In spite of my almost religious view on the ideal mobile phone, I bought a HTC Hero last week.
But let there be no doubt; it’s a great handset! My Hero sports a beautiful touch-screen, a nice -albeit young- Linux-based OS and a top notch webkit-based browser (with Adobe Flash 10, a first for a mobile device). The price is considerably lower then that of an iPhone and the platform is very open (esp. if you compare it to the golden cage Apple created for its ecosystem). I’ve installed several free apps from the Android Market and downloaded and installed a great AR-application from outside the Market without having to jailbreak anything (more on Android-apps in a later post).
But there’s one thing I really miss on my fancy device; a physical keyboard. Because as ancient as my Nokia e61i might have been, I really was more productive (as in “writing mails”) on it thanks to the (small) physical QWERTY-keyboard it sported. And while friends and colleagues assure me that I’ll get used to the virtual keyboard, and I’m sure things will indeed get better, we should not kid ourselves; nothing beats a real keyboard. Ever! So let the quest for a small compatible bluetooth keyboard begin!
linux
Blogposts on blog.futtta.be about Linux; Ubuntu, Debian, VPS-servers, a few howto’s and some small quick hacks (bash- & php scripts mostly).
Crashing, teleporting and syncing Virtualbox
I’ve been playing around with Virtualbox over the last few days, trying to set it up just right for me. One of the hurdles was working around a bug in the 3.0.0 release that caused guests to crash when performing downloads in them. Changing the virtual network card from “PCnet-FAST III” to “Intel PRO/1000 MT Desktop” proved to be a good temporary solution, but the bug got squashed in version 3.0.2.
Next on my list was getting the “shared folder“, which I configured in Virtualbox (look ma, no samba), to automount in my Ubuntu-guest with read-write permissions for my non-root user. I ended up adding this line to /etc/fstab (the dmode and fmode-options did the trick eventually):
teleporter /home/frank/Desktop/teleporter vboxsf rw,dmode=777,fmode=777,uid=1000,gid=1000,auto 0 0
And to wrap things up I also installed the Mozilla Labs Weave-plugin, which syncs a.o. bookmarks and passwords in Firefox between my 3 environments. It caused me some headaches at first, synchronizing just seemed to take forever and no error was shown in the frontend. But I found some obscure messages (things like “Exception caught from onComplete handler of CryptoWrap__decrypt-57 generator”) in the verbose log and Google linked those to a post on the Weave Google Group which explained that the problem was with an incorrect “encryption passphrase”. And sure enough Weave was syncing happily after once I re-entered my -too complex- passphrase.
‘Cause I’m free, to do what I want, any old time
Freedom comes in many shapes and forms, but give me a computer which is not burdened by corporate software and enforced group policies and give me internet access that is not limited by proxies that prohibit you from using half of the web and I’m a happy little futtta. I cracked the proxy thingie problem at work some time ago already, but the computer/OS-part remained an issue up until now. I tried virtualization with VMWare and Qemu but wasn’t convinced and booting into my “disktop” (Ubuntu 8.04 intalled on an USB-connected external HD) while at work was far from efficient, so I kept jerking around in the uninviting environment which is the maimed Windows XP we have to put up with here.
But some time ago my laptop got a memory upgrade (from 1 to 2 Gb) and last week Paul Cobbaut wrote about Virtualbox on his blog. I installed this example of German craftsmanship (both a “free as in beer” and an open source version are available, version 3 was just released a few hours ago!) and my computer hasn’t been the same since. I’m now running a fullscreen (guest additions rock) Virtualbox virtual machine with Ubuntu 9.04, using an openssh-provided (with some help from corkscrew, off course) socks-proxy for unlimited internet access and I feel like a kid that has just been allowed in a playground.
Next to Ubuntu, I also installed Opensolaris (which seems to need a shitload of RAM) and a leaked version of the emulator of that much anticipated (well, by me at least) Palm WebOS. On my disktop I installed the Linux-version of Virtualbox and I’ve got OS-weirdness such as ReactOS, Haiku and Syllable running there. Hell, maybe I’ll even install (a clean version of) Windows XP in a virtual machine there, just to make it full circle. ‘Cause I’m free!
Joikuspot connection problem with Ubuntu Linux
This weekend I had to resort to Joikuspot (software that turns your 3G-cellphone into a wireless gateway to the internet) for my web-needs. Because I encountered a few problems setting up a connection from my Ubuntu laptop, here’s a quick recap for documentations sake.
The rather fundamental issue was that I couldn’t get my computer (a Dell D620 running Ubuntu 8.04 with the iwl3945 driver) to join the ad-hoc wifi-network which Joikuspot (on a Nokia e61i) created. As connecting from my wife’s Windows XP laptop did work, I googled around a bit and it turned out I had to specifically set the channel used by Joikuspot to 1 or 6 instead of “automatic” or 11. Although NetworkManager still seemed confused, this did allow me to connect from the command line (disabling wireless networking in NM first and then using iwconfig and dhclient). But why joining an ad-hoc wifi-network on channel 11 doesn’t work in Ubuntu, that I still don’t know.
Once connected to the wireless network, I found out that Joikuspot Light requires your browser to auto-detect a proxy. The proxy in Joikuspot seems to be used to limit the functionality of the free version and gently push you towards the non-free Premium product. As my normal web-connection came back soon after I figured this out, I didn’t bother to test if I could tunnel my way out of those limitations. But crippled or not, Joikuspot is great to have around when your broadband connection is down.
Fun with caching in PHP with APC (and others)
After installing APC, I looked through the documentation on php.net and noticed 3 interesting functions with regards to session-independent data caching in PHP;
- apc_store; store a variable in cache
- apc_fetch; retrieve the variable from cache
- apc_delete; remove the variable from cache
When talking about caching, apc_delete might not be that important, as apc_store allows you to set the TTL (time to live) of the variable you’re storing. If you try to retrieve a stored variable which exceeded the TTL, APC will return FALSE, which tells you to update your cache.
All this means that adding 5 minutes worth of caching to your application could be as simple as doing;
if (($stringValue=apc_fetch($stringKey)) === FALSE) {
$stringValue = yourNormalDogSlowFunctionToGetValue($stringKey);
apc_store($stringKey,$stringValue,300);
}
From a security point-of-view however (esp. on a shared environment) the APC-functions should be considered extremely dangerous. There are no mechanisms to prevent a denial of service; everyone who “does PHP” on a server can fill the APC-cache entirely. Worse yet, using apc_cache_info you can get a list of all keys which you in turn can use to retrieve all associated values, meaning data theft can be an issue as well. But if you’re on a server of your own (and if you trust all php-scripts you install on there), the APC-functions can be sheer bliss!
And off course other opcode caching components such as XCache and eAccelerator offer similar functionality (although it’s disabled by default in eAccelerator because of the security concerns).
Trading eAccelerator for APC
Yesterday I somewhat reluctantly removed eAccelerator from my server (Debian Etch) and installed APC instead. Not because I wasn’t satisfied with performance of eAccelerator, but because the packaged version of it was not in the Debian repositories (Andrew McMillan provided the debs), and those debs weren’t upgraded at the same pace and thus broke my normal upgrade-routine. Moreover APC will apparently become a default part of PHP6 (making the Alternative PHP Cache the default opcode cache component). Installation was as easy as doing “pecl install apc” and adding apc to php.ini. Everything seems to be running as great as it did with eAccelerator (as most test seem to confirm).
Truecrypt verbergt nu ook hele olifanten
Kort maar krachtig; er is een nieuwe versie van Truecrypt uit, waarmee je (als je Windows gebruikt) nu ook een heel OS kunt verbergen. Maar persoonlijk ben ik vooral content met het feit dat je in de LInux- (en Mac OS X-) versie nu ook hidden volumes kunt aanmaken (een truecrypt volume in een truecrypt volume, waarvan het het bestaan niet te bewijzen is) en dat de Linux-versie nu sneller is omdat ze de cryptografische functies van de kernel gebruikt. Je kunt Truecrypt 6 hier downloaden, zelfs als je niet Bertrand Sassoye heet.
Linux distro’s en SSH-bugs in beeld
Vandaag 2 opvallende beeldekes gezien in verband met Linux, snel even op de blog gooien::
Naar aanleiding van de lichtjes genante openssl-bug in Debian-gebaseerde distro’s deze grappige cartoon van xkcd (de inhoud van de title-tag komt ook van daar!):
Iets serieuzer (alhoewel, een openssl-bug is eigenlijk bijzonder serieus), een indrukwekkende Linux-distro timeline zoals gevonden in een interessant artikel over forking van FOSS-projecten (nav. de recente boedelscheiding in het Pidgin-kamp):
Ubuntu Hardy upgrade a breeze!
I upgraded my Ubuntu “disktop” from 7.10 to the new Ubuntu 8.04 (aka Hardy Heron) today. The entire process took around 1h30 (download of packages was rather slow) and was incredibly straightforward (as shown in upgrade docs). Everything seems to work flawlessly as far as I can tell.
Hardy is running Firefox 3 beta 5, but Ubuntu/ Canonical will provide upgrades as FF3 goes through it’s final release-stages. Strange as including a Beta might seem, this actually is a wise thing. FF3b4 and b5 have proven to be quite stable (i’ve switched from FF2 approx. 2 months ago, haven’t looked back since). Moreover, Hardy is a “Long term support”-release, with the Desktop-version receiving support until 2011 and the Server-version until 2013 and using FF3 ensures Ubuntu of continued support (read: security updates) of the Mozilla-team in the years to come.
Check out the release notes for more details about Ubuntu 8.04 LTS.
Truecrypt 5; meer encryptie, meer platformen
Sinds een paar dagen is er een nieuwe versie uitgekomen van één mijner favoriete tools: Truecrypt. De belangrijkste nieuwe features:
- system disk encryption voor Windows: Truecrypt kan je HD on-the-fly versleutelen en installeert dan een eigen boot loader die, na het invullen van de correcte credentials, de boel decrypteert en Windows opstart. En omdat performantie dan dubbel zo belangrijk is, zou de read/write snelheid dankzij pipelined operations tot 100% hoger zijn dan in versie 4.3.
- de Linux-versie (er zijn binaries voor Ubuntu en OpenSuse, de rest van de wereld mag zelf compileren) heeft nu ook een propere GUI (zie screenshot hiernaast) en gebruikt daarvoor wxwidgets. Truecrypt nestelt zich mooi in de Gnome notification area en als je dubbelklikt op een gemount volume opent de inhoud daarvan zich proper in Nautilus. Truecrypt voor Linux is ook onder de motorkap grondig herwerkt; het gebruikt nu fuse om te mounten en is daarmee dus minder rechtstreeks afhankelijk van de kernel.
- En er is nu ook versie voor Mac OS X (10.3 en 10.4, klik voor screenshot), die gebruikt blijkbaar ook wxwidgets en (mac)fuse, overigens.
- De ‘mode of operation’ is nu XTS ipv LRW (geen idee wat dat betekent, maar u misschien wel, dus there you go!).
Voor de rest biedt Truecrypt als vanouds file- en device-based encrypted volumes, is het nog steeds mogelijk om in het ene Truecrypt-volume een ander volledig onzichtbaar te verbergen en werkt dat vooral allemaal heel intuïtief en transparant. Truecrypt 5 is daarmee een sterke cross-platform (freebsd ontbreekt officieel, maar staat wel vermeld in de makefile Philip 😉 ), gebruiksvriendelijke open source oplossing om data betrekkelijk veilig op te slaan. Een aanrader, zeg ik U!