After seeing many countries applying taxes to storage devices (as it will happen in Portugal from the 1st of July on) to compensate copyright holders (I’m still trying to understand how they will know which one, and not fill the pockets of some opportunist) the news today gave me one more prof that we are heading in the wrong direction. Here is the EFF news article:
European Copyright Madness: Court Strikes Down Law Allowing Users to Rip Their Own CDs
Upon the release of the new version of Kubuntu, I decided to update my Ubuntu machine and move from the rock solid KDE4 to the new Plasma 5 desktop environment. In this post I do a small overview of my experience with it until now.
I first started with the version 5.2 since it is the one that comes with the default repositories. I spent several days on this release and then moved to the newest 5.3 that was launched roughly around the same time as the new Kubuntu version.
So why I decided to move to Plasma 5? Because it is gorgeous, the new default theme and the overall design is a breath of fresh air, it makes all other DE I’ve used with their default themes feel ugly. Second because it is the future and I like the change in strategy used by the KDE team to split the previous huge monolith into several small libraries that can be used independently. The releases are now also divided into Plasma 5 (de Desktop Environment), KDE Frameworks (those libraries) and KDE Applications.
Plasma 5 is great because it maintains the KDE tradition of giving you a huge amount configuration capabilities, so you can make it work the way you want. It also does not try to enforce a tablet/phone user interface, I’m working on a laptop with keyboard and a track-pad not in a touch device.
These were the things that I liked the most in this new version:
It is new but almost everything works as it should. For sure there are still some missing features and personalization capabilities that were present before and weren’t ported for the new version but nothing that time will not solve.
Even though the experience has been pretty good, there are still some rough edges that need to be addressed and lots of widgets/plasmoids are still missing. For example in the last few days I’ve struggled with two issues and haven’t been able to solve them completely. The first one was described here in the official forum and it seems many people had the same problem, the second one is related to the dark version of the theme that suddenly stopped working, as you can see in the following screenshot:
Other thing is that the developer documentation is still in its early days, so, good luck if you want to develop something for this new version.
Summing up, if you are using a UNIX based operating system and like to have bleeding edge software installed, I definitely recommend that you try Plasma 5. You will be surprised with it, but for the time being do not forget to also have other DE installed, in the case you run into some problems, like I did, in moments that you don’t have the time to search for the solution.
Last week was (finally) the premiere of the film “Capitão Falcão“, the first Portuguese super-hero. Since I was one of the “few” that saw the pilot, when this project was supposed to be some kind of TV show, I had high expectations for it (believe me, the pilot was good).
The film is supposed to be a gross satire of the Portuguese regime before the 25th of April of 1974, where everyone that opposes the government is portrayed as a villain.
So this weekend i didn’t lose the chance and went to see it. In the remaining of this post i will make a tiny review of the movie without any spoilers.
Overall it was a good movie, it has its funny moments, hilarious portraits of real life characters and it mocks some political views. The argument is good enough for you to not lose interest in whats going on and the making is within of what is expectable for this kind of movie, without an astronomical budget.
It is good but could be better, as one of my friends said, the movie recycles lots of great jokes and funny content from the 30 minute pilot across the film, without enough new content to maintain the needed density and rhythm. This way there are some moments in the film where that void is filled with longer and repetitive fighting scenes.
Summing up, “Capitão Falcão” is a breath of fresh air in the Portuguese cinema, that I recommend and hope that it leads the way for more good and original movies made in this country.
Note: There might be surprises after the credits
Recently I’ve started “folding” again, to give a small contribution to science and research on important topics such as Alzeimer’s disease among others (as the above video shows). After 2 previous failed attempts (the old computer could not handle it), I’m currently on my longest streak and have just completed the first 100 work units. I know that many people would like to contribute to a project like this but simply don’t know of its existence. So sharing is important.
With almost 15 years, the project continues to thrive and the performance of the overall system continues to grow, mostly pushed by the advances of technology, because the participation, as Wikipedia shows, is far from its peak of 450k processors in 2011. During its existence the team responsible for the project was able to publish 118 scientific papers, based on the results obtained by the collaborative work done by all personal computers that joined the network. It is a visible amount of work that is certainly important in humanity’s continuous fight against these diseases.
The project maintains a leaderboard with stats of its users and teams, making it somewhat fun to see your performance and to compare with others (Portuguese fellows come on and join the team). Contributing is relatively easy and cheap, so i challenge you to start. If you have interest to know what kind of work is being done at the moment throughout the network, the project publishes that information in their website.
To make it easier to see your progress without having to open other programs or websites, I’ve made a simple plasmoid to give you that information.
So if you are a KDE4 user (one version for Plasma 5 is coming out of the oven soon) you can get it here. It isn’t complete yet, since I’ve done it quickly while learning about KDE development, but it is usable.
Please avoid what is happening right now with the student’s platform of my university, that is, letting your SSL certificate expire over the weekend. Initially it will raise suspicion and distrust based on the alert showed by the browser and if the issue lasts too long it will expose lots of users to phishing attacks, since users will not notice the difference between the real site and a rogue one.
Another week, another scandal. The general public might pass by without noticing the recent news about Lenovo computers but the tech community in the Internet is incredulous. What we witnessed was serious and a betrayal of the customer confidence, so in this post I will try to briefly cover everything that I’ve read about the issue and point out how this affects who bought a Lenovo computer in the last 6 months.
Basically the computers were sold with a piece of very intrusive ad-ware (that could be called malware since it is not that different). This software supposedly stands in the middle of every Internet connection that the computer makes (even secure ones) and tries to inspect its contents and inject advertisement on the websites that the users visits [source] [prof].
On the technical level, this software was able to avoid the securities measures and alerts implemented by browsers by issuing a self-signed root certificate that was added to the list of Trusted Certificate Authorities. This way it was able to trick the browser into thinking that it was connecting to the valid website, issuing certificates when needed, when instead it was talking with the ad-ware (SuperFish) and the secure connection was instead being made by it [source].
Besides users being spied and secure connection being compromised (for example.with bank websites) by the hardware vendor, like many as already stated, this leaves a huge security hole that can be exploited by people with bad intentions. [source]
In fact as we can see in this tweet, once this issue was uncovered people started digging into the subject and already uncovered the private key, with gives the anyone the ability to sign certificates, tricking the affected users into believing they are visiting the correct website when in reality they are on a malicious one. According with some articles it was relatively easy and the password is the same for every machine. [source]
Thankfully, given the enormous pressure on the Internet and media attention, the company tried some excuses and provided some tools to remove the software. But … there is always a but, the less alert users might not know they are vulnerable and it seems the certificate problem is still persisting (probably the worst issue). Fortunately Microsoft stepped in and its windows defender tool that comes bundled with the operating system will automatically clear the software and reset all certificates. [source]
For the most suspicious users, some people created tools to check if the machines are still vulnerable (here and here).
Summing up, this serves as a reminder to be careful with the software that you install in your computer. If possible, when acquiring a new machine, the first step is to clean the disc and install everything yourself, i recommend using a Linux based operating system.
P.S.: Digging into the root of the issue and knowing who crafted the problematic software.
The KDE ecosystem is filled with great applications, an awesome DE and great tools to develop computer software. I’ve been a satisfied user for a couple of years and I’m still learning and discovering new features and capabilities of this software collection.
The last one was “KDE Connect“, available since 2013 (I’m late to the party), allows you to pair your Android mobile device with your computer, giving you the ability to do stuff like:
It started as a Google “Summer of Code” project, but the development continued and many more features seem to be planed according to the blog of the developer. The installation was pretty easy and the first synchronization straightforward, but you have to be careful and set your firewall rules accordingly or the devices won’t detect each other.
If you didn’t tried it yet and use KDE, please do. The design of the application is basic but the functionality is great. Here is a little video of the software in action:
2014 was a year where we witnessed a huge amount in Internet related security incidents, in the previous years, the world understood that our Internet usage is not only accessible to us and our service providers but to every middleman in the way as well. So it is natural that the recent trend is to secure our communications through the Internet to make the whole web safer, not only emails or chat conversations but our navigation too.
Last year we saw the rise of many projects that pretend to improve the security of the Internet’s users. For example, most of the big companies enforced the use of HTTPS to access their services, CloudFlare’s launch of Universal SSL, the spawn of “Let’s Encrypt” project and major initiatives to promote the usage of private browsing tools like “tor” and encrypted chat apps like ChatSecure, TextSecure, etc.
In the long run this will certainly contribute to better and safer web. That is why I decided to start this year with a major change on my personal websites and pet projects, for now on all of them will only be accessible through HTTPS. I know it is not a perfect system but it is a step forward.
I am using Cloud Flare Full SSL, until the “Let’s encrypt” project takes off this summer. This approach however is not an end-to-end encryption scheme since all traffic is decrypted and encrypted again in the servers of the CDN. This is a drawback (and a deviation of the original concept of SSL) but it still is better than nothing and should be fixed by the summer.
Last month I attended an interesting event here in Coimbra, about the concept of Open Data, which is described in Wikipedia like this:
Open data is the idea that certain data should be freely available to everyone to use and republish as they wish, without restrictions from copyright, patents or other mechanisms of control.
During the event several topics were discussed around this issue, but the ones that caught my attention were focused on the European directives about this subject, the Portuguese case (our government approach on this issue), licenses that should be used on this kind of content and data visualizations.
The major arguments used to incite companies, public entities and essentially governments to release their data in an open format, so it can be used by the general public and other entities were:
In the morning Cristiana Sappa, argued that all this data should have a license that gives permission to the users to reuse it for both commercial and non-commercial purposes, allows the creation of derivative works and doesn’t have any “Share alike” condition. One good example is Creative Commons Zero (CC0).
In the afternoon, the Portuguese case was presented, where several initiatives were explained like Dados.gov, Portal de Transparência Municipal and Portal do Software Público. Despite all the effort, at the end of this talk i was left with the impression that there is still much to be done and that the quantity and quality of the released data is not there yet.
The day ended with a talk given by Paolo Ciuccarelli about data visualizations. In this talk he defended the need to turn the raw data into something that people could perceive what was being shown to them and reason about it. He then gave many excellent examples of amazing work that he and his team had done in the past. I would like to leave one reference to a tool, called RAW, that was presented which, helps the common user in the creation of nice visualizations for his data. You should check it out.
Concluding this post, i would like to leave here some useful links that were shared during the event and where interesting public data is published. Here they are:
In the beginning of last week, during the days 13 and 14, I and some guys from Whitesmith went to Braga for the first RubyConf Portugal. I’m not a huge fan of Ruby but since i work with it from time to time, i took the chance to learn a little bit more about it and improve my understanding of the language.
The event was pretty cool and if you go through the agenda in the site you can see that the speakers that gave the talks are well known individuals in this community. The good stuff about this conference started with the choice of the city of Braga to host the event, since this kind of stuff in Portugal always happens in Lisbon or Oporto.
The venue was in an amazing spot, called “Bom Jesus”, that has a nice view over the city as you can see in the photo below:
I liked some of the talks, essentially the ones that are related with my work, the rest didn’t said much to me but this is normal and it happens in every event. The funny part was that in this event we spent more time hearing about other languages (Javascript, Go, Rust, C) than ruby even though they were related with the ruby ecosystem.
The host of the event was Jeremy Walker, and he did a great job from the start where he showed up dressed as a roman guy (seems it was the theme of the event) until the end of the last talk.
Regarding the contents of the conference, in the first day i really enjoyed the talks “Building better web APIS with rails” and “Writing fast ruby“, this last one was already available online (video, slides).
In the second day the two presentations that i liked the most were: “TBA” (according to the speaker that was exactly the name of the talk) and “Search Your Feelings: Multi-Table Full Text Search in Postgres“, both without too much ruby. One addressed Rust and the other Postgres, two topics I’m really interested in improving my skills at the moment.
Aside from the talks the rest of the event (food, party, etc) was great. The only complain that I have is about the conditions of the room where the talks were given, since those who were unfortunate (or late) to stay in the back of the room had some issues to properly see the slides (as you can see in the last photo, I was in the middle of the room).
Finally I must congratulate the guys at Group Buddies for the organization of this conference. I hope this kind of events become more common here in Portugal and happen outside Lisbon, so more regions of the country can benefit from them.
Edit: For those unable to be there, the organization just released some photos and videos taken during the event. You can find them here and here.
When I was buying my laptop some years ago, I wished I knew of a website with a database of hardware that works well with free software. Specially with any operating system based on Linux, so I wouldn’t get into too much trouble to get everything working. Instead I ended up purchasing a machine that came with Windows and a bunch of hardware that depended on proprietary drivers to work well. It took ages to get every feature to work as it should on my chosen distribution.
Recently I discovered h-node, a website created by the free software foundation (FSF) together with Debain GNU/Linux which tries to:
… aim at the construction of a hardware database in order to identify what devices work with a fully free operating system.
Since not everyone uses Windows or Mac OSX, I hope this might be helpful to those reading this blog. As for me, next time I need to buy something I already know where to start my research.
The Web We Lost, a two years old post with a message that still stands. For those who have an hour to spare, some good points are addressed in the video and in the Q&A afterwards.
When talking about privacy and online surveillance (a topic that has been in the spotlight over the last year) with friends, colleagues and people that haven’t given much thought about these issues, the most common answer i hear is (as you’ve already guessed) “I’ve nothing to hide”, which is fallacious argument. Arguing with someone that has this mindset is really difficult because most of the time (in my experience) it means one of 4 things:
Trying to convince this person that privacy in the age of the Internet is a topic worth discussing is really hard (it got a little easier after last year’s events).
Today I’ve read an essay that really sums up some of the arguments i would use to show to someone that privacy matters. It is a long read but it worths the time spent: