents leaked by Snowden and published in the New York Times in September 2013 confirm that the NSA deliberately subverted the standard
- With high quality, unpredictable data
- More sources are better
- As early as possible
- And certainly before generating
- SSH host keys
- SSL certificates
- Or any other critical system DNA
- /etc/init.d/urandom “carries” a random seed across reboots, and ensures that the Linux PRNGs are seeded
Sorry, shameless plug...
Q: And what is Ubuntu's solution?A: Meet pollinate.
- pollinate is a new security feature, that seeds the PRNG.
- Introduced in Ubuntu 14.04 LTS cloud images
- Upstart job
- It automatically seeds the Linux PRNG as early as possible, and before SSH keys are generated
- It’s GPLv3 free software
- Simple shell script wrapper around curl
- Fetches random seeds
- From 1 or more entropy servers in a pool
- Writes them into /dev/urandom
- pollen is an entropy-as-a-service implementation
- Works over HTTP and/or HTTPS
- Supports a challenge/response mechanism
- Provides 512 bit (64 byte) random seeds
- It’s AGPL free software
- Implemented in golang
- Less than 50 lines of code
- Fast, efficient, scalable
- Returns the (optional) challenge sha512sum
- And 64 bytes of entropy
Q: Is there a public entropy service available?A: Hello, entropy.ubuntu.com.
- Highly available pollen cluster
- TLS/SSL encryption
- Multiple physical servers
- Behind a reverse proxy
- Deployed and scaled with Juju
- Multiple sources of hardware entropy
- High network traffic is always stirring the pot
- AGPL, so source code always available
- Supported by Canonical
- Ubuntu 14.04 LTS cloud instances run pollinate once, at first boot, before generating SSH keys
- Deploy your own pollen
- bzr branch lp:pollen
- sudo apt-get install pollen
- juju deploy pollen
- Add your preferred server(s) to your $POOL
- In /etc/default/pollinate
- In your cloud-init user data
- In progress
- In fact, any URL works if you disable the challenge/response with pollinate -n|--no-challenge
- pollinate seeds your PRNG, securely and properly and as early as possible
- This improves the quality of all random numbers generated thereafter
- pollen provides random seeds over HTTP and/or HTTPS connections
- This information can be fed into your PRNG
- The Linux kernel maintains a very conservative estimate of the number of bits of entropy available, in /proc/sys/kernel/random/entropy_avail
- Note that neither pollen nor pollinate directly affect this quantity estimate!!!
- The pollinate challenge (via an HTTP POST submission) affects the pollen's PRNG state machine
- pollinate can verify the response and ensure that the pollen server at least “did some work”
- From the perspective of the pollen server administrator, all communications are “stirring the pot”
- Numerous concurrent connections ensure a computationally complex and impossible to reproduce entropy state
- In fact, you can `dd if=/dev/zero of=/dev/random` if you like, without harming your entropy quality
- All writes to the Linux PRNG are whitened with AES and mixed into the entropy pool
- Of course it doesn’t help, but it doesn’t hurt either
- Your overall security is back to the same level it was when your cloud or virtual machine booted at an only slightly random initial state
- Note the permissions on /dev/*random
- crw-rw-rw- 1 root root 1, 8 Feb 10 15:50 /dev/random
- crw-rw-rw- 1 root root 1, 9 Feb 10 15:50 /dev/urandom
- It's a bummer of course, but there's no new compromise
- The pollinate package ships the public certificate of entropy.ubuntu.com
- And curl uses this certificate exclusively by default
- If this really is your concern (and perhaps it should be!)
- Add more URLs to the $POOL variable in /etc/default/pollinate
- Put one of those behind your firewall
- You simply need to ensure that at least one of those is outside of the control of your attackers
- The current timestamp
- The incoming client IP/port
- At entropy.ubuntu.com, the client IP/port is actually filtered out by the load balancer
- The browser user-agent string
- Basically, the exact same information that Chrome/Firefox/Safari sends
- You can override if you like in /etc/default/pollinate
- The challenge/response, and the generated seed are never logged!
Feb 11 20:44:54 x230 2014-02-11T20:44:54-06:00 x230 pollen Server sent response to [127.0.0.1:55440, pollinate/4.1-0ubuntu1 curl/7.32.0-1ubuntu1.3 Ubuntu/13.10 GNU/Linux/3.11.0-15-generic/x86_64] at 
Q: Have the code or design been audited?A: Yes, but more feedback is welcome!
- All of the source is available
- Service design and hardware specs are available
- The Ubuntu Security team has reviewed the design and implementation
- All feedback has been incorporated
- At least 3 different Linux security experts outside of Canonical have reviewed the design and/or implementation
- All feedback has been incorporated
- Ubuntu Security
- Browse code and file bugs
Stay safe out there!
I didn’t have a post for yesterday, which means I haven’t managed to follow even the lenient rules I had set out for myself at the beginning. I could claim that, since yesterday was a holiday in the USA it falls under the weekend exception, but that’s just cheating. I fell short of my UbBloPoMo goals, I’ll own up to it. It’s still the longest run of consistent postings this blog has ever seen, so I don’t consider this a failure. I hope you’ve all been enjoying it.
Part of the reason I didn’t post anything was because I spent the end of last week dealing with fallout from a couple of things I was involved in, my own post about Mozilla and the Community Council statement about Mint, and I was quite frankly not in the mood for either a lighthearted or a diplomatic post, so I made the decision not to post something I might later regret. But during the controversy around both, one unifying meme started to emerge to me, which is the subject of this post, what I see as a new 80/20 rule.
Put simply, this rule says that people will tend to appreciate it more when you give them 20% of something, and resent you if you give them 80%. It seems completely counter-intuitive, I know, but that’s what I was seeing in all of those conversations. People by and large were saying that the reason Canonical and Mozilla were being judged so harshly was because they already did most of what those people wanted, which made them resented that they didn’t do everything.
When asked why they were so happy when somebody like Valve only gave them free (gratis) games, the response was almost always because they didn’t expect anything at all. But Canonical, because they gave almost everything away for free, is resented for something as minor as a CLA or closed-source Smart Scopes Service. When I compare Canonical’s licensing approach to Mint with Red Hat’s approach to CentOS and Oracle, I was again told that they appreciated Red Hat requiring those derivatives to strip trademarks and re-build packages, but resented Canonical’s approach of explicitly letting Mint distribute Ubuntu packages with trademarks, because we didn’t go as far as they wanted. With Mozilla people took to closed-source, ad-filled websites or activity-tracking social media networks to berate Mozilla for daring to put commercial content in unused screen space. Again, they were fine with ads on websites and Google tracking their conversations because it was expected, the fact that they existed at all was seen as a gift. But because Mozilla has previously been so non-commercial and privacy focused , this small exception was seen as highly offensive to those same people.
To put this into a non-technical analogy, imagine you are hungry and somebody walks by with a sandwich. If they stop and give you 20% of their sandwich, you will appreciate them sharing with you out of their bounty. But if the same person gave you 80% of the sandwich, your first thought might be to question why they held back that 20%. It’s a strange phenomenon, but when they keep 80% you still consider the whole sandwich as belonging to them, and thus your 20% is a gift. But when they give you 80%, you perceive the whole thing as yours, and their remaining 20% as something taken from you.
This isn’t just a strange phenomenon, it’s a very troubling one. It means that we are more likely to punish those people and projects that treat us well, and praise those that treat us poorly. That’s what I saw happening last week, and once I recognized what was happening I was able to see that it’s been happening for a very long time now. And it’s not just Canonical and Mozilla, look at any open source project with a sizable user community and you’ll see the same thing.
I don’t know how to change this for the whole open source community, but the realization is certainly going to change the way I view those projects that I use. I am going to make it a point to remember that none of the sandwich belongs to me, and to see everything somebody makes and gives me as a gift, and appreciate it even when it’s not everything that I wanted, because having 80% is always better than having 20%. I hope this post changes the way some of you view open source projects too.
 I agree with Jono’s On Accountability post, I don’t unpublish what I write or block comments that I don’t like. But the other side of that coin is that I self-censor posts that are written in the heat of the moment, and have decided against publishing a number of things after letting them sit in draft status overnight and rereading them with a fresh perspective.
The StartUbuntu project seeks to spread Ubuntu to individuals and organizations who are migrating away from Windows XP when support runs out later this year. As one of their initiatives, Pierre van Male created a flyer featuring Ubuntu and Linux Mate (available here, A4 size only). We decided that this would be a great opportunity to create our own variation – with Xubuntu!
This month Elizabeth Krumbach Joseph and Pasi Lallinaho got to work on text and graphical updates to make this a reality and we’re pleased to announce that the flyers have been created and uploaded to SpreadUbuntu.org! Since uploading, we’ve also been inspired by community members who have begun translating it:
- English (US Letter)
- English (A4)
- French (A4) by Pierre van Male
- Serbian (Cyrillic) (A4) by Zeljko Popivoda
- Serbian (Latin) (A4) by Zeljko Popivoda
- Spanish (A4) by Bart Ahumada
If your language isn’t represented yet, we encourage you to create translations in your own language and submit them to spreadubuntu.org. Once uploaded email Elizabeth at firstname.lastname@example.org with the spreadubuntu link to get it included on our Marketing Resources page.
Ready to see it in the wild? A contributor at the University of Toledo, Ohio, USA has posted it at the University:
Elizabeth has also printed out flyers to have them on hand at the upcoming Southern California Linux Expo in Los Angeles, California:
Thanks to everyone who has contributed so far. We’re looking forward to seeing more translations, remixes and pictures of printed copies around the world.