All posts by albertw

Bye Bye eircom. A letter I sent to my local TD recently

Today eircom implemented their three strike rule. Here is a letter I sent to my local TD recently on the subject.

Dear Ciaran,

Thanks for your tweet regarding the judicial decision regarding the so called ‘3 strike rule’ being implemented by eircom at the request of the music and movie industries. I hope you have the time to read this reply.

You mentioned that ‘false accusations are problematic’. That is true, but there are many other issues.

The success of the Irish economy has largely been driven by our well educated workforce, and that’s whats going to help us going forward. Many Irish businesses innovated and major multinationals set up in the country (Microsoft, IBM, Oracle, SUN Microsystems, etc.) in part thanks to the experience of the Irish workforce with information technology. We are now some 20 years on from when the internet first appeared in Ireland. And while we still have embarrassingly bad infrastructure compared to other European countries the internet is a vital part of our lives. Access to government information and banking are now predominantly done online, much educational content is internet dependent, and it is not even possible to fly with some airlines now without internet access. The Irish government needs to recognise the importance of the internet and establish rights for citizens to have unrestricted and unfiltered access to it.

The three strikes rule is fundamentally flawed for several reasons.

The music and movie industries claim that they can identify the IP address of an offending computer. This raises an important privacy concern, in order to do this they need to monitor the activity of millions of law abiding citizens, and this monitoring is done by private companies not by an accountable public law enforcement agency. Furthermore this activity may take place outside of Ireland and as such may be illegal. The company that the music industry has previously used, MediaSentry, has a track record of false accusations and has been found to be operating illegally in several US states.

Assuming that the industry can identify an IP address, this does not identify a specific computer or individual. For home users the IP address actually identifies the broadband modem and so can identify the account holder. However may computers may use this single IP address, all members of a family may have their own phones and computers connected, as well as visitors. And that’s before we consider the kid next door hacking into your network! It is also possible to fake IP addresses which would also make reliable identification impossible.

But lets assume the unlikely, that the industry has correctly identified the IP address of an offender. They would then be in a position to begin the process to cut the users internet connection. The user identified would be the billpayer, but the culprit could potentially be anyone else. For example a child who despite being told its wrong, continues to download songs. In this case the child could cause the household internet connection to be cut; no one in the house would be able to do online banking, access government websites, shop online, or fly with certain airlines; furthermore a parent may be forced out of work if any part of their job involves working remotely – even though they have done nothing wrong.

So while copyright infringement is a crime, principles of law are being violated here. The punishment is disproportionate, infringing copyright should not result in the user and those they live with being punished as outlined above – a roughly equivalent crime to downloading illegally, stealing a CD or DVD, would result in a minor shoplifting offense – not the banning of the accused and their entire family from using shops! When accused of a crime the accuser must be able to prove guilt and the accused must be given an opportunity to defend themselves; no such mechanism exists with the music and movie industry deal with eircom since it is a private deal that acts outside and above the law.

In short, the 3 strikes rule should be made illegal in Ireland and the EU because: its unreliable, it’s disproportionate, and it affects innocent 3rd parties.

The government needs to follow the example of other nations in recognising the rights of citizens to uncensored and unmonitored internet access. Ireland’s future as a digital economy needs this. By doing so it would bring this deal within the law – since no citizen could be disconnected without a court ordering it.

The music and movie industries have failed for 15 years to deal with the internet. Only in the last couple of years have they embraced digital downloads, and that push has come from from companies like apple (a computer manufacturer), amazon (a online bookstore) and last.fm (started as a project in the University of Southampton) – NOT from the music industry. If copyright is so important to them then they should simply work within the law – bring the evidence to the gardai and have the offender prosecuted in court.

Best Wishes,
~Albert White

Upgrading Opensoalris Guests and Virtualbox

At Home I run windows 7 on my laptop. And in order to run Opensolaris I use virtualbox. Virtualbox in case you dont know about it basically allows you to run an operating system within your main OS. You can also run windows on an opensolaris machine for example.
I had fallen behind a bit with my virtualbox and opensolaris versions so decided to upgrade everything over the past couple of days. First I upgraded virtualbox to 3.1.4 then Opensolaris to build 132. And my graphical login failed to work. Here’s the error from the X log:

(II) LoadModule: “vboxvideo”
(II) Loading /usr/X11/lib/modules/drivers/vboxvideo_drv.so
dlopen: ld.so.1: Xorg: fatal: relocation error: file /usr/X11/lib/modules/drivers/vboxvideo_drv.so: symbol resVgaShared: referenced symbol not found
(EE) Failed to load /usr/X11/lib/modules/drivers/vboxvideo_drv.so
(II) UnloadModule: “vboxvideo”
(EE) Failed to load module “vboxvideo” (loader failed, 7)

Alan Coopersmith helped me work out what was going wrong here. When you install the guest additions on virtualbox they create an xorg.conf file. The existing conf file I had from build 127 and VB 3.1.1 worked fine, and build 127 with vb 3.1.4 worked fine. But due to changes around Xorg 1.7 things broke when I upgraded opensolaris to build 132 – even though virtualbox has support for this.

The solution?

  • Remove the guest additions package.
  • Remove the xorg.conf file
  • Re-install the guest additions
  • Reboot

All works fine now!

A new door opens

We’ve had some eventful days. We had fun and we kicked butt as Scott would say. We changed the world. We were part of the greatest technology company the world has ever seen. We changed computing forever – repeatedly.

And in a few minutes we’ll learn what the future holds with Oracle. I hope Oracle is ready for Sun!

Browsing the support and extras Opensolaris repos in Firefox

Opensolaris users may be familiar with browsing repositories in firefox. To look through the latest Develpoment repo for example you just open up http://pkg.opensolaris.org/dev in your browser.

Things are a little more complicated for the extras and support repos though.

Firstly you need to register to get access to these repos. Anyone can get access tot he extra repo, only supported customers can get access to the support repo. Go to http://pkg.sun.com/register and follow the instructions there to get your key and certificate and verify that you can connect to the repo through the pkg command.

To set up firefox to be able to browse the repo take a little more work. Danek Duvall from the IPS team provided these instructions on how to do it:

Run:

In the case of the support repo use the support key and cert in place of the extras ones above instead. That will prompt you for a password with which to encrypt the pkcs12 file.

Now in firefox add the  pkcs12 file: Edit -> Preferences -> Advanced -> Encryption -> View Certificates ->
Your Certificates -> Import -> choose file (/tmp/OpenSolaris_extras.certificate.pkcs1) -> enter password.

Then point your browser at https://pkg.sun.com/opensolaris/extra/ (or https://pkg.sun.com/opensolaris/support for the support repo).  There’s
a dialog box that pops up saying that the site has requested you identify
yourself with a cert, and gives you a list of possible certs to use.
Choose the right one, click OK, and then you can browse the repo.

Interactive Jumpstart – asking for time

I hit an interesting problem tonight with jumpstart. Or old timeserver has gone away and the jumpstart clients are now going into interactive installs asking for the user to set the time. We rely heavily on automated installs so this needed to be fixed.

The solution was obvious I thought. I’ll just set up one of our servers as a ntp server and tell the jumpstart clients to query that in the sysidcfg files.

The only problem is that jumpstart doesn’t query ntp. After snooping on the server for a while it was clear that the packets reqesting the time were not NTP, they were TIME.

Heres how I diagnosed it.

First snoop the install.

Then once your install has gone interactive you can convert that to a readble format:

Examining the file you can find the time request:

So, whats port 37 exactly? /etc/services tells us that the time server runs there. (duh!)

The service that runs this is in Solaris 10 svc:/network/time:stream

On solaris 10 you need to do

To check that is working ok you can telnet to the server and see if you get any output; if its not running you will get connection refused. This is basically what your jumpstart client is doing.

We are now back to fully automated jumpstart installs!

Opensolaris Code Swarms

Recently I had a discussion with some folks about ways to identify
change in a workspace. In particular if there were ways where we could
judge the risk associated with changes without needing to know the
specifics of the changes or being told by the engineers.

In Opensolaris for example there are flag days. These coincide with
putbacks where a project team has identified major change and tells you
about it. We have something similar for Solaris Update releases.
Sometimes this is great, if there is a big zones or zfs change for
example we know to check patching extra carefully on systems using
zones or zfs. However this isn’t always enough. Every now and again
there will be a putack that causes a regression somewhere and catches
us all by surprise.

Before getting to involved in looking into this problem in detail we
did what all good engineers do. Go and see if someone else has solved
the problem already! And that’s when I got distracted. You see I started
wondering if there was some way to visualise the changes to a workspace
and literally see where risk was introduced.

That led me to Michael Ogawa’s page. There he has
several videos produced from code swarm. In the videos the names of the
engineers are displayed and the files that they are hanging are
represented by dots that swarm around them. Now while this isn’t really
what I started out looking for it does allow you to see the number of
files changed over time. More importantly Michael’s videos looked cool
so I thought I’d give it a go for Opensolaris.

Codeswarm is available from http://code.google.com/p/codeswarm . It will generate lots of png files which you can then use ffmpeg to make into a movie.

There was one problem though; it doesn’t work with mercurial workspaces
out of the box. However  Baptiste Lepilleur worked out a way to get a
compatible xml file from a mercurial repository.

Anyway here are a couple of videos I made. The first is of the Image
Packaging System
. The music is from Dom The Bear (CC by-sa)


Image Packaging System Code Swarm.

Next up the ON gate! Music this time from Alexander Blu (CC by-sa). Vimeo will
only let me embed the SD version here – visit it’s Vimeo page if
you want to see the HD version; its worth watching in HD imo. While you are there you can search for
other code swarm videos – there are nearly 100 up there.


Opensolaris Code Swarm.

Earth Hour – Ireland 9pm March 29th 2008

It started with a question: How can we inspire people to take action on climate change?

The answer: Ask the people of Sydney to turn off their lights for one hour.

On
31 March 2007, 2.2 million people and 2100 Sydney businesses turned off
their lights for one hour – Earth Hour. This massive collective effort
reduced Sydney’s energy consumption by 10.2% for one hour, which is the
equivalent effect of taking 48,000 cars off the road for one hour.

On
29th March 2008 we’re doing it again WorldWide! Friends of the Irish
Environment and the Irsh Light Pollution Awareness Campaign are asking
everyone to do their bit for the environment and turn their lights off
for one hour on March 29th.

In Ireland te event will take place from 9pm to 10pm
rather than from 8-9pm. This is because at Ireland’s latitude it won’t
really be dark by 8pm so in order to see the difference in the night
sky the event will start at 9. Astronomical Societies around the country will be holding events so please be sure to check for details at www.irishastronomy.org/boards.

We need all of you, across the world, not just Ireland, to turn non essential lights off for this hour. Do you really need your porch light on? Does your building really need to be floodlit? And longer term you can think about whether your security lighting is really efficient. Does it allow light to spill above the horizon causing light pollution? Is the bulb too bright for the purpose? Are you using a motion sensor to ensure the light  only goes on when needed? Have a look at the Institution of Lighting Engineers document on Domestic Security Lighting to see how best to use security lighting.

 Heres what the Lord Mayor of Dublin, Councillor Paddy Bourke, had to say about Earth Hour when he announced Dublin’s participation:

"Earth Hour is an international campaign and Dublin
is one of the latest cities to get behind this important event where on
March 29th all non-essential lights will be switched off for an hour. This
campaign is important and everyone from citizens up to Government has a
duty to do what they can against global warming. It is up to us all to
do what we can to reduce our CO2 emissions. Through one simple action,
turning off our lights for an hour, we can deliver a powerful message
about the need for action. I am thrilled that as
Dublin Lord Mayor I will be leading our capital city in its
participation in this international event. It was estimated during the
Sydney Earth Hour last night demand for electricity dropped by 10 per
cent. It would be fantastic if we could do the same in Dublin. I would urge businesses and homes to join in and take part in the campaign."

Earth Hour in Ireland is fully supported by the Irish Light Pollution Awareness Campaign. For further information on the project in Ireland please contact the Friends of the Irish Environment. For global information please visit www.earthhour.org.

Finally here is the promotional video for Earth Hour. Enjoy!

Patch Blog

Recently my Manager started blogging. Despite my initial cynicism it’s actually turning out to be a pretty good blog, and the comments are great.

Communication about patches is an area that Sun could improve in. What they are, how they are created, how they can be installed, when they can be installed, and when and what you should patch are all areas that I’ve received customer queries about.

Patch Automation Tools is Gerry’s most commented post to date. And I’m not surprised. And to be honest I agree with most of the comments – pca is damn good. Hopefully Sun Connection Satellite will be a big improvement on previous offerings.