Since my new laptop features shiny Intel graphics (and not the proprietary stuff from ATI or Nvidia), I can comfortably run compiz on it. None of my ATI or Nvidia machines did.

Face it: compiz is a window manager. It does that job okay. I somewhat still like openbox better, but compiz has it's bright sides, too. I'll probably add devilspie again, though. Too bad they removed the XML syntax and went to a lispy thing. Openbox had a nice XML syntax and had all the window matching functions I needed.

Now most people expect compiz to just magically add some 3D effects to their desktop. That's not entirely accurate. 3ddesktop worked like that, years ago. It worked with most window managers, by taking screenshots of your desktops. Maybe some of it's layouts could be added to compiz.

Compiz however functions different, and thats why it IS a window manager in itself (which has "outsourced" window decoration to e.g. gtk-window-decorator to achieve a metacity-like look). From my understanding, it basically has all windows placed off-screen and uses GL to draw them on the real screen. This will result in some speedups, actually, whereas 3ddesktop came only with slowdowns.

Anyway, so much for the theory. Here are my firsthand experiences:

• Performance is excellent on my i945 integrated graphics
• 3D drawing errors are minimal (playing with the cube settings and increasing the number of desktops to 8 caused some that eventually went away)
• Effects are much less annoying than I though. Some are actually quite pleasant, I find the "fading" visual bell useful. Cube switching at 8 desktops is more of a slide, and with a faster speed it's also nice, at least for adjacent desktops. I'd like to have a similar smooth transition for arbitrary desktops; no need to flash me the interim desktops.
• Expose-like overview is of course great. Except I use desktops to avoid any window overlap anyway.
• Wobbly windows still rather annoy me. I tried tuning them down to a faster and lighter setting, but failed. Any other parameters just made things worse, I found it hard to pick good parameters.
• the bad: every now and then, a window isn't drawn properly. Most often these are dialog boxes; there is no obvious pattern to when it works and when not. Today, the gnome-screensaver password prompt is invisible. Other dialogs are empty until minimizing them with the "show desktop" button and restoring them.

On overall, compiz doesn't distract from work that much; I had feared I would spend a lot of time just playing with the effects, but it's okay. (Try setting visual bell to shiver, start vim and press arrow up some time, and watch your window violently shake. Reduces stress when not finding a bug.)

So it likely is less harmful for the Debian etch release than Frozen Bubble 2.0 (which has a new 6-player mode, and is feared to have a similar impact as tetrinet...)

Whoever released frozen bubble 2.0 just now must have some evil plan of delaying the etch release.

[Yes, I'm aware of this compiz fork; but I'm sticking to Debian packaged software, so my system will upgrade itself. I don't think it's packaged yet?]

Despite having blogged a lot already today (no, I didn't break planet, these are all new blog entries), I have one more thing to share with you.

This image is from the Google Summer of Code mentor summit. Well, strictly speaking it's from the hotel where most of the attendees were staying. This draw was called the "executive toy box". I somewhat enjoyed that there was an "etch" around even before I arrived at Google. ;-)

I'm setting up my new laptop, and for obvious reasons I have to copy over some data from the old to the new laptop.

The wireless network here at my apartment-sharing is crappy; and it lacks a local DNS server offered by newer DSL routers. So I would have to find out the current IPs of my laptops to copy data around (note that the router also doesn't give you IP persistence apparently, the laptops have new IPs each reconnect...)

mDNS to a rescue. Multicast DNS (Bonjour / Zeroconf / Avahi) comes in handy here. It allows me to locate my laptops by just using "hostname.local" (using the libnss-mdns package) or using the avahi zeroconf browser (package: avahi-discover).

eBay (at least ebay.de) doesn't allow quotation marks or stars in messages sent via their UI. That totally sucks.

I agree with not allowing HTML tags, to avoid any potential issues with broken webmails and cross site scripting, whatever.

But not allowing quotation marks in messages sucks. I use them all the time, basically whenever I quote something of the artice description (that's why they are called quotation marks I guess).

Why can't they just fix their code to allow quotation marks?

Ich habe ja schon über unseriöse Angebote im Netz geblogt, da sich diese über Google-Anzeigen auch auf meine Homepage eingeschlichen hatten.

Ich wünschte Google würde da selektiver vorgehen, aber andererseits zahlen diese vermutlich sehr viel...

Naja, kleine Anekdote am Rande: Dialerschutz warnt vor diversen "Gratis-Proben"-Angeboten - und auf der selben Seite ist sogar eine Werbung genau eines dieser Dienste.

Vermutlich tauchen die Werbungen jetzt dann auch in meinem Blog auf. Ich bereite mich mal drauf vor, meine Filterliste zu erweitern. ;-)

(Die Gratisproben-Seiten scheinen nicht hohe versteckte Kosten zu haben, aber dafür eine sehr laxe Datenschutzauffassung, nur zur Info...)

I've chosen Turbogears for a recent web project. Up to now, I was pretty happy with this choice, as it allowed me to made changes to the application rather easily, I happen to like KID templating, and it all was rather painless.

However, I'm stuck at two place right now. One is a rather expensive database query I have not yet added - I know that it's going to be expensive, and I'd need some way of caching the results easily. I havn't found a "turbogearish" way of caching these interim results yet.

Since that brought me onto the performance thing - when writing an app you don't really know yet how it will be implemented, you best postpone performance considerations a bit, so you don't optimize too early - I did some measurements. And was pretty disappointed by the results.

The testing virtual machine (sorry, I don't have hardware specs for the actual machine) is rather slow. But still, static apache can serve some 450 requests per second. Turbogears will serve static files at ~22 r/s and the main page of the webapp at just 4.5 r/s (measured with siege, when it's not crashing).

I tried switching from sqlite to mysql in Turbogears, but unfortunately that just makes the application crash altogether at some point (no SQL queries succeed anymore: 'Page handler: "Commands out of sync; you can't run this command now"')

Notice that this was by no means a fair benchmark of Turbogears (I'm not a turbogears expert, and the little documentation I've found so far didn't help me at all in optimizing it's performance). I was just evaluating where I'm at, and now I'm about to decide where to go next.

So can anyone point me to some docs on how to get turbogears up to an acceptable speed (where acceptable would probably be >20 r/s on this hardware)? Otherwise I guess I'll start a rewrite now, maybe using Java JSF and Facelets. They seem to be a good choice if you want XML-based templating.

Don't even suggest PHP to me, it's crap. And I won't be trying Ruby on Rails next, either. I don't need rapid prototyping anymore, but can go for the high-performance implementation now, even if it will be harder to read, write and modify. I have now a better grasp for what I need and how the architecture of the app should be like.

For a project, I've been working a bit with "web 2.0 video services". That is, YouTube, Gogle Video, MySpace videos and similar.

So far, the only one I can actually use for my cause is YouTube; Google Video should be possible, whereas MySpace and e.g. MyVideo.de apparently lack the functionality I need.

But the functionality I need is pretty simple: thumbnails.

For YouTube, I can use their API to query metadata on videos such as viewing counts, title, description, tags - and a thumbnail URL (all I'm lacking is some information on whether the thumbnail URL is permanent, i.e. if I can cache it, or bound to change).

For Google Video, there apparently is some way to do the same - digg is reported to have Thumbnails for YouTube and Google Video.

Dear Lazyweb, if you have some information on how to get thumbnails (and other metadata such as title, description, tags) for other video services, please send me an email to Erich@debian.org. Thanks!

[Update: revver.com has Thumbnails and some API. It works with the beta flash plugin and epiphany.]

For my new laptop, I decided to use harddrive encryption. The new Debian installer (to be released with etch) can handle this setup, and it works pretty well. The passphrase prompt isn't pretty, but who cares.

But where I'm currently stuck is getting it to work with uswsusp.

I used to be a Suspend 2 user, but I'm tired of compiling my own kernels; it takes a lot of diskspace and my new laptop has a much smaller harddisk (I bought a used laptop, so I didn't have a choice; the old laptop is PATA, the new is SATA, so I can't just move the HD over either). So I wanted to try new "userspace software suspend".

s2ram works just fine on the laptop (with --force, but from some Google results I figured it's already reported to work, so it will probably be in the next versions whitelist), where it's becoming difficult is the suspend to disk with an encrypted swap device.

From what I can tell, s2disk expects the resume device to be a swap device; so I'd need to pass it /dev/mapper/cswap. However this is encrypted using a random key, so it can't be decrypted after resume. Also it appears to be configured after the resume script at boot, which says it can't stat my resume device.

Dear Lazyweb, anyone who could write some Howto for uswsusp and HD encryption? Do I need to encrypt swap with a static key (which would reside on an encrypted partition, after all)? And what about the boot sequence?

[Update: one of the cryptomount maintainers told me he's working on fixing #394136 and #382280 this weekend, and that this will help me as well. (Basically it will allow the cryptomount initramfs things to setup more than one encrypted device, from what I figured).]

The last few weeks have been rather busy, but here's a short overview:

• The Google Summer of Code Mentor Summit - nice to meet many other FLOSS developers, some interesting talks and discussions, but on overall I'm not satisfied with the results and my contributions
• Learned Turbogears. The following days I started a new project with a friend using Turbogears. It's not yet started; we're keeping it somewhat under the hood, but beta test will begin soon.
• Bought a new (used) laptop, I'm reinstalling it right now with encrypted disks using the latest Debian installer. Report will follow.
• Went to my first football match, the Berkeley vs. Washington game. This was a thriller: Washington miraculously was able to draw even in the last second, so the game went into overtime, where Berkeley had an interception and won. I still don't like football however, the game is suspended most of the time, and all you see is some people running into each other.
• Sick - I got a serious cold or flu at the game, and I'm still recovering from it.
• Flight back from SFO to Munich, in addition to the cold I'm also fighting Jetlag.

When I've somewhat recovered from the cold I'll start working on my diploma thesis.

P.S. if you have some turbogears experience and don't charge overly high charges for small contract works - please contact me at erich@debian.org

It's good to see people making fun of a controversial issue - and at the same time helping the Debian project to make the etch release become as solid as people have been expecting it from Debian.

Go, Dunc-Bank!

(On a related note, please help filing bugs against the debian-installer. We used to blame delays in the sarge release on debian-installer not being ready, so help NOW by finding reasons to repeat this success!)

I have a request for buying my "vitavonni.de" domain I'm using for my personal homepage and most of my email.

I'm not emotionally tied to that domain, and a transition solution for email is likely possible. I don't rely on my good Google rankings for the domain, so I might actually sell it.

But what would the domain be worth? It's currently highly ranked with Google (e.g. Rank #2 on "Laserdiode", i.e. semiconductor laser) and others. MSN says 5500 links to the domain.

Moving my homepage to a new domain, getting everybody updated with respect to the new email address is a lot of work; so how do I find an appropriate price?

Auf den ersten flüchtigen Blick könnte die Front genauso gut die Rückseite sein. Denn anders als die meisten Notebooks besitzt es vorne wie hinten eine sehr steil und plötzlich abfallende Kante. Dank den Statusleuchten und Anschlüssen gestaltet sich das Finden der Vorderseite glücklicherweise denkbar einfach.

Hier gefunden. Wenn man nicht weiss, was man schreiben soll, sollte man es vielleicht einfach lassen...

My laptop, IBM ThinkPad A31p has a Prism 2.5 chip. It's a good chipset: while only having 11 mbit, I have excellent reception (so I often have 11 mbit when others with their 54 mbit chipsets only have 2 mbit; and often have network where others won't have link anymore). And mind you, unless when transferring large files 11 mbit is more than enough.

This chipset also has good driver support. There is not just one opensource driver, there are two. The first is the "orinoco" driver, the second is the "hostap" driver, which also supports host mode (i.e. running it in access point mode).

However, they differ a bit in supported features, which can be quite annoying. Hostap has much more features, and much better wireless scanning IMHO. But it's not included with the default kernel, making installation slightly more complex (i.e. having to run "m-a a-i hostap-source" for each new kernel once).

Also sometimes the two drivers would both load, which would confuse them; the hostap driver would also (sometimes?) lock up my system on unload. Also hostap would show some mysterious "wifi0" device I still have no idea what it's good for. Thats why I had recently disabled the hostap driver, and switched to orinoco.

However, the friend I'm staying with right now uses a WPA encrypted wireless network, and apparently the orinoco driver doesn't support WPA. So I'm back to using the hostap driver right now.

Running a vote usually is a bad signal. It often means someone is trying to push an issue which is doesn't have wide enough support. Ideally, we would have consensus.

Anyway, the results for the votes are in, and most are pretty clear results. For example the recall vote with 48:277 - the proponents would have barely made the quorum (48 is the minimum quorum).

At the Google Summer of Code, there was a talk on "Poisonous people" (blogged about by others before) - and while many big voices in this discussion clearly are top contributors, they show a couple of signs for "poisonous people" (which often are just drop-bys).

So if you're now leaving the project because of the vote - so be it. The discussion is over. We'll just go on doing our Debian work as before, because we're still Debian, and Debian is still us. That hasn't changed. So if you thing we've changed radically (which I doubt we have), you're as free to leave as you've always been. If you think we're still the same, please remain with us, and help making Debian what it has always been: a volunteer effort.

[Update: there was one vote 2-, which is the same as 12, but maybe he meant it to be 21 instead? Then the 'recall' people would even have missed the quorum!]

[Update #2: I'd like to share this quote with you (from LWN comments):

Debian is indeed a more balanced 'organisation' than it appears to be from its mailing lists. That doesn't actually surprise me, but it's nice to have it affirmed.

In four hours I'll be on the airplane to San Francisco via Paris.

* erich puts a flower into his hair and starts singing

Saturday there is the "Google Summer of Code mentor summit", where Google invited mentors from the participating organizations to Mountain View to discuss about the Summer of Code program, how it can be improved and what else Google can do for opensource.

We're all very thankful to Google for offering this great program. It's meant as an opportunity to get more students interested into opensource development, and there are many success stories.

Of course the program isn't perfect, and thats what the summit is for, improving it. And I'd really appreciate your feedback, your perception of the GSoC, of the students and the mentors. I've asked for feedback before, but I've received next to nothing so far.

But there is quite a lot to discuss tomorrow. For example, many projects would fit to multiple organizations. I had proposed a SELinux integration project, but most of it would be reuseable by other distributions as well. There was a project which actually meant to integrate one mentoring organizations' project with an other mentoring organization. These could benefit from some "shared mentoring"; at the same time these project could server the prupose of increasing cooperation between organizations.

I myself, for example, know rather little about Fedora, or the state of SELinux in Fedora. Still this is a point (well, if I still had the time to work much on SELinux that is) where I should definitely try to cooperate more with Fedora.

Another proposal that came up and will be discussed is the "Summer of Content". It's not all about code. There is also documentation, graphics, sound, ... Why shouldn't a GSoC student be working on artwork or sound for a summer? The opensource/copyleft community definitely could use some support here, and we have rather few links to artists so far.

So please send me your feedback. I won't be responding to mails for the next like 15+ hours since I'm travelling (maybe even 24h, if I'm busy with real life meetings), but I'm really interested in your ideas!

While everybody is still crazy about AJAX - how will its future look like? Using it is currently a major PITA, and you'll most likely have the user download a 200k Javascript file just to make it useable for you as a programming language. JavaScript lacks so much that current programming languages offer out of the box.

This includes especially some comprehensive standard library (Java, C# and Python are all great here), a compact syntax for common data structures (e.g. set operations in Python or stream operations in C++ with <<) and of course: interfaces!

Security restrictions of the browsers - intentional security restrictions to avoid cross site scripting attacks - make interfacing between different javascript applications rather cumbersome, if at all possible. And the only way to have "private" functions in JavaScript is also more of a hack (abusing closures) than a native feature of the language.

What I'd like to see in the next generation of JavaScript - and browsers should start implementing that rather soon, so we'll be able to use it in some 5 years - are proper interfaces especially for cross-site applications, information hiding, an extensive standard libary, a short syntax for XML processing and common data structures and pretty much all that every javascript toolkit reimplements again and again. Oh, and the result shouldn't be Java yet, but still an embedded scripting language. ;-)

If you search on Google for 'youtube sex', my blog comes out as #3+#4, just behind youtube itself. Sooo funny, because I never actually wrote about Sex on YouTube. Actually I don't like YouTube (which to me still sounds like a bad translation of a german insult).

But there is this blog posting of mine, which lists the top tags according to technorati, when war tags had actually surpassed youtube and sex as tags.

Yes, it mentions "youtube, sex". Once. But no, these are not essential, no referrer uses them, no other blog posting. Why does it show up as second site after YouTube.com itself?

Oh, I'm also #3 for "youtube bush" right now, with the raw RSS feed of my blog.

What is it with Google and my blog? There must be some odd effect with Googles ranking that makes my site shoot up like crazy. And it has been like that for at least one and a half year now. Back then I blogged about IBM failing to repair my laptop. This was the first time I noticed a really absurd Google ranking of my blog, when this became a top #10 result for "IBM repair".

Guess I really should go into the SEO or webdesign business. If I weren't just more interested in research and software development...

[Update: dropped to #14 for 'youtube sex']

Ajax has shown how viable it is to run client-side computations, while just downloading the raw data from a server. But Ajax is not restricted to doing fancy user interfaces.

It should easily be possible to use an iframe based ad to use the CPU power of page visitors to do some large-scale computations.

Can you imagine how much processing power Google could churn up by having its GMail users do some distributed computing? Or on YouTube. While the user is watching the video, a javascript does some calculations in the background.

By keeping data in a cookie, your calculations might even be able to survive page reloads. And if you're running a large ad network such as Googles', you might even be able to dect user inactivity. Update a cookie whenever the user comes onto an adsense page; if he didn't go on such a page for 30 minutes assume the user is idling and start computation. If he leaves open his web browser over night you'll get a lot of CPU cycles.

(Yes, I know that Google is supposedly not in desparate need for free CPU cycles...)

On #debian.de, someone looked for an application to record the screen.

So I tried finding the appropriate applications. On first try I found istanbul, but I remembered there was another one. I looked at the description of istanbul and tried searching some more. I remembered it was a city name, too, so I googled and finally found byzanz, too.

Thus I filed a wishlist bug (#391860) on byzanz and istanbul to unify their descriptions, and maybe both use the terms "desktop session record" and "screencast".

The bug on "byzanz" was immedeately closed, with no discussion taking place.

Pretty much a "I like my description, closing the bug".

This is not ok. It's just a wishlist bug. There is no harm in keeping it open anyway. And the package description is something you can always improve. Maybe tag it wontfix (however the next maintainer might want to fix it, after all). But just closing it twice (I reopened it once, stating that it is not fixed and thus shouldn't just be closed; I don't play bug ping-pong) without any discussion is not okay IMHO. To me this is just arrogant: "I don't want any wishlist bugs on my packages, and I don't care for your opinion."

We've now been talking a bit on IRC; and it'll eventually be fixed on the next upload. But still I'm pretty annoyed by this reply I got back to the bug report... I think what helped is that the official description says "Record your desktop session to a GIF file", which contains exactly the word combination I was missing... "session record", because I'm not recording audio.

Maybe the description should also contain the word "application", because after all that is what I'm very likely to want "record" an "application" (and not my full desktop).

[Update: he didn't close the bug a second time. This was to a delayed email processing on bugs.debian.org, which processed the -done message after my reopen command. Sorry about this inaccurancy.]

First of all, I havn't really used Google reader yet. I think I tried it a long long time ago once, and they apparently did a UI redesign. However, it doesn't work for me anymoe, all I get is "Loading..." (and a Javascript error).

I'm using liferea, and I'm quite happy with it.

Some of the things I do like:

• Folder approach, with grouping - I have less important and more important feeds, and I'd like to read the important stuff first. In fact, I have several feeds I don't really read. For example some (regular) news sites. They have tons of hits, and when I've watched the evening news on the public channels I usually feel well-informed enough to not read them. These folders usually end up with several hundred unread entries, that I don't intend to read.
• Filters; there are some websites I transform using a filter to a feed. Sometimes because the feed sucks (e.g. heise.de) and sometimes because they don't offer a feed (e.g. pixelgirlpresents.com).
• Offline operation. My network here is sometimes unreliable, and I'm happy when I can do things offline, too! Apart from the speed gains.

Because of these I can't imagine using an online reader.

P.S. If you fold your blog entries or don't do full-text RSS, I likely won't read your entries, either. It doesn't work with offline reading habits.

Fiona is my sweet little niece. She's almost two now, and starting to talk. She has understood "I" vs. "You", and can say some easy sentences. Sometimes she's just stringing random sounds together, especially when being carried around when going for a walk (she started with a song she knows, then started singing her own stuff).

Anyway, she's really sweet, always merry. But she keeps you really busy, so I'm pretty tired now. Tonight, when my sister wanted to leave, she spotted the plastic squeaky linux penguin sitting on my speakers and gave him a good squeeze. So we had to take a picture of her with the penguin.

She'll love Linux.

Fiona and the penguin

Next week there is a summit at Google in Mountain View on the summer of code.

The purpose of the summit is to bring together mentors from successful organizations to discuss several topics: how to improve GSoC, how Google can do more for open source, and what you as mentors and representatives of your development communities can do to help one another.

AJ and I will be there to represent the Debian project; and therefore I'd like to know what your impressions about the "summer of code" were. And of course how GSoC could be improved etc. - you've read the "official mission statement".

I'm not only asking mentors; I'm asking everybody interested with opensource. There are some things where having been a mentor is useful - e.g. for streamlining the screening process - but there are lots of things where you don't really need much prior knowledge.

One thing, which is very interesting, is trying to do more cooperation among organizations during (or due to) the summer of code.

So please send me your comments to erich@debian.org.

I guess the term "ajax clouds" is now more appropriate.

Debtags clouds have evolved. They're no longer a static page with a single cloud that will forward you to the more complex browsing tool by Enrico, but now the cloud will adapt to your previous choices, and allow the selection of multiple tags.

The biggest issue probably is tag naming now (e.g. what is the difference between "role", "use" and "scope" (unfold them to get an idea) or between "interface" and "uitoolkit" (interface is mostly commandline vs. fullscreen vs. windowed vs. 3d; uitoolkit is gtk vs. qt vs. whatever) - unless you're familiar with these terms, you'll probably find it still hard to navigate the tag cloud.

Still I hope this inspires you to think of new UIs doable with tag information (which is a small step towards the semantic web; actually these facets here are quite similar to RDF triples...)

These is so much things I'd like to try out with this data...

If you have suggestions, please share them via email.

For those interested in the technical stuff: tag clouds are loaded via ajax, served from a database with ~120 MB of precalculated, precompressed json files. Precalculation is rather expensive; on my 4+ years old laptop it took about 105 minutes (76 minutes of CPU time). Storing them in the filesystem instead of a BerkeleyDB hashtable took more than 4 hours. The outmost (i.e. largest amount of data) set takes 1.1 seconds to compute; there are 344871 precomputed tag selections, so it precalculated 75 selections per second on average. Yes, complexity is not linear; benefits from caching large results are huge.

I'd really love to run a similar interface for e.g. last.fm, but I guess this would not work as well; their tags aren't grouped in facets. But I have some ideas to make up for that.

P.S. This is also my first real Ajax app (except for using json instead of XML). And I still hate Javascript.

[Update: I've worked around an issue with opera (which is stricter on javascript object syntax than mozilla). I havn't tried Internet Exploder yet. But this is a navigation experiment, not an application to be deployed...]

Wer auf seiner Homepage Google-Anzeigen einbindet, läuft in Gefahr, dass dort auch unerwünschte Anzeigen auftauchen.

Und das ist (zumindest moralisch) nicht nur für Firmen ein Problem. Auf meiner Homepage z.B. tauchten Anzeigen für "Free SMS" auf. Nur dass die gar nicht wirklich "kostenfrei" sind, sondern ein teures Abo.

Artikel bei Spiegel.de über die Machenschaften der Gebrüder Schmidtlein

Ob das jetzt Betrug ist oder nicht - das müssen Gerichte klären. Ich will sie jedenfalls nicht auf meinen Seiten finden; ich würde mir wünschen, dass Google sie aus ihrem Programm ausschließt.

Heute erhielt ich folgende Filterliste per Mail, die ich euch nicht vorenthalten will (ergänzt um drei neue Domains):

[[ Filterliste entfernt - eine derartige Liste von 2006 (!) ist in keiner Weise mehr akkurat, insbesondere da in der schnelllebigen Internet-Welt Domains durchaus auch den Besitzer und Betreiber wechseln. Das sollte zwar offensichtlich sein, ich möchte aber dennoch darauf hinweisen. ]]

P.S. die angegebene Filterliste ist natürlich nur eine Empfehlung mit Sperrungen -- nicht alle dieser Seiten müssen unseriös sein, zum Teil einfach nur 'unerwünscht'. So möchte ich beispielsweise grundsätzlich keine Werbung für Premium-SMS-Dienste machen.

From Top Ten Geek Business Myths:

One of the ironies of the programming world is that using Lisp is vastly more productive than using pretty much any other programming language, but successful businesses based on Lisp are quite rare. The reason for this, I think, is that Lisp allows you to be so productive that a single person can get things done without having to work together with anyone else, and so Lisp programmers never develop the social skills needed to work effectively as a member of a team. A C programmer, by contrast, can't do anything useful except as a member of a team. So although programming in C hobbles you in some ways, it forces you to form groups whose net effectiveness is greater than the sum of their parts, and who collectively can stomp on all the individual Lisp programmers out there, even though one-on-one a Lisper can run rings around a C programmer.

This is probably the first time I've seen somone use Lisp vs. C to explain business mechanics. Fun!

Martin 'Joey' Schulze is still aggressively writing against Dunc tank.

I don't agree with his posting at all. I don't think dunc-tank is doing any serious damage to the project; so far all the damage comes from a few people (especially you, Joey), that play some "politics" game here I don't really get or like. And just count the number of people who have expressed discomfort with your postings. I remember having seen the word "blackmail" attributed to some of your mails.

[Update: and it also sucks that people have to point out that they didn't reduce their Debian involvement because of Dunc tank, but just because they don't use the software anymore, have too little time or are annoyed by your behaviour; otherwise you'd probably cite them as dunc-tank enemies.]

I'm also convinced that your assessment - that only the release in december counts - is false. You know, the people working on Debian were NOT replaced by the announcement of the dunc tank experiment.

We still want to make Debian the "Universal OS", and are still dedicated to the projects goals.

But some of us still remember the bad press debian has been receiving because of the delays with sarge release, and the users we have lost back then because of pushing back the release again and again. You know, many people still act like "yeah, debian releases in december, sure, when hell freezes over".

One of Debians strengths was security support. But security support doesn't work as well, when half of the software you're running are unsupported backports. If Debian wants to remain a good base choice (i.e. universal OS), it needs to provide a reliable combination of secure but not too-out-of-date software to become useless again. Therefore I consider frequent-enough, somewhat-on-time releases important for the universal OS idea; this will also cut down on our work (at least for those doing backports, too, since we need to do less of them). It's not a primary goal, but a consequence of the well-established goals.

Now why I accept the experiment of 'hiring' the release managers for one month full-time: I've always had the impression that donating to Debian is somewhat pointless, because I don't see any concrete results, or where the money is going. To me it always felt like it ends up in an unused saving account with the SPI treasurer, until someone finds a way to spend it. Here the money is used in a transparent way, on well-respected people and with a very concrete result. And remember, it's an experiment. It's a one time thing so far.

Oh, and to actually counter all your blah-blah: I've actually recently increased my Debian efforts again. Because of the dunc-tank thing, and despite your end-of-the-world-claims. Namely because it gave me back the feeling that someone actually cares about making Debian useful to everbody (and not just us freaks running unstable and experimental). That there is some interest in getting the new release out of the door on time, of supporting our users out there such as the city of munich (which is also running backports AFAIK). To me Debian is still mostly about the users, not about the ego of developers. Be a nice guy and do a good job, and you'll get lots of thank yous, a couple of friends, a couple of patches, some free beer or tshirts in return. Does this corrupt as well, getting a free coke? Yes, I got a free Jolt coke four years ago at Systems. Does this make you demotivated, that you didn't get one, too?

Zum Thema "Linux ist schwer zu bedienen":

Haben sie neulich mal bei Aldi eine Pfandflasche in einen der neuen Automaten gesteckt? Dann irgendwann diesen Knopf gedrückt und den Bon entnommen? Dann sind sie jetzt ein erfolgreicher Linux-Nutzer. (Wenn sie neulich mit Google gesucht haben übrigens auch, und wenn sie per DSL online sind mit einer relativ hohen Wahrscheinlichkeit auch.)

Anzumerken wäre noch, dass die Aldi-Pfandautomaten unter Debian GNU/Linux laufen. Debian dient auch als Basis des LiMux-Systems (Umstellung der Arbeitsplätze an der Stadt München auf Linux).

Angeblich arbeitet auch das komplette Kassensystem von Lidl unter Linux, ebenso wie die verbreiteten Fritz!Box DSL-Modems. Linux ist überall, und aus unserem Alltag keineswegs wegzudenken. Linux ist nicht nur auf den PCs von einer Handvoll Freaks und auf ein paar Servern, es ist praktisch überall dort, wo nicht der Ottonormalnutzer sein Solitaire starten können will. (Und auch dort kommt es eben langsam an, z.B. bald auf den 14.000 Arbeitsplatzrechnern der Stadt München)

Bleibt eigentlich nur zu sagen: Linux ist zuverlässig und einfach zu bedienen. Wenn die verwendete Oberfläche (z.B. www.google.com) für diese Nutzergruppe ausgelegt ist.

Den Fehler den viele bei ihrer subjektiven Bewertung machen, ist von den Oberflächen, wie sie "Linux-Freaks" bevorzugen (!) auf die Eignung des Gesamtsystems zu schließen. Viele der "Freaks" bevorzugen einfach den "vi" Editor, aber das heisst ja noch lange nicht, dass es nur diesen Editor gäbe! Es kann sehr einfach auf konkrete Bedürfnisse zugeschnitten werden, wie eben einen Pfandautomaten.

Tag clouds are usually done by scaling font sizes according to some weight.

Actually this is not very precise. For a representative representation (lol, I should get this domain name. representative-representation.com), the tag size - that is the surface area! - should be a representation of the tags weight.

The suface however doesn't directly depend on the font size, but is more like font size * length of word (length being appropriate for the font used).

So when displaying tags with very different font sizes, "egg" and "Technorati" shouldn't just be scaled by their weight, but also by their word length.

OTOH, few users will actually be able to "grasp" the actual difference in size. IMHO it's just about "popular" vs. "obscure" and about making the tool more intersting to use.

I've been working a little bit more on the folding tagcloud for Debian packages. I've added closing of folds, and the code for displaying selected tags as well as matching packages is in place, too (you'll need to use a different .json data to actually see results though).

To make it truly interactive, i.e. allow the selection of multiple tags until you get some results, I need to add more data files.

So I'll have to decide now if I'm going to use a CGI (the "traditional" method), which will likely need to have some caching, or if I'll just precalculate everything into static .json files. I could even store them as .gz on the webserver; any browser with ajax capabilities should be able to do gzip decompression on the fly. This would offer maximum performance and security, but it means I'll need more magic in the javascript (and Javascript is ugly). Or I'll do a combination of both, use a tiny CGI serving the precalculated data; the CGI could then easily be replaced with a dynamic-caching CGI later.

SVG rendering for the tag cloud would probably be also very cool. With some smart layouting algorithms, it could become much more cloud-like. And there could probably be a nice animation when "subclouds" are unfolded, pusing away the other folds. However, that would be much slower. Any animation means a slowdown, since it adds extra delays.

When release draws near, more and more difficult decisions arise. Like: should I still upgrade the package to a newer upstream version?

Enigma is a great puzzle game, very similar to Oxyd. Back when still using my trusty old Atari ST, I was a fan of oxyd.

Debian unstable currenlty has Enigma 0.92, the latest released version. Experimental contains recent SVN snapshots of the game.

Version 0.92 was released in 2005, and there have been huge improvements to Enigma in the mean time, including a new level form (XML-based, while the levels used to be lua scripts), a reorganization of the levels into level packs with increasing difficulty, tons of new levels and graphics for 1024x768.

While the new versions are running quite stable, and a new release is expected for end of the year, it will probably be not on time for etch.

So should I upload a SVN checkout to unstable (and eventuall etch) - I didn't receive bug reports for the experimental version so far, and enigma has shown before to be of high code quality - or stay with the latest released version?

"Life" would be easier if enigma released a new version just in time for etch. ;-) Just kidding.

I'd certainly prefer the new version; and while there are some known issues with it (a conflict between C++ exception handling and lua when nesting), these might as well apply to the current version. (For example, the screensaver tends to turn on while playing enigma, but upstream said this is actually a SDL issue, and it should apply to both versions)

Maybe some people can test the enigma package from experimental and send me feedback reports. But don't blame me if you lose valueable hours of sleeping time by playing enigma. It can be quite addictive.

In #selinux, we helped a user today to get some SELinux working on Ubuntu.

I had posted before that I expect Ubuntu to be rather close to Debian in terms of SELinux support. This is not true.

Ubuntu ships rather old versions of the toolchain and SELinux libraries. I doubt that you can use the reference policy with this toolchain; the selinux policy shipped by Ubuntu is no longer supported.

Still these would mean that SELinux on Ubuntu would be in the same shape as it is on Gentoo. If it weren't for this critical issue:

sysvinit (2.86.ds1-6ubuntu8) dapper; urgency=low
 
  * Disable SElinux again, nobody gave me a patch to fix the annoying
    message.
 
 -- Scott James Remnant <scott@ubuntu.com>  Fri,  3 Feb 2006 17:54:55 +0000

Init. The process supposed to load the policy at boot, is not SELinux enabled on Ubuntu. At least the version in hoary. And edgy comes with upstart, which doesn't have SELinux support either, AFAIK.

So to use SELinux on Ubuntu you'll have to build your own sysvinit (sysvinit from edgy might do the job). Or add SELinux support to upstart.

The horror of providing full SELinux support out of the box are install scripts.

Installing files of a package is rather easy. Install them, relabel them. This can be added to the package manager. (And I believe dpkg already does that).

However, package install scripts are becoming more and more complex, and they aren't SELinux aware. And there is a lot of stuff that can go wrong here.

For example, a package might want to generate a configuration file for the service you just installed. If this configuration file is to have the same context as the directory containing the configuration file, there won't be a problem - but if it's to have a different context, the generated file will be incorrectly labeled.

I see two basic solutions to this:

• require by policy all package install scripts to register all files they created (and the registration application could then take care of the appropriate file labeling) - but this will take a long time to be adopted by all packages
• monitor package install scripts for file creation, and relabel them automatically. However, many install scripts will also start the service the package contains; monitoring shouldn't extend to them, so I doubt this will actually work, and still problems might arise to delays in relabeling

Any other smart solution for these problems?

Sometimes I wish we could do without turing-complete postinst scripts...