NSA: Please Turn off the Lights When You Leave. Nothing to See Here.

Linux Advocate Dietrich Schmitz shows how the general public can take action to truly protect their privacy using GnuPG with Evolution email. Read the details.

Mailvelope for Chrome: PGP Encrypted Email Made Easy

Linux Advocate Dietrich Schmitz officially endorses what he deems is a truly secure, easy to use PGP email encryption program. Read the details.

Step off Microsoft's License Treadmill to FOSS Linux

Linux Advocate Dietrich Schmitz reminds CIOs that XP Desktops destined for MS end of life support can be reprovisioned with FOSS Linux to run like brand new. Read how.

Bitcoin is NOT Money -- it's a Commodity

Linux Advocate shares news that the U.S. Treasury will treat Bitcoin as a Commodity 'Investment'. Read the details.

Google Drive Gets a Failing Grade on Privacy Protection

Linux Advocate Dietrich Schmitz puts out a public service privacy warning. Google Drive gets a failing grade on protecting your privacy.

Email: A Fundamentally Broken System

Email needs an overhaul. Privacy must be integrated.

Opinion

Cookie Cutter Distros Don't Cut It

Opinion

The 'Linux Inside' Stigma - It's real and it's a problem.

U.S. Patent and Trademark Office Turn a Deaf Ear

Linux Advocate Dietrich Schmitz reminds readers of a long ago failed petition by Mathematician Prof. Donald Knuth for stopping issuance of Software Patents.

Thursday, October 31, 2013

Tyranny Will Gain a Foothold if People of Good Conscience Remain Silent

by Dietrich Schmitz

A good Friend, +Yie-Ming Chen wrote in a Google Plus post of mine today:

"All tyranny needs to gain a foothold is for people of good conscience to remain silent." - Edmund Burke 
Tyranny is at our door knocking.  Today's news included a story in the Washington Post NSA Infiltrates links to Google, Yahoo, worldwide, Snowden documents say(Image credit: Washington Post)

Another revelation has been made that the NSA have been camping out on the inside of the Google cloud firewall, cherry picking data -- yours -- like taking candy from a baby -- the method for how the NSA exploit to break through the front-end SSL server is documented in slides like the one shown above.

Sadly, the data fest has been going on for quite some time and Google and Yahoo officially disclaim any knowledge that such activities have been occurring.

It's too bad because the entire cloud behind the firewall has been 'clear text' as shown in the above slide, which means your data isn't encrypted and directly human readable.

Why hasn't Google taken steps to protect your Drive data with encryption?

The truth of the matter is: MONEY

Advertising revenue is obtained by parsing your documents and positioning adverts in the gutter margins as users of Google services like Drive and Gmail go about their daily business.  If Google were to encrypt your data, then they could not read it and run adverts any more.   

It is outrageous that Google chose not to take action because of this and I would suspect the same pertains for Yahoo.

This is a major error of negligence and abrogation of responsibility on the part of Google to protect the public's right to privacy.

The technology has been available right along which is now routinely used by other cloud services like SpiderOak, Wuala, and Kim Dot Com's Mega to encrypt the entire data stream of data space in the cloud.  It's not difficult to implement and even SpiderOak have now offered their own software framework, Crypton.io, for Developers to implement Zero-Knowledge Encryption (ZKE) at any Cloud ISP.

This is no longer an option.  ZKE should be considered a mandate and, as such, consumers and businesses should insist upon having it or boycott using the respective Cloud ISP's services.  If we all insist on it, we will have power in numbers and can have an effect on the outcome hopefully in a positive way.

The benefit to the user of rented Cloud data space employing ZKE is that all data stored in the Cloud is first encrypted locally (in the memory space of the user's PC) and a private key is maintained locally by the user not physically present on the Cloud data drive.  This makes the data on the Cloud transparent and as such the ISP will have Zero Knowledge of what is being stored other than an encrypted byte stream written to a block level drive.

With ZKE for a third party to request access would then require their serving the owner of said data with a warrant before viewing the personal and privately protected information.  Good citizens presented with a warrant will comply and unlock their data if the warrant is justified by a Court Judge as having 'probable cause' for issuance.  That has always been historically the case up to 9/11 but with the Patriot Act, the erosion of the U.S. Constitution was begun.

Today, some twelve years hence, the degree to which the law has been disregarded is allowing unobstructed intrusion into all corners of our private electronic communications.

I am drawing the line here.  Google must take steps immediately to adopt ZKE for all of their media storage used by consumers and businesses or I will no longer support and use any of their services whatsoever.

They have two weeks to come up with a clear public plan to protect the public's data from unwarranted access or I will end it.  Boycott Google Cloud services if they fail to act.

 -- Dietrich 
Enhanced by Zemanta

RetroShare: For the Paranoid in You!

by Dietrich Schmitz
(Originally published: 6/7/2013)
[Edit: Some raised concern about sharing their F2F key via regular email.  To use a 'darknet' method, try either cryptocat.bin or cryptocat.org]

It's all starting to make sense now.  We've heard rumors that this National Security Agency was snooping around in our private affairs.

Turns out, it's been going on for longer than we think, like, since 1952?  That's the latest.

So much for the book 1984.  Should have been 1952.  Okay so what if George Orwell was off by about 32 years.  Still, it's amazing how he pegged the future with such eery accuracy.

Okay great so, now what do we do given that our every move is being examined like getting a colonoscopy?

You should now not worry what people think if you take extra precautions with your privacy, particularly on the Interwebs.  That's right.  Let them call you paranoid and then throw one of these stories in their face and say with confidence: YES, I AM PARANOID AND I AM FINE WITH THAT!

So seriously, is there anything that can be done on the Interwebs without having it owned and/or seen by someone these days?

Actually, I am glad you asked the question.  It just so happens there is.

An interesting piece of software has been in development going on several years now, called RetroShare.  Errrm okay, sooooo.

So let's check it out.

RetroShare


What is RetroShare?


RetroShare is the next generation sharing network, which provides:

  • Reliable Identification and Authentication of your friends.
  • Plus an Introduction Scheme which connects you to the friends of your friends, and facilitates network growth.
  • Encrypted Communication, ensuring all shared information is known only to you and your peers.
  • A Communication Platform which can potentially support services such as Secure Email, File Sharing, Streaming, Video or Voice over IP, Photos, Wall and Messaging
  • A Decentralised Social Sharing Network designed **For the People** with no dependancies on any corporate system or central servers.
RetroShare is built on GnuPG and is a serverless encrypted peer-to-peer network, but with a slightly different twist, called 'Friend-to-Friend' or F2F for short.

You see, this is a 2048-bit RSA-encrypted SSL tunnel through which your activity travels but every node along the P2P network is on its own 'private' channel.  In other words, there may be thousands of users using RetroShare but you only see those 'Friends' with whom you explicitly take the step of sharing your private F2F key.

Setting up RetroShare is easy.  Once installed, you send an email to your Friend(s) with a copy of the F2F key.  Then, they do the same, by installing RetroShare and sending you their F2F key.

The result?  Log into RetroShare and immediately you'll see your Friend on the private chat, and if you choose you can also share file folders with them and also emails.

Probably one of the most interesting aspects of RetroShare aside from being P2P is that email is a totally closed loop--just between you and strictly your Friends.  For an email to reach you, the sender must possess a copy of your F2F key and you must have their F2F key.

It completely eliminates spam.  And provided that you are only friending people with whom you are personally familiar, there's no loss of privacy whatsoever, in terms of your private activities.

Aside from eliminating spam, it's going to be really hard for any kind of eavesdropping on this system because of the SSL tunnel and 2048-bit length RSA encryption key cipher strength.  How hard?  Reheheheheheheheheheheheheheheheheheheheheheeeeeally hard.  Here is an example of how hard:


I fully expect to see comments stream in with assurances that this key is crackable.  No one has been able to substantiate such claims to me.  But please, bring it.

Feature Summary

  • Serverless, completely decentralised
  • Multiple simultaneous downloads / uploads
  • Search Friends
  • Messages
  • Forums
  • Channels
  • Voice over IP
  • Instant messaging
  • Groupchat
  • GnuPG Authentication
  • OpenSSL Encryption
  • adding downloads via website links
  • Plugins support
  • UPnP / NAT-PMP port forwarding support
  • Graphical User Interface written with Qt4 toolkit
  • System tray integration

So Folks, this is really is a nice implementation and I seriously recommend you try it.  Now that cat has been let out of the bag that 'big brother' truly IS watching (like we didn't know pfffft chaahhh), go get your copy of RetroShare and let your paranoid Friends know about it too.

We can all live in a state of paranoia together, you know, as the paranoid circle of Friends on RetroShare. ;)

Be Safe.

-- Dietrich

Enhanced by Zemanta

Feeling Paranoid? Take Your Meds: RetroShare

by Dietrich Schmitz
(Originally published: August 12, 2013)

Feeling paranoid? Take your meds: RetroShare

It's therapeudic!

RetroShare is not circumventable by the NSA or any other agency.

Enjoy fool-proof privacy-assured communication with your dear and closest Friends and Family, including chat, audio/video calls, spamless-email and file sharing.



RetroShare is a peer-to-peer encrypted, decentralized (cannot be taken down like MegaUpload) system where you choose only those you deem to be 'known' friends with whom to explicitly share your Friend-to-Friend (F2F) RSA 2048-bit encryption key.

The NSA 'hate' RetroShare. It's open source and free and replicated on mirror servers around the globe so agencies cannot block its use by the general public who wish to maintain their 'right to privacy'.

Versions are available for Windows, Mac, Linux, and BSD Unix.

Privacy. It's your right. Own it with RetroShare.

Website link:

http://retroshare.sourceforge.net/

Be safe. -- Dietrich
Enhanced by Zemanta

Wednesday, October 30, 2013

The Debian Init System Deba{te|cle}

by Dietrich Schmitz


Debian Linux has had a long-standing reputation of being staid and pragmatic in their decision-making.  Even their software release management policy is on the long side when compared with other Distros.  A typical 2-year software cycle just doesn't cut it in today's Internet World operating at the 'speed of light'.

So, it would appear, the time has come for Debian's maintainers to make a decision as to which init system to adopt going forward.


While Debian 7 Squeeze includes systemd as an installable option, the default init system is sysvinit.


The debate currently being conducted at Debian is whether they should move to Upstart (used by Canonical Ltd.'s Ubuntu Linux), or, to systemd instead, going forward and as such a position statement has just been drafted on the Debian wiki site.



Sysvinit Disadvantages


The Debian Team has had many years of good results using sysvinit, but recognize it's limits are now beginning to show strain.  And with a feature freeze for Debian 8 nearing, they must determine which init system will become the new default replacement for the aged sysvinit.  


Here is their list of disadvantages for using sysvinit going forward:



  • Sysvinit lacks service supervision. While /etc/inittab provides this capability, management of /etc/inittab is quite restrictive. Upstart eliminates the need for complicated PID file handling for all services. There are bolt-ons that allow you to do service supervision on top of sysvinit, such as runit, but it's clear that these are bolt-ons.
  • Sysvinit does not track dependencies between services. Insserv/startpar provides this on top of sysvinit, but this is again very much a bolt-on, and only handles dependencies at boot/shutdown time (i.e., during runlevel changes) and can't handle any complicated service interdependencies at runtime. Upstart expresses this information in the native service configuration format, clearly and concisely.
  • Sysvinit requires complex shell scripts for each service. While some of the complexity has been abstracted out into common helpers (lsb-functions; start-stop-daemon), having to represent each service's start/stop handling as a program is a severe handicap. Upstart jobs are simple, declarative, easy to maintain, and easy to modify locally as needed. They also eliminate the longstanding nuisance of update-rc.d reactivating services behind the administrator's back on upgrade.
  • Sysvinit is linear. It stopped being a good fit for boot management on Debian the moment Debian adopted udev. There are many race conditions that persist in Debian today when booting with sysvinit, and although these may be fixable, the complexity for fixing them with sysvinit is very high. We're better off switching to an init system that's designed to work together with the event-based kernel and udev.

Upstart vs. SystemD

Clearly, Debian developers recognize that the time has come to make a change.  

In the opinion of the author(s) of the position statement, it would seem to place both init systems on equal footing insofar as features are concerned: 

"In terms of overall feature uplift of the init system itself, there is really rather little to distinguish upstart from systemd. Both would represent a huge step forward for Debian over sysvinit. If Debian did not adopt upstart, systemd would certainly be my second choice."
Looking further for some substantive information in the position statement, the author(s) go on to make some subjective comparisons:


But despite the init systems being comparable at the feature level, there are reasons that I think upstart is a better fit for Debian than systemd.
  • SystemD is Linux-specific. Upstream has been very clear that they are not interested in accepting porting patches to enable systemd to be used with kernels other than the Linux kernel. If Debian wishes to continue to support non-Linux ports, this significantly reduces the benefit that maintainers would gain from having a simpler init format to support.
  • SystemD is hasty. Debian is late to the party when it comes to adopting a better init system, but systemd is evolving rapidly and does not have a long track record of backwards-compatibility that it can point to. While systemd is unlikely to break any interfaces that upstream has promised to maintain, I think there is a risk that newer dependencies will be driven by the version requirements in Fedora and RHEL, leaving Debian to fend for itself with respect to sorting out rocky transitions on upgrade - not unlike the problematic udev transitions of the past. Upstart is committed to maintaining compatibility across stable releases of Debian, just as it currently does between Ubuntu LTS releases. While upstart seeks to leverage newer kernel features where this makes sense, we are committed to having sane upgrade paths and not depend on such kernel features prematurely.
  • SystemD is "greedy". Most of the recent arguments about why it's dangerous to adopt upstart instead of systemd center around features that are being built into systemd in a manner that can't be separated out (e.g., cgroup management in PID 1). There is an advantage to the implementor to put these features in-process in init, because it ensures early availability with no concerns about startup ordering at boot, but it commits downstreams to a monolithic design with respect to parts of the system architecture which are not settled questions in the wider ecosystem. Debian should take a principled position regarding its future architecture, and not find itself at the mercy of other parties who wish to dictate design to us.
So, it is apparent the author(s) are in favor of Upstart but would 'consider' systemd, yet, go on to reinforce with additional reasons why Upstart should be considered over systemd.

As though that were not enough, Google Plus user and Intel employee/Gnome community member +Sriram Ramkrishna  threw his opinion into the mix characterizing the whole subject as having morphed from its original purpose.  Ramkrishna writes:


"...the whole debian systemd discussion has turned into a referendum on GNOME being the default DE for Debian with those who want to switch advocating switching to XFCE as I would imagine that it works closest to what GNOME 2. Why they didn't pick Mate, I don't understand if they want the GNOME 2 experience.

The discussion seems to miss the fact that they would miss out on Wayland and moving to a new display server? They can of course do what they want as that is their prerogative. But it seems that long simmering resentment against GNOME and the change in UI has risen to the fore with the small dependency that GNOME has on systemd. They are using that as an excuse to drive a change in DE.
There are a lot of good reason to use systemd, all that has been rehashed. But the biggest nonsense I've read (as an IT guy) is the fact that we should have a choice in init systems. What the fuck? Essentially people just want to make every part of the OS to be hot swappable. Who would want to support such a system? Who will QA all these combinations? It's madness!..."
However valid the reasons set forth in the Upstart vs. systemd position statement may be, the level of emotion rises whenever a discussion is had concerning moving to +Lennart Poettering's  systemd.  Personally, I believe in the long-term systemd will become the best option receiving full support from the Linux Foundation's kernel.org developers insofar as plans to merge udev and systemd into the kernel are concerned.

The concern is that Debian's pragmatism may work against them and cause a backlog queue of software development issues.  So, acting in a timely fashion in today's world is vital to remaining competitive for any Linux Distribution.  

Hopefully, the Debian Team have recognized this and will respond by making adjustments to how their organizational structure and decision making process works to result in overall efficiency improvements.


As for the Debian init system issue, my money is on Debian going with Upstart, since that was the system chosen by Canonical Ltd. for Ubuntu and Mark Shuttleworth has no intention in making a change any time soon.  This would put both Distros and their derivatives in alignment with each other going forward and efficiencies would obtain.


Here's hoping Debian reaches a decision which best serves their future needs.


-- Dietrich

Enhanced by Zemanta

Monday, October 28, 2013

SolusOS Sunsets as Ikey Doherty Rises

by Dietrich Schmitz


+Ikey Doherty, founder of SolusOS (image: right), wrote on his website the other day:


It is with a heavy heart that I must announce the closure of SolusOS. Simply put, there is no longer enough manpower to fulfill [sic] the vision. What began as a Debian derivative evolved into an independent distribution, without the large development team required to back such an effort.”

However difficult that decision may have been, I know that Ikey has broken through to the other side.  You see, it's been a long, long, terribly difficult life struggle for him as I gauged his progress over the last year.  Finding work, keeping his dreams alive, was almost impossible, and, at times, desperate.

Yet, somehow, he kept going and one day not long ago landed a really good full-time paying job that put his exceptional talents to good use.  If you think about it, the struggles, the frustration, all were not for naught.  Everything happens for a reason.

Ikey had to do what he 'had to do' and SolusOS was his mountain to climb, his intellectual struggle, to reach the mountain top.  It was that he maintained the struggle, fought hard for what he believes in, that kept him going and ultimately led him to his destiny.

No, I am not sad.  I am exceedingly happy for Ikey and know that he'll be taking on life's challenges and changes as he has always done -- with zest and an unparalleled joie de vivre -- straight on, dukes up and swinging -- fighting the good fight.   

This is a Man with integrity, ethics, and exceptional capability on his way up.  Step aside.  Best of Luck my Friend.

-- Dietrich
Enhanced by Zemanta

Monday, October 21, 2013

Elitist Mark Shuttleworth Exhibits Temper Tantrum

by Dietrich Schmitz


So, this past Thursday, October 17, 2013, Canonical Ltd. released Ubuntu 13.10 Saucy Salamander.

A post from Canonical's "Self-Appointed Benevolent Dictator for Life", Mark Shuttleworthappeared the next day.

Honestly, I think what Canonical Ltd. have done insofar as supporting Wayland from its inception up to the point of general release, only to then spring an announcement for Mir, was blatantly transparent and a power grab to seize strategic control of ongoing Display technology driver development. (Image credit: http://oralhealthmatters.blogspot.com)

The end result is that this decision has substantially left Unity on its own island with a 'one of a kind' display driver technology which, as it turns out, nobody is interested in adopting.  The crowd of Distros are all making plans to eventually move to Wayland, at the right time of course, but staying with tried and true X.org for the time being.

Good Decisions, Bad Decisions


So, how exactly does a company make decisions of this kind?  At the very least, one wonders to what extent this is a company driven by any kind of Democratic consensus building.  It would seem, whilst Canonical Ltd. fill the heads of their Developers with the notion that they are 'community' and that their opinions matter,  actions speak louder than words, showing what has been largely regarded as questionable decision making and most likely coming directly from the top.

Smart Scopes, Not so Smart


Take Smart Scopes, for example.  Why would anyone want to forego using an Internet browser to do their web-centric tasks, instead, on the Desktop?  And, why would anyone want to have their privacy details shared with a Canonical Ltd. server to boot?  How does this make sense?  And how is that even the 'smart' thing to do?  Fortunately, Canonical Ltd. saw fit to allow the end user toggle Lens and Smart Scopes features off entirely with a global setting switch.  But this so-called 'feature enhancement' is there now, like it or not.

Arrogance, Elitism, We Know Best


It's one more 'in your face' example of the Canonical Ltd. 'elitist' 'we know what is good for you' mentality which is being fed to the end-user via a 'force feed' funnel method.

Arrogance is such that it can lead those in power to become reckless and lose sight of common sense practical ways of doing things.

It's Our Way or the Highway  


Starting with Unity in Ubuntu 11.04 came the 'parting of the ways' with upstream involvement on shared community decision making (regarding ongoing Gnome development).  Through a series of software revision cycles, Unity evolved further with Canonical taking key pieces of Wayland's infrastructure so as to ensure full control of their own branded Mir Display technology.   At present, Xmir/Mir is only an option with 13.10, but the next version and thereafter will lend full support to Mir display technology and quite possibly no 'fall-back' option for end users.

No, Mr. Shuttleworth is not a happy camper.  It is quite evident in his temper-tantrum post and he goes so far as to label in broad strokes anyone who challenges him as part of the 'Open Source Tea Party'.  Now, in my estimation, that is simply bad form and really underscores his lack of maturity.

No, he's not content to stop there.  He even takes shots at the fine work done by Lennart Poettering and Kay Sievers, on Systemd.

Here's an excerpt of what Mr. Shuttleworth wrote:

"Mir is really important work. When lots of competitors attack a project on purely political grounds, you have to wonder what THEIR agenda is. At least we know now who belongs to the Open Source Tea Party And to put all the hue and cry into context: Mir is relevant for approximately 1% of all developers, just those who think about shell development. Every app developer will consume Mir through their toolkit. By contrast, those same outraged individuals have NIH’d just about every important piece of the stack they can get their hands on… most notably SystemD, which is hugely invasive and hardly justified. What closely to see how competitors to Canonical torture the English language in their efforts to justify how those toolkits should support Windows but not Mir. But we’ll get it done, and it will be amazing."

Unlike Ubuntu, which still employs Upstart, many Distros have already adopted Systemd without hesitation.  There are hold-outs, but the vast majority appear to be in favor of it.

So, why is Mr. Shuttleworth firing volleys across the bows of so many?  It's an interesting question.

Might it be that Mir is encountering difficulties and the continued splintering of derivatives grows as opposition mounts against it use?

On-ramp to Wayland


What Mir has done is essentially drive a wedge into the community and a parting of the ways is occurring as Developers are forced to make a choice as to when to stop supporting X.org and with what technology.  I reached +Aaron Seigo (image right) to have his view on the state of the art in Display Server technology.  Here's what he had to say:

"The KDE community has had a long-term roadmap for Wayland adoption that we've been executing over the last two years. We routinely reexamine such roadmaps to ensure they remain sensible. The broad community and industry support for Wayland, our confidence in the proven team behind it and the high quality releases we've seen thus far have convinced us to stay the course on Wayland. Foundation technologies such as Qt have had high quality Wayland support for several releases and key components for the Plasma Workspace such as the KWin window manager have seen initial work completed. We expect Plasma on Wayland to be ready for production support during the Plasma 2 lifecycle, the next major release which we are currently working on. Having a consistent experience across as much of the technology stack as possible is valuable to our users and partners, and so we are very happy to join the likes of Intel, Red Hat, Jolla, Tizen, GNOME and many others large and small on the road to Wayland."

Conclusions


That's a solid endorsement for Wayland and despite what the future holds for Xmir/Mir, the message is clear: there will be an 'on ramp' for Developers to take in replacement of X.org.

It's not a good sign nor becoming of an Executive Officer to be making such inflammatory statements about those with whom he must cooperate to ensure the success of Linux for many years to come.  Whether or not he intends to 'mend his fence' remains to be seen but it would not only be in his best interests to extend apologies for his inappropriate remarks but also the right thing to do.

-- Dietrich
Enhanced by Zemanta

Saturday, October 19, 2013

Lubuntu 14.04 Goes LTS

by Dietrich Schmitz

Finally, an agreement has been reached with Canonical to support Lubuntu for Long-Term Service (LTS) in the next release cycle (14.04).

There is much work to be done and Lubuntu is looking for your help.  Pitch in whenever and wherever you can to make Lubuntu 14.04 LTS a success! (Image credit: Wikipedia.org)




Here's a video explaining the process for moving to LTS:


Best Wishes to the Lubuntu Developer Team for a successful outcome!

-- Dietrich
Enhanced by Zemanta

Friday, October 18, 2013

Manjaro Linux: No Assembly Required

by Dietrich Schmitz

So, okay, I've known about Manjaro for quite some time.  I put it on a pen drive and took a look at it and at the time last year it was using a Ncurses installer.  There were niggling issues with it so I aborted the installation.

Yet, it still intrigued me mainly because it uses Arch and AUR and given all of the talk about how fast and light Arch Linux is, it was interesting to see someone attempting to take advantage and fill what I feel is an unmet need.

Many would like to try Arch, but the technical expertise required is a barrier.  Arch isn't user-friendly and one cannot simply press a button to start an install GUI and have all the 'black magic' taken care of for them.

The Arch purists do love that aspect and I understand that need to get under the hood and get grease under one's fingernails.  Only, it's not for me and I've mentioned this many times to my Arch Friends -- it will never gain broad adoption because major assembly and technical expertise is required to put Arch on your Desktop.

So, today, I gave Manjaro 0.8.7 a try.

The install process now includes options for either CLI or GUI.  Naturally, I chose GUI.

The install could not have been easier and routine, I thought.  This will work for the majority of newcomers to Linux for sure.

The notorious Broadcom wireless on my Acer Aspire One D260 was detected and worked straight up from the live installer.  It wasn't more than 20 minutes before the process completed and asked me to reboot.  That I did and noted that reaching the login screen took no more than 15 seconds.

I chose the OpenBox version (verses Xfce) simply because it would use the least ram in my experience.

The desktop sports conky and the setup includes compton compositor effects which are used judiciously and the muted gray with light green is pleasant to the eye with a design that approaches minimalism.

The appearance immediately reminded me of CrunchBang.  Only I would estimate Crunch still is speed king and ram sipping extraordinaire.  The Desktop in Manjaro despite being OpenBox shows 200mb ram used.  I would have expected lower but okay, it's still lightweight as far as I am concerned.

The terminal is LXTerminal and the file manager is Thunar.

In the systray was an octopi update reminder which when run shows the updates to be installed in a graphical window (see below) yet when I commit to doing the update, octopi simply opens a terminal window and launches a pacman script -- I guess that is 'doable' but I'd have expected the gui to do all of the presentation.

Running Octopi software updates on Manjaro 0.8.7


So this is Manjaro.  I am reserving judgment and will see how far I get using it.  Out of the box it comes with Firefox and Adobe Flash 11.2.x preinstalled, which is a plus.  The kernel is 3.10.x which means it 'should' support seccomp-bpf applications like Chrome and ssh.

Regretfully, I was unsuccessful in installing Chrome stable using Manjaro Forum supplied directions -- makepkg returned a dependency error.  Good Friend +Cirrus McMinor has offered to dial up and get it working, but, it would be nice if one could download Chrome directly and install from the Google website but that appears not to be the case for Arch and derivatives like Manjaro.  That would place pacman-based Distros (Arch) on equal footing with DEB and RPM Distro Google supplied versions.  So, I'll settle for Firefox and see how far I can get with it.


If you have used OpenBox, it's pretty basic and there isn't much to say other than Manjaro at least updates OB's menu to reflect the addition of an application, unlike other Distros using OpenBox.

So, if you yearn for Arch but don't have the intestinal fortitude to deal with the technicalities, then I would strongly suggest you have a look at Manjaro Linux.  It's biggest plus: No Assemby Required.  Good Luck.

-- Dietrich
Enhanced by Zemanta

Thursday, October 17, 2013

FOSS Doesn't Care if You are a Capitalist

by Dietrich Schmitz

Venture Capitalists and Start-Ups

We see new announcements on Indiegogo daily seeking funding to seed a new software widget, platform, or idea which has potential for development but lacks financial resources to undertake full-scale development.  Being in FOSS development isn't always what it is cracked up to be, especially if you expect to make a living at it.

While Venture Capital (VC) is to be had, it comes at a cost -- VCs usually won't part with their money without some kind of 'consideration'.  That's where the VC takes control of your project and wants majority stock in the company they underwrite and they want direct input into how a concept should be developed into the ultimate product or service.  There is where FOSS can take a U-turn as many projects depend on upstream code and the terms of licensing dictate how the code can or cannot be used and/or changed.

To that end, prospective entrepreneurs employ various business strategies including proprietary licensing schemes so as to protect their 'return on investment' to recover research and development expense, by enforcing company-owned software copyrights and patents.

Software as a Service

Schemes to protect investment also include marketing a software application as an on-line service where prospective customers subscribe to use such services.  SaaS has become popular because vendors can provide the service without exposing the source code (at least key parts of it) which would give away their technology advantage to competing vendors.

Black Holes

The biggest of all software vendors today is Google.  As they grow, they routinely buy up small start-up companies, absorbing them like a black hole, and fold the technology into their expanding universe of software offerings.  We've seen this repeat over and over, Android, Blogger, QuickOffice, all have been absorbed and now are part of the Google software landscape, to name just a few start-ups.

FOSS not Beholding to Anybody

So where does FOSS fit in?  It would seem that community developed software isn't even beholding to corporate interests.  It isn't.

No, FOSS is only beholding to the interests of its developers who voluntarily nuture and cultivate it like a devoted gardener would to their plants.  And, in the absence of that nurturing spirit, FOSS can and often does die off if not maintained.  This is an inherent risk of giving away source code under the software licensing terms of GPLv2.  It becomes very usable, very shareable, only if there is incentive to actively maintain the code base.

Often, young enthusiastic developers devote their time for a year or so and then for various reasons move on.  At that point, if there isn't another maintainer, the FOSS code will whither and die if not maintained.

On the other hand, paid developers on the Capitalist side are typically hired as employees of corporations who develop proprietary code and in some cases open source software but the primary force at work is either a subscription service or licensing cost model to use said software.  Profit seeking is what drives Capitalism.

Because there isn't a broad enough interest by Venture Capitalists to develop FOSS, the majority of development today is dominated by proprietary software created by Microsoft and Apple and their third-party partnering software vendors.  And, many start-ups which begin with the seed of an an idea eventually become absorbed into the proprietary world as a requirement for VC investment.

It's simple enough to develop code and not provide source code to ensure that the technology investment cost is protected by recurring revenue on licensing of software.  VCs understand and adopt a proprietary model of code development most often still, despite the disadvantages that it places on users who cannot enjoy the inherent security benefits of transparency.  Faith must be placed in the software vendor's reputation, abilities and perceived value of purchasing a proprietary software license.  The restrictions placed on use of software vary but the benefits of FOSS do not apply and most often one must purchase another software license to use the same software on another computer, unlike FOSS.

It's Still a Proprietary World


So, while the attraction to FOSS by virtue of its transparency, ability to freely share and change source code are important, large scale deployment of PC software still hasn't spread to the scale of the Microsoft Windows and Apple OSX business world installed base.

True, Red Hat have extended their presence into the Enterprise, but that process hasn't moved along quickly enough as many software development concerns still rely on the proprietary model to drive sales and profits verses the subscription-based model used by Red Hat.

The above notwithstanding, FOSS continues to grow, slowly, pragmatically and spread in popularity. Take it, use it, as you wish, but you must put back changes to the source code you plan to use in any commercial endeavor so that future users can benefit from it.

If that's a problem for you Venture Capitalists, well, FOSS doesn't really much care.

-- Dietrich
Enhanced by Zemanta