news aggregator

Benjamin Kerensa: Unboxing The First Firefox OS Tablet

Planet Ubuntu - Fri, 2014-05-02 19:25

This is the clean little box the tablet comes in

And let’s open the lid and see what’s inside… Look at that nice large display

The back of the tablet is a soft matte feel so not slippery and has a camera

This device comes with a special boot animation since its not a publicly available device yet.

Second boot animation

The familiar Firefox OS first boot screenLet’s get on the Wifi

Setup the timezone Let’s begin the tablet tour

Swipe lessonsMore swipe lessons

And more swiping

And tutorial complete now to play

And that concludes this unboxing!

Want to play with this? Find me at one of the many conferences I’m attending or speaking at this summer.

Jono Bacon: Unwrapping ‘Dealing With Disrespect’

Planet Ubuntu - Fri, 2014-05-02 05:28

With the growth of the Internet and the ease of publishing content, more and more creative minds are coming online to share videos, music, software, products, services, opinions, and more. While the technology has empowered a generation to build new audiences and share interesting things, an unfortunate side-effect has been a culture in which some consumers of this content have provided feedback in a form that is personalized, mean-spirited, disrespectful, and in some cases, malicious.

We have all seen it…the trolls, the haters, the comment boxes filled with venom and vitriol, typically pointed at people just trying to do good and interesting things.

Unfortunately, this conduct can be jarring for many people, with some going as far to give up sharing their creative endeavours so as not to deal with the “wrath of the Internet”.

As some of you will know, this has been bothering me for a while now. While there is no silver bullet for solving these issues, one thing I have learned over the years is how to put negative, anti-social, and non-constructive comments and feedback into perspective.

To help others with this I have written a free book called Dealing With Disrespect.

Dealing With Disrespect is a short, simple to read, free book that provides a straight-forward guide for handling this kind of challenging feedback, picking out the legitimate criticism to learn from, and how to not just ignore the haters, but how to manage them. The book helps put all communication, whether on or offline, into perspective and helps you to become a better communicator yourself.

My goal with the book is that when someone reads something anti-social that demotivates them, a friend can recommend ‘Dealing With Disrespect’ as something that can help put things in perspective.

Go and check out the new website, watch the introductory video, and go and grab the PDF, read it online, or get it for your Kindle. There is also a FAQ.

The book is licensed under a Creative Commons license, and I encourage everyone who enjoys it and finds it useful to share it.

Nicholas Skaggs: Building cross-architecture click packages

Planet Ubuntu - Thu, 2014-05-01 22:21
Building click packages should be easy. And to a reasonable extent, qtcreator and click-buddy do make it easy. Things however can get a bit more complicated when you need to build a package that needs to run on an armhf device (you know like your phone!). Since your pc is almost certainly based on x86, you need to use, create or fake an armhf environment for building the package.

So then what options exist for getting a proper build of a project that will install properly on your device?

A phone can be more than a phone
It can also be a development environment!? Although it's not my recommendation, you can always use the source device to compile the package with. The downsides of this is namely speed and storage space. Nevertheless, it will build a click.
  1. shell into your device (adb shell / ssh mydevice)
  2. checkout the code (bzr branch lp:my-project)
  3. install the needed dependencies and sdk (apt-get install ubuntu-sdk)
  4. build with click-buddy (click-buddy --dir .)
Chroot to the rescue
The click tools contain a handy way to build a chroot expressly suited for use with click-buddy to build things. Basically, we can create a nice fake environment and pretend it's armhf, even though we're not running that architecture.

sudo click chroot -a armhf -f ubuntu-sdk-14.04 create
click-buddy --dir . --arch armhf

Most likely your package will require extra dependencies, which for now will need to be specified and passed in with the --extra-deps argument. These arguments are packages names, just like you would apt-get. Like so;

click-buddy --dir . --arch armhf --extra-deps "libboost-dev:armhf libssl-dev:armhf"

Notice we specified the arch as well, armhf. If we also add a --maint-mode, our extra installed packages will persist. This is handy if you will only ever be building a single project and don't want to constantly update the base chroot with your build dependencies.

Qtcreator build it for me!
Cmake makes all things possible. Qt Creator can not only build the click for you, it can also hold your hand through creating a chroot1. To create a chroot in qtcreator, do the following:
  1. Open Qt Creator
  2. Navigate to Tools > Options > Ubuntu > Click
  3. Click on Create Click Target
  4. After the click target is finished, add the dependencies needed for building. You can do this by clicking the maintain button.  
  5. Apt-get add what you need or otherwise setup the environment. Once ready, exit the chroot.
Now you can use this chroot for your project
  1. Open qt creator and open the project
  2. Select armhf when prompted
    1. You can also manually add the chroot to the project via Projects > Add kit and then select the UbuntuSDK armhf kit.
  3. Navigate to Projects tab and ensure the UbuntuSDK for armhf kit is selected.
  4. Build!
Rolling your own chroot
So, click can setup a chroot for you, and qt creator can build and manage one too. And these are great options for building one project. However if you find yourself building a plethora of packages or you simply want more control, I recommend setting up and using your own chroot to build. For my own use, I've picked pbuilder, but you can setup the chroot using other tools (like schroot which Qt Creator uses).

sudo apt-get install qemu-user-static ubuntu-dev-tools
pbuilder-dist trusty armhf create
pbuilder-dist trusty armhf login --save-after-login

Then, from inside the chroot shell, install a couple things you will always want available; namely the build tools and bzr/git/etc for grabbing the source you need. Be careful here and don't install too much. We want to maintain an otherwise pristine environment for building our packages. By default changes you make inside the chroot will be wiped. That means those package specific dependencies we'll install each time to build something won't persist.

apt-get install ubuntu-sdk bzr git phablet-tools
exit

By exiting, you'll notice pbuilder will update the base tarball with our changes. Now, when you want to build something, simply do the following:

pbuilder-dist trusty armhf login
bzr branch lp:my-project
apt-get install build-dependencies-you-need

Now, you can build as usual using click tools, so something like

click-buddy --dir .

works as expected. You can even add the --provision to send the resulting click to your device. If you want to grab the resulting click, you'll need to copy it before exiting the chroot, which is mounted on your filesystem under /var/cache/pbuilder/build/. Look for the last line after you issue your login command (pbuilder-dist trusty armhf login). You should see something like, 

File extracted to: /var/cache/pbuilder/build//26213

If you cd to this directory on your local machine, you'll see the environment chroot filesystem. Navigate to your source directory and grab a copy of the resulting click. Copy it to a safe place (somewhere outside of the chroot) before exiting the chroot or you will lose your build! 

But wait, there's more!
Since you have access to the chroot while it's open (and you can login several times if you wish to create several sessions from the base tarball), you can iteratively build packages as needed, hack on code, etc. The chroot is your playground.

Remember, click is your friend. Happy hacking!

1. Thanks to David Planella for this info

Kubuntu: KDE Applications and Development Platform 4.13

Planet Ubuntu - Thu, 2014-05-01 22:04

Packages for the release of KDE SC 4.13 are available for Kubuntu 12.04LTS, 13.10 and our development release. You can get them from the Kubuntu Backports PPA. It includes an update of Plasma Desktop to 4.11.8.

Bugs in the packaging should be reported to kubuntu-ppa on Launchpad. Bugs in the software to KDE.

Kubuntu: Calligra 2.8.1 is Out

Planet Ubuntu - Thu, 2014-05-01 22:02

Packages for the release of KDE's document suite Calligra 2.8.1 are available for Kubuntu 12.04 LTS and 13.10. You can get it from the Kubuntu Backports PPA (alongside KDE SC 4.13). They are also in our development release.

Ubuntu Podcast from the UK LoCo: S07E05 – The One with the Metaphorical Tunnel

Planet Ubuntu - Thu, 2014-05-01 20:21

Alan Pope, Mark Johnson, Tony Whitmore, and Laura Cowen are in Studio L for Season Seven, Episode Five of the Ubuntu Podcast!

 Download OGG  Download MP3 Play in Popup

In this week’s show:-

We’ll be back next week, when we’ll interview Michael Meeks and Bjorn Michaelson from The Document Foundation and go through your feedback.

Please send your comments and suggestions to: podcast@ubuntu-uk.org
Join us on IRC in #uupc on Freenode
Leave a voicemail via phone: +44 (0) 203 298 1600, sip: podcast@sip.ubuntu-uk.org and skype: ubuntuukpodcast
Follow us on Twitter
Find our Facebook Fan Page
Follow us on Google+

Daniel Pocock: reSIProcate v1.9 WebRTC available for Fedora 20 testing

Planet Ubuntu - Thu, 2014-05-01 20:00

Today I just released reSIProcate v1.9 packages into the Fedora 20 testing updates repository.

This means Fedora 20 users can now try WebRTC more easily.

The same version is already available in Debian wheezy-backports and Ubuntu trusty.

Get started today

Install the resiprocate-repro proxy server package using yum.

Set up a DNS entry, here is what we will use in the example:

Domain sip-ws1.example.org WebSocket URL
Use this in JSCommunicator or JsSIP ws://sip-ws1.example.org IP address of server 198.51.100.50

so the DNS entry will be

sip-ws1.example.org. IN A 198.51.100.50

Notice that in the ws:// URL, we do not specify a port. This means port 80 is used by default. You can also use a non-standard port if you prefer or if you dont' have root permissions.

Now edit the file /etc/repro/repro.config, adding a transport definition for WebSockets (WS) and change a few other parameters from their defaults:

# Bind to 198.51.100.50 on port 80 Transport1Interface = 198.51.100.50:80 # Use WS (can also use WSS for TLS, see repro.config for full details) Transport1Type = WS # if using WSS, must also change the transport param here Transport1RecordRouteUri = sip:sip-ws1.example.org;transport=WS EnableFlowTokens = true DisableOutbound = false # Disable all authentication - just for testing DisableAuth = false # allow http admin access on all interfaces, # default is 127.0.0.1 # HttpBindAddress = 0.0.0.0

Now set up a password for the web admin tool using htdigest:

# htdigest /etc/repro/users.txt repro admin

After all that, restart the repro process

# service repro restart

Go to the web interface on port 5080 (only listening on localhost by default), go to the "ADD DOMAIN" page and add sip-ws1.example.org

Now restart repro again so it recognises the new domain.

# service repro restart

Finally, you can test it using JSCommunicator or tryit.jssip.net

Next steps
  • Set up a TURN server for NAT traversal
  • Use WebSockets over TLS (WSS) instead of regular WS mode
  • Set up authentication (see the various options, including client certificate support, in repro.confg)
  • Connect to regular SIP infrastructure such as Asterisk
Questions?

Please come and ask on the repro-users mailing list

Dustin Kirkland: Double Encryption, for the Win!

Planet Ubuntu - Thu, 2014-05-01 19:33

Upon learning about the Heartbleed vulnerability in OpenSSL, my first thoughts were pretty desperate.  I basically lost all faith in humanity's ability to write secure software.  It's really that bad.

I spent the next couple of hours drowning in the sea of passwords and certificates I would personally need to change...ugh :-/

As of the hangover of that sobering reality arrived, I then started thinking about various systems over the years that I've designed, implemented, or was otherwise responsible for, and how Heartbleed affected those services.  Another throbbing headache set in.

I patched DivItUp.com within minutes of Ubuntu releasing an updated OpenSSL package, and re-keyed the SSL certificate as soon as GoDaddy declared that it was safe for re-keying.

Likewise, the Ubuntu entropy service was patched and re-keyed, along with all Ubuntu-related https services by Canonical IT.  I pushed an new package of the pollinate client with updated certificate changes to Ubuntu 14.04 LTS (trusty), the same day.

That said, I did enjoy a bit of measured satisfaction, in one controversial design decision that I made in January 2012, when creating Gazzang's zTrustee remote key management system.

All default network communications, between zTrustee clients and servers, are encrypted twice.  The outer transport layer network traffic, like any https service, is encrypted using OpenSSL.  But the inner payloads are also signed and encrypted using GnuPG.

Hundreds of times, zTrustee and I were questioned or criticized about that design -- by customers, prospects, partners, and probably competitors.

In fact, at one time, there was pressure from a particular customer/partner/prospect, to disable the inner GPG encryption entirely, and have zTrustee rely solely on the transport layer OpenSSL, for performance reasons.  Tried as I might, I eventually lost that fight, and we added the "feature" (as a non-default option).  That someone might have some re-keying to do...

But even in the face of the Internet-melting Heartbleed vulnerability, I'm absolutely delighted that the inner payloads of zTrustee communications are still protected by GnuPG asymmetric encryption and are NOT vulnerable to Heartbleed style snooping.

In fact, these payloads are some of the very encryption keys that guard YOUR health care and financial data stored in public and private clouds around the world by Global 2000 companies.

Truth be told, the insurance against crypto library vulnerabilities zTrustee bought by using GnuPG and OpenSSL in combination was really the secondary objective.

The primary objective was actually to leverage asymmetric encryption, to both sign AND encrypt all payloads, in order to cryptographically authenticate zTrustee clients, ensure payload integrity, and enforce key revocations.  We technically could have used OpenSSL for both layers and even realized a few performance benefits -- OpenSSL is faster than GnuPG in our experience, and can leverage crypto accelerator hardware more easily.  But I insisted that the combination of GPG over SSL would buy us protection against vulnerabilities in either protocol, and that was worth any performance cost in a key management product like zTrustee.

In retrospect, this makes me wonder why diverse, backup, redundant encryption, isn't more prevalent in the design of security systems...

Every elevator you have ever used has redundant safety mechanisms.  Your car has both seat belts and air bags.  Your friendly cashier will double bag your groceries if you ask.  And I bet you've tied your shoes with a double knot before.

Your servers have redundant power supplies.  Your storage arrays have redundant hard drives.  You might even have two monitors.  You're might be carrying a laptop, a tablet, and a smart phone.

Moreover, important services on the Internet are often highly available, redundant, fault tolerant or distributed by design.

But the underpinnings of the privacy and integrity of the very Internet itself, is usually protected only once, with transport layer encryption of the traffic in motion.

At this point, can we afford the performance impact of additional layers of security?  Or, rather, at this point, can we afford not to use all available protection?

Dustin

p.s. I use both dm-crypt and eCryptFS on my Ubuntu laptop ;-)

Diego Turcios: Ubuntu Honduras in the FLISOL

Planet Ubuntu - Thu, 2014-05-01 19:18
Ubuntu Honduras was present in the  FLISOL San Pedro Sula There were several presentations in the FLISOL. Ubuntu Honduras team members talk about the following topics:
  • What is Ubuntu
  • Open Hardware
  • C++ with Cocos2dx
  • Backbone.js
Besides the 3 speakers, there were members of Informatica Libre helping people installed Ubuntu and other GNU/Linux distributions to the people who wished to have a GNU/Linux version.
There were aproximately 300 people in this event. Many of them were high school students. This event help students understand the importance of Free Software in our daily life.
To know
What is FLISOL?FLISOL, an acronym for Festival Latinoamericano de Instalación de Software Libre (Latin American free software install fest), is the biggest event for spreading Software Libre since 2005, performed simultaneously in different countries of Latin America.
FLISOL San Pedro Sula (FLISOL SPS)This is a newspaper article talking about FLISOL

The FLISOL took place in San Pedro Sula Honduras at the university UNAH-VS.

Some Images







Jorge Castro: Deploying and managing workloads to POWER8

Planet Ubuntu - Thu, 2014-05-01 17:45

For the past cycle we have been working with IBM to bring Ubuntu 14.04 to the POWER8 architecture. For my part I’ve been working on helping get our collection of over 170 services to Just Work for this new set of Ubuntu users.

This week Mark Shuttleworth and Doug Balog (IBM) demoed how people would use a POWER8 machine. Since Ubuntu is supported, it comes with the same great tools for deploying and managing your software in the cloud. Using Juju we were able to fire up Hadoop with Ganglia monitoring, a SugarCRM site with MariaDB and memcached, and finally a Websphere Liberty application server serving a simple Pet Store:

No part of this demo is staged; I literally went from nothing to fully deployed in 178 seconds on a POWER8. Dynamic languages just work, and most things in the archive (that are not architecture specific) also just work; we recompiled the archive to ppc64le over the course of this cycle and if you’re using 14.04 you’re good to go.

For reference here’s the entire Juju demo as we did it from behind the curtain:

This is the power of Juju!

Pages

Subscribe to Free Software Magazine aggregator