http://www.freesoftwaremagazine.com/node/2519/issue_pdf by Imad Humayun

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Issue 21 By Tony Mobily PUBLISHED: 2007-10-04 In this issue of Free Software Magazine David Jacovkis reports from Colombia and explains why free software is an ethical choice. Colin McGregor interviews several key people in the GNU/Linux world as well as explaining how to get KDE looking fantastic. Then we have Terry Hancock covering the Open Hardware project and making a comprehensive list of Linux-friendly hardware. Steven Goodwin shares how much he saved by using free software for his great beer podcast, and Alan Berg entertains us with free software easter eggs, while Andrew Min will explain the basics of HTML... Monty Python style. Gary Richmond enlights us about touchpads and Google Firefox extensions you don't want to miss. For ultimate hackers, Gianluca Pignalberi manages to do sound filtering by using... the Gimp (!) while Yousef Ourabi reviews FreeBSD 7 and its graphical installer. Talking about server-side topics, Ryan Cartwright covers the installation of Exim and Spamassassi, David A. Harding explains how to create a mailing list from home, and Ken Leyba makes sure you know how to protect your server with Deny Hosts. Finally, Andrew Krause tells you all you need to know about C in order to create GTK applications. Enjoy! Source URL: http://www.freesoftwaremagazine.com/issues/issue_021

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

The world does not need a "conversion nightmare": a standard office file format already exists Why the world needs to say no to OOXML, and should use ODF instead By Tony Mobily PUBLISHED: 2008-01-21 This is an editorial about file conversions. It starts with a story about Free Software Magazine and our struggle with article formats, and continues explaining why the world needs to get rid of Office Open XML, which could create more problems than the Microsoft monopoly itself. When I started Free Software Magazine, we faced the problem every publication needs to face: which file format should we use for articles? It was a few years ago now (as they say, time flies when you have fun!). At the time, the web site wasn’t our main focus: we were actually printing a paper magazine (!), we were generating amazing PDF files using LaTex, and decided that a static web site was going to “do” for quite a while. We decided that the “master” format for our articles would be XML. XML seemed like a good idea at the time. None of the other options seemed quite as feasible: text wasn’t enough, HTML was too vague, ODF was too complex, and so on. Plus, everybody was using it. Since we couldn’t find a single decent semi-visual XML editor, we asked our authors to hand in XML directly. Of course, people became very creative when they created an article file: we had to write a script that deleted white spaces around tags, and generally “cleaned up” the XML files we received. We also had to check manually that the files had the right em dashes, the right opening and closing speech marks, the right apostrophes, and so on. I won’t even get started on the problems some authors had with getting the XML right: <p> tags left unclosed, <li> items without <ul> first, and so on. It doesn’t sound complicated, but when you have a 2500 word article full of listings, text boxes, figures and so on, and (even worse) when the XML error you get from the parser is as unhelpful as it could be, things got tricky. It was a small nightmare, which repeated with every issue of the magazine, and nearly every article. Two prospective (and influential) bloggers refused accounts with Free Software Magazine when they realised they would have to spend time tagging up XML files. Laziness? Maybe. But, as we say around here, “fair enough”. Luckily, the delirium is now over. We have upgraded our article format to Markdown Extra (although, it has a few tweaks to allow tables and textboxes). Authors can now write articles following this Free Software Magazine article template. Issue 21, this very issue, was edited mainly using the new file format. Converting the articles from XML to Markdown Extra/FSM was a lot of hard work. I just about managed to do using XSLT with custom PHP calls within the XLS file. (If you are thinking “the XSLT from a basic format to Markdown should be simple”, I will give you a few keywords: “white paces”, “enters”, “tables”, “clashing escape characters”, “CDATA”, and so on). The conversion required substantial trial-and-error and tweaking. It contains several hacks I am not especially proud of. To date, I am not yet 100% sure it actually works for every single article. And we are talking about translating an extremely simple XML format into an extremely simple text format. As always, the conversion part was easy. However, getting it to actually work was tricky. This change won’t affect you —well, apart from the occasional due to the occasional hard-to-translate article (we have over 2000 articles in our database, and we checked things by “statistical sampling”…). What is

The world does not need a "conversion nightmare": a standard office file format already exists 3

Issue 21 interesting is that this adventure (which I named “article conversion hell”) reminded me of something that sounds obvious, but we tend to forget: file conversions are complicated, sub-optimal, time-consuming, imperfect by nature, often wrong, often the result of guess-work, tricky, and basically evil. When you open a Microsoft Office 2000 file using OpenOffice, things might work seamlessly, things might look a little odd, the file might look perfect—but if saved back as a Microsoft Office 2000 file, it might be ruined forever. There is a reason for this: file conversions need to be avoided (especially, like in this case, if the original file is an undocumented back-back-back-back-backward compatible format which really doesn’t deserve to exist anymore, and didn’t deserve to exist in the first place). ODF isn’t perfect (yet?), but it aims at being the format for office documents. It’s standard, and several pieces of software today can handle it (see: it’s not an OpenOffice-only game). Microsoft trying to shove OOXML down ISO’s throat (and effectively damaging, maybe beyond repair, the image of what should be an independent body) can damage the computer industry immensly. The fact that both ODF and Office Open XML are XML means absolutely nothing. You can see here a technical comparison between the two: converting one format to the other is anything but fun. Thousands of bogus documentation pages that come with OOXML don’t help. What I experienced with Free Software Magazine while converting (which, admittedly, wasn’t really that big a deal) would be nothing compared to what the whole world will have to deal with if OOXML became “the” file format “normally” used to exchange office documents. A situation like this will impose constant conversions, quirks, compatibility problems, and so on all of us It will also be a fantastic card for Microsoft: “look, GNU/Linux is sort of good, but you know, you can never trust it to open an XML file… sometimes the images are squint, you know…” Microsoft knows this. Unsurprisingly, they have recently announced that they would release several conversion tools to translate ODF into OOXML and vice-versa. I read the article right in the middle of my “article conversion hell”, and wondered if anybody else realised how disastrous it would be, if Microsoft managed to convince the world that it was “OK” to have two competing standards, since it’s so easy to convert them into each other. The risk is very real: if we don’t stop them, Microsoft will muscle its way in, and will force the whole world to fight with conversions for years, or decades, to come. Microsoft proposed a bogus Office file format while an ISO standard already existed. Their shady practices to get their format fast-tracked and approved by ISO didn’t work. But Microsoft is still trying—and I can guarantee, it will keep on trying until it succeeds. The only possible answer for Microsoft and OOXML is simple: the world already has an office file format. The world doesn’t need nor want a “conversion nightmare”. The world’s ISO-approved Office format already exists: it’s called ODF. Microsoft: deal with it!.

Biography Tony Mobily (/user/2" title="View user profile.): Tony is the founder and the Editor In Chief of Free Software Magazine

Why the world needs to say no to OOXML, and should use ODFinstead

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Property and commons How do peer productions and free content work out? By Mauro Bieg PUBLISHED: 2008-03-17 Over at Sphere of Networks, I published a text that tries to give a simple overview of the workings of information production in the age of the internet, covering everything from free software to free culture. This article is a slightly modified version of another chapter of this text. This time I will show you how the internet enabled a new form of information production: commons-based peer productions, like Wikipedia or most free software today. What is free content and why is it so important to people collaborating over the internet?

Figure 1: Production of physical goods is mostly handled by the market while information also gets often produced on a voluntary basis. [Wikimedia Commons], [Flickr: Clare and Dave]

Non-market production Non-market production plays a bigger role in our economy than often realized. Whether it’s a parent looking after the children the whole day or people just voluntarily helping each other, a lot can get done without money ever changing hands. It has also always been true that non-market mechanisms were much more important in the production of information than physical goods. There are no voluntary steel manufacturers and we don’t just pick up a new car for free because someone feels like producing one. Nonetheless, we rely on a large volume of information everyday that is produced on a voluntary basis. Non-governmental organizations and private foundations are dedicated to solving pressing issues the market doesn’t care about and the government hasn’t resources at hand to solve. In everyday life we obtain advice and information from colleagues about what film to watch or what road to drive and virtually all of our basic research is funded by the government or non-profit institutions. With computers and the internet readily available to millions of people, the means to producing and distributing information are now widely held throughout the population. Thus non-market behaviour is becoming central to how our information and culture is produced. Non-market production plays a bigger role in our economy than often realized

Non-market production

Issue 21 As working hours are going down in the more economically developed countries, more spare time is available for voluntary activity. Through information and communication technology, these resources can be used more effectively as people have better access to existing information and have a medium through which they can express themselves, communicate and collaborate with others. The highest motivation for work is usually thought to be money. However, we are motivated by a wide range of things. We look for social rewards like acknowledgments or higher social standing in our communities. We have intrinsic motivations like pleasure or personal satisfaction when we feel we have achieved something. Even small payments may undermine intrinsic motivations as we might prefer to work for free for a good cause rather than do the same work for a monetary reward. [1].

Peer production Resources can be handled either as property or as a commons. Most physical objects and also land are usually considered property while for example the roads network, water or public services are shared within a community and are thus commons. Information is a non-rival good. That means that it can be used by more than one person at a time. For example: if I sit on a chair, nobody else can (comfortably!) sit on the same chair at the same time. But if I listen to a song, I don’t prevent someone else listening to it at the same time. When information is treated as property as opposed to a commons it is made scarce against its non-rival nature. Fewer people can profit from the existing information and as proprietary information can’t be legally reused to create new information, this ultimately hinders overall information production. When information is treated as property as opposed to a commons it is made scarce against its non-rival nature Through the internet, a new model of production has evolved which relies heavily on the sharing of information as a commons. It also works radically because it is decentralized. Everyone can drop by, participate and contribute in the domains that interest them personally the most—as opposed to centralized production, where some boss somewhere decides what gets done by whom. This decentralized collaborative production method in which the resources are organized as a commons is called commons-based peer production [2]. Until now, the most advanced example of large-scale peer production is the development of free and open source software. Hundreds of volunteers are collaborating over the internet, using such diverse tools as email, mailing lists and chat. But, first of all, specialized revision control software helps to organize all the code and keeps track of the many changes it is undergoing. To date, the result of these collaborative acts is thousands of software packages that compete with and often outperform the established software industry’s products. As software is a finished product that consists solely of information, it is only natural that commons-based peer productions work very well. This production strategy was also adopted outside the domain of software. Wikipedia, a multilingual encyclopedia which everybody can edit with only a simple web browser, started in 2001 and continues to grow at a huge pace, hosting over 7 million articles today. Although often criticized to be untrustworthy, vandalism is usually reverted very quickly [3] and the fact that Wikipedia is one of the top ten most-visited websites worldwide proves that it is a very valuable resource [4]. Other peer productions include the news site Slashdot, NASA clickworkers (where volunteers can map martian craters on satellite imagery) or Project Gutenberg (where old texts long in the public domain are scanned and then proofread for errors by many participants, the result being an ever growing library of digitized books freely available over the internet as plain text).

Peer production

Issue 21

Figure 2: NASA Clickworkers: Each dot is where a participant clicked on the rim of a crater, resulting in a digital map In all these different peer productions, the whole project needs to be broken down into smaller parts that individuals can work on in the limited time they have. So, naturally, some projects work better as peer productions than others. The work on Wikipedia with its many independent encyclopedic articles is easier to distribute among many participants than, letâ&#x20AC;&#x2122;s say, the writing of a book which needs to have a consistent style and structure. However, if parameters are clearly stated from the start and everybody is willing to write one small chapter, a task like writing a book can also be accomplished. As the concept of peer productions is still very young, new organizational methods are being discovered and technical tools built every day to help coordinate work and realize projects never previously thought possible. While some projects need to be centrally controlled and will never work very efficient as peer productions, commons-based peer productions do have some significant advantages. When the workers themselves choose what to do, they identify much more with their tasks and can spontaneously help out without needing to ask anybody for permission or signing a new employment contract first. This can, however, also easily lead to individuals misjudging their own abilities: an important part of every peer production is peer quality control. What is the case with the ever increasing amount of information to be found on the internet is also the case for single peer productions. The accreditation and the mapping for relevance and quality are as important as the actual production of the information. But this work can also be peer produced. Many sites have implemented features for voting the comments or contributions up or down. Filters which hide low-rated comments can help initially. While the Google search engine ranks sites which are often linked to other sites higher in their search results [5], Wikipedia relies primarily on social mechanisms and favours discussion as a means to reach consensus. Commons-based peer productions are here to stay. Humans have always shared and collaborated with one another Commons-based peer productions are here to stay. Humans have always shared and collaborated with one another. Of course, not everything is always shared. When widespread technology facilitates sharing, sharing will happen more often. Information and communication technologies have enabled projects where people can work together although they are spread all around the globe. Peer productions donâ&#x20AC;&#x2122;t draw labour away from the market; instead, they use resources unused by the market and thus form a competition to market production in some domains. Firms can also profit from these mechanisms when working together with non-market forces. The boundary between producers on one side, and consumers and users on the other side, blurs. Increasingly, consumers come to produce what they want themselves, collaborating with like-minded people or companies. New business models and more interactive products are needed in this networked information economy.

Free content Commons-owned information that can be accessed and (re)used by everyone is more valuable to the economy and society as a whole than proprietary information. Thus, commons-based peer productions with their

Free content

Issue 21 non-proprietary outputs should be welcomed. However, there are also peer productions that output proprietary information which can’t be reused for further information production as its use is restricted by intellectual property law. YouTube is an example of this: the videos hosted on this user-powered site can’t be downloaded again, but are held on the central server where they are meant to reside, flushing ever more advertising revenue into the company’s cash-boxes. While there’s no doubt that some very interesting and often entertaining content is to be found on YouTube, the works are trapped there and can’t be creatively reused. While there’s no doubt that some very interesting and often entertaining content is to be found on YouTube, the works are trapped there and can’t be creatively reused On the other side, non-proprietary information production enables a free culture. Free content (as in freedom) is any work having no significant legal restriction relative to people’s freedom to use, redistribute, and produce modified versions of and works derived from the content [6]. To achieve this, default copyright has to be overridden and the owner of the work has to license it to the public and permit everyone to copy, change and redistribute it.

Figure 3: Creative Commons logo [Creative Commons] This strategy was first used by the free software community, and later the emerging free culture movement took those ideals and extended them from the software field to the whole culture. The most commonly used software license is the GNU GPL. For text, especially functional works such as textbooks, the GNU FDL (GFDL) was developed and all of Wikipedia’s text is licensed under it. Both are copyleft licenses, meaning they allow redistribution of derivative works under the condition that this happens under the same license, preventing the content from becoming non-free. Also commercial redistribution is permitted. To provide potential authors with a greater set of choices, the non-profit organization Creative Commons created six licenses of their own, meant for text as well as music, images and video. Now, creators can choose a license and allow copying of their works for non-commercial use only, or changes may be prohibited. The original author, however, always has to be attributed when a work is copied. For artistic works, the Free Art License can also be used.

License GNU GPL (software) GNU FDL (text) CCAttribution (by) CCAttribution-NonCommercial (by-nc) CCAttribution-NoDerivs (by-nd) CCAttribution-ShareAlike (by-sa) CCAttribution-NonCommercial-NoDerivs (by-nc-nd)

yes yes yes yes yes yes

yes yes yes no yes yes

Derivative works allowed? yes yes yes yes no yes

yes

Attribution required?

Commercial use allowed?

Copyleft (Share-Alike) yes yes no no no yes

Free content

Issue 21 CCAttribution-NonCommercial-ShareAlike (by-nc-sa) FreeArt License Some free content licenses

yes

This flood of different licenses has, however, led to some confusion and even incompatibility. For example, a work licensed under the GNU FDL license can not be joined with a work under the Creative Commons Attribution-ShareAlike license as both licenses require any modified version of a work to be under the exact same license again.

Figure 4: Creative Commons founder Lawrence Lessig promoting free culture Everybody agrees that even the most restrictive of the Creative Commons licenses, the Attribution-NonCommercial-NoDerivs license, is better than complete default copyright. However, only two of the various Creative Commons licenses qualify as free content licenses: the Attribution and the Attribution-ShareAlike license [7]. The others impose too severe restrictions on the reuse of the work. On the other hand, works of personal opinion probably shouldn’t be altered. In such cases, a bloated license isn’t even necessary and it might be sufficient to add a phrase like this: Verbatim copying and distribution of this entire article are permitted worldwide without royalty in any medium provided this notice is preserved.

Sharing hardware Not only does information, knowledge and culture get peer produced, but also material resources are shared. That’s the way peer-to-peer file-sharing networks work (see my previous article in FSM about file-sharing); users sharing the storage space on their computers and their internet bandwidth with one another, thus distributing the hardware costs typically needed to spread such massive amounts of data. But also the computational power of many home computers inter-connected over the internet outperforms the most powerful server farms in existence. Every computer owner connected to the internet can download a free program that runs in the background all the time and calculates data when the computer is idle. These distributed computing projects range from analyzing radio telescope data in Search for Extra-Terrestrial Intelligence (SETI@home) to calculating molecular dynamics simulations that can eventually be used in fighting diseases (Folding@home). Again, the power to perform such high-capacity calculations is achieved through voluntarily pooling resources. The participants don’t receive any payment but they are listed on the project’s websites in order of their contribution and do it for a goal greater than themselves. The participants don’t receive any payment but they are listed on the project’s websites in order of their contribution and do it for a goal greater than themselves This sharing of hardware only makes sense because technology developed to make it possible for cheap, high-performance hardware to be widely distributed among the population. If really fast network connections were significantly cheaper than fast computational hardware, computers might have been centralized in order to be used economically. We would then have thin clients (a monitor, keyboard and mouse) connected to a remotely located server. If this were the case then there wouldn’t be any excess computing power to be used by distributed computing projects.

Sharing hardware

Issue 21

Concluding The internet facilitates sharing and enables collaborations between a wide range of individuals that were never thought possible before. The significance of commons-based peer productions in the global economy will increase as more and more people realize its potential. Commons-based peer productions don’t threaten market production, they supplement it. Some companies will need to develop with new business models and consider releasing more of their information as free content in order to co-produce it with individuals and create more interactive products. This will benefit the economy as a whole as proprietary information and too many exclusive “intellectual property” rights stifle innovation. New creations always build on past inventions, and these need to be freely accessible.

Bibliography [1] Motivation crowding theory, Wikipedia [2] Term coined by Yochai Benkler. Benkler, Yochai; The Wealth of Networks: How Social Production Transforms Markets and Freedom, 2006, p. 60; Commons-based peer production, Wikipedia [3] Studying Cooperation and Conflict between Authors with History Flow Visualizations [4] Wikipedia co-founder Jimmy Wales and the non-profit Wikimedia Foundation that is now operating Wikipedia and its sister projects emphasize the importance of free knowledge and free software [5] More information about the Google search algorithm: PageRank, Wikipedia [6] Free content, Wikipedia; Definition of Free Cultural Works [7] Definition of Free Cultural Works: Licenses

Biography Mauro Bieg (/user/6542" title="View user profile.): Mauro Bieg is currently a student in Switzerland. As he is still young, his only work worth mentioning in this context is a text about the workings of information production in the age of the internet, covering everything from free software to free culture. The text is now part of the P2P Foundation's wiki: www.p2pfoundation.net (http://www.p2pfoundation.net/In_a_Nutshell)

Copyright information Verbatim copying and distribution of this entire article is permitted in any medium without royalty provided this notice is preserved. Source URL: http://www.freesoftwaremagazine.com/articles/property_and_commons

Bibliography

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Making open hardware possible Explaining the basics of Open Hardware By Alicia AsÃ−n PÃ©rez PUBLISHED: 2008-02-27 Free software has many benefits: you can get more secure software, faster updates, lots of tutorials and, definitely, a new way of making software and software that builds communities. From this, the next logical step was Open Hardware.

Making Open Hardware possible Free software is based in four main freedoms: • freedom to execute programs • freedom to access source code • freedom to distribute copies • freedom to improve and release that source code Now, there are people talking about Open Hardware… Open Hardware? Is it a misspelling? Well, active projects like Arduino and SquidBee demonstrate that Open Hardware is a real and alive concept. But, what do these words mean exactly? Can you just use free software concepts and apply them to hardware? First of all, it’s important to understand that software and hardware belong to separate worlds. While software matters are usually ruled by copyright, hardware must be protected by patents. According to The U.S and European Copyright Office, copyright is a form of protection (…) granted by law for original works of authorship fixed in a tangible medium of expression. Copyright protects original works of authorship including literary, dramatic, musical, and artistic works, such as poetry, novels, movies, songs, computer software, and architecture, published or unpublished. It lasts 50-70 years after author’s death, depending on specific country laws. On the other side, everyone who invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent. There are also differences between the US, European and Japanese Patent Offices. The USPTO is the only one which is based on a first-to-invent system (instead of a first-to-file), meaning that a patent is granted to the person who first conceived and practiced the invention, rather than to the person who first filed the invention with authorities. There are some other differences, but the most important one in our case is that software patents are allowed in the US but not in Europe. It would be difficult to explain how Open Hardware was born. Someone basically thought that an open computer was necessary in order to develop better drivers and write completely architecture adapted programs (http://www.openoem.com). In fact, there is an initiative called Open Hardware Certification program which (from the web site) is a self-certification program for hardware manufacturers. By certifying a hardware device as Open, the manufacturer makes a set of promises about the availability of documentation in order to program the device-driver interface of a specific hardware device. Enough documentation for the device must be available for a competent systems programmer to write a device-driver.

Making Open Hardware possible

Issue 21

Figure 1: sharing free software From another more philosophical point of view, you can find a free design for an active RFID device OpenBeacon, Open Hardware phones like TuxPhone and even an Open Hardware car called Oscar. All these projects will be released according to copyleft principles. More and more Open Hardware projects can be discovered in Open Circuits, which provides a wiki to upload all kinds of useful information. These are just some examples which claim to be Open Hardware, although none of them define what that means.

Figure 2: sharing open hardware Hardware is composed of several components e.g. firmware, schematics, circuit and layout diagrams, parts lists. Which components must be released to label a project as Open Hardware? If you look in depth at some Open Hardware projects you will find the Linksys router from WRT54G series. Its firmware has been released under GPL license, and the 3D printer RepRap has released most of its components. The Chumby project is made with free software and provides a HDK (hardware developer kit) with an special license that explains the terms under you can modify your chumby, but warns that by doing so you will lose any warranty. Many projects claim to be Open Hardware, although none of them define what that exactly means

The challenges of releasing hardware One of the goals of free software is that it can be accessed by everyone; but hardware has unavoidable costs for components and manufacturing. That’s why Richard Stallman, Free Software Foundation founder, said that getting Open Hardware wasn’t as important as getting free software, since the hardware’s copy and distribution process was more complicated. Think about somebody in Italy who has made a program and decides to release it. Ten minutes later, somebody in Australia can download, compile and run that software; he or she even can contribute with

The challenges of releasing hardware

Issue 21 improvements that the original author will enjoy next day. The only cost of this process is the Internet connection. If the same person in Italy designed an electronic circuit and released it, the only thing that our friend in Australia would be able to do in ten minutes is printing the schematic. Well, maybe he or she could manufacture a copy if the components were easy to get and owned the necessary tools. Another alternative would be ordering it from a factory, but this is expensive since hardware production is economically viable when ordering more than 1.000 units. Therefor, those who want to release hardware should design using common, cheap and standard components. Alteratively, if the project has global potential, reach a manufacturer agreement for producing a big batch at a low price.

Figure 3: sharing open hardware If the same person in Italy designed an electronic circuit and released it, the only thing that our friend in Australia would be able to do in ten minutes is printing the schematicâ&#x20AC;Ś

A practical example The Arduino prototyping platform is a good example of all this. It can be programmed to read sensors, control motors and build interactive objects and artistic installations. Its compiling environment is multiplatform and free (as in freedom) and the only extra hardware needed for programming it is a serial/ USB cable. This software can be downloaded from the website Arduino web site, which also contains Arduino schematics released under Creative Commons Attibution-ShareAlike. The project has used many ingredients to achieve a successful widely used project. For example, it contains a removable Atmega8 microcontroller which can be easily replaced if brokenâ&#x20AC;&#x201D;without the need to buy a new Arduino board. Two years after its creation, you can see an expanding community of developers who support it, workshops all around the world, new plugins and modules like ArduinoXbee (ZigBee communications interface), Arduino BT (arduino with bluetooth connectivity), Arduino Mini or the recent Arduino GPS, and third party projects as SquidBee.

Figure 4: Arduino Open Prototyping Platform

A practical example

Issue 21

I want to release my hardware! Can people use a Creative Commons license to release their hardware? Some projects do that, but it’s probably not the best way. Creative Commons or GPL licenses only apply to works that can be copyrighted (for example theater plays, pictures, films, musical works, etc.). Creative Common licenses do not apply to the idea presented in the file. The only way to protect an idea is to patent it. After getting a patent you can license it, but patents are time-consuming and expensive, and most individuals can’t afford them. So, by using a CC license for releasing an schematic we are really releasing the drawing of the schematic, not the circuit that can be done with it. There is still another question: copyright rights apply directly: this means that if you compose a song, your authorship is recognized automatically; however, the only way of getting rights over a utilitarian design or an invention is by a patent. So… you all might have released something that theoretically is not yours! Now you may wonder, what would happen if someone else patented my design? Well, in Europe, if you have published it, you have prevented it from being patented—you can’t even patent it yourself!

Figure 5: ArduinoXbee module for ZigBee communication The TAPR organization has contributed to the Open Hardware developers community with an Open Hardware License. As they say in their website, they grant permission for anyone to use the OHL as the license for their hardware project, provided only that it is used in unaltered form. This license is based in GPL but unlike the GPL, the OHL is not primarily a copyright license. While copyright protects documentation from unauthorized copying, modification, and distribution, it has little to do with your right to make, distribute, or use a product based on that documentation. For better or worse, patents play a significant role in those activities. Although it does not prohibit anyone from patenting inventions embodied in an Open Hardware design, and of course cannot prevent a third party from enforcing their patent rights, those who benefit from an OHL design may not bring lawsuits claiming that design infringes their patents or other intellectual property”. This license takes into account aspects like manufacturing and distribution of products made with the documentation released, which are not considered in software licenses. The problem is that this license only affects the documentation related to the hardware, not to the products themselves (which is what happens with software and the GPL). However, the OHL is definitely a good start to build a more complete license.

Conclusion This article describes the basic concepts behind understanding how to develop Open Hardware. Although a perfect model for releasing it is still not in place, there’s an ever increasing community who build Open Hardware.

Biography Alicia AsÃ−n PÃ©rez (/user/44526" title="View user profile.): Alicia is a computer engineer working for Libelium, a Spanish company which develops hardware for Wireless Sensor Distributed Networks. Libelium's

Conclusion

Issue 21 latest project is SquidBee: an open hardware mote. Alicia's other IT interests are security and low-powered computers. This summer Alicia got the Best Paper Award in Workshop on Computer Architecture Education (San Diego) for a paper about a current measuring platform she designed for teaching.

Conclusion

Issue 21

Conclusion

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Group interview: a graphic view of the open hardware movement. Part 1: motivations Exploring the motivations behind the Open Graphics Project By Terry Hancock PUBLISHED: 2008-02-13 Excitement in the Open Graphics community is quite high as it approaches its first production run of the FPGA-based “Open Graphics Development” board, known as “OGD1”. It will be available for pre-sale this month with the first units expected to ship soon thereafter. The board is targeted at hardware developers, with the specific goal of supporting development and testing of designs for a fully-documented consumer Open Hardware Graphics Card to be implemented using an ASIC (thus resolving one of the biggest obstacles to free software on the desktop). A general purpose Open Hardware tool for testing Open Hardware designs, the OGD1 is as important a step in promoting the Open Hardware movement as gcc or glibc was to promoting free software. It also represents one of the first self-consciously community-produced pieces of Open Hardware design to actually make it to the marketplace. An ambitious design, with a ten layer PCB based on surface mount technology, high-speed input/output channels, and one of the largest Field Programmable Gate Arrays on the market, the OGD1 is no garage project!

The first Open Graphics Development board is a powerful FPGA hardware developer board, an Open Hardware tool for testing Open Hardware designs. (Open Graphics Project) As an insider in this group, I had a unique opportunity to interview several of its members, including: Timothy Miller (TM), the experienced hardware engineer who first started the project (as well as the company, Traversal Technology, which will produce and sell OGP designs), and Patrick McNamara (PM), an interested amateur tinkerer who founded the Open Hardware Foundation. “The relatively sad state of FLOSS support from graphics vendors irked me” Joseph Black (JB) is another amateur who assists the project primarily by maintaining its documentation. Dieter (DX) is an active contributor with specific technical interests. Attila Kinali (AK) is a recently

Group interview: a graphic view of the open hardware movement. Part 1: motivations

Issue 21 graduated hardware engineer while Lourens Veen (LV) is primarily a software developer, but both have spent a lot of time promoting the project and are founding members of the Open Hardware Foundation. In the first part of the interview I wanted to explore the motivations behind the project and what makes developers contribute to Open Hardware…

Q: Why did you start the Open Graphics Project? TM: I had trouble finding a graphics card that was fully supported by free software. I did find one, but the relatively sad state of FLOSS support from graphics vendors irked me. At that time, I had about eight years of experience with graphics driver development and about four with graphics chip design, so I figured if I got enough other experts together, designing a completely open graphics solution would be feasible.

Timothy Normand Miller, founder of the Open Graphics project

Q: What specifically made you want to found the Open Hardware Foundation, and how do you see its scope compared to the OGP? What about relationships to earlier open hardware projects and organizations? PM: The need for such an organization had come up as a topic both on the Open Graphics mailing list and off, and I found myself as a rather vocal proponent. Nobody else stepped forward or really showed interest in pursuing it. In the end, it was “put up or shut up”, and I found myself as the president of a non-profit corporation. We still haven’t really engaged with any other community organizations, such as OpenCores.org. First of all, we aren’t really sure what the relationship would be, and we certainly don’t want to come off as the new kid on the block trying to take the spotlight. We also don’t really have much to offer yet. We are really just getting our feet under us. Finally, we really are trying to keep focused on making the Open Graphics Project a success. One of our key goals is to see the production of the OGC1. Until the OGP is much further along, I have been trying to keep our focus purely on it.

Exploring the motivations behind the Open Graphics Project

Issue 21

Patrick McNamara, founder of the Open Hardware Foundation

Q: What’s the strongest personal reason for you to help the Open Graphics Project? DX: It used to be possible to maintain your own electronics. If the TV broke, just take the tubes out and take them to the hardware store and plug them into the tube tester. Buy a replacement for whichever tube was bad and plug them back in. There was a schematic stapled to the cabinet, along with a diagram showing which model tube went in which socket. Today of course, semiconductors are far more reliable than tubes were. But manufacturers no longer include schematics. In many cases you can’t even obtain the information necessary to use the product, much less maintain it or modify it. LV: What keeps me coming back to the OGP today is the feeling that we are changing the world. Free and open source software is well-established now, but Open Hardware is relatively new. To me the Open Graphics Project represents a fresh look upon the ways in which our everyday environment is designed and manufactured. “The Open Graphics Project represents a fresh look upon the ways in which our everyday environment is designed and manufactured” JB: Previously the poor student could not do software design in his home—he could not afford the compilers. Open source broke down these barriers. Today, hardware is locked up in the same way. For example, I wondered if I could do anything with PCI. But I found out that I couldn’t even legally download the specifications without paying what would be a huge amount for a student to join a group which appeared to me to be designed to lock out PCI from the reach of the lone inventor who likes to tinker. I realized I could never get into the PCI club. Yet, if I could do all this interesting stuff on my FPGA board, what about all the other guys in similar positions around the world? We now have working PCI code in subversion under an open source license. We may look back and see we have already reached a small but important breakthrough moment in hardware. It’s a start.

The Open Graphics Project OGP: The “Open Graphics Project” is a community of developers working on replacing proprietary 3D graphics acceleration cards (a major obstacle to free software operating systems on the desktop) with community-designed open-hardware boards which will be free-licensed from the hardware definition language for the chip through the printed circuit board layouts—and of course to the drivers. OGA: The “Open Graphics Architecture” is the gate-logic design of the Graphics Processing Unit (GPU) being developed to run on the OGD1 and later on the OGC1 cards. OGD1: The first “Open Graphics Development” card is designed to allow testing of the OGA in an FPGA device onto which new hardware designs can be loaded by special software. This is the card which is going

Q: What specifically made you want to found the Open HardwareFoundation, and how do19 you see i

Issue 21 into production now. OGC1: The first “Open Graphics Card” will be an ASIC-based, consumer-targeted graphics card that will be developed using the OGD1 as a testbed. TRV10: The ASIC chip that will be created for the OGC1 and also sold for embedded uses by Traversal Technology. Traversal Technology: A company founded by Timothy Miller, Andy Fong, and Howard Parkin, which will actually design, manufacture, and sell Open Graphics cards. OHF: The “Open Hardware Foundation” is a non-profit organization founded to aid OGP (and eventually other projects) in handling community funding for prototyping and manufacturing costs as well as other activities to promote Open Hardware

Q: Why now? What has changed to make Open Hardware so active today? LV: Open Hardware has existed for quite a while just like free software, but with the advent of the internet as an accessible communication platform, it is now both growing and becoming more visible. Additionally, there seems to be a general cultural trend towards openness and sharing, which is probably affecting the Open Hardware movement as well.

In the 1980s, it was still common for consumer products to be built with 7400-series chips, which any hobbyist could use. In the 1990s, ASICs began to supplant these with VLSI chips which are essentially black boxes to end users and in limited supply. In the 2000s, however, FPGAs have gotten large enough to do many ASIC tasks, and although they are very expensive and relatively slow, they bring back the possibility of creating customized hardware (Top photos: Terry Hancock / CC-By-SA 3.0, Bottom: Synthesis Studios / CC-By-SA 2.0)

Q: Do you think that many users will care about the openness of the Open Graphics hardware? Or is it really only the openness of the specs that will matter to most? Will customers pay more for openness of the hardware? PM: What they will care about is the benefits that openness provides. If I as an end user can’t make use of all the features that make a less expensive graphics card faster than an Open Graphics based card then the cheaper card really isn’t faster. The openness brings full support. Full feature support is something that is worth paying for. AK: Open Graphics cards will as such have a greater impact on the market as an example of how to acquire more customers who care about openness in borderline situations.

Q: What’s the strongest personal reason for you to help theOpen Graphics Project?

Issue 21 The whole question becomes different in the embedded market. There customers will gladly pay two times the money for a card where they are able to confirm and probably fix bugs themselves. A supplier for whom you do not know how he will react on a bug report is a very high risk, especially if it is a critical component.

Several technologies are available for prototyping circuit boards. Most small experimental circuits start out on a breadboard (top left), which allows through-hole and DIP parts to be inserted by hand. More permanence is possible with wire-wrap circuits assembled on perfboard (top right). Printed circuit boards with one (bottom left, assembled) or two (bottom middle, unassembled board—note the shadows of the underlying traces) layers of traces are fairly common in hobbyist kits. The printed circuit boards in commercially-produced digital electronics, however, are invariably multi-layer surface mount boards (bottom right) which are much harder to make by hand and are generally contracted to fabrication houses. (CREDITS, L-R, T-B: Tom Deutschman / CC-By-SA 2.0, Terry Hancock / CC-By-SA 3.0, Terry Hancock / CC-By-SA 3.0, Bill Bradford / CC-By-SA 2.0, Crispin Semmens / CC-By-SA 2.0)

Q: What if ATI or nVidia (or another proprietary graphics vendor) suddenly decided to release their entire hardware design under a free license? Could they do that? What would happen to OGP? TM: ATI and nVidia likely license a lot of their internal chip designs from other companies. For instance, they probably didn’t design their VGA cores, so they don’t have rights to release that. Also, ATI and nVidia are probably violating each other’s patents; they could never afford the legal fallout of revealing their infringements. If an existing hardware vendor were to open their designs, as Sun did with the Niagara CPU design, they would simply be joining this community. “I would estimate the chance of a full Open Hardware release by ATI or nVidia as being similar to the chance of Microsoft publishing the Windows source under the GPL” PM: There are two directions that could be pursued. One would be to take the newly opened designs and focus the project’s efforts around improving it and getting drivers written. The other would be to study what they had done and incorporate the good stuff into Open Graphics, effectively jump starting its development. I can only wish for OGP to have to make that decision. LV: All hypothetically speaking of course—I would estimate the chance of a full Open Hardware release by ATI or nVidia as being similar to the chance of Microsoft publishing the Windows source under the GPL.

Alphabet Soup for Hardware Hackers FPGA: A “Field Programmable Gate Array” is a reprogrammable logic gate chip whose internal gate connections can be altered by downloading a bitstream to the card with a special program written for that purpose.

Q: Do you think that many users will care about the openness ofthe Open Graphics hardware? 21 Or i

Issue 21 ASIC: An “Application Specific Integrated Circuit” is similar to an FPGA, but fixed at the factory, and much cheaper to produce in quantity. Verilog/HDL: A “Hardware Description Language” is a textual representation of logic gates and registers. It differs from a programming language mainly in that it describes a parallel structure in space rather than a sequence of actions in time. Verilog is one of the most popular HDLs and resembles C or C++ in its syntax. CPU: A “Central Processing Unit” is the part of a computer that actually does the computing: all math and memory operations are performed by a CPU. GPU: A “Graphics Processing Unit” is a kind of specialized CPU designed for graphics processing. PCI: The “Peripheral Component Interconnect” is the most popular expansion card bus used in most modern desktop computers. VLSI: “Very Large Scale Integration” refers to chips with many thousands of logic gates or transistors. SSI: “Small Scale Integration” refers to chips with only a few logic gates or transistors, such as the popular, standardized 7400-series chips that were introduced in the 1960s. PCB: A “Printed Circuit Board” is a plastic board with etched metal “traces” produced by a printing process. Many thin boards can be bonded together to form a multi-layer board.

Q: Let’s repeat “the world’s most annoying question”, but for hardware: How can hardware engineers get paid for their work if they open up their designs for free? LV: Just like the advent of free software did not remove the demand for people who are able to create new software, Open Hardware will not destroy the market for hardware design services. What will become harder, just like it is in the software world now, is to make money by doing the exact same thing over and over again. If you try to do that, you will be out-competed by someone who just uses the existing, and freely available, design, or by someone who actually innovates. Some of the less skilled and less innovative hardware designers might be forced to improve their skills and ingenuity to be able to compete. But that is how a market is supposed to work.

Q: I have recently been told by a progressive computer manufacturer that they would “love” to use Open Hardware for their project, but don’t believe any manufacturer would be willing to develop such hardware and share its source and design documents. Any comment? LV: I think that they are conflating design and manufacturing, very much as is done in the proprietary software world. Microsoft designs Windows and then manufactures CDs containing Windows that they sell. Red Hat does some design on the software they sell, but their core business is manufacturing CDs, boxes, and additional services. Most of the design is done by the rest of the community. Any computer integrator could do the same: hire someone to create a hardware design which is openly published, and then put out a request for quotes for manufacturing it.

heir entire 22 hardware design undera free license? Could they do that? What would happen to OGP?

Issue 21

Back of the OGD1 card, showing traces and the additional memory, as well as an early Traversal Technology logo. This is a pre-production prototype, hence the blank revision number and serial number “01”! (Open Graphics Project)

Q: If someone reading this decides they are interested in helping OGP, what sort of things would you be looking for in terms of contributions? AK: OGP, like any FLOSS project, is constantly looking for big and small contributions, including (but not limited to) HDL/Verilog, kernel drivers, X11 drivers, and application development. The people we are lacking the most are capable hardware engineers with an understanding of VLSI design. JB: Soon we will need bug tracking and bug reporting and those with triage skills to support the developers. People who have skills with marketing are welcome. A big problem is that for now companies such as Xilinx, Alterra, and Lattice Semiconductor provide their no-cost software only for Windows, and their full versions for Linux are very expensive. However, their no-cost versions can occasionally succeed on Wine. We need developers to keep this working under Wine, reporting bugs and helping out with testing. It will only help us if Xilinx and Lattice Semi see significant numbers of developers using the no-cost version on Linux. [Interviewers note: As far as I know, it would be extremely difficult to create a free software replacement for the Xilinx software that programs their FPGA. We don’t know of the existence of an Open Hardware or even open specification FPGA which might be used for a project like this. Obviously that would be a future goal for Open Hardware]. A big problem is that for now companies such as Xilinx, Alterra, and Lattice Semiconductor provide their no-cost software only for Windows, and their full versions for Linux are very expensive LV: We obviously need hardware designers, but we also need driver writers, firmware developers, and documentation authors. Additionally, we need software developers who can help build the infrastructure we need: free tools and open standards for interchange file formats. TM: We don’t have the documentation quite handled, and frankly, we can’t have too much good publicity. We want to facilitate cooperation between Open Hardware communities, and to do that, we have to make people aware of each other. Besides the obvious things, you can contribute by just being involved in multiple FLOSS projects and helping to cross-pollinate. Join the OGP and tell us what others need and them what we need.

To be continued… In the next issue I’ll explore the Open Graphics community’s culture and development process.

Q: I have recently been told by a progressive computermanufacturer that they would “love”23to use O

Issue 21

Biography Terry Hancock (/user/5" title="View user profile.): Terry Hancock is co-owner and technical officer of Anansi Spaceworks (http://www.anansispaceworks.com/), dedicated to the application of free software methods to the development of space.

Copyright information This article may be re-published under the terms of the Creative Commons Attribution-ShareAlike license, version 3.0, with the following as attribution: "Terry Hancock, Originally published in Free Software Magazine".

Source URL: http://www.freesoftwaremagazine.com/articles/group_interview_graphic_view_open_hardware_movement_part_1_motivation

To be continuedâ&#x20AC;Ś

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Free software is social software On the implications of free software for social organisations By David Jacovkis PUBLISHED: 2008-02-11 Free software has much to offer non-profit organizations (NGOs). If you are reading this, you are probably a member or participant of an NGO, and I hope I can show you why free software and open standards are important for your organisation. Or maybe you are a free software supporter who’d like to see a change in a social organisation near you. In any case, I will try to give you a few arguments in favour of free software, along with some practical information on how to successfully face a migration process from proprietary software.

Introduction So, you work for an NGO, maybe even with IT responsibilities. Or maybe you are just a member who dutifully pays her monthly fee. In any case, why should you care about software? I’ll do my best to show you that you should—for several reasons. Non-profit and non-governmental organisations as a whole, often referred to as the third sector, form a very disparate group. However, they share some features that make free software and open standards specially relevant for them. All NGOs share some features that make free software and open standards specially relevant for them Information technologies have become basic infrastructures for any organisation. The tools you use to create content, manipulate information and communicate with the rest of the world are essential for your daily work. Therefore, you want to have full control over the applications you use and the information you work with.

Reputation in the third sector Of course, the previous paragraph holds for any modern organisation, public body or corporation. Free software is attractive to all of them from the economical point of view, but also because it is the only way to guarantee absolute control over information and the tools we use to manipulate it. All these advantages and considerations apply to your organisation as well, but all NGOs share a weakness that makes the above specially important in their case: almost all their connections with the outside world are based on trust. Your reputation is fundamental when you contact possible funders, future members and beneficiaries. And as you might have experienced, a single error or misunderstanding can spoil what took years of effort to build. I’ll show you what free software can do to help you preserve trust and improve the public image of your organisation. And as a side effect you will enjoy the more general advantages of using free software mentioned above.

Earning trust with IT Civil organisations realised long ago the importance of transparency in order to earn trust and respect. This transparency often means the public disclosure of internal information, such as decision-making procedures or budgets. But what about IT? How transparent can you be when you know nothing about the tools you use to

Earning trust with IT

Issue 21 manage information in your organisation? The most you can do if you use proprietary software is saying how much you spent in licenses. And even more important, what about the information itself? I bet your organisation has hundreds of documents in Microsoft’s closed formats (Word, Excel, Access…). Can you guarantee that they will still be accessible in twenty years time? If your answer is “yes”, think again: how would you read today a document created in 1988 using AmiPro or WordStar? The answers to these questions on transparency are transparent technologies: free software and open standards.

Transparent technologies, social technologies Free software and open standards are much more than open technologies. A whole social movement is behind them: building them, supporting them, trying to convince you to use them, helping you if you decide to give it a try. And chances are that your organisation has a few things in common with the goals and motivations behind this movement. Some supporters of these transparent technologies want to help developing countries bridge the digital divide and improve their access to education. Others work to raise public awareness on privacy protection and individual rights in the information society. Others aim to empower citizens with the necessary tools and knowledge to create and distribute their own content. But besides these long term goals, transparent technologies have many social implications that you should be aware of. Free software and open standards are much more than open technologies When you use proprietary software, your whole IT infrastructure depends on the decisions of the marketing department of a private company. Moreover, the image you give out is dependant on the behaviour of that company. You might like the products they sell, but maybe you have ethical issues with their business practices. On the other hand, when you use transparent technologies you are part of a movement with strong ethical roots that is slowly but steadily changing the way we see the information society. First of all, by using free software you are helping to build a local IT market that can provide quality services with added value on the products, instead of being just a customer of multinational corporations. Local SMEs can offer installation and configuration, support, training, custom development, etc. And if your organisation is big enough to have an IT department, with the appropriate training you can have full in-house control of the tools you use.

Free technologies help bridge the digital divide. (c) Joshua Wickerham, CC-by-sa 2.0 Another interesting aspect of free software is its community focus: anyone can help by improving and modifying it if they have the necessary skills. This is specially relevant for minority or marginalised languages, systematically ignored by private software providers because of their low market value. Also, using free software brings you in contact with an international community where no distinction is made between donors and beneficiaries: anyone can provide knowledge, and anyone can benefit from it.

Transparent technologies, social technologies

Issue 21

This is great, but how do we do it? One of the difficulties about migrating from proprietary to free software is that you’ve never done it before. The good news is, every day more organisations take steps in this direction, and most of them will be glad to tell you about it. There are many ways to face this kind of process, and it might not be easy to figure out which is the best approach for your organisation. It will depend on several factors, including the use you make of IT, the size of the organisation, the internal culture and expertise, whether you have an internal IT department or not. However, some things are important in most situations: To avoid frustration and loss of time and energy, you must take into account users’ training • Investigate: make sure that you document all applications and use cases that you have to take into account. • Inform: your organisation is not a company, where the boss says “jump” and employees ask “how high?”. You have to make sure that users are aware of—and hopefully share—the reasons behind the change. • Involve: your organisation may not be a company, but it has leaders, a management team, a board of directors. The decision makers must be involved in the process and committed to it. • Train: you will find free software alternatives to most of the proprietary applications in use in your organisation. They might be similar, but they are never identical. To avoid frustration and loss of time and energy, you must take into account users’ training. And of the IT team, if there is one. In this example, I’ll examine a real migration process in a medium-sized organisation: Milieudefensie, the branch of Friends of the Earth in the Netherlands.

How have others done it? Milieudefensie is a Dutch NGO that works on environmental issues. They have over 70.000 members and around 100 part time workers. In 2003, the ICT infrastructure of the organisation was almost 100% proprietary, and there were several issues that needed to be addressed: high cost of licenses, dispersion of information stored in proprietary formats, growth of data to be handled by the backup system, etc. The ICT team came up with a list of requirements that you would probably subscribe in your organisation: • Interoperability and use of open standards • Break free from vendor lock-in • Stability, security, reliability and data integrity • Reduce TCO (Total Cost of Ownership) • Ease of use, good performance and functionality for end-users • Flexibility and scalability • Preference for web-based applications

Milieudefensie is the Dutch branch of Friends of the Earth

How have others done it?

Issue 21 The team concluded that these requirements could be reached by migrating the ICT infrastructure to free software, and they drew a plan consisting on five main phases: • 2002-2003: Migration of all web related services and servers • 2003-2004: Migration of Novell file server(s) to GNU/Linux • 2005-2006: Provide NT workstations with (some) open source applications • 2005-2008: Migrate desktop operating systems from Windows NT4 to GNU/Linux • 2007-2008: Migration of information systems The migration of servers and services was relatively easy, as free software has been very strong in these areas for many years and virtually all proprietary applications have a free alternative of equal or higher quality. For example, Mercury Mail was migrated to Postfix, using SpamAssassin and ClamAV to take care of spam and viruses. File services on Novell were moved to Samba on GNU/Linux. Desktops and end user applications have proved to be harder to migrate in their experience. Non-technical users tend to be more reluctant to change and advanced users have already developed or tailored their own scripts, spreadsheets, etc., and don’t want to redo them in a new system. Moreover, some proprietary applications don’t have an alternative under a free license. Training is very important to get around the initial user resistance. It’s also useful to have a small group of volunteers who can pilot the migration to prove to the rest that change is possible and convenient. They use some legacy applications under Wine, a free software application that allows users to run windows programs under GNU/Linux. Others are still running under proprietary systems. The overall experience of Milieudefensie in their migration from proprietary to free software is positive, though they still have to complete the process. The management was not completely convinced at the beginning, but they have become more enthusiastic as time shows that the migration improved the service while reducing costs.

Can somebody help us? There are many organisations that promote the use of free software and open standards. Linux User Groups (LUGs), for example, provide support and education to inexperienced users, and can help you get some basic information on what free software can offer to your organisation. You can also hire the services of a local company to train your people or provide specific services that your IT team can’t cover. There are also quite a few organisations that work specifically with NGOs, helping them take steps towards free software. TacticalTech sees free software as a way to empower all citizens with the knowledge to become active members of the information society. One of their most interesting projects is NGO-in-a-box, a set of selected tools and materials on specific areas, focusing on low-resource groups. The box comes in several flavours: Security, BaseBox, Audio/Video and Open publishing. They also organise Source Events, workshops that aim to empower organisations in the use of information technologies and build links between different groups. The Free Software Foundation Europe (FSFE) is giving a series of workshops on Free software as social innovation, which includes sessions on Empowering NGOs with free software. There are also organisations that help NGOs use free software Many others provide services that you can use, either gratis or for a reduced price. For example, Spanish Nodo50 provides web hosting and mail services to NGOs at cost price, and they give training and support on using free software tools. The giss network can be freely used to broadcast live video streams using open standards.

Conclusion Free software is a viable option for almost any type of organisation, and it has many advantages that have been extensively exposed elsewhere. In the case of NGOs, all these advantages apply, but a few more factors

Conclusion

Issue 21 support the use of free software. It helps you maintain the trust that funders, members and beneficiaries have in your organisation, because it tells them that you have nothing to hide and that you are not tied to the economic interests of a private company. At the same time, the use of free software and open standards has strong ethical implications that are relevant to many NGOs. They help bridge the digital gap and promote local economies in developing countries. Using open standards you are not forcing a given product on your contacts, but instead you let them make their own choices. As with any other product, it all comes down to a single question: Who am I giving my money to? When you use proprietary software, the benefits are for a few. When you use free software, the whole of society wins. Special thanks to Anne Sedee from Milieudefensie for sharing her organisationâ&#x20AC;&#x2122;s experience.

Biography David Jacovkis (/user/2317" title="View user profile.): David Jacovkis has worked as a systems engineer, ICT consultant and editor of educational materials. Nowadays he collaborates with the Universitat Oberta de Catalunya and ISOC.nl in the SELF Project. He is co-founder of the Free Knowledge Institute [freeknowledge.eu]. His main interests are the ethical and philosophical implications of knowledge sharing, the technical and non-technical aspects of security in systems, and networks and writing about these issues for non-experts.

Copyright information This article is made available under the "Attribution-Sharealike" Creative Commons License 3.0 available from http://creativecommons.org/licenses/by-sa/3.0/. Source URL: http://www.freesoftwaremagazine.com/articles/ngo_and_free_software

Conclusion

Issue 21

Conclusion

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Interview with Bob Young Red Hat's former CEO talks about his past and present experiences with Linux By Colin McGregor PUBLISHED: 2008-01-28 Bob Young, former CEO of Red Hat, former publisher of Linux Journal, current head of lulu.com and a professional football team shares his thoughts and views of Linux.

Free Software People: Bob Young In 1995 Bob Young bought fledgling Linux distributor Red Hat and until 2005 held a number of roles within the company ranging from CEO to board member, all overseeing the explosive growth of what for many people was and is the Linux distribution of choice. His current projects center around lulu.com, an on-line publishing company and ownership of the Canadian Football Leagueâ&#x20AC;&#x2122;s Hamilton Tigercats.

Bob Young CM: What was your connection with the early days of Linux Journal? BY: I was publishing a small UNIX newsletter for the New York City market, when a friend read that Phil Hughes was looking to start the Linux Journal. Phil, based in Seattle, and I teamed up with Phil as editor and me as publisher. The first two issues were published out of my house in Westport CT. We quickly concluded that trying to publish a small magazine from locations on opposite sides of the continent was not going to work. So I decided to concentrate on selling Linux related products and Phil and his SSC company took over responsibility for publishing LJ, and IMHO theyâ&#x20AC;&#x2122;ve done a great job. CM: How did you first cross paths with Red Hat founder Mark Ewing? BY: Online dating.

Free Software People: Bob Young

Issue 21 Seriously, back in 1994 the Linux world was a very small place so you knew of everyone. When Marc launched his initial beta of Red Hat, the “Halloween” edition, he became instantly famous in the Linux newsgroups. I called him up because I wanted to add it to my catalog of Linux products, the “ACC PC Unix and Linux Catalog”. He knew who I was because of our marketing in those newsgroups, and thought of ACC as the giant retailer in the Linux space. We were actually tiny. Shortly afterwards we agreed to merge Marc’s tiny Linux business that ran out of his spare bedroom, with my tiny Linux business running out of my wife’s sewing closet, and the rest is history. CM: In January 1998 I attended a talk you gave to the Toronto Linux user group where you noted how you hoped Red Hat would become the Heinz ketchup of Linux distributions. What did you mean by that? BY: If you give away your product it is hard to claim a lot of IP or product differentiation. In the same way that anyone can make ketchup out of freely available ingredients (tomatoes, vinegar, salt and spices) without bending a copyright rule, anyone can build a Linux distribution (Linux kernel, drivers, utilities, and applications (Apache, DNS, Postgres, etc)). So both products are what are defined in business as “commodity” products. Heinz has 60% of the ketchup business because they have built a brand synonymous with quality and consistency. Red Hat is doing very well by this standard. But more than this you’ll have to ask Matthew Szulik at Red Hat. I don’t work at Red Hat these days, so I have to be careful about telling these stories in case they conflict with Red Hat’s current product positioning. Although I remain a big fan of Red Hat, and continue to be hugely impressed with how well they are doing in a very difficult business competing with the largest companies in the technology industry. CM: What role or roles does Linux fill at lulu.com? A: The similarity between Red Hat and Lulu is that Lulu is trying to do for creators, authors, photographers, filmmakers, and musicians what Open Source has done for software programmers, namely empower the creator. Lulu authors get to market their product directly to their readers while retaining full copyright control. And it turns out that there is a similar need for control in the publishing space as there was in the software business. Lulu is growing rapidly, with over a hundred thousand of registered creators, selling a million books this year alone. Lulu is up in the top 3,000 websites on the ‘net according to Alexa.com. But none of this would be possible without the tools that Lulu has built our technology platform around, including Linux (Red Hat), Apache, Postgres, and many others. Our site would not be as reliable, and would have been prohibitively expensive to build if we had been using the equivalent proprietary tools. CM: At the Hamilton Tigercats? BY: Same thing. At the risk of sounding like an infomercial: We are able to building better online services for our fans at a dramatically lower cost than we could have using tools where we were forced to rely on expensive support contracts from proprietary vendors. Simply because proprietary software vendors would not give us access to the source code we need to improve our systems and to identify and eliminate bugs. CM: What else would you like readers of Free Software Magazine to know about you? BY: Nothing about me. But the Tiger-Cats are going to have a much better season in the Canadian Football League this year, so you should rush to www.ticats.ca and buy your Season tickets today! ;-)

Biography Colin McGregor (/user/44155" title="View user profile.): Colin McGregor (www.mcgregor.org) works for a Toronto-area charity, does consulting on the side and has served as President of the Toronto Free-Net. He also is secretary for and occasional guest speaker at the Greater Toronto Area Linux User Group meetings.

Free Software People: Bob Young

Issue 21

Copyright information This article is made available under the "Attribution-NonCommercial-NoDerivs" Creative Commons License 3.0 available from http://creativecommons.org/licenses/by-nc-nd/3.0/. Source URL: http://www.freesoftwaremagazine.com/articles/interview_with_bob_young

Free Software People: Bob Young

Issue 21

Free Software People: Bob Young

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Interview with Eric S. Raymond Author of one of the open source world's key books speaks out By Colin McGregor PUBLISHED: 2008-01-23 Eric S. Raymond is author of one of the definitive books of the open source world “The Cathedral and the Bazaar”. In this interview Mr. Raymond talks about a number of the projects he is involved in.

Tux people: Eric S. Raymond Every field of knowledge has writing that defines the field. In the open source field one of the key essays is “The Cathedral and the Bazaar” by Eric Steven Raymond, or ESR as he is often known. In the essay Eric S. Raymond compares and contrasts the cathedral as a highly structured, highly organized approach of creating software against the faster adapting less structured bazaar like approach used in open source. A book containing “The Cathedral and the Bazaar” [1] as well as some of Eric Raymond’s other essays have been published by O’Reilly Media with the ISBN: 0596001088. In addition, Eric Raymond has put a version of the “The Cathedral and the Bazaar” on his personal website. Other books Mr. Raymond has been involved in include “The New Hacker’s Dictionary”[2], “The Art of Unix Programming”[3] among others [4]. Newer ESR projects include developing software to allow Linux boxes to talk to Global Positioning Satellite system receivers.

Eric S. Raymond wearing a Tux and showing one of his other interests, firearms. CM: What inspired you to write “The Cathedral and the Bazaar”? ESR: That paper had many sources, ranging from my college cultural-anthropology courses to evolutionary biology to Austrian economics. But the inspiration was simply my astonishment when I first booted up Linux in late 1993. It was too good for the conventional theory of software engineering to explain.

Tux people: Eric S. Raymond

Issue 21 CM: You have advocated the label “Open Source” over “Free Software” why? ESR: Because the term “free software” frightens and confuses people who wear suits. Those people have money and decision-making power that we need, so not confusing and frightening them is smart. CM: Could you briefly tell us about your role in helping to convince Netscape to release the source code for their web browser (which now forms the basis for Mozilla)? ESR: I didn’t know about my role at the time the decision was being made. The CEO of the company, Jim Barksdale, cited my paper as an inspiration at the press conference announcing it. CM: How did you become a member of the Freespire Linux “Community Leadership Board”? ESR: Kevin Carmony asked me to join after learning some of my concerns about Linux not getting desktop traction because the multimedia support is so poor. CM: What else would you like readers of Free Software Magazine to know about you? ESR: They can visit the programming project I’m putting most of my time into at http://gpsd.berlios.de. CM: Thank you for taking the time to answer my questions.

Bibliography [1] Raymond, Eric S. “The Cathedral and the Bazaar: Musings on Linux and Open Source by an Accidental Revolutionary”, O’Reilly and Associates:2001 [2] Raymond, Eric S. “The New Hacker’s Dictionary” MIT Press:1993 [3] Raymond, Eric S. “The Art of UNIX Programming” Addison-Wesley Professional:2003 [4] Debra Cameron, James Elliott, Marc Loy, Eric S. Raymond, Bill Rosenblatt “Learning GNU Emacs, 3rd Edition” O’Reilly:2004

Bibliography

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Interview with Richard M. Stallman Mr. Stallman, creator of the GPL, FSF and GCC, shares his thoughts on a number of topics. By Colin McGregor PUBLISHED: 2008-01-23 Richard M. Stallman has been a pivotal, and sometimes controversial figure in the free software movement. Mr. Stallman’s accomplishments have included, but are not limited to, the creation of the GNU Public License, the Free Software Foundation, and the GNU C compiler. Here Mr. Stallman shares his thoughts on a number of topics.

Free software people: Richard M. Stallman In September 1983, Richard Stallman announced the plan to develop a free software Unix-like operating system: GNU. In 1985, he set up the Free Software Foundation (FSF) to carry out that goal. By 1991, GNU was complete except for the kernel. When the Linux kernel became free software in 1992, the combination of GNU and Linux formed the first modern free operating system: the GNU/Linux system (often referred to as “Linux”). Richard Stallman wrote the GNU General Public License (GNU GPL) as part of developing GNU.

Richard M. Stallman CM: Could you explain why new free software users should think “free” as in “free speech”, not as in “free beer”? RMS: If they want to understand the concept of “free software” correctly, this is the way to do it. The idea is that software should respect the user’s freedom. Free software means software that gives you four essential freedoms: • Freedom 0: the freedom to run the program as you wish.

Free software people: Richard M. Stallman

Issue 21 • Freedom 1: the freedom to study the source code, and change it to make the program do what you wish. • Freedom 2: the freedom to redistribute copies of the program when you wish. • Freedom 3: the freedom to distribute copies of your modified versions when you wish. These freedoms give you control over your own computing, and make it possible to be part of a community where people help each other. They also bring about democracy: free software develops under the control of its users. Proprietary (non-free) software places the users under the power of its developer. These values of freedom and social solidarity are the basic ideals of the free software movement, ever since its founding in 1983. These ideals were my motive for launching the development [of] the GNU operating system. They are the reason our community exists. It is worth making these efforts for free software because freedom and community are important. Gratis software is not worth such an effort, because price is usually not an ethical issue. Paying isn’t wrong, and being paid isn’t wrong. Trampling other people’s freedom and community is wrong, so the free software movement aims to put an end to it, at least in the area of software. CM: Most free software is released under version 2 of the GPL. What issues and concerns does the new GPL version 3 address? RMS: The basic idea of the GNU General Public License is to assure that all users of the code have the four freedoms. It does this through the legal technique of copyleft, which forbids middlemen from taking those freedoms away from you. Copyleft turns out to have other benefits, and people who endorse the practical values of “open source” rather than the ethical ideals of free software have often used the GNU GPL. In 1989, when I wrote GPL version 1, we knew of two ways middlemen could try to do that: by adding restrictive license terms, or by concealing the source code. GPL version 1 was designed to prevent those two methods. GPL version 2, in 1991, was designed also to prevent patent holders from using their patents to impose licenses on redistributors in a way that would make the software non-free. Since then, other methods of restricting free software have been developed. For instance there is the method of tivoization, where the machine detects modified versions and shuts down. Then there is the Novell-Microsoft deal, where Microsoft uses its patents to threaten everyone except Novell customers. We designed GPL version 3 to block these two attacks on our freedom. In addition, we designed it to give results more uniform from country to country, and extended compatibility to some other free software licenses. CM: Which of your projects are you most proud of? RMS: Of the various programs I’ve written, the most challenging was GCC, but the one I love most is Emacs. However, when I think of what makes me proud, it isn’t any specific program. I’m proud of campaigning for freedom. There are many other things I could have enjoyed doing, but none as important as this. CM: Why is DRM (“Digital Restrictions Management” or “Digital Rights Management”) unethical? RMS: Digital Restrictions Management means software or hardware designed to restrict us and control our use of published works. The result is to deny us any or all of the shreds of freedom that copyright law leaves us. That’s basically unjust. Meanwhile, many countries including the UK have adopted unjust laws that forbid the distribution of free software that could access these digitally restricted works. Thus, all DRM is also an attack against free software. We should never buy products that have DRM unless we have the means to crack it. Thus, don’t buy a DVD unless you have a free program to play it with—and never buy HDDVD or Blueray! CM: What else would you like readers of Free Software Magazine to know about you?

Free software people: Richard M. Stallman

Issue 21 RMS: What I want them to know is that I launched the operating system most of them know as “Linux” (although not including the kernel, which Torvalds did) specifically for my freedom, your freedom, and their freedom. It is important to know this because we will always face pressure, from those who are powerful and would like to take away our freedom, to surrender our freedom—and they frequently offer us something attractive in exchange. For instance, B’liar wanted to abolish the Rights of Englishmen, and to serve his American master, Bush, faithfully; so he offered Britons “protection” from this or that, plus the imagined idea that he influences his master on their behalf through the “special relationship”. The same thing happens in our field, too. Companies making consumer electronics products want to impose DRM on us; they want to do this in programs that they receive as free software, then pass them on to us in such a way that we do not have the freedom to change them. So they invite us to allow our software to be tivoized, and offer us, as an inducement, that our software will be “more popular” if we cave in. The only way to keep our freedom is to have the steadfastness to reject those tempting offers. We have to move to a license like GPL version 3 that will stop these tempters in their tracks. CM: Thank you for taking the time to answer my questions. Note from the author: the goal behind these interviews is to introduce important people in the free software community, and just let them tell their story. In e-mailed discussions before the interview Richard Stallman insisted on certain wording choices in the introduction and in the questions, which has been respected.

Free software people: Richard M. Stallman

Issue 21

Free software people: Richard M. Stallman

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Free software conference in Colombia A reportage By David Jacovkis PUBLISHED: 2008-01-18 The first International Conference on Free Software, Technological Literacy and Solidarity Economy took place in Bogot?Colombia) from 13th to 15th of November. More than 80 speakers and 600 assistants attended at the the Tequendama Hotel, a traditional meeting point in the city.

Bogot?a city in the clouds Iâ&#x20AC;&#x2122;ve lived in Amsterdam for more than a year; in Amsterdam life takes place either a few metres above or a few meters below sea level. So getting used to Bogot?a>, at an altitude of 2.640 metres, takes a couple of days.

Bol?r Square with the Montserrat mountain in the background. (c) David Jacovkis, CC-by-sa 2.0 Even talking for more than a minute can leave you breathless, something youâ&#x20AC;&#x2122;d prefer not to happen in the middle of your talk. Fortunately we landed on Sunday and the conference started until Tuesday morning, which gave most of us time to get used to the general lack of oxygen. Getting used to an altitude of 2.640 metres takes a couple of days

The conference The organiser and main promoter of the conference was the Colombian government through DanSocial, a department that was recently created to promote solidarity economy. The Spanish region of Extremadura, known for its commitment to free software in many areas, also played an important role both in the organisation of the event and in the programme. The opening session attended by around 400 was held in the main room of the hotel. High profile speakers of the opening session were the Colombian president, lvaro Uribe V?z, and the Extremenian ex-president Juan

The conference

Issue 21 Carlos Rodr?ez Ibarra. Unfortunately neither of them could attend, and this did reduce the political impact of the event. However, both Colombian and Extremenian institutions were well represented: Mar?del Rosario Guerra, Minister of Communications of Colombia, and Rosemberg Pab?ab?Director of DanSocial, hosted the session. The director of the Extremenian Foundation for the Development of Science and Technology, Luis Mill?V?uez de Miguel, and Carlos Castro, General Director of the Department of Telecommunications of Extremadura presented the experience of their project: ongoing work over the last 10 years to guarantee universal access to information society in their region, where free software has played a central role. The first morning saw heated debate between the panel and the audience, specially after the Communications Minister defended software patents as a way of helping young entrepreneurs get financial support for their projects. Some speakers from the floor demanded better access infrastructure for rural areas, and a majority demanded stronger commitment from the government.

Rosemberg Pab?ab?Director of DanSocial, presents the Minister of Communications, Mar?del Rosario Guerra. (c) David Jacovkis, CC-by-sa 2.0

An enriching blend In the three days that followed, talks and panels were divided into three themes: free software, technological development and solidarity sector. Over 60 sessions covered topics ranging from models for social and cooperative banking, voice over IP, cooperative production of goods and success stories about free software in education institutions. Speakers and attendees ranged from students, small entrepreneurs to civil servants. Public companies, traditional companies like banks or insurances and new clusters of technological SMEs were also represented. Interaction was easy and constructive, discussion very frequent. In the audience the technically oriented were a majority, but for some it was their first contact with free software. Many others are active supporters, part of a growing community that is active in organising workshops, install parties and support sessions.

Highlights The conference had many exciting moments, which your reporter tried no to miss. On the first day we could attend the meeting of the Latin American Network for Technological Cooperation and Free Knowledge, created in Badajoz (Spain) in 1995. The network is coordinated by Extremadura, and the new agreement reached in Bogot?as signed by civil and/or governmental organisations from Uruguay, Brazil, Mexico, Colombia, Argentina, Venezuela and Puerto Rico. In this agreement the members reiterate their intention of sharing knowledge, information and experiences in the areas of information and communication technologies, and specially free software. The link of technological and social topics was very visible The program for the second day promised many interesting talks, and they did not disappoint. A panel of technological parks was followed by a series of talks on digital television and new emission formats. The link

Highlights

Issue 21 of technological and social topics was very visible here, as it was shown how open formats and free—as in freedom—edition and production tools make possible the existence of cooperative television channels maintained with very scarce resources. In the afternoon, one of the most entertaining presentations took us on a tour of gnuLinEx, the Extremenian Debian-based distro, with the bonus of a hotel-made anti-patent video (in Spanish). The last day had a short intense program, starting with an insightful session on the actual and potential uses of ICT in health care, and the importance of using open technologies when dealing with such sensitive matters. Before the end, the unfortunate absence of the Cuban Minister of Computing led to your reporter giving his presentation the SELF Project in the main conference room.

Endings are beginnings The conference close was an emotional ceremony with the presence of the main participants and most of the conference participants. Thanks and congratulations were given, and the air was full with a general feeling of a big something that stretches and slowly starts to move. Besides the good intentions and the promises for the future, the conference had many practical results. The Declaration of Bogot?as signed by the members of the Latin American Network for Technological Cooperation and Free Knowledge, with concrete actions for the near future in many areas including e-government, digital literacy, education and health care, and future meetings possible in Uruguay and Cuba in the following months. On a smaller scale, most of the assistants made good contacts -at least your reporter did—and shared a great time with interesting people from around the world.

Endings are beginnings

Issue 21

Endings are beginnings

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

If the pen is mightier than the sword, is the touchpad greater than the mouse? Can you give RSI the boot and let your touchpad take the strain instead? By Gary Richmond PUBLISHED: 2008-03-19 I was one the first people I knew to get a mobile phone (Motorola analogue flip!); but I was also one of the last to sign up for Googlemail. I am not a dedicated follower of fashion. I stand still and, sooner or later, fashion meets me coming round the other way. So, it might not come as a surprise that unlike the young turks of computing I came late to the mysteries of the ubiquitous Synaptics Touchpad. You see, I was weaned on that Faustian pact with Repetitive Strain Injury (RSI), the mouse. Having endured several very unpleasant encounters with various forms of RSI in the recent past, I decided to explore the alternative therapy of the touchpad. This article is an exploration of what you can be done with it in the GNU/Linux environment, its options, utilities, graphical front ends and command line options. Synaptic Touchpad is not to be confused with Synaptic, the graphical front end to Apt-get, although you will be able to use that particular software package manager (or others) to install various utilities to exploit the potential of your latopsâ&#x20AC;&#x2122; touchpad. The first thing to do is to see exactly what you actually have installed, so fire up your terminal of choice and type the following: cat /proc/bus/input/devices

Here is what I get on my Packard Bell EasyNote laptop running Mepis:

The output for an alps touchpad The highlighted line indicates that my touchpad is an Alps touchpad. Take this one stage further and type this in a terminal: cat /etc/X11/xorg.conf

If the pen is mightier than the sword, is the touchpad greater than the mouse?

Issue 21 And you can see the detailed output if you scroll down to the appropriate section (highlighted):

The output of xorg.config To determine if the touchpad is configured, go back to the console and type grep Iden /etc/X11/xorg.conf. If this outputs the following with a reference to the Synaptics touchpad, then it is configured:

Is your touchpad configured? Most users should find that their touchpad works out of the box, but with the caveat that it will be pretty basic. It will do exactly what it says on the tin—and that may not be very much. To get the best out of your touchpad—Alps or Synaptic—you will need to install the appropriate drivers and utilities to exploit mouse emulation, and then some.

Put your touchpad on steroids To get the most out of a touchpad the most important thing you can do is to have a version of the Synaptic driver installed. If you are using the 2.6 Kernel, it will be installed by default. If not, you can download a compressed tarball of Synaptic. This is particularly important if you wish to run graphical front ends for touchpad such as ksynaptics, which will only work with version number 0.14.4 of the kernel module. You can check the version you are running by launching your software package manager and searching for the Synaptics driver. If you want a raw taste of what it can do, just type man synaptics in a console and view the output (you can also type that in the location bar of Konqueror for a neater HTML format for handy printing if you wish). Here is a list of advanced features you will have access to: • Movement with adjustable, non-linear acceleration and speed • Button events through short touching of the touchpad • Double-Button events through double short touching of the touchpad • Dragging through short touching and holding down the finger on the touchpad

Put your touchpad on steroids

Issue 21 • Middle and right button events on the upper and lower corner of the touchpad • Vertical scrolling (button four and five events) through moving the finger on the right side of the touchpad • The up/down button sends button four/five events • Horizontal scrolling (button six and seven events) through moving the finger on the lower side of the touchpad • The multi-buttons send button four/five events, and six/seven events for horizontal scrolling • Adjustable finger detection • Multifinger taps: two finger for middle button and three finger for right button events. (Needs hardware support. Not all models implement this feature.) • Run-time configuration using shared memory. This means you can change parameter settings without restarting the X server Depending on the firmware, some of these features may already work without the driver; also, features themselves may vary from touchpad to touchpad. To change the settings, you will need to edit your Xorg.conf, which is also really important: before you start to tinker with it you should back it up; so fire up your console and issue the following command (as root): cp /etc/X11/xorg.conf /etc/X11/xorg.conf_backup

And simply reverse that command to reinstall the backup if X fails to start: cp /etc/X11/xorg.conf_backup /etc/X11/xorg.conf.

Know what you’re doing It is the rightful boast of GNU/Linux users that configuration files are relatively intuitive compared to the Satanic complexities of the Windows Registry It is the rightful boast of GNU/Linux users that configuration files are relatively intuitive compared to the Satanic complexities of the Windows Registry. But when it comes to the Xorg file section dealing with touchpads, the myriad settings are not exactly obvious either. If you want to play around with them it is best to have some idea what they actually mean. The best guide and explanation I have found is here. It is very detailed and you should read it thoroughly before tinkering with the settings in the Xorg file. man xorg.conf is also very useful as a quick guide to the nomenclature of the file, particularly the boolean (true/false) values whose settings may mean the same thing but vary in their interchangeable terminology from distro to distro.

First step: enable the touchpad and shared memory The first and simplest thing you can do is to decide whether the default state of you touchpad will be on or off. If it is not working out of the box and you want to exploit its potential, then launch your text editor of choice and open the /etc/X11/xorg.conf file and navigate to the following (highlighted) section:

xorg.conf touchpad section highlighted

First step: enable the touchpad and shared memory

Issue 21 Depending on your distro the line reading option "SHMConfig" "on" may read “true” for “on” or be set to “false” for “off”. On my Ubuntu Dapper laptop that line was not there and had to be added manually. Whatever it is, edit the file as root and change true to false to disable the touchpad, or change off to on to enable it. SHMConfig is just a boolean value (on/off) for activating or deactivating shared memory. If it is enabled, you will be able to configure the touchpad using clients like synclient (which comes in the x11-input-synaptics package). synclient allows you to query and modify the synaptics driver while X is running. In the rest of the article, I will assume that you have enabled SHMConfig, and that therefore the synclient command will work. You will need to restart your Xorg server once you’ve modified `Xorg.conf` You will need to restart your Xorg server once you’ve modified Xorg.conf: to do that, you can press CTRL-Alt-Backspace while nothing is running. If the Xorg server doesn’t come back, remember that you have a working backup of Xorg.conf! The great thing about enabling SHMConfig is that you won’t have to touch the Xorg.conf file ever again to configure your trackpad.

Changing the configuration using Synclient In the previous screenshot there are several configuration settings for the touchpad that are not exactly intuitive. Changing each option and then restarting the web server to test the results is awkward at best. Synclient (part of the Synaptics driver manager) can help here. Use it and you’ll be able to make changes without having to restarting X. Keep in mind that changes made with Synclient won’t be permanent, but only operative on a per-session basis. For the changes in configuration to be made permanent you will need to edit the Xorg.conf file directly or to add a startup script.

Does synclient work with every parameter in Xorg.conf? It does not appear from the synclient manpage that all the touchpad parameters can be managed by it. However, the examples given (synclient EdgeMotionSpeed=0 to disable edgemotion speed and synclient -m 100 to monitor touchpad events) are a good indicator that you can experiment with all the settings listed in the Xorg.conf file. Just remember to note the default values in case your tinkering does peculiar things! synclient -l on the command line will tell you the current setting of the touchpad. Here is mine running on Mepis:

synclient output

Disabling the trackpad while typing The command synclient -l will list Touchpadoff =0. To turn the trackpad off simply type synclient Touchpadoff=1. Turning the touchpad back on again is as simple as synclient

Disabling the trackpad while typing

Issue 21 Touchpadoff=0. If you’re not afraid to get your hands dirty, a very clever way to ensure that the touchpad is automatically disabled whenever a mouse has been plugged in is to add this rule to Udev in /etc/udev/rules.d/:

ACTION=="add", SUBSYSTEM=="input", ID_CLASS="mouse", RUN+="/usr/bin/synclient TouchpadOff=1" ACTION=="remove", SUBSYSTEM=="input", ID_CLASS="mouse", RUN+="/usr/bin/synclient TouchpadOff=0"

Or, if Python scripting is more to your taste, you can achieve the same effect by using a Python script making it executable and adding it to your start programs. Your mileage might vary: use at your own risk. Another method to disable the touchpad involves Syndaemon. It is not as definitive as the preceding methods: it will only disable the touchpad while you are typing. The manpage is terse (man syndaemon) but if you want to use this temporary method just open a console and type syndaemon -d and it will run in the background, disabling the touchpad for a default of two seconds. You can set this to a different timeout value. For example: syndaemon -d -i 3 and if you want to disable tapping and scrolling action (and not mouse movements) as well then that command would now be syndaemon -d -t -i 3. As with so many other GNU/Linux configurations, if you wish to make this a default startup you need to add it to the startup files. It’s a breeze in Gnome: just go to System→Preferences→Sessions to launch a dialog box and select the Startup Programs tab, click on Add and type your chosen variation of the syndaemon command. In KDE just type ln -s /usr/bin/syndaemon ~/.kde/Autostart/ in a console. Another method to disable the touchpad involves Syndaemon. It is not as definitive as the preceding methods: it will only disable the touchpad while you are typing If you just want a quick and dirty ad-hoc fix for enabling or disabling the touchpad in selective mode, i.e., you want to disable tapping whilst typing, but not the ability of the touchpad to move the cursor, and you don’t want to use a GUI or edit the Xorg file then issue the following simple command in a console: synclient TapButton1=0

The default in the Xorg configuration file is 2. If you wish to re-enable the tapping feature when typing (why?) just type that command again and change the 0 to a 2. If you look again at the Xorg file you will see two other entries for TapButton, each with defaults of 3. I think this has something to do with multiple finger tapping on the touchpad (assuming it supports such features). Another way to turn off tapping which emulates the mouse click is: synclient MaxTapTime=0

Turning it back on entails changing the 0 to a 1. A word of warning: settings set with synclient are not permanent. You may want to add any of the above synclient commands in your startup scripts to save interminable key tapping every time you want to enable/disable touchpad features. Changing the configuration using by editing Xorg.conf If default parameters are already present in the Xorg.conf file (or you add them later—what is present will vary from distro to distro), then you can amend them on the fly with synclient; however, they will only persist for the duration of the session. To make any changes permanent it is necessary to change them in the Xorg.conf file. This is also true for all the parameters listed below for such features as drag and drop and circular scrolling. The great advantage of using Synclient is that it is very easy to issue commands in a console and that it’s a safe method to experiment with settings without risking any damage to Xorg.conf. Once you are sure the on-the-fly changes you made with Synclient worked, you can safely make the changes permanent in Xorg.conf. It is a perennial complaint that the palm of your hand frequently brushes across the touchpad whilst you are doing something else on the keyboard It is a perennial complaint that the palm of your hand frequently brushes across the touchpad whilst you are doing something else on the keyboard. In addition to the solutions presented in the previous section, and if the

Disabling the trackpad while typing

Issue 21 feature is supported by your touchpad, you can try specific additions to the Xorg.conf file. If these settings are not in your Xorg.conf file add them as follows: option option option

"PalmDetect" "PalmMinWidth" "PalmMinZ"

"on" "10" "200"

The first one is obvious. If you don’t want to experiment with the parameters in the following at all, just change it to “off”. The middle option tells the touchpad the minimum width at which a touch is deemed to be a palm and the last option sets the touch pressure for the “PalmMinWidth” threshold.

The pick of the best touchpad features Many of the configuration settings are for features so particular, not to say exotic, that it is not very likely that most users will want or need them. Such depth of configuration looks like the classic instance of a solution looking for a problem and the knowledge and time required to set up these features is disproportionate to the advantage gained. The truth of the matter is that it can be a matter of “suck it and see” when it comes to experimenting with some of the settings.

Drag and drop This feature would seem to be a given for any self-respecting touchpad, but it does not work for me on my Mepis laptop. This has had a chequered history in Ubuntu too. If working, it involves a two-tap action: one tap to select the file, followed by a second tap with the finger held down on the touchpad and dragging the file to its intended destination. The Xorg.conf file should have this parameter listed in the “Input Device” section: Option

"MaxTapMove"

"220"

If you find that instead of dragging a file or folder to another location you merely open it, it may well be that this setting is either too coarse or fine. Note the default and experiment with it to see if you can get it working. If that option is not listed in the section then add it and save it. By the same token, if it does not already exist you can add this parameter too: option

"LockedDrags"

"off"

If “off” is your default, then a tap and drag gesture ends only when you release your finger. If set to “on” the geature is active until you tap a second time.

Circular scrolling Again, this feature may be enabled even without the Synaptics driver and/or may require firmware support. In my Xorg.conf file it is not listed in Mepis but it is operative in Ubuntu Dapper on my external USB drive. I found that the easiest way to enable the basic features was via the Qsynaptics GUI. This allowed me to select one edge of the touchpad to emulate the middle scroll wheel of the mouse. How well many of the touchpad features work will depend, in part, on the sensitivity settings of the device and how it’s configured. If the following lines do not exist, type the following into “Input Device” section: Option Option Option

"CircularScrolling" "CircScrollDelta" "CircScrollTrigger"

"on" "0.1" "0"

The first line is self-explanatory. To disable amend to “off”. If you want to set circular scrolling to a particular edge of the touchpad you can change Circularscrolltrigger to any of the following values: 0 1 2 3

All Edges Top Edge Top Right Corner Right Edge

The pick of the best touchpad features

Issue 21 4 5 6 7 8

Bottom Right Corner Bottom Edge Bottom Left Corner Left Edge Top Left Corner

Specifying some value other than zero may give you the option to combine circular and horizontal/vertical scrolling. You will find that, depending on which edge you start from, small, tight circles will effect fast scrolling whilst larger circles will scroll more slowly. If you manage that powerful combination, you’ve hit the motherload. Finally, the middle line (CircScrollDelta) allows you to adjust the angle (in radians) of your finger on the touchpad to generate a scroll event. Many of these settings will be configurable in GUIs like Qsynaptics, but some of the more esoteric ones listed immediately above will require delving into configuration files.

Graphical front ends There are two main GUIs for touchpad configuration: Ksynaptics, Qsynaptics. The first is, surprisingly enough, a KDE application and it should be in most software repositories. If not, grab a copy here. These two frontends are your portal into Xorg.conf file without actually sullying your hands with a text file or amending parameters with synclient. The GUI is in effect the lazyman’s synclient as it does essentially the same thing—but without the power options. Of course, as with any GUI, ease and convenience comes at the cost of less granularity and it is definitely a case of horses for courses. If you only want the easily accessible basics then the GUIs will do very nicely thank you. However, if you want to power tweak and you are an inveterate tinkerer then a combination of synclient on the command line (good for debugging the touchpad and discovering/amending settings and permitting changes to the trackpad settings on the fly) and editing the Xorg.conf file is the way to go; and hell, you can use them all in any combination you desire. This is GNU/Linux! Of course, as with any GUI, ease and convenience comes at the cost of less granularity and it is definitely a case of horses for courses

Ksynaptics Ksynaptics will run as a stand alone application or embedded inside Kcontrol Centre (just select Peripherals in the left-hand column and click on Touch Pad) and it is the best-looking of the GUIs. It is intuitive and well laid out. It is blissfully easy to use—with one proviso. Being a GUI it has, inevitably, dependencies and in my case it installed without complaint and ran too. There was one problem, so here’s a warning: the Synaptics driver version 0.14.4 was required. Installing a stand alone version of it cordially invited me to uninstall an entire desktop, amongst other files (including Ksynaptics itself). There was no such problem on my Ubuntu laptop. The application is triple tabbed:

Touch Pad General tab

Graphical front ends

Issue 21

Touch Pad Tapping tab

Touch Pad Scrolling tab If this worked on my Mepis laptop, I would be in hog Heaven. It is a supreme example of a clear, clean, well thought out front end for the basics of Xorg.conf. The basic settings are virtually intuitive but that said, point and click will only take you so far and may not even work despite appearances.

Qsynaptics Using the QT toolkit, this GUI produces a less attractive and slightly less functional appearance. Again, if not in your software repositories grab a Debian binary or source package (with links to RPMs) here. It is essentially a less pretty QT clone of Ksynaptics. It does the same things, so I will not sully your retinas with the obligatory screenshots. Suffice it to say, if I did you would see that all options are grayed out because it tells me that I need to enable SHMConfig (though a quick look at my Xorg.conf file tells me that it is present and on) and install the Synaptics Touchpad driver (I have). Fortunately, it is working on the Ubuntu laptop, and although the option to turn off the touchpad entirely works perfectly, circular scrolling and edge scrolling work but in a somewhat erratic fashion with settings not being persistent once you close the session. One way to possibly solve this problem is to make changes persistent by making the changes in the GUI and then adding the program to your startup scripts: for Gnome just add gsynaptics-init to the list of startup programs in Systemâ&#x2020;&#x2019;Preferencesâ&#x2020;&#x2019;Sessions. For KDE users jusr add gsynaptics-init to your .xinitrc or .xsession startup scripts.

A final tip for Firefox users If, despite everything, your touchpad is behaving like an errant delinquent, you can at least give it a Basil Fawlty-like thrashing and prevent horizontal scrolling being misinterpreting as a backwards trip through webpages in Firefox.

Ksynaptics

Issue 21 Open Firefox and type the following in the location bar: about:config

and scroll down to the following line: mousewheel.horizscroll.withnokey.action

and set the value to 0. Also, select this line and amend the value to true: mousewheel.horizscroll.withnokey.sysnumlines

Conclusion The Synaptics Touchpad is a salutary story of everything that is good and bad about GNU/Linux. When I started to research and write this article I anticipated a successful learning curve and a happy outcome. How wrong I was. The diversity of GNU/Linux is wonderfully empowering but it means configuring across multiple distros (never mind writing about them) which is like trying to juggle six balls simultaneously. There is still little danger of my mouse going into the desk drawer to gather dust The problems with getting the GUIs to work properly, the relative obscurity of the configuration options, the multiplicity of available distros and the range of touchpad features all mean that, minor configuration apart, there is little danger of my mouse going into the desk drawer to gather dust. A simple equation has to be made: how much works, how complicated is the learning curve and configuration and is the end result proportionate to the effort? Given my distros and my particular touchpad, the effort and learning curve did not reward me sufficiently to tempt me to abandon the little rodent. RSI will just have to remain an occupational hazard. Touchpads, if fully featured and properly configured and supported, are a boon to a weary mouse finger but when they are not they look like a solution in search of a problem. In the meantime, if you want to explore the matter further there is a really excellent distro-neutral guide at the Gentoo wiki which covers most topics, another particularly good one at the Arch Linux wiki which can be applied to most distros and lastly a stonkingly powerful and detailed explanation of all the available configurations.

Biography Gary Richmond (/user/3653" title="View user profile.): An aspiring wanabee--geek whose background is a B.A.(hons) and an M.Phil in seventeenth-century English, twenty five years in local government and recently semi-retired to enjoy my ill-gotten gains.

Conclusion

Issue 21

Conclusion

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Making KDE look good Out with the drab, in with the pretty! By Colin McGregor PUBLISHED: 2008-03-12 “Beauty is in the eye of the beholder” goes the old saying. What looks great to me, might not be very appealing to you. Most GNU/Linux distributions pick default images that are bland, inoffensive, and boring, all of which have their place, but we can do better. This article will look at making your GNU/Linux machine look beautiful. Note: this article only covers KDE.

Wallpaper Screen wallpaper is one of those things we tend not to think about; the screen which gets quickly hidden with the “real” stuff: the web browsers, word processors and other actual applications. Improving it will really improve our computer image. Wallpaper is a place where we can easily let our digital images shine. Alternatively this is a place where we can raid sources that are normally useless to GNU/Linux users, like some Microsoft Windows or Macintosh oriented websites. When it comes to images all our GNU/Linux machines care about is that we offer a .jpg. While there are some great Microsoft Windows wallpaper sites, unfortunately some of the “free” image sites require you run Windows software. If a wallpaper website offers just a .jpg image file that look great to you, then grab the image and enjoy. If you find you are asked to download an .exe, or a .com file, then it is time to look elsewhere. Some wallpaper websites by default just show a little thumbnail image, that will look rotten when enlarged to full size, and you may need to hunt a bit for the full size version of the image. If you do find an image on a wallpaper website that you want to use for background, it is easy to turn it into wallpaper. Put the mouse pointer over the image you want, click the left button on your mouse, and select “Save Image As…”. You may have to note where the image is being saved to and under what name, as some websites default to some fairly odd names, and some browsers pick odd places to store images by default. You then will want to move the image to the folder /usr/share/wallpapers. While KDE desktop can scale images up or down to match the current screen resolution, a 640 x 480 image typically doesn’t look very good enlarged to 1600 x 1200. Going the other way, a 1600 x1200 image wastes a lot of disk space if you’re only going to use it at 640 x 480. So when possible you want a screen image the same size as your current screen size. Several programs can change image size, GIMP being the best known, but if all you’re interested in doing is changing scale, the much simpler KolourPaint is a better choice.

Wallpaper

Issue 21

Figure 1: Image taken by the author in Toronto, Ontario’s Little Italy minutes after Italy’s 2006 World Cup victory. The image was rescaled for use as wallpaper with KolourPaint. Things get a little more complex if you want to use your own digital pictures and have a wide screen display. Most digital cameras have the same screen ratio as a regular TV, which is different from a widescreen monitor. You can let KDE stretch the image into shape, but the results can be very ugly. To keep things looking good the trick is to scale the your image to the width you plan use, then crop from the top and or bottom of the image. My widescreen monitor is 1680x1050, so I would scale the image to 1680 pixels wide and the crop a 1050 pixel high section.

Figure 2: Image taken by the author in Perth, Ontario’s Stewart Park just after a snow storm about to be cropped for use as wallpaper with KolourPaint It’s time to turn your image into wallpaper. Start by saving the image or images into the directory. Next click on Control Center in the KDE main menu, and select Appearance & Themes. Click on Background. Now you can have some fun: for example you can put different images on each screen, or set-up a slide show (the background image will change). Here is where it is fun to start playing: the worst that could happen is you end up with some ugly looking wallpaper! You can play with these settings, but they do not become permanent until you click on “Apply”.

Splash Screen Just after you log in to your computer, but before you get the KDE main desktop screen you will see for a few moments what is known as the splash screen. Some splash screens give information that GNU/Linux experts can use to help diagnose problems, but the main job of the splash screen is to tell people to wait. You can download splash screens from sites like www.kde-look.org or pick one included with your distribution. Click on “Control Center” in the KDE main menu, and select Appearance & Themes. Click on Splash Screen and choose a splash screen.

Splash Screen

Issue 21

Screen Saver One problem with CRT monitors is phosphor burn-in, where even after you turn off the monitor you can still see a ghost like image on the display. This normally happens when the display has been set to one image for a very long time. This normally happens with computers in commercial settings, like bank machines. Once a screen has phosphor burn there is not a lot that can be done, so the goal has to be to avoid burn in. While this is typically not a big issue in a home setting, no harm in being a bit cautious. The easy route to avoid burn in is to make sure the screen turns off after the computer has not been used for a while. The route to go is from the Control Center, click on Peripherals→Display→Power Control and Enable display power Management. The second best route is to make sure that if you’re not using the computer the display is regularly changing. For that you want Control Center_Appearance & Themes→Screen Saver: select something that appeals to you. Do click on “Test” to check the perspective screen saver as a few do leave some parts of the screen the same, which you don’t want.

Login screen Shortly after you start your computer you will get a screen that asks you to enter a user name and password; this is the login screen, and is controlled by a display program. There are several display programs available. The best one for KDE users is kdm, which is often not installed by default, but can easily be installed with most distributions. Changing the login screen is slightly more complex than changing the wallpaper screen. The login box will appear over the login screen image you decide. The login screen image or images can, if you want, be the same as the screen wallpaper. The images for use with the login screen by default are stored in the same directory. To set this up you need to click on Control Center in the KDE main menu, select System Administration→Login Manager. KDE gets a little security-conscious here compared to changing wallpaper: before you can alter anything here you will have to click on “Administrator Mode” and enter the root password. Under “Appearance”, the “Position” option decides where the login box will show up, with X controlling right/left and Y controlling up/down. So, if you wanted the login box to appear near the right bottom corner you might put in X : 10 Y: 80. For the left top corner try X: 80 Y: 10 . As before none of these changes will stick until you click “Apply”.

Figure 3: Setting up a new background image .

Issue 21

Conclusion This is just a quick introduction, there are a lot of ways KDE can be made pretty, so try things!

Sources: There are many websites that carry attractive images. Among my favorite are: http://www.kde-look.org/—This is where some versions of KDE go by default when asked to “Get New Wallpaper”. There are thousands of KDE related wallpapers, screen savers, splash screens and other things on this site. Some of the images promote specific GNU/Linux distributions and/or GNU/Linux related companies. While most of the material on this site is suitable for all ages, be warned there is a small amount of adult only material here. http://www.gnome-look.org/—This site, while oriented to the Gnome window manager has many great wallpaper images. As with the above, a small percentage of images are in questionable taste. http://wallpaper.deviantart.com/—Another sometimes interesting general wallpaper website. As with kde-look, some of the images are not fit for polite company. http://www.digitalblasphemy.com/—A wallpaper website, which always has some fascinating free samples, suitable for any sort of company. But the site’s primary role is to promote Brian Bliss’s CD-ROM sales and paid members only website.

Sources:

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Learning XHTML: Monty Python Style The quickstart guide to learning standards-compliant XHTML By Andrew Min PUBLISHED: 2008-03-03 For reasons unknown to civilized (or uncivilized) man, all programming books are often immensely boring. Seriously. That is, until now. Today, Free Software Magazine presents (in conjunction with Andrew Min Writing Studios) Learning XHTML: Monty Python-Style. Your name is King Arthur (or if you prefer, it could be Lancelot or Galahad or Bedivere or even Robin …). Your quest is to learn XHTML. And your favorite color is… you’ll get to that later. For now, all you need to know is that you need to watch the m?. They can be very dangerous around here. In fact, they can swarm together and take over sentences, even whole paragraphs. No really! (The management apologises for the fault in the introductions. Those responsible have been sacked.)

Introduction to XHTML and getting together the tools for it You don’t go out and attack castles with Holy Grails without first knowing what a Holy Grail is. So, first you’ll get a little explanation. XHTML (eXtensible HyperText Markup Language) is a simple yet powerful markup language which utilizes tags. Tags are little strings of text enclosed by <> to let web browsers know what a web page contains. Now that you know what XHTML is, you need to make sure you have all the materials you need (like coconuts and swallows and knights walking around clapping the coconuts). First, you’ll need some sort of XHTML editor. Most operating systems come with Notepad for Windows or TextEdit for OS X. However, these are extremely underpowered (even for basic programming). Using them is like trying to chop down a tree with a herring: impossible. For GNU/Linux users, the choice is easy: use Quanta Plus. If you absolutely /hate/ Quanta Plus (something I find very hard to understand!), try Scribes, another powerful programming tool. Windows users… should switch to GNU/Linux. But if you absolutely refuse to do that then try Notepad++. It’s not as powerful as Quanta Plus or Scribes (think King Arthur vs. Sir Lancelot), but if you like pain… go right ahead. OS X users have three options: use Smultron, a powerful editor for Mac users, install Quanta Plus using fink (a long and laborious project, but the end result is a powerful programming tool), or install GNU/Linux.

Writing a simple hello world page with paragraphs Now that you know what you’re doing (always helpful), it’s time to write your first XHTML web page. Here it is:

<!DOCTYPE XHTML PUBLIC "-//W3C//DTD XHTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/lo <html> <head> <title>Hello World</title> </head> <body>

Writing a simple hello world page with paragraphs

Issue 21 <p>Hello World</p> </body> </html>

That’s it! Just copy that into your programming editor, save it as helloworld.htm, and then double click on the file to run it. It will open a new page in your web browser that simply says, Hello World. Congratulations! You have now completed the first step of your XHTML career. Now, it’s time to break it all up into little bite sized pieces that you could eat at that wedding feast Sir Lancelot broke up. First, look at the first line:

<!DOCTYPE XHTML PUBLIC "-//W3C//DTD XHTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd

This is just a simple statement telling the world that this is an XHTML document. It should be at the beginning of every XHTML document. <html>

This tells the world that this is the beginning of the XHTML document (just like meeting the Knights Who Say No? was the start of a hunt for a shrubbery). Remember that words surrounded by <> are tags. <head>

This is the beginning of the “header” section of the XHTML document. This is unseen by the viewer, but relays important information to the browser. <title>Hello World</title>

This is the title of the page. Everything located between the <title> and the </title> is part of the title. Since it’s in the head section, it’s unseen on the main page. However, the browser window’s title will probably change to this. </head>

This signifies the end of the head section. <body>

This signifies the beginning of the “body” section. Virtually everything here will be shown on the web page. <p>Hello World</p>

This is the nitty gritty of the page. The <p> tag is the paragraph tag. Everything inside of this will be neatly thrown into a paragraph. So if you have two paragraphs, they will automatically have whitespace between them. This is extremely handy since XHTML will ignore the file’s own line breaks (you need to manually insert them, more on that later). </body>

You should have already guessed what this does: it signifies the closing of the body section. </html>

Can you guess this one? It’s the end of the XHTML document. You should also note that the document could have been formatted differently. Line breaks in the document’s source do as much as Sir Lancelot? does to a fierce foe (absolutely nothing) as far as XHTML is concerned. So, the document could have produced the same results if it looked like this: <!DOCTYPE XHTML PUBLIC "-//W3C//DTD XHTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><title>Hello World</title></head><body><p>Hello World</p>

Writing a simple hello world page with paragraphs

Issue 21 </body></html>

or this: <!DOCTYPE XHTML PUBLIC "-//W3C//DTD XHTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head><title>Hello World</title> </head> <body> <p>Hello World</p> </body> </html>

Also note that the tags are nested exactly in the order they are put in. This is crucial. If the <html> tag is before the <body> tag, then the </html> must be after </body>. So, this would be very wrong, since the </body> tag happens at the wrong time” <body> <p> Hello World </body> </p>

Exercises Yes, that’s right. You can’t be a good programmer without practicing. I’m told that Sir Lancelot practices throwing wooden rabbits every day. • Write an XHTML page that says, “Free Software Magazine!” in the first paragraph, “Andrew Min is the best author ever” in the second paragraph, and “XHTML is almost as smart as Andrew” in the third paragraph. • Try writing the above page without paragraphs (that is, without the <p> tags). See why you use them?

Basic formatting Now that you know how to write a basic page, it’s time to make it look pretty. After all, that’s the appeal of XHTML (remember the appeal of Sir Lancelot’s minstrel is his horrible singing). So it’s time to look at adding some basic formatting. There are several kinds of formatting in XHTML: bold, italics/emphasis, bold/strong, underline (Free Software Magazine doesn’t render this correctly, but you should know what it looks like), deleted text (again, FSM won’t render this. It’s basically text with a horizontal line through it), and blockquote This is by no means a comprehensive list, but it should be enough to get you started. There are two ways to add bold/strong text. The older and more popular way is to use the <b> tag. The newer way is to use the <strong> tag. The latter is more technically correct, for reasons which are more dull than Tim the Enchanter. Don’t argue. Just use the strong tag. Next up is making your text emphasized. Again, there are two ways. You can either use the older and more popular <i> or the newer <em>. And again, the newer <em> tag is the correct answer for reasons even more boring than the bold reasons (actually, it’s the same reason. If you really want to find out how, visit this forum thread on <b> vs <strong>). Now, onward to the underlined text. This you should really use sparingly. Why? Well, what else on a web page is underlined? Oh yeah, links (you’ll get to that soon, I promise). You should use underlining about as many times as Robin attacks a dragon (virtually never). But for the times you absolutely have to have underlined text, the tag is <u>. Why isn’t there a newer version, like it happens with <i> and <b>`? Simple:

Basic formatting

Issue 21 because you shouldn’t be using it at all, remember? It’s time to turn to another type of formatting: deleted text. In other words, text that looks like it was crossed out (usually used for satire). But if you are a satire kind of guy (or gal), here’s the tag: <del>. When you quote a source, it’s nice to make it look a little different from the rest of the page. That’s where the <blockquote> tag comes in. It allows you to quote something like this: Howdy, I’m a quote. And swallows are much better than starlings.

Exercises • Write some text that is strong and emphasized at the same time. Like this. Remember to nest your tags correctly (refer to Hello World filled with m?, llamas, and shrubberies! for more). • Try adding some strong text inside a blockquote.

Using links Refresher: what does XHTML stand for? If you say for freedom, equality, and Dennis the Constitutional Peasant, you’re wrong. It stands for eXtensible HyperText Markup Language. And what does the HyperText mean? It basically means text that can be clicked on which will take the user to another page. That’s what a hyperlink (commonly shortened to “link”) is. So, it’s time to look at adding basic links to a web page. You’ll start with a basic XHTML link. And the best way to explain how to add a link is to do an example:

<a href="http://freesoftwaremagazine.com/">Free Software Magazine</a> (http://freesoftwaremagazine.com

This <a> tag is much more complicated than any other tag you’ve learned so far. It’s as complicated as Dennis the peasant. First of all, note that everything between the two tags gets turned into a link. So the above result would output Free Software Magazine. Now, look at the href part. Basically, anything between the two quotes ("") is the location of the link. There are three things that can be between those hyperlinks. First, you could put a full web address like http://freesoftwaremagazine.com/, which is what I did above. Second, you could put in the location of a page with a URL that is relevant to the location of your page. For example, if you are editing the page index.htm which is on the server http://www.freesoftwaremagazine.com (so, the page is on http://freesoftwaremagazine.com/index.htm), and you wanted to link to http://freesoftwaremagazine.com/about.htm, you could just put down a link to about.htm, since both index.htm and about.htm are in the same directory: `<a href=”http://www.freesoftwaremagazine.com/about.htm”>Free Software Magazine</a> (http://www.freesoftwaremagazine.com/about.htm). If you’re still trying to pick your jaw off of the floor, re-read all of section again. The third option is to put in an anchor, which is beyond the scope of this article. Links are extremely powerful tools. You don’t have to just link to web pages. You can also link to email addresses, like this: mailto:email@emailaddress.com. For example, <a href="mailto:john@cleese.com">Click here to email one of the greatest actors of all time</a> (mailto:john@cleese.com). Of course, mailtos are much more powerful than just this (for more, see this great article on mailto tricks). Note however that this is one of the best ways for a spammer to get your email address, so you might want to consider using an obfuscator like this one by John Haller or this by Andreas Neudecker.

Exercises • Write two pages: robin.htm and lancelot.htm. Make robin.htm have a mailto link to sirrobin@montypython.com and lancelot.htm have a regular link to robin.htm.

Using links

Issue 21

Displaying images When you’re on the internet, virtually every page you see contains some sort of image. Some have them as a background image, some as a menu background, some as regular pictures. But unless you’re browsing a mailing list or a directory output, it’s almost guaranteed that you’ll see some sort of image. So it’s time to figure out how to put them in your website. First, an example: <img src="picture.jpg" />

There are several new things about this tag. First, note that there is no closing tag. This is very important. Even more important than remembering the migration patterns of African and European swallows. Also, note the “ /” at the end of the tag. For any tag that has no closing tag, there /must/ be a / (forward slash). Besides these points, it should be pretty self explanatory. In the code above, picture.jpg refers to an image in the same directory as the page being written. Of course, you could also use something like http://freesoftwaremagazine.com/logo.jpg. Note however that it is often considered rude to use other images hosted by other people (It eats up their bandwidth. There’s actually a pretty funny story about that by Mike Davidson at Newsvine.com).

Exercises • Download this image, put it in the same directory as the page you’re editing, and display it on your page. • Try displaying an image that is also a link. If you can’t get it, see this article on background images (but actually try /before/ looking).

Advanced formatting with stylesheets You may have noticed that one very important thing has been left out so far: color. If you write a page right now, you’ll have images and basic formatting but no color. Why? Well, XHTML actually does have support for all of this using the <font> tag. However the font tag (along with several other tags) has been deprecated, a fancy word meaning that their use is discouraged. That’s where Cascading Style Sheets, or CSS, comes into play. Now, explaining all the features of CSS is definitely out of the scope of this article (it’s like trying to say the name of the Knights Who Formerly Said Ni). However, since most XHTML programmers use it you’ll get a tiny taste right now. The CSS code goes in between the <style> tags, nested between the <head> tags. First up, you’ll change the color of the font on your web page. A usability note: /always/ make sure your text is readable. That means no light colors on light colors (e.g. yellow on white) or dark on dark (e.g. navy on blue). Doing that makes the text barely readable, just like last words in the Cave of Caerbannog. There’s a good resource on colors at Mashable.com. Anyway, back to CSS. Here’s an example of changing the font color: <style type="text/css"> body {color: red} </style>

First, note that everything between the <style> tags is CSS code. On the second line, the CSS code starts (and ends). The body tells the browser that all the text between the <body> tags should be colored red. The { and } are similar to the < and > of XHTML. Finally, the color: red makes the text color red. This brings us to an important point about web color. There are two types of web color: hexadecimal (a six digit code preceded by a # like #000000) or named colors (in plain English, like red or blue). These can get complicated so refer to Wikipedia’s great article on web colors for reference. Another thing you can do with CSS is set a background color. Here’s the sample code: <style type="text/css"> body {background-color: blue} </style>

Advanced formatting with stylesheets

Issue 21 As you can see, this code is very similar to the previous code: instead of defining the color, it defines the background-color. You can also set a background image: <style type="text/css"> background-image: url('bg.jpg') </style>

Exercises • Create a page with a background color of #BC2EE4 and text color #F8C042. • Figure out how to change link colors. Change it to #CAC5D0, and add it to the other page. If you have trouble, see this page on link colors. • Create a page with this background image, #CCDDEE as the text, and #000000 as the link color.

Publishing your web pages Now that you have a web page, you’ll want to put it on the world wide web so that King Arthur and his wife can see it. First, you’ll need a web host with FTP support (there are tons of free ones around—at this point Google is your friend. Once you’ve registered with a host, connect to their FTP server using an FTP client. Quanta Plus has this built in, see Quanta Plus’s documentation for more information. If you don’t use Quanta, use FileZilla (there’s a good tutorial at the FileZilla wiki). Make sure your main page is named index.htm. Now, go to your web site that your host set up (e.g. http://freedomain.com/andrewmin/). You should see your index.htm page come up immediately (if not, you may have to wait a few hours for your site set up to be completed). There’s only one thing left to do: check your site in web browsers. There are two types of browsers: standards compliant browsers like the free software Mozilla Firefox or Konqueror, and non-standards compliant browsers like Internet Explorer. If your page is valid XHTML according to the W3C Validator, it will show up perfectly in Firefox or Konqueror. Unfortunately, you’re also going to have to make sure your page works in Internet Explorer 6, well known for being one of the worst browsers for standards compliance on the net (you can use the free Browsershots service to see what your page looks like). Internet Explorer 7 improves on this, but is still pretty bad. It’s like saying that Sir Not-Appearing-In-This-Film is better than Sir Robin the Not-Quite-So-Brave-As-Sir-Lancelot.

Exercises • Create a webpage! Make a page with nice colors (use Color Inspirator if you’re as uncreative as Sir Lancelot) detailing your experience with XHTML. Then, upload it to a host of your choice.

Where to go from here Well, you’re just about done. Now, you’re probably wondering what to do next. If you want to learn more about XHTML or CSS, visit the W3Schools. There are also a host of programming languages for the web, including PHP, JavaScript, Perl, ASP, Ruby on Rails, and Cold Fusion. They will allow you to generate XHTML pages on the spot. W3Schools has tutorials for these, as does our sponsor O’Reilly Media. You may also want to learn about content management systems which are powerful web tools that give you more power for less work. Graham Oakes has a great article on this called Introduction to Content Management Systems. Good luck!

Biography Andrew Min (/user/37372" title="View user profile.): Definition: Andrew Min (n): a non-denominational, Bible-believing, evangelical Christian. (n): a Kubuntu Linux lover (n): a hard core geek (n): a journalist for several online publications (see them all at http://www.andrewmin.com/ )

Where to go from here

Issue 21

Where to go from here

Issue 21

Where to go from here

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Trick and tips: a summary By Tony Mobily PUBLISHED: 2008-02-25 This is a collection of tips&tricks written by Andrew Min and Gary Richmond, published in Free Software Magazine’s blog. This month: • How to spring-clean an Apt-based distro • How to fix broken Firefox extensions • How to edit your GRUB settings with QGRUBEditor • How to make Jabber calls using Jabbin

How to spring-clean an Apt-based distro Gary goes in depth at how to clean Debian, Ubuntu, and other Apt-based distributions with apt-get --purge, Deborphan, Orphaner, Editkeep, GtkOprphan, Debfoster, Aptitude, and Jig.

How to fix broken Firefox extensions This time, Gary goes into making old Firefox extensions compatible with the current version of Firefox using Nightly Tester Tools, Mr Tech’s Local Install, and the good old fasioned way of hacking the install.rdf.

How to edit your GRUB settings with QGRUBEditor Andrew goes into messing around with your GRUB menu (with everything from passwords to splash screens) using the powerful Qt-based QGRUBEditor.

How to make Jabber calls using Jabbin To wrap it all up, Andrew shows how to make Jabber-to-Jabber calls using the free Jabber client, Jabbin.

Biography Tony Mobily (/user/2" title="View user profile.): Tony is the founder and the Editor In Chief of Free Software Magazine

Copyright information This article is made available under the "Attribution" Creative Commons License 3.0 available from http://creativecommons.org/licenses/by/3.0/.

How to make Jabber calls using Jabbin

Issue 21 Source URL: http://www.freesoftwaremagazine.com/articles/trick_tips_summary_21

How to make Jabber calls using Jabbin

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Sound filtering... with the Gimp! Make Gimp work as an ideal digital sound filter By Gianluca Pignalberi PUBLISHED: 2008-02-25 Gimp is universally used for image manipulation. However, with a bit of creativity and a couple of tricks, it can also be used as an audio filter! Here is how…

Sound filters If you are familiar with sound filters, you can skip this introduction. For those of you who don’t know about filters, here is a brief explanation. A sound, like all signals, is measured in Hz (Hertz). That measure expresses the signal frequency. The lower the measure, the lower the frequency. A filter is a tool that enhances one or more signal frequencies, according to a criterion. In an ideal world, a filter completely suppresses undesired frequencies. Unfortunately, we don’t live in an ideal world. A real low-pass filter is something that receives an input signal and outputs its low frequency components I will concentrate on a single filter: low-pass. A real low-pass filter is something that receives an input signal and outputs its low frequency components. To be more precise, it attenuates those frequencies higher than a set one (the cut-off frenquency). As you see in figure 1, it just approximates theoretical behavior.

Figure 1: Frequency response of real and ideal low-pass filter In this article I propose a three-step method to achieve an ideal low-pass filter for sound signals. Gimp is the key tool for this method. Of course, I’m cheating: I need to use a program that transforms a sound file into a suitable image. Then, I can “low-pass filter” that image and get back the filtered sound from it.

Sound filters

Issue 21 Note that I put “low-pass filter” in quotes: I won’t get Gimp to apply an image low-pass filter (i.e., a blur operator). But, be patient: in a few lines I’ll unveil the “trick”.

Pre- and post- sound processing with Arse Before passing it to Gimp, the input sound needs to be processed. I chose Arse as the preprocessing tool. Arse, short for “Analysis and Reconstruction Sound Engine”, is a command line tool divided into two main parts: a spectrographer and a spectrogram synthesizer. I’ll use both its tools to pre- and post-process an audio file. In the pre-processing step I input a sound to Arse, which outputs a spectrogram (that is an image, good to input to the Gimp). In the post-processing step, I provide Arse with the filtered spectrogram, to have an audio file as output. Unfortunately, generating a signal’s spectrogram and synthesizing it again with Arse won’t lead to the original signal Unfortunately, generating a signal’s spectrogram and synthesizing it again with Arse won’t lead to the original signal. It means that the method I’m proposing is theorically perfect, but you can’t use it effectively without accepting some sound tranformations (i.e., a bass sound played as a piano sound, or a human voice played as a synthetic voice). Anyway, go ahead: a clever use of Arse will give you pretty good results. I don’t know whether a tool more efficient and reliable than Arse exists or not; if yes, use it and verify the results—and let me know! The image Arse generates has the following features: • it is grayscale (black pixels are silence); • its rows are the analysis of a frequency band; • each column represent a second of the signal. In figure 2 you see the user interaction with Arse, while figure 3 provides you with a signal, its spectrogram and the synthesis graphs.

Figure 2: A screenshot which shows how to use Arse to run sound analysis and spectrogram synthesis Arse is a very young project, the current version is 0.1. It has some major limitations. The author describes them the project’s web site and in the README given along with the program, where you can also read more about its use and specifications.

Pre- and post- sound processing with Arse

Issue 21

Figure 3: Analysis and synthesis of drama.wav’s sample, a file given along with the OpenOffice suite. From right to left: original signal, spectrogram, and reconstructed signal

The proposed low-pass filter Once you’ve got the spectrogram, open it with Gimp. Remember that spectrogram’s row 0 contains the highest frequency information, and row n contains the lowest. Low-pass filtering a “frequency range” consists in coloring black the rows of pixels between 0 and x, where x is the row where the cut-off frequency is located. To do it, select the proper rectangular section of the image, and then flood fill it black. That’s all: you will have suppressed the frequencies higher than the cut frequency, without affecting the others: the sort of things an ideal filter does.

Conclusion In this article I proposed a method (a transformation) to get an ideal filter. Such a transformation allows you to low-pass filter a sound through its spectrogram image. Synthesizing the “filtered” image should give the corresponding low-pass filtered sound. At the moment the only reason why the transformation doesn’t work is because of the postprocessing tool. Once Arse improves, you’ll get a proper ideal low-pass filter.

Biography Gianluca Pignalberi (/user/4" title="View user profile.): Gianluca (/contacts/g.pignalberi) is Free Software Magazine's Compositor.

Copyright information This article is made available under the "Attribution-NonCommercial-Sharealike" Creative Commons License 3.0 available from http://creativecommons.org/licenses/by-nc-sa/3.0/. Source URL: http://www.freesoftwaremagazine.com/articles/sound_filtering_with_the_gimp

Conclusion

Issue 21

Conclusion

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Free software Easter eggs If you were looking for a sensible article, sorry By Alan Berg PUBLISHED: 2008-02-20 It is grey a dull, overcast day here in downtown Amsterdam. The weather is rather oppressive, summerâ&#x20AC;&#x2122;s smile long gone and my wine cellar miraculously has grown to quiet emptiness. However, I know a not too-well guarded secret. Hidden in the cracks, just at the edge of your eyesight, is extra humorous functionality in your favourite free software applications. Silent professional Easter eggs are waiting stealthily to make you smile. Do not worry; no animals were involved in testing (other than me, myself and I), just Ubuntu 7.10 and an aged and generic desktop. Strap on your goggles, sit firmly back in your comfortable chair, turn the boom box up and relax. Let the games begin and the mutant cow like creature roars desperately for supremacy.

To be or not to be a bovine The grey day and lack of viable alcohol sources left me with one choice; to research my next article on GNU/Linux related Easter eggs. What is it with cows and GNU/Linux? Let me answer my own self-serving question and show you some varied and slightly bizarre examples of human randomness. Assuming you are running under Ubuntu from a terminal type: apt-get help | grep -i super This APT has Super Cow Powers.

OK, let us generate some somewhat warped and deranged ASCII apt-get moo (__) (oo) /------\/ / | || * /\---/\ ~~ ~~ ...."Have you mooed today?"...

Having fun yet? My brain is starting to bake trying to work out the meaning of it all. There are even serious and well researched Ubuntu bug reports on the subject. How about trying to use aptitude from the command line to discern a recognizable and potentially disturbing pattern of social humor. Can we get aptitude to talk sense? Let us beat it around the head verbally and see if we can get it to admit its origins. aptitude -v moo There really are no Easter Eggs in this program. aptitude -vv moo Didn't I already tell you that there are no Easter Eggs in this program? aptitude -vvv moo

To be or not to be a bovine

Issue 21 Stop it! aptitude -vvvv moo Okay, okay, if I give you an Easter Egg, will you go away? aptitude -vvvvv moo All right, you win. /----\ -------/ / /

\ \ |

-----------------/ --------\ ---------------------------------------------aptitude -vvvvvv moo What is it?

It's an elephant being eaten by a snake, of course.

Yes now I understand life clearly. Well, if you cannot beat them with sharp pointy objects, then join them I say. Let me introduce to a small program called cowsay, a manâ&#x20AC;&#x2122;s best friend, a configurable talking cow. Just what you need when you already have multiple personalities and two children. From your favourite terminal, please type: sudo apt-get install cowsay cowsay what the ---------what the ---------\ ^__^ \ (oo)\_______ (__)\ )\/\ ||----w|| || ||

Cows, cows everywhere and not a pint of milk to drink. Cows, cows everywhere and not a pint of milk to drink Warning: the following text discusses cows, but the experts among you will of course realize that although the animal in question has udders it is, in fact, a mutated creature of unknown genesisâ&#x20AC;Ś possibly goat. Cow is the nearest meaningful definition I can find without consulting world-renowned experts who have designed nuclear reactors and viewed, sadly, in a state of pizza engulfed enlightenment, every single Star Trek episode. The GNOME desktop is also a worshipper. In GNOME, pressing Alt + F2 opens the run command dialog inputting gegls from outer space executes yet another variant of a space invaders game with offenders that look like a cow, smell like a cow, but really are not, but hey do I care? no real phasers in sight. See figure 1 for a visual.

Figure 1: Holy bovine! And you thought I was strange

To be or not to be a bovine

Issue 21 Let us end this bovine like nonsense and move to higher realms of cluelessness, mutual stupidity and mistrust.

Gaming delight Frets on Fire, figure 2, is not really an Easter egg, just a plain old, jolly good and fun game. The presence of Frets being played by sugar boosted children is similar a very noisy room full of bees and I should know bees are my friends. I have lots of friends. The noise and the insults in the tutorial really speak to me, especially when the game aims them directly at my elder son. I must practice the approach next time I ask for a pay rise or refuse to give out a weekâ&#x20AC;&#x2122;s worth of pocket money. To install this rock and roll enabled application from the command line type: sudo apt-get install fretsonfire

Obviously, you will now find an icon under the Games menu. But be warned, be very warned, the game is addictive and is best served with the bass up high and the neighbours away on holiday. Be warned, be very warned, Frets on Fire is addictive

Figure 2: Main screen Frets on Fire Hidden in aptitude, figure 3, is a minesweeper game. From a terminal type aptitude and once started Ctrl+T to highlight the relevant menu. Yes, why not waste time trying to find mines at the companyâ&#x20AC;&#x2122;s expense; it is cheaper than coffee and less likely to send you to the nearest toilet.

Figure 3: The mine sweeper game in aptitude The OpenOffice.org developers, not to be out done by secret competition, also hide more than complex trend resolving algorithms in their spreadsheets. In any randomly chosen cell input =GAME("StarWars") and press return you will now find yourself within a space invaders type feature, see figure 4. Hey hardened

Gaming delight

Issue 21 gamers, I am not going to mention my final score, but there is no way you are going to beat me ever. I rule and there is no way you can prove otherwise. Now back to the main story.

Figure 4: Calcâ&#x20AC;&#x2122;s version of space invaders While we are working really hard on our spreadsheet/game to generate a random smiley type in the command =TTT(). Easter eggs are by their very nature hidden; you are only supposed to find the hidden gems and rotten eggs under special circumstance. For example, by deeply mining the code or when they are released on aforementioned holidays. Trying to do my research thoroughly (hahaha!) I searched the apt cache on local machine via: apt-cache search Easter

and found to my great delight. wesnoth-ei - Eastern Invasion official campaign for Wesnoth

Not that wesnoth-ei is an Easter egg, but it is a rather a good mission for an excellent game, so this is my lame excuse to help interested wesnothnauts to add more fun to these darkening days. So far so good, a few games and an extra mission, how about viewing a few questionable photographs (nudge, nudge, wink, wink). How about viewing a few questionable photographs, nudge, nudge, wink, wink

Show me a photo Have you ever wondered what the hard working OpenOffice.org development team used to look like in the StarOffice days, long before steam engines? While in calc type in a cell and press return =STARCALCTEAM() and a relaxed and well dressed bunch of reprobates will, as if by c-coding-magic, appear in a separated dialog box. If you can take the strain then feel free to view figure 5, otherwise the exit is to the left.

Show me a photo

Issue 21

Figure 5: The nearly original Calc team For the same affect in the OpenOffice.org word processor, type the magic word StarWriterTeam followed by the F3 function key and finally throwing fairy dust into the air (good for covering the mist from old socks that I suspect you can smell while you are reading this article). A delightful picture coincidentally similar to figure 6 will now appear. I particularly liked the cutouts and think the effect added an air of realism to the whole event. The included text mentions the hard working developers. If you recognize any of the names, the next time you see the developer in cut out pose, pat him on the back and thank him for his software coding efforts. The world is a better place and we do have more choice because of OpenOffice.org and other ODT format supporters.

Figure 6: A fake photo of the Star Writer team Perhaps we can find a more realistic photograph (figure 7) of the developers in the zenity tool. The tool allows for the easy creation of dialogs of different types. If you input from a terminal zenity --about and then type zen an extra graphic appears. The realism fooled me for a few minutes until I realized that this was not a member of the Star Writer team. To be honest, my younger son has a Gameboy DS and the figure reminds me closely of a certain commercial figure.

Show me a photo

Issue 21

Figure 7: A realistic zenike about Finally, letâ&#x20AC;&#x2122;s acknowledge the work done by the large base of Firefox developers. In the address bulk insert about:credits. Wow, so many dedicated hard workers and so much quality effort.

Random bits of knowledge This section is all about wisdom, funny names and learning from history and nothing about sensible subjects such as the weather or the rather excellent English cricket team and no, England never loses at Ruby, football or tennis. By the end, you will truly understand why the Flatulent Elm of West Ruislip needs to be released and so too tight pants, read on, be awed, and then meditate. Ubuntu 7.10 has the tiny version of vim (a text editor) installed to achieve enlightenment you will need to upgrade, side grade to vim-gnome. apt-get install vim-gnome

Running gvim and then typing :help 42 delivers a massive amount of meaningful wisdom (figure 8).

Figure 8: The meaning of life and the grey Dutch weather system And have you heard the joke about interesting release names. How about trying zgrep "The.*Release" /usr/share/doc/dpkg/changelog.Debian.gz The The The The The The The

"Good, clean fun" Release. "Bully's Special Prize" Release. "On like Donkey Kong" Release. "In like Flynn" Release. "Maidenhead Creeping Water Plant" Release. "Just kidding about the God part" Release. "Flatulent Elm of West Ruislip" Release.

Random bits of knowledge

Issue 21 The The The The The The The The The The The

"Or the Wabbit gets it" Release. "Paying off Karma at a vastly accelerated rate" Release. "Mysteriously Unnamed" Release. "Livin' like a good boy oughta" Release. "Three banana strategy" Release. "Awh, yeah? Ripper!" Release. "Grab your gun and bring in the cat" Release. "Captain Tight-Pants" Release. "Donald, where's your troosers?" Release. "Let the Wookie win" Release. DebConf4 Release.

I vote to release the tight pants, but only for myself. Not wanting to be outdone, look through calendar.history: cat /usr/share/calendar/calendar.history And if you want 25 cents worth of advice then in the log on screen Require Quarter as user name, then just log on as normal. And, yes if you are thinking of starting your own religion then first see how Mozilla was reborn, figure 9. In the Firefox address bulk type about:Mozilla and thus to the brethren was imparted deep wisdom (the musical) and we all laughed happily released from our daily burdens.

Figure 9: About Mozilla

Final comments Smarter people than I found most of the Easter eggs, which I then cheaply mentioned in this article. I can only point you back to the original sources mentioned in the aptly named resource section. If you were looking for a sensible article, sorry, I am more into badly cropped photographs and cow watching from a very great distance. If you know of more nuggets then please add a comment at the end of the article, thus becoming instantly famous for a nanosecond until the spam filter fails on your email client. And, finally, to the brave developers in this grey corporate world, fighting for open standards and the right to an individual sense of humorous wonderment. I salute you. Long live the mutant bovine/goat type creature. We are shocked and awed. If you were looking for a sensible article, sorry, I am more into badly cropped photographs and cow watching from a very great distance

Acknowledgments To my father hereby known as Lawrence Berg Senior, who gave me an metaphoric Easter egg everyday. And a certain Cook who still puts up with a well known collector of gold plated armadilloâ&#x20AC;&#x2122;s.

Acknowledgments

Issue 21

Mostly random resources • http://www.mozilla.org/book/ • http://www.novell.com/coolsolutions/trench/17293.html • http://www.cyberciti.biz/tips/linux-Easter-eggs.html • http://wiki.services.openoffice.org/wiki/Easter_Eggs • http://ubuntu-tutorials.com/2007/09/14/aptitude-Easter-egg/ • http://en.wikipedia.org/wiki/GNOME_Display_Manager#Easter_Eggs • https://launchpad.net/ubuntu/+source/apt/+bug/56125

Biography Alan Berg (/user/8" title="View user profile.): Alan Berg Bsc. MSc. PGCE, has been a lead developer at the Central Computer Services at the University of Amsterdam for the last eight years. In his spare time, he writes computer articles. He has a degree, two masters and a teaching qualification. In previous incarnations, he was a technical writer, an Internet/Linux course writer, and a science teacher. He likes to get his hands dirty with the building and gluing of systems. He remains agile by playing computer games with his kids who (sadly) consistently beat him physically, mentally and morally. You may contact him at reply.to.berg At chello.nl

Copyright information Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is available at http://www.gnu.org/copyleft/fdl.html. Source URL: http://www.freesoftwaremagazine.com/articles/free_software_easter_eggs

Mostly random resources

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Purchasing free-software-friendly hardware Building a computer from components to support free software is easier than you think! By Terry Hancock PUBLISHED: 2008-02-06 Many people have complained about the lack of pre-integrated computers running GNU/Linux or the lack of fully free software drivers for important hardware. Ultimately though, it’s up to you, the consumer, both to satisfy your own requirements and to send a message to vendors that supporting free software pays. You can do this fairly easily by integrating your own computer from its major components, and selecting only components that have free software drivers. It’s certainly possible, and even if you’ve never built a computer before, it’s not all that hard!

Integrating computers for free software: some general advice As a free software user, the chances are you paid very little (possibly even $0.00) for your software, which leaves you with a little more cash to spend on hardware. I recommend that you use it. A little money spent on brand name parts, products which include manuals or other documentation, and parts which are intrinsically more reliable will save you a lot of time and frustration when trying to get it to all work correctly with your software.

Figure 1: A breakdown of the major components in a computer system, from Wikipedia. 1) Monitor, 2) Motherboard, 3) CPU (or microprocessor), 4) Memory (or RAM), 5) Expansion cards (graphics and sound cards are the most common examples), 6) Power supply, 7) Optical disk drive (CD or DVD), 8) Hard disk drive, 9) Keyboard, 10) Mouse. Unlabeled is the Case (or Chassis). Additional components include extra input or output devices, including speakers, microphone, printer, digitizer tablet, game controller, etc. (Drawing by Gustavb@Wikipedia/CC-By 2.5)

Integrating computers for free software: some general advice

Issue 21

What you need You may find Figure 1 useful as a good breakdown for the purchasing task. Occasionally you’ll find bundle deals, but in general you may have to purchase the following components separately: • Case • Power supply • Motherboard • CPU • Memory (RAM) • Graphics adapter • Sound adapter • Hard disk drive • CD/DVD optical disk drive • Monitor • Keyboard • Mouse or Digitizer Additionally, there are some optional items you might want, such as a printer, flash media reader, or floppy disk drives. These may not be essential, though, and you may want to purchase them in a later upgrade.

Don’t skimp on the interface! You are more valuable than your computer. Don’t buy stuff that’s going to hurt you. Therefore, don’t skimp on monitor, mouse, or keyboard. You’ll be tempted to get cheap on this stuff to pay for more CPU or RAM. Don’t do it! A little money spent on brand name parts, products which include manuals or other documentation, and parts which are intrinsically more reliable will save you a lot of time and frustration when trying to get it to all work correctly with your software I now only buy LCD monitors, which are vastly better than CRTs in a number of ways: they have clarity which doesn’t degrade over time, linear color response, and flat screens. LCDs are more environmentally friendly because they last longer, use far less power, and contain fewer toxic chemicals. They used to be very expensive. Today however, inexpensive LCD monitors are often as cheap or cheaper than equivalent-sized CRTs. If you can, buy one with a hard protective bezel to protect the screen from poking fingers and/or rough handling. An LCD monitor can be the longest-lasting part of the computer, if it is taken care of. Important specifications when buying an LCD monitor include the resolution (unlike a CRT, an LCD monitor only has one native resolution, anything else must be adapted inside the monitor, which you want to avoid), contrast ratio (between light and dark pixels, expect 400:1 or better), and response time (how long it takes for a pixel to transition from light to dark—this is the one thing LCDs still can’t compete with CRTs on). Beware of television monitors when you are buying large LCD displays—they often seem like good deals, but the resolutions are usually disappointingly low for computer work. Also, you should try to find a display that has both DVI (digital) and VGA (analog) connectors. Upcoming graphics cards will likely support DVI, so you’ll want it in the future; however, for now you probably need VGA support. LCDs are more environmentally friendly because they last longer, use far less power, and contain fewer toxic chemicals Don’t buy a mouse with a ball in it (i.e. an “optomechanical” mouse). They break down pretty fast and often the encoders will slip causing the mouse cursor to feel “sticky” when you try to move it. Completely “optical” mice (the ones with the LED glow and no moving parts underneath) are much better and will last several times longer. Keyboards are a complicated and personal issue. My own preference is for a conventional, rectilinear, QWERTY design with “click” keys that provide good feedback and are hard to press accidentally. I also like “spillproof” keyboards that have a synthetic rubber membrane inside to protect the electronics. Your own

What you need

Issue 21 needs may be different however, and the important message here is to pick one you’ll like, because you’ll be using it a lot.

CPU speed is not so important Frankly CPUs are fast enough. There are very few desktop tasks today for which a fast CPU will make any noticeable difference in performance. This is even more true of GNU/Linux/X11 systems than for others, because the GUIs are more efficiently written. You are much more likely to be limited by memory, disk I/O, graphics card, and even limits on bus speeds. On the other hand, because of multi-tasking requirements, there are situations in which multiple processors or multi-core processors will provide a noticeable improvement. Linux will take advantage of multiple processors if you enable “Symmetric Multi Processor” (SMP) support in the kernel. Unless you’re planning on doing scientific supercomputing on your desktop, I wouldn’t make the latest and greatest CPU a priority Unless you’re planning on doing scientific supercomputing on your desktop, I wouldn’t make the latest and greatest CPU a priority. You’ll find that prices drop off sharply as you fall away from the highest state-of-the-art CPUs, so back off and find a price/performance point you’re comfortable with rather than “as much as you can afford”—no matter what the ads tell you!

Example System: “Godai” What’s the cheapest system we can reasonably build? This is a setup ideal for the starving student, with parts mostly taken from a surplus reseller (most of the parts are pulls from machines taken off of corporate leases). While this system certainly won’t win any medals for performance, it’s powerful enough to do most of the tasks you really need a computer for: internet use, office work, graphics, and many other things a student might need it for.

Starving student system, made mostly from surplus or used parts. Based on 733MHz Intel Celeron processor. This system does have some DRI 3D acceleration and ALSA sound using the video and sound systems on the motherboard. Key Function 1 Motherboard CPU 2 RAM 3 Hard Drive 4 Optical Drive 5 Flash Reader

Description (and Quantity) Gigabyte GA-6WMMC7 (MB+CPU Bundle) Intel Pentium 3 Celeron 733MHz (in MB+CPU Bundle) 256MB PC-133 168 Pin SDRAM Module (?) 30GB IDE Hard Drive (pull) Samsung Black 48X IDE CD-ROM Drive 3.5 Inch Drive Bay USB Flash Media Reader

Don’t skimp on the interface!

Cost Vendor[a] Notes 34.99 PCL [b] 35.98 PCL 21.99 PCL 4.99 PCL 9.99 PCL

[c]

Issue 21 6 7 8 9

Case Monitor Keyboard Mouse

CSBW801PA ATX Case w/ 350 Watt Pwr Sply HP vp17 17″ 1280_1024 LCD Dell QuietKey Keyboard PS/2 - Used (Beige) OP-03-BK Optical Mouse - Black and Silver TOTAL (US$):

24.99 PCL 198.72 WM 2.79 PCL 5.99 PCL 336.70

[d] [d]

[e]

Components

Notes: [a]Vendor key is at end of article. [b]Use ALSA intel8x0 sound driver and Intel i810 DRI support. [c]CD-ROM only. There are also DVD-RW drives available from the same supplier for a higher cost. [d]Large, heavy, inexpensive components may be more economical to purchase locally due to shipping expenses (as much as US$25 for a case like this). Note that the monitor accounts for nearly 2/3rds of the system cost—it may be possible to scrounge a monitor locally for half this cost. [e]Retail cost of parts at time of writing, without considering shipping, handling, or tax (see also [d]). Some minor components like cables may also have to be purchased (though some are included).

Memory is important For GNU/Linux users with KDE or Gnome, you are likely to run a lot of processes simultaneously—because you can. Each process takes up space in memory, though, so you have to plan for that: get as much RAM as you can reasonably afford, or at least make sure there is room for it when you select a motherboard. Shop for memory after you pick a motherboard: RAM comes in a variety of form factors, and your motherboard will probably only support one of them. Furthermore, there is little point in buying RAM rated faster than the buses on your motherboard can handle. If you are strapped for cash, buy less RAM now, but leave room to upgrade.

Keep it cool You’re going to spend some money on computer components. So don’t put them in a cheap case or use cheap fans that will fry them all and destroy your investment! This has become more difficult over the years because newer computers generate more heat. Modern CPUs generate as much or more heat than an incandescent light bulb… A cooling failure will result in rapid self-destruction. You’re going to spend some money on computer components. So don’t put them in a cheap case or use cheap fans that will fry them all So, don’t try to reuse a case from five or ten years ago—not unless the CPU is also that old. Buy a new “thermally advantaged” case and new heatsinks and fans to keep the system cool (liquid cooling is a better, but much more expensive, option).

The tough stuff When buying for GNU/Linux and 100% free software (no non-free drivers!), you will find that there are four particularly sticky parts to the task (in roughly decreasing order of difficulty in 2007): • 3D-accelerated graphics cards

The tough stuff

Issue 21 • CD/DVD drives • Sound cards • Printers Because these elements will most constrain your system, you should pick them, and then choose other elements to work with them (fortunately this is usually not hard).

Graphics In 2007, finding a 3D-accelerated (OpenGL) graphics card that is fully supported by free software drivers is a nightmare. The marketplace has become dominated by two main players: ATI and nVidia. Neither wants to share their specifications and detailed register information with free software driver developers. The stated rationale is that this information will somehow tip-off their competitors (i.e. each other) to trade secrets in their designs. Scuttlebutt suggests that the real concern is discovery of patent violations. Finding a 3D-accelerated (OpenGL) graphics card that is fully supported by free software drivers is a nightmare The situation has become so bad that there is now an Open Graphics project being developed in the community to build an Open Hardware replacement for such cards. This is not yet ready for consumers, though, so in the meantime, we have to cope. Another future possibility is better support for new ATI cards, which the company has promised to open up further for developers (though we are still waiting for the 3D documentation). Free software drivers for later ATI cards do exist, but are still incomplete. NVidia, on the other hand, has shown no such openness, and I recommend boycotting them entirely as a result.

Figure 2: Six graphics cards I found while working on this article: 1) An original ATI 9250 card, still sold new from a retailer, although ATI describes this card as discontinued. 2) A newer ATI 9250 chipset card from Diamond Multimedia. Note the DVI port. Both of these are PCI cards, fortunately. The others are from a surplus and used parts vendor: 3) ATI Rage XL. I had trouble finding exact information, but it appears to be too early for good DRI support. 4) ATI Rage II, an even earlier card, probably no good except as a framebuffer. 5) The Matrox G450 does have DRI support and provides dual-head support if you need it—a very good deal at $14.99. 6) a grab bag 2MB SVGA card pulled from used equipment, sold from the same supplier for $6.99. If you don’t care about 3D acceleration, a card like this is probably just fine. However, for the examples I worked out, the video support on the motherboard was at least as good as what these cards would provide. The last cards that had more or less complete OpenGL support (because design data was still available), were the ATI Radeon 9200/9250 cards (the same drivers work for both). These are fully supported by the “radeon” driver for the Direct Rendering Interface (DRI) system which provides 3D support under X11. As far as I know, this is the best fully-free-software-supported card available at this time. These can still be purchased new from a few suppliers online, but you will have to look hard. Be sure to take note of whether cards are designed for AGP or PCI buses—AGP is being slowly phased out, but was still the most common graphics bus when the Radeon 9200s were first marketed. Both variants can be found, but you may have to consider this when finding a motherboard.

Graphics

Issue 21 There are also some older cards which you may be able to find as surplus or used parts for somewhat less money, though they will no doubt be somewhat slower or less full-featured. For many purposes, however, they will be entirely adequate. Also, it should be noted that 3D acceleration is essential only for certain kinds of applications: 3D modelling, Computer Aided Design, and 3D games are the main uses. There are also 3D extensions to desktop managers available today, but it’s not a big hardship to do without them—for many computers I would consider just using an ordinary framebuffer card (and just about any “SVGA” card will do for that. Some motherboards will even include a suitable graphics subsystem onboard).

CD/DVD drives With optical drives, the problem is not nominal support, but rather stability. Almost any ATAPI IDE or SATA CD/DVD drive will “work” with Linux drivers, in the sense that the driver will recognize the drive and read disks. However, in my experience, Linux drivers are not very robust with some drives. This is most likely due to electromechanical and/or firmware problems inside cheaply-made optical drives. It’s possible that the manufacturer has attempted to compensate for these deficiencies by providing Windows drivers that work around them—but you won’t get the benefit of that effort. DVD technology intrinsically pushes the hardware very, very far in terms of accuracy and speed, so only very well-machined drives will work perfectly. And when they don’t work perfectly, the firmware has to compensate by recovering from errors. Add to this Digital Rights Management (DRM) and region-coding schemes, and there’s no doubt that DVD firmware is extraordinarily complex and finicky. DVD technology intrinsically pushes the hardware very, very far in terms of accuracy and speed The free software drivers have to operate correctly on top of this rather shaky “Defective By Design” foundation, and so they are not as stable as we would like. Perhaps someone will start an Open Hardware project to fix this, but in 2007, the best we can do is to buy drives that have very good reputations for stability and error-free operation. I recommend frequenting community sites to find drive reviews and recommendations from serious users. Until fairly recently, there was a lot of respect for Plextor as a manufacturer, but recent changes have caused them to withdraw from manufacturing for the consumer market. Therefore, many of their new drives are apparently “rebadged” versions of other company’s products. So in recent times, the top performances have been seen in specific Pioneer or Samsung drives. This rebadging example is important! Don’t pick DVD drives by brand, but by model. Make sure you’re getting exactly the same drive as was reviewed.

Example System: “Shinobu” A modest, but very capable machine, useful for a wide range of computing tasks, from entertainment to software development. For this machine, I’ve chosen Intel components as an example. No sound card is needed because the Intel chipset on the motherboard includes ALSA-supported audio, and the speakers are included in the monitor. This system employs some quiet cooling fan technologies for reduced noise. It may be desirable to replace the case fans in the Lian Li case in order to keep the system as quiet as possible.

CD/DVD drives

Issue 21

An unassuming, but very capable system based on a Intel Core 2 Duo processor, with 1 GB of RAM, and 500 GB of disk storage. Standard keyboard and mouse for typical office and home use. Key 1 2 3 4 5 6 7 8 9 10 11 12 13

Function Motherboard CPU RAM Video Card Power Supply Hard Drive Optical Drive Flash Reader Cooling Case Monitor Keyboard Mouse

Description (and Quantity) ASUS P5B LGA 775 Intel P965 Express ATX Intel MB Intel Core 2 Duo E4400 Allendale 2.0GHz 2M L2 Cache Crucial Ballistix 1GB (2 x 512MB) 240-Pin DDR2 800 ATI Radeon 9250 Antec Earthwatts EA380 ATX12V v2.0 380W (Quiet) WD Caviar SE WD5000AAJS 500GB 7200 RPM 8MB SATA Pioneer DVR-112D CD/DVD+-R/RW DL 3.5 Inch Drive Bay USB Flash Media Reader ZALMAN CNPS9500 AT 2 Ball CPU Cooling Fan/Heatsink Lian Li PC-7A Plus Aluminum Case ViewSonic VG2030wm 20” 1680?050 LCD (with Speakers) Kensington Keyboard For Life White OP-03 Optical Mouse TOTAL (US$):

Cost Vendor[a] 109.99 NE 133.99 NE 55.99 NE 64.99 NE 59.99 NE 99.99 NE 29.99 NE 9.99 PCL 47.99 NE 99.99 NE 259.99 CDW 17.99 CDW 5.99 PCL 996.87

Notes [b] [c] [d]

[e]

Components

Notes: [a]Vendor key is at end of article. [b]For sound, use hda-intel driver from ALSA v1.0.15rc3 or later. [c]Be sure to use a kernel with Symmetric Multiprocessor Support (SMP) enabled, in order to take advantage of the dual-core CPU. [d]For 3D accelerated graphics, use the radeon/r200_dri.so DRI driver. The Radeon 9250 is based on the R280/M9+ chipset. According to the ATI/AMD website this chipset is discontinued, but there are still quite a few available. [e]A past CD Freaks Editor’s Choice drive, which is why I selected it.

Sound Sound used to be really, really difficult. There was some support via an industry-backed Open Sound System (OSS), but it was a bit spotty and not the best system from an engineering perspective. Later the Advanced Linux Sound Architecture (ALSA) provided much more robust sound support for Linux, and is now usually

Notes:

Issue 21 incorporated into the 2.6 kernels. Unlike the duopoly in the video card industry, there is still healthy competition among sound suppliers. Creative Labs remains the “big fish” and has a bit of an attitude about releasing card specifications to developers, but quite a few of the specs have nevertheless been published. Other companies are quite open, and I even found one (StarTech, see Figure 3) that provides free software drivers for their cards, although these are written for OSS (however, to be fair, this is now the community’s problem—the company has done what we ask by releasing drivers and specs). Many motherboards today include a sound system that will be supported by ALSA, so you may not need an extension card at all.

Printers Printers used to be very hard. It used to be that you either picked a printer with Postscript in the firmware or used an Hewlett-Packard printer with PCL with Ghostscript. However, Ghostscript has matured; printer manufacturers have become more open; firmware has gotten cheaper; and there is now an industry consortium dedicated to Linux Printing. There are still problems with compatibility, of course, but looking for a compatible printer is now pretty easy. Just go to the Linux Foundation’s Open Printing page and use a search engine there to look up printer make and model numbers in order to get support information. As with DVD drives, be sure to pick printers by model, not by brand. Quality within product lines can be quite variable, even with big name suppliers.

Example System: “Ruri” A fairly practical, high-end machine for creative development and programming work. This machine is based on a Dual Core Opteron CPU from AMD. I’ve had mostly good experiences with AMD chips and some distrust of Intel—-but truthfully, both companies produce good CPUs. This system employs a number of technologies, including liquid cooling, which will make it both very robust and very quiet in operation, which is ideal for entertainment, game, and even home studio use.

Moderately high end system based on a Dual Opteron processor, with 2 GB of RAM, and 500 GB of disk storage. Six-axis 3D controller and digitizer tablet provide fine control for 3D modelling and CAD applications. A gamepad is provided for testing (and playing!) games. Key

Function

Motherboard

CPU

Description (and Quantity) MSI K9VGM-V AM2 VIA K8M890 Micro ATX AMD Dual-Core AMD

Cost

Vendor[a]

Notes

45.99 NE

[b]

279.00 NE

[c]

Sound

Issue 21

RAM

Video Card

Sound Card

Power Supply

Hard Drive

Optical Drive

Flash Reader

Speakers

Cooling

Case

Monitor

Keyboard

Digitizer

3D Controller

Game Controller

Opteron 1220 Santa Ana 2.8GHz A-DATA 4GB(2 x 2GB) 240-Pin DDR2 SDRAM 800 Diamond Stealth S9250PCI256SB Radeon 9250 M-Audio Revolution 7.1 ZALMAN ZM460B-APS ATX12V 460W WD Caviar SE16 WD7500AAKS 750GB 7200 RPM SATA Samsung SH-S203B CD/DVD +-R/RW DL Atech Flash XM-4U 11-in-1 USB 2.0 card reader Cyber Acoustics CA 5001rb 5.1 system Cyber Acoustics CA 2022rb 2 PC speakers Zalman Reserator 1 V2 Fanless Water Cooling System Apevia X-TELSTAR-AL Silver Aluminum ATX Full Tower HP W2408 24â&#x20AC;ł 1920?200 LCD Sunbeam Pro Series Illuminated Silver WACOM Bamboo Fun Medium Silver Tablet 3Dconnexion SpaceNavigator Saitek P990 Dual Analog GamePad TOTAL (US$):

125.99 NE

69.29 PCC

[d]

84.99 CDW

[e]

99.99 NE

174.99 NE 33.99 NE

[f]

19.99 NE 69.99 CDW 26.99 CDW 259.99 XO

159.00 NE

544.99 CDW 19.99 XO 199.99 CDW

[g]

63.99 CDW

[h]

19.99 AMZ

[i]

2299.14

Components

Notes: [a] Vendor key is at end of article. [b] This card also has (unaccelerated) video and audio that are somewhat supported under X11 and ALSA, but both have been upgraded in this plan. [c] Be sure to enable Symmetric Multi-Processor (SMP) support in your kernel. This is one of many AMD Dual Core chips that would work with this board, I picked this one because it was well-reviewed by buyers at NewEgg.com, but there may be better or more cost-effective choices.

Printers

Issue 21 [d] For 3D accelerated graphics, use the radeon/r200_dri.so DRI driver. The Radeon 9250 is based on the R280/M9+ chipset. [e] Use the ALSA ice1724 driver for sound support. [f] Past CD Freaks Editor’s Choice, which is why I chose it (this and the Pioneer DVR-112D are pretty much a toss-up based on the reviews). [g] Wacom tablets have excellent Linux/X Windows support through the Linux Wacom project. You will need version 0.7.8 or later to support the Bamboo tablet. [h] Free software support for 3D controllers is somewhat spotty. I found some information on a 3Dconnexion forum, and Simon Budig has contributed a kernel patch for Linux 2.6.20-rc5 which provides a way to access the LED on the device. There is a plugin for Blender from 3Dconnexion, but despite some brave (and frankly, deceptive) talk, it appears to be closed source. It’s a USB-HID device, though so writing support shouldn’t be that difficult, even if it does require some reverse-engineering. [i] Gamepads are supported directly by a number of free software game engine toolkits as “joysticks”, even though relatively few free software games make good use of them.

How to buy The actual process of buying is probably going to be different than for buying systems for use with Windows, where the manufacturers take on the burden of checking compatibility for you and retailers are sure to communicate it to you. For free software you’ll have to do a little of your own homework simultaneously with purchasing, and that necessitates a different shopping strategy.

Multi-windowed web purchasing When you go into a computer store, most products—even ones that support GNU/Linux—will be covered with prominent labels indicating that they “require” Windows or sometimes Macintosh operating systems. What these really are are guarantees from the manufacturer about what software they expect their hardware to work with. It’s very, very rare to find labels like that for GNU/Linux support.

Figure 3: Buyer beware! You can’t trust the requirements labelling on vendor sites, even online. Of these sound cards, the Audigy and Diamond LS71 cards have ALSA drivers, while the StarTech card comes with a manufacturer-provided open source OSS driver. Only the StarTech card actually claims Linux support. For the examples in this article, however, the motherboards provided ALSA-compatible sound support better than what the StarTech board would provide. Several AOpen cards are covered by ALSA, but apparently not this one. The other card may be using a supported chipset, but I didn’t dig far enough to find out. There are two reasons for this: one is that free software users are still a very small minority of their customers and the other is that free software drivers are provided by community developers who can’t generally offer

How to buy

Issue 21 them the kind of certifications and money-back guarantees that proprietary companies can. Free software is almost always offered “as-is”, so it’s hard for the company to turn around and make promises to the customers. Thus, even if they are fully supported under Linux, they are unlikely to print this information on their packages. The most reliable method is to get information directly from the supporting developer groups So you need another way to find out. The most reliable method is to get that information directly from the supporting developer groups. This is hard to do when wandering around a retail department store, so I recommend you stick to online purchasing, where this is much easier.

Figure 4: Buying online allows you to offset the labeling advantage of well-positioned proprietary suppliers by going direct to the developer communities that support the hardware while you shop. With a tabbed browser, or just with multiple windows, you can keep one or more vendor online catalogs and multiple community support sites at your fingertips, for rapid comparison of product, price, and free software support. Find some good suppliers online (I’ve listed several at the end of this article), and open a tab on to each catalog. Then open another set of tabs up onto the support pages for the hardware drivers you’re going to need to use (which I’ve also provided). For audio and video, that’s probably going to include the ALSA project, X.org, and the DRI driver system (which provides accelerated 3D support for X Windows).

Buy heavy, cheap, and generic stuff locally The major exception to this rule is when you are buying the bulkier parts of the computer, such as the case (or chassis), power supply, and monitor. Compatibility isn’t an issue with these parts, and if you have to get them mailed to you, the shipping can be expensive. If you really want that snazzy case you’ve found online, that’s fine, of course, but you’ll probably pay US$20 or more to get it shipped to you. For a $200 case that’s only 10%, which is a pretty good estimate for anything you have to get shipped, but for a cheap $15 surplus case, it’s more than 100%! You’d get a better case for less money by paying $30 locally.

Multi-windowed web purchasing

Issue 21

Figure 5: Some websites will do a certain amount of comparison shopping for you. Examples: Price Grabber, Biz Rate, Price Bat (Canada), NexTag, My Shopping (Australia). To keep things simpler for this article, I didn’t make much use of these, because I wanted to use just a few suppliers, but they can be useful for sourcing hard-to-find items or finding good deals on expensive ones. When you must buy peripherals in person, look for products which work on both Windows and Macintosh computers. Even though the manufacturer only lists two operating systems, these two are different enough that supporting both of them usually means that they will work with others, including free software operating systems. Also, bear in mind that modern Macintosh computers use Unix-derived operating systems, so they are more similar to GNU/Linux than to Windows. Thus Macintosh support is often a good (but not foolproof) sign.

Example System: “Kusanagi” Now, what if cost were no object? This is a bleeding edge machine, and not everything is fully supported yet—-that’s part of the fun! Applications include 3D modeling, CAD, digital arts, home studio, games, and multimedia software development. While I doubt many people would seriously want to build this machine, you might consider whether elements of it have a place in a slightly more modest computer.

High end home workstation system, “Kusanagi”, based on twin Quad Opteron processors, with 8 GB of RAM, 1 TB of disk storage, with top-of-the line input and output devices. 1 2 3 4

Motherboard CPU RAM Video Card

TYAN S3970G2NR-E “Tomcat h1000E” Quad Core AMD Opteron 2347 Barcelona 1.9GHz (?) A-DATA 4GB(2 x 2GB) 240-Pin DDR2 SDRAM 800 (?) Open Graphics OGD1 Development Card (FPGA)

299.99 NE -759.98 NE 251.98 NE 1500.00 TT

[b] [c] [d]

Buy heavy, cheap, and generic stuff locally

Issue 21 5 6 7 8 9 10

Sound Card Power Supply Hard Drive DVD Flash Reader Speakers

M-Audio Delta 1010LT PCI Virtual Studio Zalman ZM500-HP WD Caviar GP WD10EACS 1TB 5400-7200 RPM SATA Plextor PX-B900A/SW-BL Blu-Ray/DVD/CD writer Atech Flash XM-4U 11-in-1 USB 2.0 card reader Cyber Acoustics CA 5001rb 5.1 system Cyber Acoustics CA 2022rb 2 PC speakers 11 Cooling Zalman Reserator 2 Liquid Cooling System 12 Case Clear Computer Case “Clear Ice” Full Tower 13 Monitor Apple Cinema 30″ 2560_1600 LCD 14 Keyboard Optimus Maximus keyboard 15 Digitizer Wacom Intuos3 12x19 Graphics Tablet 16 3D Controller 3Dconnexion SpaceExplorer TOTAL (US$): Components

174.99 CDW 134.95 EPN 279.99 NE 1001.99 CDW 19.99 NE 69.99 CDW 26.99 CDW 299.99 NE 245.81 C3 1799.00 CDW 1564.37 ALS 669.00 CDW 259.99 CDW 9359.00

[e]

[f] [g]

[h] [i] [j]

Notes: [a] Vendor key is at end of article. [b] This motherboard has video and audio chipsets that are supported for basic functionality, which provides some fallback if needed. [c] Be sure to enable Symmetric Multi Processor support in your kernel. [d] The OGD1 is really an FPGA development board which is designed for graphics system development. The current implementation of the Open Graphics Architecture provides only a framebuffer, but this will presumably improve over the next year or so now that the development boards are available. Having one would allow you to keep your system up-to-date with the latest improvements as they are made, and contribute to testing the new Open Hardware 3D graphics system. Another choice would be to use one of the later ATI cards which are supposed to have their specifications released to developers soon, but OGD1 is the clearer choice for freedom in the long run. [e] There is also a rack-mounted version that may be more appropriate for studio use. Use either with the ALSA ice1712 driver. [f] Yes! Blu-Ray is supported by dvd+rw-tools. I know the Free Software Foundation has said some very bad things about Blu-Ray, but they are talking about the DRM-laden movie standard based on top of it, not the storage medium itself, which holds up to 50GB of data per disk. [g] Too cheap? Probably. For such a high-end system though, you’d probably connect directly to an existing studio sound system, so computer speakers as such wouldn’t be called for. [h] The Optimus Maximus keyboard has a user-configurable 48?8 organic LED screen on every key, so that the key caps can be downloaded onto the keyboard dynamically, making it easier to use software with extensive keybindings as well as type naturally in multiple character sets. The configuration software is not currently available for Linux, though a future version is planned (probably closed source). However, since the board’s key images are apparently loaded via a USB mass storage interface, writing free software applications to configure it should not be difficult. [i] Wacom tablets have excellent Linux/X Windows support through the Linux Wacom project. The Intuos3 has been supported for some time now. [j] See “Ruri”, note [h].

Notes:

Issue 21

Caveat emptor Building your own system from components seems very consistent with using free software to me. In both cases, you, the user, are taking both control and responsibility over your own system. The control is nice, but you do have to be willing to accept the responsibility—things may not work perfectly on the first try. Sometimes you’ll find that you bought the wrong part or have to return a defective one. That’s a normal part of system integration, and you can’t let it get you down. You, the user, are taking both control and responsibility over your own system I’ve worked out four examples for this article, which represent very different choices in building 100% free software compatible GNU/Linux systems. I have not purchased these components or tested integrating them, so I can’t promise you that they will work together as I suggest—I’m just trying to give you practical examples. You are likely to encounter problems I haven’t thought of, but hopefully no show-stoppers. Commercial integrators have to go through this same process. Their only advantage is that once they’ve done it for a particular model of computer, they’ll probably sell thousands just like it. But I find that even for one computer, this process is well worth it in order to have a system designed for free software from the component level. This will really pay off when you use it!

Sources Here is the key to the vendors I consulted for the examples in this article: ALS Art Lebedev Studio Traversal TT Technology XO Xoxide EPN End PC Noise Clear Computer C3 Case MC Micro Center Computer Discount CDW Warehouse

High concept industrial design studio in Russia. Company associated with the Open Graphics Project. Computer supplies for gaming and case modifications. Quiet and silent computing supplies. Acrylic transparent computer cases. Large consumer computer store. Computer store focused on small business needs. Good catalog search engine.

Technology store with large computer selection and a very good catalog search engine. Limited selection online site associated with brick-and-mortar specialty stores in PCC PC Club the Western US. Usually has some good deals. A long-running computer used and surplus dealer located in Los Angeles, PCL PC Liquidator California. Amazon (more than Amazon is known for books, but they carry a wide range of products now, AMZ books!) including computer and technology products. Walmart is a surprisingly good place to buy computer equipment. The WM WalMart (online) brick-and-mortar stores are often stocked with basic computer supplies that specialty shops don’t bother with. Vendor Key NE

New Egg.com

Community Resources Here are the community resources I relied on for information about hardware compatibility and the current status of drivers:

Caveat emptor

Issue 21

Video Cards X Windows: Basic information about free video drivers (not really an issue, just about any SVGA will work as a framebuffer). Direct Rendering Interface: Information about Direct Rendering Interface (3D support). This currently the most difficult sourcing problem, so this site is very important.

Printing & Printers Linux Foundation / Open Printing: A well-organized hub for printing information. LF / Open Printing: A search engine for printer compatibility information.

Sound Cards Advanced Linux Sound Architecture: Home of Advanced Linux Sound Architecture. This is now the main sound system for Linux, and is integrated into the 2.6 kernel. ALSA Card Support Matrix: Now a wiki site, this provides information on ALSA support for sound cards by vendor or driver. Open Sound System: A list of chipset supported by the Open Sound System (an older framework for soundcard support which has mostly been replaced by ALSAâ&#x20AC;&#x201D;-but a few cards still require OSS drivers.

CD/DVD Media & Drives CD Freaks: A community site for users of optical disk technologies. Its Editorâ&#x20AC;&#x2122;s Choice label may help to find a good drive.

Digitizer Tablets Gentoo Howto on Wacom Tablets Linux Wacom Project: Project to support all of the Wacom digitizer tablets on Linux and X11.

General Wikipedia: Wikipedia has very good coverage of technical subjects like computer hardware. Linux Drivers: Linux Drivers is a great starting place. It includes links to most of the above sites, and more. Phoronix: Information on Linux and Solaris hardware, including audio and video reviews.

Copyright information This article may be reprinted under the terms of the Creative Commons Attribution-ShareAlike license, version 3.0., with the attribution: "Terry Hancock, Originally published in Free Software Magazine". Except as noted, the illustrations are by the author, based on fair use of images from advertising materials.

Video Cards

Issue 21 Source URL: http://www.freesoftwaremagazine.com/articles/purchasing_hardware_for_free_software

General

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Free software is cheaper: case study while creating a podcast When software cost really makes a difference By Steven Goodwin PUBLISHED: 2008-02-04 I have a podcast—The Beer Crate, since you asked—which is written and produced using free software, and released under the CC by-nc-nd license. It’s a fun little hobby that keeps me off the street, and gives me an excuse to drink and review beer. But had free software not existed, how much would it cost to produce and host a show using proprietary software? I set out to investigate…

Introduction For many, a podcast features one or more performers sat behind a microphone, and talking wistfully about some random topic of the day. But to achieve any degree of professionalism there’s a lot more to it than that. Assuming you have the hardware at your disposal, e.g. microphone, PC, broadband, and hosting server, there’s still a script to write, a theme tune to source, a web site to design, and editing to be done on all those constituent bits. All of a sudden, it doesn’t seem so simple. To compute the effective cost of my podcast I’m going to consider the pricing of two alternate, non-free, offerings. One will be a budget solution, and the other will use the standard proprietary software you’d expect as part of traditional employment.

What about shareware and freeware? Freeware and shareware have not been considered since they’ve fallen into disuse of late since the current fighting ground is between free and proprietary software. This is something with which Microsoft have unwittingly helped us—by comparing themselves continually against free software, they’ve ignored all the possibly solutions that involve freeware or shareware. Consequently, so has everyone else. It’s now a two horse race. Two offerings might seem limited. However, the cost of evaluating all the possible solutions is more expensive than simply paying for a basic proprietary package. Also, when costing applications, software upgrades are only considered when it’s reasonable to expect an end user owning a previous version, from which an upgrade is possible.

The Script Before I begin recording, I always write a script for the forthcoming episode. Sure, I improvise when in front of the microphone, and add new things as they occur to me, but for the most part I work from the written word. These words are created in a text editor—usually vi. Sometimes it’ll be in OpenOffice, or sent as an email to myself using Thunderbird, and occasionally stored on my private ‘TODO’ wiki—but the script is still generally written in vi. If I am to remain true to my word of using equivalent proprietary software, I can’t use anything that is free—which includes the tools of GNU/Linux, such as vi. So instead, I must purchase a word processor. Sure, I could use notepad… but it’d drive me insane before I’d finished detailing the list of beer

The Script

Issue 21 festivals. And don’t even ask me about my handwriting! I could use notepad… but it’d drive me insane A quick search provides a sensibly-priced budget word processor called Jarte, which costs $29. I’ve never used it, but it’s certainly cheaper than the so-called industry standard of Microsoft Word, clocking in at $150. This is not a cheap start.

The Music I like music. A lot. So it seemed only right to have a theme tune for “The Beer Crate”, along with some audio stings to separate the various segments. In a proprietary world I’d have to buy some royalty-free music. This is when you pay for the right to use the music, without having to pay on royalty each time it’s used. There are several sites on the Internet that will provide this—for a fee. To budget effectively, you need to know what you’re budgeting for. My podcast has four main sections: weekly news, articles, “quick tastings”, and “try before you die”. Ideally I’d like music between each section, plus and intro and outro, making five pieces in total. Fortunately, when music such as this is purchased you often get a theme supplied in 29 and 59 second versions for the same money. Or at least, very little extra money. Additionally, I’d like two stings: one to audibly separate the two articles, and another to be placed between each of the beer reviews in “quick tastings”. So to recap, three pieces of music, a theme, and two stings.

Royalty-Free Knowing that paying a composer would be prohibitively expensive (start with a four figure sum and work upwards), royalty-free music can be purchased from any number of sites. Royalty Free Music, for example, charge $99 for a CD of music, regardless of the number of tracks you use, so with luck I could find everything I wanted on a single disc. In reality, I’d probably need two, but let’s keep optimistic. I didn’t see any disc with short stings though, so I’ll need to buy those separately. An alternative is OPuzz which will sell you individual samples and music clips. This includes stings for $3 each, and 30 second musical themes for $15. My math skills tell me that 2 stings at $3, and 4 pieces of music, will cost $63. Alas, when I recorded the show’s introduction I found it ran to 60 seconds, so I’d either need to talk faster, or pay an extra $5 for the longer version. Oh, well!

Creative Commons The equivalent of free software for artistic works is Creative Commons. This features a number of licenses, all of them cost free. The important thing to remember is that by incorporating the CC music into a podcast you are creating a derivative version, so anything with -ND is not allowed. I discovered this caveat when working on the open source film Cenobitic and spent far too long looking for suitably licensed music. It is available, but less plentiful. Sites like Creative Commons Search and the Internet Archive have useful search boxes for this. By incorporating Creative Commons-licensed music into a podcast you are creating a derivative version

Public Domain A further alternative is to use public domain material. This might be work that is old and now out of copyright, or that which was released explicitly into the public domain by its author. Sites like the Open Music Archive provide such material. Ultimately, the tracks I liked best were some I wrote and released under the CC many years ago! It might be narcissistic, but at least it’s free.

The Music

Issue 21

Audio Editing This encompasses the recording of my spoken beer-induced words, and the effective mixing of it with the music. The basic sound recording applications would work, but cause too much stress. There are two prominent sound editors available, SoundForge and Adobe Audition (formally Cool Edit Pro). These cost between $59.95 and $349.00, respectively. The former looks like an obvious choice. However, for the full version of SoundForge (currently at 9) you will have to hand over nearly 300 notes. Audio is one of the cases where proprietary software appears to have advantages. My very first episode was edited as multiple clips (for each section of the show) entirely in Audacity, where the manipulation of 200+ MB sound files became very painful on my PC. I’ve used the proprietary versions before and find they’re usually better optimized for handling larger files in smaller memory footprints. So an upgrade would certainly offset the cost of buying more RAM. So while free software might appear to be a non-starter, I had another trick up my proverbial sleeve.

Sox After the pain of editing the whole episode in Audacity I found another solution: Sox. This is a command line wave editing package that comprises of a file converter and mixing tool. The latter was interesting. I still created each section of the show as a separate file, but I then wrote and ran a short script to join the music with the spoken content automatically. This included overlaps and subtle cross-fades, saving the time that would have been spent in the audio editor. Time saved every week, as I now type, ./makeshow ep12

and I get a complete MP3 in the same directory, complete with appropriate ID3 tags (courtesy of id3ed). In adopting this approach I realized I wasn’t comparing like-for-like. The scripting tools I’d developed where not available in cheaper versions of the software. Or at least, I couldn’t be sure that all the bash magic would be replicated in the budget editions. To do the equivalent tasks, I’d therefore need to pay more money for the full “professional” version. But I’ll give them the benefit of the doubt, and believe the entry level software is up to the task. As far as sound manipulation is concerned, I’ll give them the benefit of the doubt and believe the entry level software is up to the task

The Web Site My current site uses Apache on GNU/Linux to serve the web pages, as you’d expect, to my beer-drinking podcast listeners. I even save money by using virtual hosts, so that my single machine can run all of my other projects. But this is an exploration into the cost of activity, so I have to consider buying a web server. IIS and Zeus are the first two that come to mind. But like many pieces of enterprise software, the cost varies according to who you are, and how much they want your business. I couldn’t begin to guess at the cost, but one review clocks the cost of Zeus at $1700 per server. Without Operating System. PC World list the Windows Web Server 2008 as being a better deal at $469. But again, you need to buy an operating system. The cheapest way of doing this is to rent an OS and web server as a hosting package. I used to pay $200 a year for web hosting, database, email, and the like. It’s probably now down to around $60, so I’ll use that in my low-cost budget. I’ll break even in ten years, but which time my beer podcast will be so famous I won’t care about the cost! this is an exploration into the cost of activity Many parts of the web site use dynamic content, such as “quick tastings”, and “drinkers diary” which use an

The Web Site

Issue 21 SQL database to store the beer reviews and beer festivals, respectively. This would normally push up the price of a like-for-like comparisons. But since this is only a convenience, I don’t feel right charging it to the budget. Additionally, the web site uses graphics. I used free clip art, and self-made buttons using the GIMP. And it shows! But it does the job, since what’s important is the beer. But a professional web designer would want PhotoShop to create a logo for “The Beer Crate” and probably some Macromedia tools. A brief Google found these coming in at $235 and $399, respectively. At the low-cost end of the market are the sites that build your web page for free, and/or provide templates. The latter require some degree of technical knowledge because you must deploy them yourself, and the former comes with advertising because it’s hosted on their server. Because I want The Beer Crate to provide unbiased beer reviews, I can’t afford to have someone placing advertisements on my page, over which I have no control. So this option isn’t possible.

Conclusion So, if I assume that you’ve bought a PC with an OEM version of Windows (which most people of my generation have) you can save the $199 cost of Vista Home Basic. And the $99 for an upgrade. The balance sheet looks like this: Task Writing a script Music

Budget Jarte

($)

Standard

($)

Free Software

($)

29 Microsoft Word

150 VI/OpenOffice

68 royaltyfreemusic.com

60 Adobe Audition

349 Audacity and Sox

60 MS Web Server + OS (approx) 600 LAMP GIMP/Clip art/CC Web Design Free Template 0 Photoshop+Flash (eg) 634 art Total: 217 Total: 1832 Total: Cost of “The Beer Crate” with proprietary software

opuzz.com Sound Forge Audio Audio Editing Studio Web Hosting A Random Hosting Co.

Creative Commons

0 0

Can you hear me spluttering yet? That’s between $217 and $1,832 to create a 15 minute weekly podcast! Furthermore, on a couple of occasions, I’ve needed to check-up on the podcast to make sure I didn’t say something I thought I did. In these cases I’ve often been at work. So, I take a ten minute break and download the file. I then edit it with Audacity, review the script, and re-encode it before uploading it back to the server. Had I not used free software, I’d need another license for the sample editor on my work machine. I just thought I’d mention it… That’s between $217 and $1,832 to create a 15 minute weekly podcast!

Conclusion So with this level of cost, is it any wonder Microsoft feel compelled to bundle so much software for free with their operating system? And is it any wonder I use free software rather than proprietary applications?

Biography Steven Goodwin (/user/39" title="View user profile.): When builders go down to the pub they talk about football. Presumably therefore, when footballers go down to the pub they talk about builders! When Steven Goodwin goes down the pub he doesnâ’ t talk about football. Or builders. He talks about computers. Constantly... He is also known as the angry man of open source. Steven Goodwin (http://www.bluedust.com/blog/) a blog that no one reads that, and a beer podcast

100

Conclusion

Issue 21 (http://www.thebeercrate.com) that no one listens to :)

Conclusion

101

Issue 21

102

Conclusion

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Google extensions in Firefox Playing with Gmail Notifier, Better Gmail, FireGPG, Get Things Done, Better GCal, Remember The Milk, GSpace, FEBE, Cleo, Zotero, Customize Google... By Gary Richmond PUBLISHED: 2008-01-30 I want to take a detailed look at turbo-charging the Firefox browser with an elite selection of Google utilities. Firefox has its critics and its failings, but it has now been downloaded in excess of 400 million times: and as they say “what flies eat, they can’t all be wrong!” Firefox is pretty good out of the box, but everyone knows that the functionality of Firefox is extended massively by the simple addition of extensions, security issues nothwithstanding. In this article I will talk about how to extend Firefox so that it plays better with Google. My selection of those Google utilities enabled via extensions is of course an entirely personal one, chosen on the basis of my own needs and preferences whilst browsing. My choice? Gmail, GSpace, Better Gmail, Better Gcal, Customise Google, Gmail Notifier, Minimap Sidebar. Phew, that should be enough to be going on with!

A Google disclaimer When Google start talking messianically about what they call their 300 year mission they start to sound like a cross between James T Kirk and John the Baptist and I start to worry that the “don’t be evil” mantra has morphed into the evil empire of Microsoft. When they start talking about linking everyone to everyone and everything else, I can see Richard Stallman scratching his Carpal Tunnel Syndrome. I start to have hallucinations that Google will extend it’s reach to extensions called Google Murder, Google Blackmail and Google Torture. Larry Page and Sergy Brin may not be Steve Ballmer and Bill Gates, the Ronnie and Reggie Kray of the computer world, (a right pair of diamond geezers and no bleeding mistake) but a spat with Ebay, the Great Firewall of China and general concerns about personal security when using Google utilities has somewhat tarnished our view of the great search-engine Behemoth. Yet, at least Google has been relatively GNU/Linux friendly. Think Picasa and Google Earth for starters and their sponsoring of the Summer of Code too. Doubtless, they have their commmercial reasons too but at least they have not entered into a duplicitous unanimity with Microsoft on patents—but they are pretty secretive. However, this didn’t stop me from testing these Firefox extensions.

A note on installing extensions In this article, I will cover several extensions. In case you are new to extensions, there are three ways to install them: 1. simply click on the install now icon and everything will run automatically

A note on installing extensions

103

Issue 21 2. right click on the icon, choose save link as from the menu and save the extension to a folder of choice. Then, click on the File drop-down menu and select Open File, navigate to the xpi file extension and install. (I’ll bet not too many of you will be taking that circuitous route!) 3. drag and drop the xpi file onto a running Firefox and it will do its business. In this article I will provide direct links to the extensions from the official repositories, and a link to the project’s home page when available. Keep in mind that downloading and installing extensions from the official secure website at Mozilla will minimise the possibility of a man-in-the-middle attack.

Gmail and associated stuff I came late—very late—to Google Mail (Gmail hereafter) but then, I’ve never been a fashion icon. Cruel necessity, as Oliver Cromwell would have said. Its likely that most people reading this are already using Gmail, but on the off chance that you are not, you can point your browser to the official site and sign up for the service. Since its inception, GMail’s feature set has blossomed. When I signed up for Google Mail and installed the Firefox extension I was given approximately 2.9GBs of storage space which I considered to be more than enough for my purposes. The good news, especially for those looking for really significant capacity, is that up to 6GBs will be available by January 2008. That link will show you your storage space increasing dynamically in real time as part of what Google call their “Infinity+1” storage plan. You would have to be e-mailing on a Byzantine scale to exhaust that kind of capacity, though Google’s offering is far from the largest on offer. It is worth pointing out that you will have access to e-mail attachments up to 20MBs and that will be a more useful feature (your broadband capacity nothwithstanding). A nice feature is that those attachments will be (sent or received) automatically scanned for viruses too. Storage space aside, Gmail gives you obvious portability across various computers and anywhere across the globe where you have access to a machine. The heart of Gmail is features like labels, voicemail, chat and integration with other Google services as calendar, Docs and Reader. I will come back to some of these later. I suppose that Gmail is as good a starting point as any when looking at Firefox extensions, as it will lead into variations on that theme—Gmail Notifier, Better Gmail and FireGPG. So, let’s get down to business.

Gmail Notifier The Gmail Notifier extension is licensed under the GPL and it is compatible with versions of Firefox from 1.5 to 3.0a6 so most users should be covered. It makes sense to install this before Better Gmail as this extension will enable you to get notifications from within your Firefox browser (once you are logged in) and once you have set that up extension you can start to really put Gmail through it paces with Better Gmail. As usual, you will be prompted to restart Firefox to complete the Gmail Notifier installation. Once Firefox has restarted, select the Tools drop-down menu and choose Add-Ons and click on Extensions. Scroll down and locate the extension (they will be in alphabetical order). Select it and click on Preferences and you will get the following options presented for your modification:

104

Gmail and associated stuff

Issue 21 Gmail Notifier preferences The options are largely self explanatory and this screenshot illustrates the defaults. You can set them to what suits you best. Perhaps the most interesting feature is the ability to enable multiple Gmail accounts. As this feature impacts upon another extension in this article, I will save it for later, as I will for the checkbox concerning enabling unsecured connections. By default you will now have a greyed-out icon in the status bar at the bottom of your browser. If you hover your mouse over it it will prompt you to log in. Clicking on it will open a login dialogue box: once login is effected the icon will change colour to red; as long as you are logged in it will remain in that state. Hovering over it now will advise if there are any new messages (the colour will change to blue); there will also be a notification beside the coloured icon of the number of unread e-mails you have. Depending on how you have set your preferences, clicking on the Gmail icon will either open in a new window, in the current tab, a new tab or an new unfocused tab. If you have set Gmail Notifier’s preferences to resetting the notifier counter when the icon is clicked to open an e-mail, it will de-increment each time. Incidentally, just because you are logged into Gmail elsewhere does not mean that you are automatically logged in via Firefox. You will have to log in from within it. Gmail Notifier is an excellent extension but you are probably wondering why you have to open Gmail to actually see what those e-mails are. Wonder no more. The answer to this annoyance is to set up a live bookmark to take advantage of the fact that Firefox bookmarks can integrate RSS feeds. All you need to do is to create a folder in Firefox bookmarks. Select the Bookmarks drop-down menu and click on Manage Bookmarks. Now, select the File drop-down menu and choose New Live Bookmark and a dialogue box will open and you will be prompted for a name, a feed location and a description (optional). Name and description are down to personal preference, but you must follow a strict protocol for the feed title. It must take the following format: https://username:password@gmail.google.com/gmail/feed/atom

The good news is that the connection is SSL secure, but the less happy news is that the username and password are stored in plain text in the bookmark file. Log into Gmail and in the location bar you will see an RSS feed icon. Click on it to add a live bookmark and follow the prompts. Now, whenever Gmail Notifier advises you that you have new mail, just go to your Bookmarks menu and you will see the Gmail/RSS feed live bookmark. Highlighting it will tell you the title(s) of the e-mail(s). Two caveats: first, sometimes the live bookmark and Gmail Notifier will get out of sync in terms of the number of unread e-mails. The solution is simple: just right click on the live bookmark in the Bookmarks menu and select Reload Live Bookmark. Second, the feed will not download if there is no new e-mail in the inbox.

A Better Gmail: a better moustrap The thing I love about open source hackers is that they just cannot leaves things alone. They have an irresistible urge to tinker and improve and Firefox is an Aladdin’s cave for such people. The Greasmonkey scripts are well known to devotees of the little fox. Wikipedia has an excellent article on it. Cleverer people than me (I assume that’s most) have bundled together those scripts and produced a greyhound of an extension in Better Gmail (you can also visit Better GMail’s home page which adds some serious power features to Gmail as the options below illustrate: If Pilchards are Sardines on steroids, then Better Gmail is a Barracuda of a fish. It also comes with a bonus: the formal approval of Tim O’Reilly.

A Better Gmail: a better moustrap

105

Issue 21

Better Mail tabbed options In the General tab you have the opportunity to check boxes for the following options: to have a secure, encrypted connection for Gmail, integrate Google Reader and add a nice little feature to show disk usage as a progress bar. The Compose tabs’ most interesting check box is Attachment Reminder. This prompts you to attach a file to Gmail in case you forget, where there is a reference to it in the subject of the Gmail. If this feature has been enabled, when you click on send Gmail will prompt you that you have not attached the file(s), with the option to cancel and attach before sending again, or send it anyway. It won’t win an award, but it is a nice little feature and even better when the attachment reference was in the main text as well or instead of the e-mail title. The Messages tab gives you access to several really useful features: Conversation Preview is, I think, one of the best. Once enabled, you will be be able to right click on any e-mail and view its contents without actually opening it in the normal fashion. Additionally, you have options from within this feature to archive or trash the item. It’s neat. Attachment Icons looks trite but in fact it could be a boon for the uber-security conscious as it replaces the anonymous paperclip icon which might harbour all manner of unspeakable beastliness. I tried out this one with a PDF attachment and it did the business. (The only downside is that, because Gmail is a web-based tool, attachments are not on your local hard drive and even after the e-mail had been “downloaded” you will still need to download the attachment before you can view it, which may be cumbersome if it is a large file.) Labels is another useful feature for organising Gmail. Once Better Mail is installed and the Labels option checked, you will find a labels box at the bottom left-hand corner of your Gmail screen. If you click on Edit Labels it will bring up a screen and a dialogue box where you can delete, amend or create new labels to manage your e-mails. Enabling Filter Assistant will render the same functionality as you would expect from a conventional e-mail client like Evolution or Thunderbird either to route desired mail to bespoke folders or to dismiss it as spam or junk. The final significant tab in Better Mail is Sidebar. The two most useful check boxes to activate are Add Google calendar Link and Add Google Reader Link. Once done, these links will be added to Gmail and allow you, if you wish, to access these Google apps from within Gmail itself, without leaving its confines.

Using GMail with IMAP and POP If you click on the Settings link at the top of the page you will see a number of settings. Select Forwarding and POP/IMAP where you will be able to arrange for enabling these two protocols in Gmail:

106

A Better Gmail: a better moustrap

Issue 21

Gmail’s Settings tab for POP and IMAP configuration You can choose either option but in either case you will have a fair amount of configuration in your normal e-mail client. This is beyond the immediate scope of this article, but you can get very detailed instruction and screenshots at the GMail Help Centre. Once you have followed all these instructions, return to the Settings for forwarding and save the changes. You can have your Gmail forwarded to your normal e-mail client without logging into Gmail or download it directly to your e-mail program. This should not be confused with setting up a Mail Fetcher facility in Gmail which allows you to download mail from an e-mail client’s POP server (providing your ISP supports forwarding), whilst retaining the option to leave the message(s) on the server. You can begin the process of setting up Mail Fetcher in the Accounts tab of Settings, second item down. The GMail Help Centre has an explanation and a howto.

A Firefox extension for the person who trusts no one Many Firefox extensions are aimed at users who wouldn’t trust their own mothers to kiss them goodnight. If you are one of them, I have an extension for you which integrates with Gmail and will offer a sound nights’ sleep, safe in the knowledge no one can snoop or pry on anything you send through Google. Most readers will have heard of encryption software called Pretty Good Privacy (PGP) which is used, amongst other things, to encrypt e-mail. It was only a matter of time before someone decided to write an extension for Firefox. That extension is called FireGPG and utilizes the open source GnuPG as developed by the Free Software Foundation and fortunately it supports Gmail. It is not, as of writing, available at the official Mozilla addon site (which would be more secure), but I have had no problems with the above link. However, before you can get it to work in Firefox you first need to install GnuPG on your GNU/Linux box. In many instances this will already be installed. If not, check your software repositories and install it (or get it at the official site). It is a command-line tool (see man gpg) but there are a number of frontends for it, the two main ones being KGpg for KDE and Seahorse for Gnome. Either will generate the key pairs you will require to encrypt and sign e-mails. My fellow contributor, Dmitri Popov, has written a short but excellent howto on this step. Now you can install the extension and its Preferences screen will give you options:

A Firefox extension for the person who trusts no one

107

Issue 21

FireGPG_Preferences The next time you compose a message in Gmail, FireGPG will have added a button called Sign, Crypt and Send which, when clicked, will prompt twice: once for a public key and once for a private key. There will be other buttons too with variations on those options depending on your preferences. (These options will only appear in the compose screen. Doh!) If you trust Google with private keys—and it is a big if—then you now have a secure connection and encrypted mail. Since beginning this article FireGPG has been upgraded (to version 0.4.6) to work with the latest version of Gmail: it creates a button used to add an encrypted file as an attachment.

Why not use a Better-Mailed Gmail to get stuff done? Gmail, Better Mail, encrypted Gmail. Why stop there? Why not extend things further and add some really neat organisational elan to Google in Firefox? I mean the GTD (Getting Things Done) extension, the Better Gcal extension and the Minimap sidebar extension.

GTD: Get Things Done If you are a control freak and simply must be uber-organized, then this Firefox extension is the one for you. Just when you think that any more extensions to Gmail will require local planning permission, along comes GTD to add a slew of additional functionality to an inteface already crammed with features jostling with each other for elbow room. In the words of the official website, GTD represents the the ultimate synergy of management and communication whilst guaranteeing safety and security. Gosh! If you are interested in the philosophy behind GTD, Wired Magazine carried an article on GTD in September. You can use the link above to install this super little extension, but happily GTD is now included in the official Mozilla addon site. Like FireGPG, with Gmail updating to version 2.0, GTD will not work properly with it unless you revert to running Gmail’s older version. Just locate the older version settings at the top right-hand corner of Gmail and click on it and you will see all your configurations for that extensions restored (if, like me, you have already installed GTD). That is the good news, plus the fact that the GTD developers are working on Version 2.0 to make it compatible with Gmail 2.0. In the meantime, the bad news is that if you have selected the older settings for Gmail to restore GTD settings, once you log out and log back in, the newer version of Gmail is back with a vengeance and you are compelled to repeat the settings trick again—and will continue to do so until GTD upgrades; but that is a small price to pay for such a super little extension. Once you have installed this extension, restarted Firefox and logged into Gmail, you will now see that what it does is to expand greatly the functionality of the Labels feature. Labels now appear under various headings: Contexts, Status, Projects and References with the ability to add as many sub-headings as you want. Whilst all the extra (collapsible) labels reside at the bottom left-hand side of Gmail, three other features are added: a GTD link in the last column of each e-mail, a Show GTD Search link at the top of the screen and a button at the bottom right-hand corner to allow you to print out Hipster PDA cards. Clicking on any of the label categories will open the Gmail Labels Setting tab and there you can select sub-categories or create new ones:

108

Why not use a Better-Mailed Gmail to get stuff done?

Issue 21

GTD labels configuration in Gmail settings The GTD search facility opens a dialgue box with many fine-tuning options based on toggled labels, dates and if e-mails are starred or have attachments with the ability to save searches. You can search, then add Categories/Labels and to individual e-mails and when you return to your inbox those e-mails will now be marked accordingly:

The detailed GTD search box Finally, when you want to compose an e-mail you will find that the GTD extension has now given you three options: Compose E-mail, Compose Myself an action and Compose Myself a Reference. The first one is self explanatory and the other two, when selected, will open further contextual dialogue boxes:

Gmail with advanced options from GTD

GTD: Get Things Done

109

Issue 21 In this feature you can send yourself an action or a reference, including any file attachments, and by clicking on Add event info you can key in the where and the when. Just above the main text composition area there is an action button more event options. If you click on it a Google calendar window will open and permit further configuration:

Google calendar triggered from within GTD GTD is a power user’s delight with sufficient options (seven tabs’ worth) to keep the most inveterate tinkerer occupied:

GTD’s options: seven tabs a tweakers paradise This is just a flavour of what this marvellous Firefox add-on can do for a Google application like Gmail. The official website will tell you much more and in more detail too.

Better Gcal: Google Calendar with makeup Google Calendar has some good features but as usual the tinker pixies have been rummaging and come up with an extension called, er, Better Gcal. Like Better Gmail, the aim is simple: to add really useful functionality to Google’s default calendar. It is not as feature-packed as Better Gmail but it has some nice configuration options:

110

Better Gcal: Google Calendar with makeup

Issue 21

Better Gcal Preferences These, as with Better Gmail, come courtesy of bundled Greasmonkey scripts and add, literally, a little colour to the calendar. Whether you are using Google calendar as a stand-alone application or integrating it with all the other Google packages, one option you should absolutely enable is to force a secure (https) connection. Depending on the size of your calendar entries, text wrap events is useful. The other check options are essentially eye-candy.

Google Calendar: a word of warning A word of warning about using Google calendar. If you make your calendar public you may, depending on what you put into it, leave yourself open to anything from burglary and identity theft to stalking. I looked at some public calendars of â&#x20AC;&#x153;private individualsâ&#x20AC;? and the amount of information revealed was astonishing and shocking. Information was such that it was possible to see exactly when people would be away on visits or holidays thus facilitating break ins and sufficient personal and financial details to facilitate identity theft. Visit this website and see for yourself. It makes sobering reading. The lesson is clear: choose the private setting in Google calendar and if you must share then at least configure it to restrict sharing with specific persons you trust.

Map you Milk: not an extension but it will extend Google Calendar Unfortunately, Better Gcal does not do for Google calendar what GTD does for Gmail; if you want that kind of added value, you might want to consider Remember the Milk for Google Calendar. Go to the RTM homepage, click on Signup Now! and follow the prompts to subscribe to a special calendar which will add small task icons for each day (a blue tick). Here is a quick guide. Those blue ticks will only appear once you have ensured that the Remember the Milk calendar is in your Calendars List and the checklist box is ticked. Once you have done this, you can click on the task icons at the top of each day in the Google Calendar log in (with the username and password you set up when you installed RTM) and create tasks to view. Via its Locations feature, Remember the Milk gives you a map related to any tasks that have a location component (handy if you are sharing Google calendar with friends unfamiliar with your locale). This will supplement another Firefox extension called Mini Map Sidebar, essentially Google Maps in a Firefox sidebar. It has many features beyond the scope of this article (the official Add-on site will list them for you). However, RTM is popular and popularity breeds more demand for feature creep. So, it is no surprise that there is a Firefox extension for this task management tool. It is called Delegate to Remember the Milk and is based on DelegateGCal extension from ano.malo.us. If you are pining like a Python parrot for the RTM features in Google Calendar then install it and, happy days, a button will be added to Gmail messages to generate messages to RTM that creates a new task. As with FireGPG, this extension has been caught in the GMail upgrade and will only work with the older version, thus requiring a change of version in the Gmail setting I mentioned earlier. However, you will still be able to use it to turn e-mails to tasks whilst retaining a

Map you Milk: not an extension but it will extend Google Calendar

111

Issue 21 backwards link to the original e-mail—just like that. If you really like RTM you are not restricted to Gcalendar and Gmail; you can have it in the Firefox sidebar too. With the iGoogle gadget enabled, open you Bookmarks Manager and create a new Boobkmark and type in the following URL: http://www.rememberthemilk.com/services/modules/googleig/

and ensure that the “Load this bookmark in the sidebar” box is checked. Now, provided that you are logged into RTM you can view it from a Firefox sidebar simply by selecting that option from the dropdown Bookmarks menu. In discussing RTM I have only scratched the surface of what it can do and how it integrates with Firefox and Google applications. SMS, and instant messenger (AIM, Gadu-Gadu, Google Talk, ICQ, Jabber, MSN, Skype and Yahoo! are all supported).

Gspace: free online storage space via Firefox GNU/Linux users will be be familiar with using Fuse (File User Space) in conjuction with Gmail to create virtual, mountable Linux file system, better known as GmailFS. GmailFS will effectively allow you to use GMail like a file system. If either Fuse or GmailFS are not in your distros’ software repositories, you can get them at the official site. Many relative newcomers may baulk at installing Fuse Kernel modules (though most recent versions have it installed by default) and chasing up dependencies though the effort will be worth it: you will be able to use Gmail without dependency on browser upgrades which may break the extension (as well as not having to access file commands). GMailFS isn’t the only way for you to access GMail as if it were a remote disk. If you prefer a Firefox extension which works with Gmail, albeit unofficially, then Gspace is for you. This is online, remote file storage with bells on. You are only an extension away from up to six Gigabytes of easy and convenient storage capacity via your Gmail account. It is as easy to use as moving files locally on your own computer. Files uploaded to Gmail via Gspace can be accessed and retrieved from anywhere, on any machine—including allowing access for others you trust with your Gmail account details. It’s a very useful feature for large files that might choke your normal e-mail client, even on a decent broadband connection. Once installed, Gspace will add an icon to the status bar in Firefox. From the add-on menu for extensions you can configure Gspace’s options and this should be your first port of call:

Gspace Preferences Settings Here, you can set icons, thumbnails, file attachment size, etc. Just click on the Gspace icon to open the application. Depending on how you have configured Firefox, Gspace should open in a separate tab:

112

Gspace: free online storage space via Firefox

Issue 21

Gspace’s four pane interface Anyone who has ever used FireFTP, an FTP client extension for Firefox, will recognize the layout: a screen containing the files in your home directory, a screen for transferring those files to Gspace, a Transfer screen and a Status screen (all resizable). Once logged in, select a file, or files, click on the blue upload arrow and the selected file(s) will transfer to the right-hand screen. At the same time, in the Transfer screen on the bottom left, a progress bar will indicate the status of the upload. Any files you upload can subsequently be accessed (and transferred back) from any other machine anywhere with Firefox and Gspace installed. If you now open Gmail that file will show up just like an e-mail which can be viewed, scanned and or downloaded. This feature is useful for transferring large files to anyone with whom you want to share who has a Gmail account, especially for those working, say, in a project group. One of the best features of the Gspace extension is the range of Transfer Modes which allows you to transfer files, view uploaded picture files and download from a Gmail drive. You can also play your uploaded music files, although you will need the Flash Player plugin for this (Gspace will give you a download link). For this feature, you will need to grant the Gspace extension permission to access external hosts like gmail.com and you can get instructions here. You can also manage multiple GMail accounts from Gspace but only sequentially, not consecutively, as Firefox maintains cookies across the login session—so, multiple GMail acounts across Firefox tabs is off the menu!

The best of the rest: a quick overview I had intended to include Google Browser Sync. Even though the data is optionally encrpyted using an alphanumerical PIN so that data, passwords and cookies are protected (even from Google?), a better option is to utilise Gspace in conjunction with two excellent little Firefox extensions, FEBE and CLEO. They will, respectively, allow you to backup all your extensions, themes, bookmarks, preferences, passwords, cookies and profiles and package all extensions and themes into a single installable, compressed xpi file. You can then use Gspace to upload the CLEO file and access it to install everything on a Firefox installation running on another machine anywhere else. By the same token, Google Notebook (a scratch pad and shoe in for del.icio.us?) is a nice little research tool to use from within the Firefox browser, especially if you wish to collaborate online and integrate it with Gmail and Google calendar, but if you want a real power-user’s extension for Firefox, then Zotero is a much better bet. It is stand alone but more powerful, and I use it regularly when researching articles for Free Software Magazine. It’s powerful feature set can only really be appreciated by installing the extension. Finally, whilst it is considered bad manners to bite the hand that feeds you, there is no excuse for allowing Google to take liberties with your security and data. Installing Customise Google will give you access to a phenomenal range of Google settings to improve you browser security. Think of it as a meta-preferences addition to all the other Google extensions.

The best of the rest: a quick overview

113

Issue 21

Conclusion Google extensions allow you to ratchet up the power of Firefox and to spend an entire online session without having to leave itâ&#x20AC;&#x2122;s confines. The only caveats are security and upgrades to extensions and browsers breaking compatibility. If this little lot is not sufficient to exhaust you or my selection is not to your liking, then pay a visit to a website that lists no less than eighty Gmail tools and tips - and pig out in the Google trough. There should be enough there to last as long as an SCO lawsuit.

114

Conclusion

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Configure Exim with anti-spam Spam's off! Make it so with Exim and SpamAssassin By Ryan Cartwright PUBLISHED: 2008-03-10 A few comments on my article The perfect network server in issue 17 requested some more in depth follow-up pieces. This is what I hope to be the first of those. It focuses on Exim, the mail transfer agent (MTA), specifically setting it up with spam scanning. It is based on setups I currently use, hosted on Debian GNU/Linux. This is an intermediate article, I’m going to assume you are familiar with mail delivery technologies and terminology. If you don’t know what SMTP, MX records and reverse DNS lookups are, you might like to do a little background reading before coming back to this article. I’ll try to stick to a descriptive narrative style but some of it will inevitably involve technical language.

What Exim is not Exim is a mail transfer agent. It receives messages, usually by SMTP, figures out what to do with them according to its configuration and transfers them to another location based on that information. The new location may be a locally based mailbox, another server or another daemon running on the same box. Exim does not do POP3, IMAP, shared calendars or make the tea It does not deliver mail to client machines, and does not handle mail user agent message creation functionality. In short, Exim does SMTP and related stuff. It does not do POP3, IMAP[1], LDAP, shared calendars or make the tea. It’s important to note that Exim is not capable of pulling mail: it expects all messages to be delivered to it [2].

Debian Exim packages Debian has a few packages for Exim. At the time of writing the current major version is 4. The key packages to install are exim4-base, exim4-config and one of the two exim4-daemon-? packages. If you are installing a brand new server, then you can install Exim as a task during the Debian installation stage (see The perfect network server for information on that). If you already have a Debian server then you can install it using tasksel install mail-server or with your favourite package manager. The two Exim4 daemon packages within Debian called exim4-daemon-light and exim4-daemon-heavy. Installing either will install the exim4-base package as a dependency but not exim4-config. So, you should install exim4-config as well as it comes in handy. The light daemon package is a perfectly adequate Exim install but leaves out things like SQL data lookups, virus/spam scanning integration and Secure Password Authentication SMTP. All of those are included in the “heavy” daemon and, as you’ll want to do spam scanning, you’ll need it. Note that tasksel, and thus the Debian installer, will install exim4-daemon-light but you can replace it simply by installing the heavy package afterwards. So, after all that, apt-get install exim4-daemon-heavy exim4-config does the trick.

Debian Exim packages

115

Issue 21

Exim initial configuration I’m not aware of any GUI tools to configure Exim, beyond address and account management. I started a fairly long debate on the necessity of server GUIs in the last article, but as they say, “write what you know”… so I’ll stick to configuring Exim via the shell. Having installed exim4-config, you might as well put it to good use Having installed exim4-config, you might as well put it to good use. To use exim-config, run (either as root or sudo) the command dpkg-reconfigure exim4-config. I won’t detail every step of this because each has decent explanatory text within—and I’d take up most of the article installing Exim. Here are a few pointers on the latter steps.

The debconf way to set-up Exim

Mailbox format The Exim local_delivery transport is used to deliver messages to local mailboxes. By default that is in mbox format. There is an option to use the popular Maildir format, which you can set here. I prefer Maildir, so I choose to use it here. For a discussion on which is best I suggest you put your flame-proof suit on and hit Google or add a comment. Briefly, mbox stores all messages in a single text file. Maildir stores each message as an individual file within sub-directories of your main maildir. An advantage of Maildir is that it doesn’t require file locking, so there are fewer delays.

Single or multiple config files The next step is, as far as I know, unique to Debian (and its derivatives). You can choose to have the various routers and transports within separate config files or all lumped in one file. The former is the more usual Debian way of doing things, the latter is more common outside of the Debian world view. If you have experience of Exim on other distributions then go for the latter, otherwise the former may help you find things better. Both types will contain the same configuration options—just in different files. I have used mutiple files and refer to them here. If you choose a single file then all your configuration options will be found in /etc/exim4/exim4.conf.

SpamAssassin The automatically generated configuration will create a perfectly usable Exim server: any local user will be able to have mail delivered to their mailbox by Exim ready for to be picked up. What it won’t do as yet is any spam scanning. I’ll look at spam scanning now. The traditional anti-spam approach for GNU/Linux is SpamAssassin. What’s good is that v4.50 Exim has a built-in interface for SpamAssassin. This was formerly the exiscan_acl plugin. SpamAssassin requires you to enable it before it will run

116

SpamAssassin

Issue 21 Once installed (e.g. apt-get install spamassassin), SpamAssassin requires you to enable it before it will run. Edit /etc/default/spamassassin and set ENABLE = 1. You can also have SpamAssassin’s rules updated on a nightly basis by setting CRON = 1 in the same file. Once you’ve done that, you can start the spamd daemon with /etc/init.d/spamassassin start.

There are plenty of good SpamAssassin resources on the web. Including this wiki By default SpamAssassin listens on port 783. If you install exim4-daemon-heavy, Exim will be already set to look for it on that port. If your SpamAssassin listens on a different port you should change the setting in /etc/exim4/conf.d/main/02_exim4-config_options accordingly.

Access Control Lists (ACLs) You need to tell Exim how and when to use SpamAssassin. This can be done either in a router (which is run on messages after they’ve been received), or within an Access Control List (ACL). I’ll do it within an ACL. ACLs are run against messages during SMTP sessions. Exim usually runs an ACL during the SMTP RCPT command and one after DATA command. Spam checking is generally made on the body, so you need to edit the latter ACL. This assumes SpamAssassin is installed and running. The settings we need to change are within the /etc/exim4/conf.d/acl/40_exim4-config_check_data. Uncomment and amend the default setting as follows: warn spam = Debian-exim condition = ${if <{$message_size}{100k}{1}{0}} message = X-Spam_score: $spam_score\n\ X-Spam_score_int: $spam_score_int\n\ X-Spam_bar: $spam_bar\n\ X-Spam_report: $spam_report

This ACL runs every message below 100k in size through SpamAssassin as it is received. The 100k limit eases the server load by not checking larger messages with attachments that are more likely to contain malware than spam. The ACL adds some additional headers to the message defining the spam “score”. I will use these in filters later.

Rejecting suspect spam This configuration will warn you about problems, but will still relay suspicious messages. Why not deny relaying to them? It’s certainly possible to have the ACL reject messages above a certain threshold. I’m not sure that this is necessarily a good idea though. SpamAssassin is good at its job but it will produce false positives SpamAssassin is good at what it does but it will produce false positives. In particular I’ve found badly written and configured HTML e-mail newsletters to be an issue. Whilst it’s tempting to shut out such messages, it may not be practical for your users. It is perhaps better to accept the message with an additional header and

Access Control Lists (ACLs)

117

Issue 21 act upon that later. To do that in Exim you use filters.

Filtering messages Many clients allow you to setup a filter to detect and examine a header. You could, for example, set a client-filter to check the X-Spam-Score header for a value above 9.9 and dump any messages that match directly in the clientâ&#x20AC;&#x2122;s trash or a separate spam folder. Your users may feel slightly better for not seeing higher scoring messages though. Even when client-side filters work, many have found that reducing the amount of delivered spam goes down well with users. Exim has an extensive filtering system which can be used by individual users on messages delivered to them or globally on all messages relayed by the server. The latter is a system filter and you can have one per Exim installation. Specify the location of your system filter within any of the main config files. I put mine at the top of the /etc/exim4/conf.d/main/02_exim4-config_options. Add something similar to this: system_filter = "/etc/exim4/system.filter" system_filter_user = Debian-exim system_filter_group = Debian-exim system_filter_pipe_transport = address_pipe system_filter_file_transport = address_file system_filter_reply_transport = address_reply

The filter itself is a series of conditions and resulting actions. Hereâ&#x20AC;&#x2122;s a sample condition for a system filter: if $h_X-Spam_score_int is above 99 and foranyaddress $recipients ($thisaddress contains "@mydomain.com") save /var/mail/suspect_spam mail to $thisaddress subject "[ SPAM Witheld ] $h_subject:" from "Company Mail Server <no-reply@mydomain.com>" text "This Message is sent automatically by e-mail software, please do not reply to it\n\nThe server suspects that a message sent to you by $h_From: is spam. It scored : $h_X-Spam_score: .\n The spam report is:\n $h_X-Spam-report: \n.\nThe original message has not been sent to you, but stored on the server.\n If you were expecting it, please contact your system administrator with the reference\n $message_id finish endif

The second line will loop through all the recipient (To, CC, BCC) addresses for one that contains mydomain.com. This is done to ensure we only run this on inbound messages. Once matched, it appends the original message into a local file and sends a notification to the intended recipient, rewriting the subject. Note the use of the other additional headers in the notification text. Now you need to handle messages scoring between 4.9 and 9.9. You can do this with another condition which rewrites the Subject header. if $h_X-Spam_score_int is below 99 and $h_X-Spam_score_int is above 49 and foranyaddress $recipients ($thisaddress contains "@mydomain.com") then headers add OldSubject "$h_Subject" headers remove "Subject" headers add Subject "[ SPAM ] $h_OldSubject headers remove "OldSubject" finish endif

Header manipulation happens on-the-fly in Exim filters; so you needed to save the existing subject before using it in the new one.

Final words

118

Final words

Issue 21 Exim is a little like chess: straightforward to learn, a lifetime to master. SpamAssassin is really the same , so coming up with a comprehensive guide article that covers all questions is almost impossible. What I have tried to do is give some introductory guidance on configuring both on Debian GNU/Linux. Think of it as whetting your appetite. If you are looking to deploy an Exim server with SpamAssassin and other features Iâ&#x20AC;&#x2122;ve not had room to mention, such as virtual users, virus and malware scanning etc. I would suggest you do some more reading before you start. The Exim website has comprehensive documentation but is perhaps not best suited to the beginner. A better place to start will be http://www.exim-new-users.co.uk.

Bibliography [1] Have a look at something like Courier IMAP,Cyrus, Qpopper et al for POP3 or IMAP servers. [2] Try fetchmail for something that pulls mail from another server and feeds it into Exim for local delivery. The two work very well together.

Biography Ryan Cartwright (/user/8833" title="View user profile.): Ryan Cartwright is IT Manager for Contact a Family (http://www.cafamily.org.uk), a UK National charity for families with disabled children where they make significant use of free software (http://www.cafamily.org.uk/oss). He is also a free software advocate and you might find him on the GLLUG (http://gllug.org.uk) mailing list. Views posted here are his own - sadly.

Bibliography

119

Issue 21

120

Bibliography

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Review of FreeBSD 7 At look at the future including finstall, the new graphical installer By Yousef Ourabi PUBLISHED: 2008-03-05 The next major update of FreeBSD 7, due this December, is in the running to be one of the most impressive FreeBSD releases to date. The ULE scheduler has now reached maturity, leading to significant gains across the board (particularly in server workloads). This new scheduler brings notably impressive performance improvements to both MySQL and PostgreSQL. In the first section of this article, I’m going to take a look at what’s new. In the second section, I will discuss what the future holds for FreeBSD beyond the upcoming FreeBSD 7.0 release, including screen shots of the revamped FreeBSD installer “finstall”.

Beastie, here and now FreeBSD 7 sports several new improvements in its file-systems and storage subsystems, including experimental support for ZFS and gvirstor, which can be used to create a large virtual disk image by simply adding physical disks as data on disk requires. This gives system administrators the ability to create volumes that far exceed the physical disk capacity and only add hardware as usage increases. Gvirstor is authored by Ivan Voras, who is also responsible for the FreeBSD installer project “finstall”. I’ll take a quick look at finstall, including screenshots, in the section “Going Forward with FreeBSD”. The kernel scales admirably to eight processors, an essential step as multi core chips have become ubiquitous, reaping the benefits of the “SMPng” project (Symmetric Multi-Processor, next generation) and migrating away from the legacy BSD architecture. The ULE scheduler is now considered the preferred scheduler for FreeBSD systems; however, it will not be enabled by default until the 7.1 release, so a kernel recompile is still required at this time. Kris Kennaway has a fantastic write up (available in the resources section) that graphs the performance improvements and shows the eye-popping increase in server work-load scalability. The ULE scheduler is now preferred, but won’t be enabled by default until 7.1 The networking subsystem has had its fair share of changes; it is “Giant Lock” free, WPA support is now stable and, more importantly, it is easier to configure (though I did not verify the wireless improvements for this review). This release will include X.org 7.3, KDE 3.5.7, Gnome 2.18.3 and GCC 4.2.1–but of course you can always stay on the bleeding edge via FreeBSD ports. There are currently around 18000 ports and, as always, the number of ports is steadily increasing. The over-arching theme of this release is “spit-and-polish” and the final stabilization of long term efforts such as SMPng to increase system performance. All the things you’ve come to love about FreeBSD are still there and there have not been any radical changes that will affect the way you use your system. It should just work faster and have an updated set of tools. This evolutionary approach is similar to Apples MAC OS X release cycle.

Beastie, here and now

121

Issue 21 As I write this, FreeBSD 7.0 beta 3 has just been released and I encourage everyone to start using it. It is already quite stable, and many (if not all) of the bugs in the earlier betas have been fixed. If you do encounter any bugs, make sure to report them!

Going forward with FreeBSD The future is even more exciting because there are some new technologies lurking on the horizon that will make FreeBSD. The three I find the most interesting are: 1. The Finstall Project, which I’ll examine in a bit; 2. ZFS (ported from Sun Microsystem) 3) DTrace (also ported from Sun Microsystems). There is a long shared history between BSD and Sun. The original Sun OS was based on BSD, mostly due to Bill Joy’s involvement at UC Berkeley. ZFS will be available in the 7.0 release as an experimental kernel module with some limitations. FreeBSD cannot boot off ZFS file systems, nor can it use ACLs; other more advanced features of ZFS (such as exporting volumes over iSCSI) will also be delayed until future releases. However, the ZFS port is mostly integrated into the standard FreeBSD stack including GEOM and UFS. This level of integration allows, for example, a UFS file-system to be created on top of a ZFS volume. The state of DTrace is a little more precarious. The initial development of the port began in mid-2006 and was met with a warm welcome. However, there is currently a licensing dispute that prevents the DTrace headers from being merged into the main source tree for this release. And, last but not least, the new graphical FreeBSD installer “finstall”. Developed by Ivan Voras as a Google Summer of Code project, it is planned to be offered as a separate installer CD for the 7.0 release and in future releases will be merged into the main install CD. The current implementation is a Python-GTK front-end that talks to a Python back-end via XML-RPC. The long term plan is to rewrite the back-end in the C programming language for better integration with the core FreeBSD system. Using finstall is pleasant. It comes as part of a Live-CD and goes through a familiar boot process. After the system is initialized, you are prompted with a message instructing you to either login with the “install” user to launch the graphical installer or the “root” user to use the CD as a recovery or exploration cd. Another very nice and practical feature of the new graphical installer is the availability of help sections for various installation tasks. Although the text in the alpha/preview release is just place-holder, this will eventually get fixed and become a useful resource for users uncertain of the implications of the various options. This is an area somewhat lacking in the current installer.

The finstall live cd booting up After logging in as the “install” user the system will automatically start the XFCE window manager and you’ll be presented with a graphical installer icon “FreeBSD Installer”. Double click it and you will be presented with the installer splash screen below. It is important to note that while the installer is under active

122

Going forward with FreeBSD

Issue 21 development (in beta state), some options will be disabled.

The finstall installer splash screen The installer will then present you with your file-system options, as seen in the figure below. It is important to note that ZFS cannot be used as the root, or boot file-system, the traditional FreeBSD UFS file-system is required.

The finstall file-system selection After you have made all the selections you want for your system, you will be presented with a fairly standard progress bar as the installer configures FreeBSD on your system

Installing the base system, progress bar

Going forward with FreeBSD

123

Issue 21 The finstall project is also a platform for users to create their own live CDs and customized installers. The Python implementation of the front-end makes it very easy to jump in and hack around. In the resources section, I have included a link to my blog where I document my own attempts at generating my own install live CD (for the brave only, it is a work in progress). Keep in mind that official documentation will appear on the finstall sourceforge project (also in the resource section) and those will be the definitive, up-to-date instructions on how to hack the installer.

Conclusion FreeBSD has come a long way and has created great technical solutions to tough problems. The new scheduler will offer performance gains for years to come. New architectures are being added frequently, including Sun Microsystems Niagra processors, Apple Mac Books (and Mac-mini), and even an initial port to the Xbox platform. The future is bright for FreeBSD and I’m certainly looking forward to the pending 7.0 release and beyond. The 7.1 release will see the ULE scheduler enabled by default and should also see the inclusion of the new installer into the mainstream releases. The multi-processor scalability will continue with the next goal of linear scalability on sixteen cores. There are now more than seventeen thousand ports and, with the new and improved performance, FreeBSD makes a formidable desktop and server operating system.

Resources • FreeBSD on Apple MacBook Project Page • FreeBSD 7 Open Bugs • Finstall FreeBSD Wiki (FreeBSD.org) • Finstall Project Page (Sourceforge) • My initial experiments with the FreeBSD Installer (Finstall) on my blog • 7.0 Preview (PDF) By: Kris Kennaway

Biography Yousef Ourabi (/user/43" title="View user profile.): Yousef Ourabi (http://yousefourabi.com) is a developer in the San Francisco bay area. He is currently working at the startup he recently founded, Zero-Analog (http://www.zero-analog.com " title="Zero-Analog). Zero-Analog is currently developing an enterprise application, however, one of its stated goals is "to increase the rate of open source adoption in companies of all sizes, across all industries". Zero-Analog also offers consulting services, all based around open source tools, frameworks and applications.

Copyright information Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation. A copy of the license is available at http://www.gnu.org/copyleft/gpl.html. Source URL: http://www.freesoftwaremagazine.com/articles/review_of_freebsd_7

124

Resources

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Running GNU Mailman at home Putting the most powerful mailing list manager on your desktop By David A. Harding PUBLISHED: 2008-02-28 GNU Mailman is the most popular free software mailing list manager, and probably the most configurable; however, it normally requires you have a web and mail server always connected to the Internet. With a little extra work, you can run Mailman from your intermittently-connected GNU/Linux desktop.

Introduction Normally Mailmanâ&#x20AC;&#x2122;s workflow looks like figure 1. A mail server receives email, gives it to Mailman for processing, takes it back from Mailman, and delivers the email to the final recipients. The desktop Mailman workflow adjustments (see figure 2) add a few extra steps: mail is forwarded to, stored in, and downloaded from a mailbox before being received by a desktop mail server. These extra three steps are easy to setup, and this article integrates them into the normal Mailman setup procedure.

Figure 1: Mailmanâ&#x20AC;&#x2122;s Normal Workflow

Introduction

125

Issue 21

Figure 2: Mailman’s Adjusted Workflow

Finding the right type of mailbox Your desktop mailing list requires a mailbox to store messages on the Internet. Most ISPs provide one or more mailboxes with their standard service. Several websites, like Google, provide no-cost mailboxes as well. Choose freely: you can change mailbox addresses without notifying users or breaking the mailing list. Your choice of mailboxes is limited by one constraint: a non-interactive program, Fetchmail, needs to retrieve the email from your mailbox. Fetchmail supports two protocols: the Post Office Protocol (POP) and the Internet Message Access Protocol (IMAP). The mailboxes available from most ISPs and Google Mail support at least one of these protocols. If you already use a mailbox that meets these criteria, don’t use it with these instructions; it will only complicate things. Create a brand new mailbox for your mailing list.

Getting a forwarding Address Select a name for your mailing list. I recommend a short and descriptive name. A list called doe created by Jane Doe for communicating with her family will be used throughout the article as an example. Mailman requires three email address for each mailing list. Each address must be at the same domain and must follow a particular format: list@domain, list-request@domain, and list-owner@domain. Replace list with the name of your list and replace domain with the name of your domain. Jane Doe, who knows people use her as an example, owns the domain example.com; the three email addresses she’ll use for her doe list are doe@example.com, doe-request@example.com, and doe-owner@example.com. All three of the addresses need to be forwarding address; all must forward to the mailbox previously setup (see the previous section of this article). Jane Doe’s domain name registrar lets her configure forwarding addresses. If your domain name registrar doesn’t provide forwarding service, or if you don’t have a domain name, you can use a free forwarding service (try a Google search for one) or a paid forwarding service, like the one that comes with a Free Software Foundation associate membership.

Configuring a mail server Mailman needs a properly configured mail server in order to function. If you already have a working mail server, skip to the next section. The original mail server, Sendmail, is free software, but is so difficult to configure that some people wrote simpler mail servers. As the simpler mail servers added features to match Sendmail, they too became difficult to configure. The free software community is now filled with powerful and difficult to configure mail servers, and none of them is standard on all free operating systems.

126

Configuring a mail server

Issue 21 Among GNU/Linux distributions, the Sendmail, Postfix, and Exim mail servers are very common. You need to read the documentation on setting up your operating system’s mail server, but I’ll lay out the general settings you need for Mailman and give instructions for Postfix. Mail servers perform two functions: sending and receiving email. Sending email was once easy: any mail server could talk to any other mail server. Then Microsoft Windows made email difficult. Through poor security, millions of computers are commandeered and used to send spam; today, many mail servers reject email from residential computers like your desktop. Instead, they only accept email from well-known computers. For example, an ISP is likely to only accept mail from its broadband customers. Your ISP probably has a well-known mail server and you’re probably permitted to use it. Configure your mail server to use your ISPs mail server as a “smarthost”—a sever smart enough to route your email. Check the documentation on your ISP’s website for outgoing email instructions. Where you see the word SMTP, look for a hostname like smtp.isp.net—that’s the name of the smarthost. Now check how to configure your local mail server so that it uses your ISP’s smarthost. In Postfix, you will add this to the file /etc/postfix/main.cf: relayhost = 207.126.122.88

Remember that mail servers often need to be restarted. If you’re using postfix, you can either run killall -HUP postfix or postfix reload. After configuring your mail server to use a smarthost, send a test email using the following command: echo "To: you@yourisp.net" | /usr/lib/sendmail -t

/usr/lib/sendmail is a legacy of when Sendmail was the only mail server; it works with all of the mail servers installed by default on major GNU/Linux distributions. Replace you@yourisp.net with your usual email address. If you receive the email at your usual address, your mail server is correctly configured for sending. If not, find the problem and fix it. I suggest starting by checking your mail logs (usually /var/log/maillog). Configuring your mail server to receive mail for a specified email address is easy, since most mail servers are preconfigured so that they are ready to receive. Test the receiving mechanism by adding the following line to /etc/aliases : testing123: you@yourisp.net

In Postfix, Remember to run the newaliases command after changing /etc/aliases. To test, replace you@yourisp.net with your usual email address and run the two following commands: echo "To: testing123" | /usr/lib/sendmail -t

If you receive the email in your regular email account, continue; if you don’t, check the logs and documentation for your mail server.

Downloading email Now that you can send and receive email, you need to be able to fetch the email that you will then send to your mailing list. The Fetchmail program creates a connection between your mailbox and your mail server. It downloads the email from your mailbox and gives it to your mail server as if it had been delivered to your mail server directly. Fetchmail requires configuration. It needs to know the address of the POP or IMAP server your mail is stored on, and it needs your login name and password too. To find the POP or IMAP server name, check the documentation on your mailbox provider’s website; look for instructions for downloading email; the hostname near the POP or IMAP setting is the server name.

Downloading email

127

Issue 21 Fetchmail needs to run periodically. If you install Fetchmail through some distributions, like Debian or Ubuntu, you will need to configure /etc/default/fetchmail (see below) and then start fetchmail by typing: /etc/init.d/fetchmail start. Users of other distributions should read the documentation that comes with Fetchmail to discover the best way to periodically run it. For example, Jane Doe uses Debian and configures Fetchmail by adding the following lines to the file /etc/fetchmailrc : poll mail.isp.net with proto POP3 user 'jane' there with password 'secret1' to 'doe@example.com'='doe' 'doe-request@example.com'='doe-request' 'doe-owner@example.com'='doe-owner' '*'='jane' here options fetchall

Use the following table to replace Jane’s settings with your own. The settings are listed in the table in the order they appear in the file: Jane’s Setting Replace With mail.isp.net The mail server name POP3 Use IMAP for IMAP servers jane Your user name on the mail server secret1 Your password on the mail server doe@example.com Your list address and first forwarding address doe Your list name and local variant of the first forwarding address doe-request@example.com The second forwarding address doe-request The local variant of the second forwarding address doe-owner@example.com The third forwarding address doe-owner The local variant of the third forwarding address jane Your username on the local computer Setting Replacement Table Fetchmail splits the email in your mailbox into four parts: what goes to your mailing list (for example, doe), what goes to Mailman (doe-request), what goes to the list administrator (doe-owner), and everything else (jane). Test Fetchmail by adding the following three lines to /etc/aliases before running newaliases. Replace listname with the name of your list and you@yourisp.net with your regular email address. listname: you@yourisp.net listname-request: you@yourisp.net listname-owner: you@yourisp.net

Use your regular email client and account to send one email to each of the three forwarding address; place the To address in the subject line. If you receive all three emails back, Fetchmail is configured correctly; if not, check Fetchmail’s log in /var/logs/mail.log. Fetchmail only downloads email once every five minutes, and you won’t receive the emails until Fetchmail downloads them. After a successful test, remove the three lines added to /etc/aliases and re-run newaliases.

Setting up a web server Mailman’s primary configuration interface is an HTML form. The form requires a web server. On your desktop, install the Apache web server (either version one or two), and test the server by loading the following URL in your web browser: http://localhost/

128

Setting up a web server

Issue 21 If you see a web page describing itself at the Apache default web page, Apache is successfully configured and Mailman will be able to use it.

Setting up Mailman Install Mailman from your operating system’s package manager (alternatively, you can download the source code from list.org and follow the installation instructions in the file admin/www/mailman-install.pdf in the source package). Once Mailman is installed, Create a new mailing list by running the newlist command as root and following the instructions it gives you. Note that you may have to provide the full path to the newlist script, which in Debian and Ubuntu is /usr/lib/mailman/bin/newlist. Mailman works by adding specific lines to /etc/aliases that forward all email from your three forwarding addresses to Mailman; then Mailman examines each of the emails for instructions and acts on those instructions. Usually, this means mail is sent out again; Mailman uses your mail server to send it. Note that you may have to add those specific lines to /etc/aliases yourself. You can configure Mailman by using your web browser to access the following URL: http://localhost/cgi-bin/mailman/admin You need to change one setting on Mailman’s main configuration page for your list: the host_name variable should be sent to the host name for your forwarding addresses (whatever follows the @ symbol in the forwarding addresses; in Jane Doe’s case, example.com).

Testing the list Don’t test your list by subscribing to it using Mailman’s web form. Subscribe to your list using the email interface: send an email to your list in the same format Jane Doe used, but use your email and your list’s -request email addresses instead: From: jane@janes-isp.net To: doe-request@example.com Subject: subscribe The body of the message will be disregarded by Mailman.

If your mailing list accepts new subscriptions, you’ll receive an email from Mailman requesting confirmation before adding your email address to the list; reply to it and you’ll be your mailing list’s first subscriber. Try posting a test message to your list; use Jane Doe’s test message as an example: From: jane@janes-isp.net To: doe@example.com Subject: Testing I'm testing the family mailing list. -Jane

A few seconds or minutes after you send the email, you should receive it in your inbox: your mailing list works—now put it to work.

Spread the word Jane Doe created her list for family communication. She manually adds the email addresses of her immediate family members to Mailman as subscribers using the membership management options in Mailman’s web configuration interface. But Jane isn’t sure if her distant relatives want to subscribe, and so she’ll tell them how to subscribe by email: “send an email to doe-request@example.com with the subject subscribe. If you need any help, ask me.”

Spread the word

129

Issue 21 You can encourage other people to join your list by placing those two sentences, adjusted for your list, in an email on a web page. By default Mailman lets anyone join your list, but you can disable that in the Mailman web administration panel by toggling the option subscribe_policy on the Privacy Options page. After youâ&#x20AC;&#x2122;ve configured one list using Mailman, adding more lists is easy: create three new forwarding addresses pointing to the same mailbox, add three corresponding rules to the /etc/fetchmailrc file, and run the newlist command. By repeating these last instructions, your desktop Mailman can host thousands of lists. Good luck!

Biography David A. Harding (/user/43640" title="View user profile.): David A. Harding frequently writes about free software. He has a Linux Professional Institute level 1 certification and a small dog.

130

Spread the word

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

All the C you need to know for GTK+ A short refresher on basic C concepts By Andrew Krause PUBLISHED: 2008-02-18 If you want to develop applications with GTK+, a graphical toolkit used by the GNOME desktop environment, it is essential that you are comfortable with the C programming language. This article is meant to give you a short refresher on the basics of C that you will need to know when developing GTK+ applications.

Basic C program structure Every C program is composed of one or more functions in the following format. The function receives a number of variable parameters, runs the commands in the function, and then returns a variable of the given type. Note that you can omit the return value by using void as your function type. type function (parameters) { local variables commands }

Here is a practical example (don’t worry if you don’t understand it yet): int my_function(int a) { char b; b='r'; printf("%d %c",a,c); }

Another example function is shown below. The main() function is the only one that is required by every C program. It receives two parameters (argc and argv), which contain the command line parameters entered when the program begins and the number of parameters. The function should return an integer to exit. The following code will print out “x = 0 and y = 1”. (The printf() function will be covered later in this section!) #include <stdio.h> int main (int argc, char *argv[]) { int x, y; x = 0; printf ("x = %d ", x); y = 1; printf ("and y = %d", y); return 0;

Basic C program structure

131

Issue 21 }

Compiling your programs If you are reading this article, you will probably need to compile your programs. Assuming that you call your file result.c, you can compile your programs by typing: gcc -o result result.c

You will now be able to run the program by typing ./result in the directory where the program was compiled. Itâ&#x20AC;&#x2122;s handy to have a console open with the program, and a second console with the command line above, ready to compile the code.

Variable types C provides a number of variable types. You may notice that these are very basic types, all holding numbers, but they can be used to represent any piece of data. The following table gives an overview of the types that are available to you. Data Type

Bytes char 1 unsigned char 1 short (int) 2 unsigned short (int) 2 int 4 unsigned int 4 long (int) 4 unsigned long (int) 4 float 4 double 8 C Data Types

Lower Bound -128 0 -32768 0 -2^31 0 -2^31 0 -3.2e38 -1.7e308

Upper Bound 127 255 32767 65536 2^31 - 1 2^32 - 1 2^31 - 1 2^32 - 1 3.2e38 1.7e308

Itâ&#x20AC;&#x2122;s important to think about where you place the declaration when creating variables. The scope of a variable refers to which parts of the application can access the variable. In general, variables use the following scope rules in C: 1. You can only access a variable that has been declared before referencing it. In other words, the declaration of a variable must appear above its use. 2. A variable cannot be accessed outside the set of brackets where it was declared. For example, if a variable was declared inside of a for loop, it cannot be accessed outside of that loop. You can declare variables outside any function, such as above the main() function. This is called a global variable. Also, a variable declared within a function is local to that function.

Arrays The variable types previously mentioned are useful, but what if you want a thousand integers? It would take quite some time to create a variable for each of these integers. To solve this problem, you could create an array of integers. The following program creates an array, and then fills it up with the numbers 1 to 1000. Notice that arrays are indexed beginning from zero. int arrayOfInt[1000], i; for (i = 0; i < 1000; i++) arrayOfInt[i] = i + 1;

132

Basic C program structure

Issue 21 It is also possible to create arrays with multiple dimensions. The following applications creates an array that has 1000 columns and 1000 rows, and fills it up with the sum of the indexes. int multiArray[1000][1000], i, j; for (i = 0; i < 1000; i++) for (j = 0; j < 1000; j++) arrayOfInt[i][j] = i + j;

The maximum number of dimensions is defined by the compiler, but most applications do not use more than three at the most. If you reach the maximum (GCCâ&#x20AC;&#x2122;s maximum is 29), you should consider rethinking your approach to the problem at hand!

Outputting (printing) data Although GTK+ is a graphical toolkit, it is still useful to be able to output debugging information to the terminal. To do this in C, you would use printf(), which you already saw in a previous example. You can use additional parameters in this function to embed numbers and strings into the output text. In order for this function to work, you must include the header file stdio.h The following example would print out â&#x20AC;&#x153;x = 5 and y = 10.7â&#x20AC;?. The %d is replaced by the first variable, which is an integer. Then, %4.1f is replaced by the second floating point variable with a maximum length of 4 characters and one character following the decimal point. int x = 5; double y = 10.74; printf ("x = %d and y = %4.1f", x, y);

There are a large number of options available of printf(). It would be pointless to enumerate them here since the reference is available on thousands of sites around the Internet. To read more on this function, take a look at this page.

Conditionals and loops C provides a number of methods for controlling the flow of your program. In order to understand these, you need to understand a few logical operators that are available. They are introduced in the following table. Operator Description == Comparison operator that returns true if the value on the left is equal to the value on the right. != Comparison operator that returns true if the value on the left is not equal to the value on the right. Comparison operator that return true if the value on the left is less than (greater than) the value on < (>) the right. Comparison operator that return true if the value on the left is less than (greater than) or equal to <= (>=) the value on the right. Used to concatenate multiple comparisons that will only return true if both evaluate to true. For && example, ((2 > 1) && (0 > 1)) would return false. | | Used to concatenate multiple comparisons that will return true if at least one evaluates to true. For example, ((2 > 1) || (0 > 1)) would return true. ! Returns the opposite value of the following expression. For example, !(1 > 0) would return false. Logical Operators in C

If/else comparisons The if statement is a comparison command that can be used to run code only if a condition is met. In addition, you can include optional else if statements, that will only be evaluated if the previous statements were found to be false. Lastly, an else statement can be used at the end to catch all other cases.

Conditionals and loops

133

Issue 21 The following example shows you how to use an if. Note, the curly brackets can be omitted if only one command is run after a conditional statement. int x; if (x > 0) { printf ("x is positive"); } else if (x == 0) { printf ("x is equal to zero"); } else { printf ("x is negative"); }

In this example, what would be printed if x was equal to -5, 0, or 5? The application would print “x is negative”, “x is equal to zero”, and “x is positive” respectively.

The switch statement The switch can be used as a cleaner style in place of some if statements. It compares the variable or expression in the switch to each case value. If the correct value is found, all of the commands will be run until a break or the end of the statement is reached. In the following example, white space will be printed if ch is a space, tab, or new line character. If the letter is an uppercase vowel, vowel will be printed. Otherwise, the output will show other character. char ch; switch (ch) { case ' ': case '\t': case '\n': printf ("white space"); break; case 'A': case 'E': case 'I': case 'O': case 'U': printf ("vowel"); break; default: printf ("other character"); }

The default case is not required, but it can be used to catch all other cases not previously specified. Note that each case value must be constant, meaning that they cannot be variables.

While loops The while loop will continue to run its contained commands over and over until its condition is evaluated as false. while (condition) { commands }

In the following example, the while will continue running until x is greater than or equal to ten. The break statement can be used to exit the loop before it is completed. What will this code print out? int x = 0; while (x < 10) {

134

If/else comparisons

Issue 21 printf ("%d ", x); x += 2; if ((x % 3) == 0) break; }

The code above will print 0 2 4 . The x variable is incremented by 2 every time, but when it reaches 6, the if statement evaluates to true and exits the loop. Note: The percent sign (%) represents the modulus operator, which returns the remainder of the division.

For loops The for loop allows you to perform initialization, comparison, and incrementing all at once. You can omit one or all of these steps by leaving it blank, although leaving out the comparison will make an infinite loop. In this case, you could use the break command to exit the loop when necessary. for (initialize; comparison; increment) { commands }

In the following example, the integer i is initialized to zero at the beginning of the loop. It will continue running until i is greater than or equal to ten, incrementing by one every time the loop is run. What will this code output? int i; for (i = 0; i < 10; i++) { if ((x % 3) == 0) continue; printf ("%d ", i); }

The above code will output 1 2 4 5 7 8 . If x is divisible by three, continue will skip the rest of the loop’s iteration, so the values 0, 3, 6, and 9 will not be printed. You can also use the break command with for loops.

Pointers One of the most important parts the C programming language is the pointer. A pointer is basically a variable that store the memory address of a variable, array, function, etc. There are two operators that are used with pointers: • The ampersand (&) symbol is called the monadic or unary operator. It returns the address where the variable is located. • The asterisk (*) symbol is used for dereferencing, and returns the object that is at the location stored by a pointer. To help you understand this concept, look at the following example. The second line creates a pointer that stores the memory location of x. The next line dereferences ptr, printing out the integer at that memory location (1). Then, the memory location ptr is set to the value 7. Since ptr points to x, the last statement prints out “7”. If you find this confusing, slowly re-read the sentence above (yes, it does make sense!) and experiment with the code. int x = 1; int *ptr = &x; printf ("%d", *ptr); *ptr = 7; printf ("%d", x);

Pointers

135

Issue 21 Pointers are very powerful, because they can be used with arrays. The following example creates an array of one hundred characters, and then uses a pointer to traverse the array, setting each to the value of its index. char chArray[100]; char *ptr; int i; for (i = 0, ptr = &chArray[0]; i < 100; i++, ++ptr) *ptr = i;

This example shows a few important concepts. First, you should notice that you can provide multiple commands in the first and third parts of the for statement by separating them will commas. This allows you to initialize multiple variables, or provide more than one increment. In terms of pointers, you can increment or decrement a pointer by using standard integer operations. It is legal to move a pointer with any of the following: ++ptr, --ptr, ptr += 10, ptr -= intVariable, etc.

Strings Strings are very important to any programming language, because human interaction would be very difficult otherwise. A string is defined in C as an array of char variables. Each string in C must end with the null character (‘\0’ or 0) so that the end can be found. This is because most strings are stored as pointers. The following example shows one way to create a string. A pointer called text is created that points to nothing at first. It is then initialized to “Hello world!” and printed to the screen. char *text; text = "Hello world!"; printf (text);

This string was initialized by setting the text directly, but this is generally not a good idea. Instead, you should use a function defined in string.h called strdup() to dynamically allocate a copy of the string like the following example. Once the application is done with the string, free() should be called so that the memory taken up by that string can be used by other parts of the program. char *text; text = strdup ("Hello world!"); printf (text); free (text);

There are a number of other functions available in string.h for manipulating strings. The following application shows a few of them, but you should reference the header file for a full list of functions. #include <stdio.h> #include <string.h> #include <stdlib.h> int main () { char *text1, *text2; text1 = strdup ("+"); text2 = (char*) malloc (10 * sizeof (char)); strcpy (text2, text1); while (strlen (text2) < 10) { if (strcmp (text2, "+++++") == 0) printf ("Pluses: "); strcat (text2, text1); } printf (text2);

136

Strings

Issue 21 free (text1); free (text2); return 0; }

The example above is a bit frivolous, but it shows some of the most common functions used for string manipulation. First, the malloc() function was used to allocate a piece of memory with a size of 10 bytes. This function requires you to include stdlib.h and will be covered in more detail in the next section. Then, the contents of text1 are copied into text2 with strcpy(). The loop continues until the length of text2 is nine characters. During each iteration of the loop, a single plus is concatenated to the variable with strcat(). The conditional statement uses strcmp() to compare two strings. It will return a negative number if the first string should be sorted before the second, zero if the two strings are equal, or a positive number otherwise. You should note that you cannot use ==, !=, or any other operator to compare strings, since using those operators would just comparing the pointer location!

Dynamic memory allocation One of the main reasons for pointers is to enable dynamic memory allocation, or the ability to allocate memory while the application is running. Memory is allocated in C with malloc(), which uses the following syntax. It accepts the number of bytes to allocate, returning a pointer to the newly allocated memory location. When you are done with the memory, you must call free(), or that space will be leaked by your application! int *data; data = (int*) malloc (100 * sizeof (int));

In addition to this function, you can use calloc(), which allocates an array of data with the given size. In the following example, an array of 100 elements with a size of 4 bytes is allocated. This code does the same essentially the same thing as the previous example. int *data; data = (int*) calloc (100, sizeof (int));

As with malloc(), everything allocated with calloc() should be freed when you are done using it. Also, one of the most common problems encountered with pointers is not allocating memory before using it, so make sure to avoid using uninitialized pointers! Basically, if you get a Segmentation Fault, you are misusing pointers.

Structures The struct type allows you to create your own data types in C. For example, let us assume you want to store information about an animal. You could use the following structure to do this: typedef struct { char *name; char *sound; int legs; } animal;

The structure definition above creates a new data type called animal. This data type holds two strings and one integer. This is useful because you can create as many instances of animal as you want. The following code shows two ways you can use the new structure, one without and one with pointers. animal cow; animal *chicken;

Structures

137

Issue 21 cow.name = strdup ("Cow"); cow.sound = strdup ("Moo"); cow.legs = 4; chicken = (animal*) malloc (sizeof (animal)); chicken->name = strdup ("Chicken"); chicken->sound = strdup ("Cluck"); chicken->legs = 2; free (chicken);

In this example, and instance of animal is created called cow. Since this is not a pointer, you can use the period character to reference the members of the structure. In the second part of this code, the memory is allocated for another animal instance. Notice that, with a pointer, you must use -> to access the members of the structure! It may not be immediately apparent from this example why you would want to use a pointer. However, if you wanted to pass the structure to a function, it would be much more convenient. Passing chicken would just create a copy of the pointer. This is why pointers are preferred in C.

Conclusion By now, you should be familiar with the basics of the C programming language. While there are other aspects of the language that you may need to learn when programming with GTK+, these basics will allow you to use all but the most advanced portions of the libraries. If you are interested in learning GTK+, I would encourage you to check out my book on the subject: Foundations of GTK+ Development. This book covers everything from the basics of the libraries to creating your own widgets, and much more in between.

Biography Andrew Krause (/user/43971" title="View user profile.): Andrew Krause is the author of Foundations of GTK+ Development (www.gtkbook.com). He is an active contributor to the Open Source community and is currently majoring in Computer Engineering at Penn State University. Andrew will be working for Argon ST as a software engineer beginning in May of 2008.

138

Conclusion

Issue 21

Published on Free Software Magazine (http://www.freesoftwaremagazine.com)

Protect your server with Deny Hosts Limiting brute force based dictionary attacks By Ken Leyba PUBLISHED: 2008-01-28 Requiring system accessibility via the Internet poses several problems for system administrators. One problem is allowing access by authorized users with the least amount of complexity on the client computer while keeping the system and its services safe from intruders. Common services that may be provided include web server, File Transfer Protocol (FTP) server, and Secure Shell (SSH) server. Each of these services can require different methods of security to ensure only authorized users have access. This article explains how to secure Secure Shell with the DenyHosts program and the prerequisites of configuring the SSH daemon and TCP Wrappers.

Secure Shell Secure Shell (or SSH) is used to log into a remote machine to execute commands on the remote machine. SSH can also be used to setup secure tunnels for X11 connections, for example to run remote graphical applications that reside on the server machine. SSH was originally developed to replace insecure applications like rsh, rlogin, telnet, and others. Most major GNU/Linux distributions have the OpenSSH [1] daemon installed by default. OpenSSH is the free software implementation of the secure shell protocol. The OpenSSH server executable (or daemon) is /usr/sbin/sshd and the configuration file is /etc/ssh/sshd_config. The sshd configuration file contains keyword argument pairs. Two configuration options of note are PORT and PermitRootLogin. The PORT keyword specifies which port number that the sshd daemon listens on. Changing the argument of this keyword from the default 22 to another unused port number allows security through obscurity. The downside to changing this argument is that all your users will need to know the port number to use, and how to configure their ssh clients to connect to this port. The other keyword, PermitRootLogin, should have its argument changed from the default yes to no. Changing this argument will prevent the root superuser account from logging in directly via ssh. Instead, a normal user would have to login and use the su (/substitute user/) command to become root. Changing this argument will have no effect on the root user logging into the console of the server.

TCP Wrappers TCP Wrappers [2] are used as network based Access Control List for services like FTP and SSH. The libwrap library, part of the TCP Wrappers package, provides support for the TCP Wrappers functionality. Most major GNU/Linux distributions have TCP Wrappers support built into services like SSH by using the libwrap library. This can be seen by using the ldd command (used to print shared library dependencies) against the sshd executable. # ldd /usr/sbin/sshd | grep libwrap libwrap.so.0 => /lib/libwrap.so.0 (0xb7f74000) #

TCP Wrappers

139

Issue 21 TCP Wrappers uses two files for access control, /etc/hosts.allow and /etc/hosts.deny. These files utilize keywords and arguments or options for determining access. The /etc/hosts.allow file is processed first, stopping at the first daemon/client match in the file and allows access. If no matches are found then /etc/hosts.deny is processed and the first daemon/client match denies access. If no match is found then access is allowed by default. See the man page hosts_access (5) for more information. This articleâ&#x20AC;&#x2122;s example system is running Debian GNU/Linux 4.0, the default installed configuration is used. # man 5 hosts_access

Even with Secure Shell and TCP Wrappers, other basic security practices need to be in place. Services like SSH and FTP are vulnerable to dictionary attacks. Dictionary attacks are brute force attacks using multiple user name and password combinations to try and access a public system. Possibly compromised systems are used to attack services, sometimes thousands of attempts in a single day. Every entity needs good policies and procedures in place for defining user names that are not common, for example guest, admin and test. There also needs to be a good password policy using a minimum number of characters and combinations of uppercase, lowercase, numeric and special characters.

DenyHosts From the DenyHosts [3] web site: DenyHosts is a Python script that analyzes the sshd server log messages to determine what hosts are attempting to hack into your system. It also determines what user accounts are being targeted. It keeps track of the frequency of attempts from each host. Additionally, upon discovering a repeated attack host, the /etc/hosts.deny file is updated to prevent future break-in attempts from that host. An email report can be sent to a system admin.

Installation Installation of DenyHosts in our Debian GNU/Linux system is straightforward. For other distributions and package managers, see the operating system documentation. Using the apt-get command, install the denyhosts package, which is part of most major distributions. # apt-get install denyhosts

The package manager installs the main DenyHosts Python script /usr/sbin/denyhosts and the configuration file as /etc/denyhosts.conf. The first time DenyHosts is run, it will create a work directory /var/lib/denyhosts/. Note that this work directory is specific to Debian GNU/Linux and by default is /usr/share/denyhosts/data/ (each GNU/Linux distribution may vary). The work directory holds several files which are the data collected by DenyHosts. The files are in human readable format and can be edited manually if needed. If not installed by default, the dependency Python language will be installed by the package manager. In addition, a startup script is installed as /etc/init.d/denyhosts. This script will start DenyHosts in daemon mode and run as a process. Optionally, DenyHosts can run as a cron job. To start DenyHosts with the default configuration and the prerequisites as earlier: # /etc/init.d/denyhosts start

After the work directory is created, DenyHosts processes the SSH daemon log file, in this case /var/log/secure, and determines which hosts have attempted to gain access to the server and failed. To stop the DenyHosts daemon use the stop argument: # /etc/init.d/denyhosts stop

If configuration files or user maintained files, explained in the following sections, are changed the daemon can be restarted: # /etc/init.d/denyhosts restart

140

DenyHosts

Issue 21

Configuration There are several configuration file parameters that determine when and which hosts are added to /etc/hosts.deny and how DenyHosts operates. The DenyHosts configuration file is well documented and lists each option and their parameter values. The file has four sections: required settings, optional settings, daemon specific settings and daemon synchronization. The required settings specify the server specific file locations and threshold levels. SECURE_LOG defines the location of the sshd log file. HOSTS_DENY specifies the file and location of the TCP Wrappers access control list. PURGE_DENY is a time setting that will purge hosts that are older than this settings parameter, an integer followed by [m]inutes, [h]ours, [d]ays, [w]eeks or [y]ears. By default purge is disabled and PURGE_DENY must have a value to be enabled. In this example the purge time will be four weeks (4w), that is DenyHosts will purge host entries older than four weeks. PURGE_THRESHOLD defines the maximum times a host will be purged; by default the parameter is ‘0’, in which the host can be purged or added indefinitely. SECURE_LOG = /var/log/auth.log HOSTS_DENY = /etc/hosts.deny PURGE_DENY = 4w PURGE_THRESHOLD = 0 BLOCK_SERVICE = sshd

In order for entries to the file /etc/hosts.deny to be effective, the service must be wrapped by tcpd, the access control facility of TCP Wrappers, or have libwrap support built in. The tcpd program has not been discussed because sshd has libwrap support in this example. For those distributions that do not have libwrap support, you will need to reference the distributions documentation [4]. The BLOCK_SERVICE setting lists the service(s) that should be blocked. The remaining required settings are left at their default. For more information, see the configuration file settings and comments. The next section of the configuration file defines the optional settings which include SMTP information for sending e-mail reports. The optional section also includes settings for resetting failed login attempts. These time set values can reset failed login attempts to zero when a host exceeds the age reset value between failed attempts. The ADMIN_EMAIL parameter defines the address, or addresses if delimited by commas, that receive the e-mail reports. If the local machine will send the reports then the SMPT_HOST is localhost and the SMPT_PORT is 25. Customization of the “From:” address is accomplished with the SMTP_FROM parameter. The “Subject:” line can be modified with the SMPT_SUBJECT parameter, which is useful if multiple reports are being sent from different machines. If using an SMTP server that requires authentication, the SMTP_USERNAME and SMTP_PASSWORD settings are set. The remaining settings include the time definitions to reset failed login attempts to zero. These settings include AGE_RESET_VALID, AGE_RESET_ROOT, AGE_RESET_INVALID and AGE_RESET_RESTRICTED. All of these settings can remain at their default settings. Otherwise, adjust the values as needed using the same format at the PURGE_DENY parameter. ADMIN_EMAIL = joeadmin@interstellar.local, operatorjane@interstellar.local SMTP_FROM = DenyHosts <nobody@localhost> SMTP_SUBJECT = DenyHosts Report: develsystem.interstellar.local

Daemon specific settings are in the next section of the configuration file. When DenyHosts is started from a cron script, the --purge command line option and PURGE_DENY setting must be set in order to purge host entries. When started in daemon mode the --purge command line option is not needed, but the PURGE_DENY and DAEMON_PURGE settings are required. The DAEMON_LOG settings specifies the log file for DenyHosts when running in daemon mode. By default the log file is /var/log/denyhosts. The log file will contain the settings and parameters of the configuration file during startup and the daemon mode information. To understand what DenyHosts is doing, it is good practice to view this log file. The DAEMON_SLEEP setting indicates the amount of time that the daemon will wait before scanning the file specified by the SECURE_LOG parameter. The default setting for this wait time is 30 seconds. The DAEMON_PURGE setting indicates how often DenyHosts should run the purge mechanism to remove entries in the HOSTS_DENY file. The default setting is 1 hour.

Configuration

141

Issue 21 The last section in the configuration file is for daemon synchronization. DenyHosts has the ability to download and upload, from a central repository, host data from servers around the world. This feature proactively populates the HOST_DENY file so no login attempts can be made from known intruding IP addresses. The daemon synchronization mode is disabled by default.

Optional Files There are two optional user maintained files for DenyHosts operation in the work directory. The file restricted-usernames contains user names, one per line, that are restricted. Restricted means exceeding the value of DENY_THRESHOLD_RESTRICTED in the configuration file, which is 1 by default. There are two helper scripts that are located in /usr/share/doc/denyhosts/examples/scripts/. The script restricted _from_passwd.py scans the /etc/passwd file (the list of user accounts), and displays users that have restricted shells. For example the ftp user account has /bin/false for the default shell. The ftp account should be added to restricted-usernames. The script restricted_from_invalid.py will parse the users-invalid file in the work directory and display the most frequently attacked user names. Both scripts require you to manually add the output to the restricted-usernames file. The allowed-hosts file is optional and is maintained by the administrator: it allows the specification of hosts that are allowed to login. If, for example, there are legitimate hosts that a user mistyped a user name or password, it would be more work to reset the user password and purge the host from the deny file, or manually adding it to the /etc/hosts.allow file. Remember, sshd will first process the /etc/hosts.allow file, and if a match is made login is permitted. The format of the allowed hosts file permits IP addresses, wild-cards and ranges. If there is a subnet of lab machines, the setting could be 10.70.0.*. Another example is a range of IP addresses such as 10.20.0.[100-175], or a single IP address, 10.1.0.236. The two optional files are read at startup; so if any changes are made, DenyHosts must be restarted (see starting and restarting the daemon earlier in this article).

Conclusion DenyHosts is a simple method of limiting the effects of brute force attacks on a GNU/Linux server that has services open on the Internet. The default configuration is sufficient for normal operation. However, it can be customized and it has optional features not enabled by default. With the prerequisite service and libwrap support, DenyHosts adds an extra layer of security in the security process.

Bibliography [1] Open SSH [2] TCP Wrappers [3] DenyHosts [4] ITSO TCP Wrappers

Biography Ken Leyba (/user/5507" title="View user profile.): Ken has been working in the IT field since the early 80's, first as a hardware tech whose oscilloscope was always by his side, and currently as a system administrator. Supporting both Windows and Linux, Windows keeps him consistently busy while Linux keeps his job fun.

Copyright information This article is made available under the "Attribution-NonCommercial" Creative Commons License 3.0 available from http://creativecommons.org/licenses/by-nc/3.0/. Source URL: http://www.freesoftwaremagazine.com/articles/protect_your_server_with_deny_host

142

Bibliography