50€ for the Freenet Project - and against censorship

As I pledged¹, I just donated to freenet 50€ of the money I got back because I cannot go to FilkCONtinental. Thanks go to Nemesis, a proud member of the “FiB: Filkers in Black” who will take my place at the Freusburg and fill these old walls with songs of stars and dreams - and happy laughter.

It’s a hard battle against censorship, and as I now had some money at hand, I decided to do my part (freenetproject.org/donate.html).

A vision for a social Freenet with WoT, FreeTalk and Sone

I let my thought wander a bit around the question how a social Freenet (2.0 ;) ) could look from the view of a newcomer.

I imagine myself installing freenet. The first thing to come up after starting it is the node page. (italic Text in brackets is a comment. The links need a Freenet running on 127.0.0.1 to work)

“Welcome to Freenet, where no one can tell you’re reading”

“Freenet tries hard to project your privacy. Therefore we created a pseudonymous ID for you. Its name is Gandi Schmidt. Visit the [your IDs site] to see a legend we prepared for you. You can use this legend as fictional background for your ID, if you are really serious about staying anonymous.”

(The name should be generated randomly for each ID. A starting point for that could be a list of scientists from around the world compiled from the wikipedia (link needs freenet). The same should be true for the legend, though it is harder to generate. The basic information should be a quote (people remember that), a job and sex, the country the ID comes from (maybe correlated with the name) and a hobby.)

“During the next few restarts, Freenet will ask you to solve various captchas to prove that you are indeed human. Once enough other nodes successfully confirmed that you are human, you will be granted access to the forums and microblogging. This might take a few hours to a few days.”

(as soon as the ID has sufficient trust, automatically activate the FreeTalk and Sone plugins)

“Note that other nodes don’t know who you are. They don’t know your IP, nor your real identity. The only thing they know is that you exist, that you can solve captchas and how to send you a message.”

“You can create additional IDs at any time and give them any name and legend you choose by adding it on the WebOfTrust-page. Each new ID has to verify for itself that it’s human, though. If you carefully keep them seperate, others can only find out with a lot of effort that your IDs are related. Mind your writing style. In doubt, keep your sentences short. To make it easier for you to stay anonymous, you can autogenerate Name and Legend at random. Don’t use the nicest from many random trials, else you can be traced by the kind of random IDs you select.”

“While your humanity is being confirmed, you can find a wealth of content on the following indexes, some published anonymously, some not. If you want to publish your own anonymous site, see Upload a Freesite. The list of indexes uses dynamic bookmarks. You get notified whenever a bookmarked site (like the indexes below) gets updated.”

“Note: If you download content from freenet, it is being cached by other nodes. Therefore popular content is faster than rare content and you cannot overload nodes by requesting their data over and over again.”

“You are currently using medium security in the range from low to high.”

“In this security level, seperated IDs are no perfect protection of your anonymity, though, since other members might not be able to see what you do in Freenet, but they can know that you use freenet in the first place, and corporations or governments with medium sized infrastructure can launch attacks which might make it possible to trace your contributions and accesses. If you want to disappear completely from the normal web and keep your freenet usage hidden, as well as make it very hard to trace your contributions, to be able to really exercise your right of free speech without fearing repercussions, you can use Freenet as Darknet — the more secure but less newcomer friendly way to use freenet; the current mode is Opennet.”

“To enter the Darknet, you add people you know and trust personally as your darknet friends. As soon as you have enough trusted friends, you can increase the security level to high and freenet will only connect to your trusted friends, making you disappear from the regular internet. The only way to tell that you are using freenet will then be to force your ISP to monitor all traffic coming from your computer.”

“And once transport plugins are integrated, steganography will come into reach and allow masking your traffic as regular internet usage, making it very hard to distinguish freenet from encrypted internet-telephony. If you want to help making this a reality in the near future, please consider contributing or donating to freenet.”

“Welcome to the pseudonymous web where no one can know who you are, but only that you are always using the same ID — if you do so.”

“To show this welcome message again, you can at any time click on Intro in the links.”

What do you think? Would this be a nice way to integrate WoT, FreeTalk, Sone and general user education in a welcome message, while adding more incentive to keep the node running?

PS: Also posted in Freetalk and in Sone – the links need a running Freenet to work.

PPS: This vision is not yet a reality, but all the necessary infrastructure is already in place and working in Freenet. You can already do everything described in here, just without the nice guide and the level of integration (for example activating plugins once you have proven your humanity, which equals enough trust by others to be actually seen).

Anonymous code collaboration with Mercurial and Freenet

There is now a new Mercurial extension called "infocalypse" (which should keep working after the information apocalypse).

It offers "fn-push" and "fn-pull" as an optimized way to store code in freenet: bundles are inserted and pulled one after the other. An index tells infocalypse in which order to pull the bundles. It makes using Mercurial in freenet far more efficient and convenient.

Also you can use it to publish collaborative anonymous websites like the freefaq and Technophob.

And it is a perfect fit for the workflow automatic trusted group of committers.

Otherwise it offers the same features as FreenetHG.

Using FreenetHG you can collaborate anonymously without having to give everyone direct write access to your code.

To work with others, you simply setup a local repository for your own work and use FreenetHG to upload your code automatically into Freenet under your private ID. Others can then access your code with the corresponding public ID, do their changes locally and publish them in their own anonymous repository.

You then pull changes you like into your repository and publish them again under your key.

FreenetHG uses freenet which offers the concept of pseudonymity to make anonymous communication more secure and Mercurial to allow for efficient distributed collaboration.

With pseudonymity you can't find out whom you're talking to, but you know that it is the same person, and with distibuted collaboration you don't need to let people write to your code directly, since every code repository is a full clone of the main repository.

Even if the main repository should go down, every contributor can still work completely unhindered, and if someone else breaks things in his repository, you can simply decide not to pull the changes from him.

What you need

To use FreenetHG you obviously need a running freenet node and a local Mercurial installation. Also you need the FreenetHG plugin for Mercurial and PyFCP which provides Python bindings for Freenet.

• get FreenetHG (the link needs a running freenet node on 127.0.0.1)

• alternatively just do

  hg clone static-http://127.0.0.1:8888/USK@fQGiK~CfI8zO4cuNyhPRLqYZ5TyGUme8lMiRnS9TCaU,E3S1MLoeeeEM45fDLdVV~n8PCr9pt6GMq0tuH4dRP7c,AQACAAE/freenethg/1/

Setup a simple anonymous workflow

To guide you through the steps, let's assume we want to create the anonymous repository "AnoFoo".

After you got all dependencies, you need to activate the FreenetHG plugin in your ~/.hgrc file

[extensions]
freenethg = path/to/FreenetHG.py

You can get the FreenetHG.py from the freenethg website or from the Mercurial repository you cloned.

Now you setup your anofoo Mercurial repository:

hg init AnoFoo

As a next step we create some sections in the .hg/hgrc file in the repository:

[ui]

[freenethg]

[hooks]

Now we enter the repository and use the setup wizard

cd AnoFoo
hg fcp-setupwitz

The setup wizard asks us for your username to use for this repository (to avoid accidently breaking our anonymity), the address to our freenet instance and for the path to our repository on freenet.

The default answers should fit. The only one where we have to set something else is the project name. There we enter AnoFoo.

Since we don't yet have a freenet URI for the repository, we just answer '.' to let FreenetHG generate one for us. That's also the default answer.

The commit hook makes sure that we don't commit with another but the selected username.

Also the wizard will print a line like the following:

Request uri is: USK@xlZb9yJbGaKO1onzwawDvt5aWXd9tLZRoSoE17cjXoE,zFqFxAk15H-NvVnxo69oEDFNyU9uNViyNN5ANtgJdbU,AQACAAE/freenethg_test/1/

This is the line others can use to clone your project and pull from it.

And with this we finished setting up our anonymous collaboration repository.

When we commit, every commit will directly be uploaded into Freenet.

So now we can pass the freenet Request uri to others who can clone our repository and setup their own repositories in freenet. When they add something interesting, we then pull the data from their Request uri and merge their code with ours.

Setup a more convenient anonymous workflow

This workflow is already useful, but it's a bit inconvenient to have to wait after each commit until your changes have been uploaded. So we'll now change this basic workflow a bit to be able to work more conveniently.

First step: clone our repositories to a backup location:

hg clone AnoFoo BackFoo

Second step: change our .hg/hgrc to only update when we push to the backup repository, and add the default-push path to the backup repository:

[paths]
default-push = ../BackFoo

[hooks]                                                               
pretxncommit = python:freenethg.username_checker                      
outgoing = python:freenethg.updatestatic_hook                           

[ui]
username = anonymuse

[freenethg]
commitusername = anonymuse
inserturi = USK@VERY_LONG_PRIVATE_KEY/AnoFoo/1/

Changes: We now have a default-push path, and we changed the "commit" hook to an "outgoing" hook which is evoked everytime changes leave this repository. It will also be evoked when someone pulls from this repo, but not when we clone it locally.

Now our commits roll as fast as we're used to from other Mercurial repositories and freenethg will make sure we don't use the wrong username.

When we want to anonymously publish the repository we then simply use

hg push

This will push the changes to the backup and then upload it to your anonymous repository.

And now we finished setting up our reopsitory and can begin using an anonymous and almost infinitely scaleable workflow which only requires our freenet installation to be running when we push the code online.

One last touch: If an upload should chance to fail, you can always repeat it manually with

hg fcp-uploadstatic

Time to go

...out there and do some anonymous coding (Maybe with the workflow automatic trusted group of committers).

Happy hacking!

And if this post caught your interest or you want to say anything else about it, please write a comment.

Also please have a look at and vote for the wish to add a way to contribute anonymously to freenet, to make it secure against attacks on developers.

And last but not least: vote for this article on digg and on yigg.

Effortless password protected sharing of files via Freenet

Often you want to exchange some content only with people who know a given password and make it accessible to everyone in your little group but invisible to the outside world.

Until yesterday I thought that problem slightly complex, because everyone in your group needs a given encryption program, and you need a way to share the file without exposing the fact that you are sharing it.

Then I learned two handy facts about Freenet:

• <ArneBab> evanbd: If I insert a tiny file without telling anyone the key, can they get the content in some way?
  <evanbd> ArneBab: No.

• <toad_> dogon: KSK@<any string of text> -> generate an SSK private key from the hash of the text
  <toad_> dogon: if you know the string, you can both insert and retrieve it

In other words: Just inserting a file into freenet using the key KSK@<password> creates an invisible, password protected file which is shared over Freenet.

The file is readable and (within limits¹) writeable by everyone who knows the password, but invisible to everyone else.

To upload a file as KSK, just go to the filesharing tab, click “upload a file”, switch to advanced mode and enter the KSK key.

Or simply click here (requires freenet to be running on your computer with default settings).

It’s strange to think that I only learned this after more than 7 years of using Freenet. How many more nuggets might be hidden there, just waiting for someone to find them and document them in a style which normal users understand?

Freenet is a distributed datastore which can find and transfer data efficiently on restricted routes (search for meshnet scaling to see why that type of routing is really hard), and it uses a WebOfTrust for real-life spam-resistance without the need for a central authority (look at your mailbox to see how hard that is, even with big money).

How many more complex problems might it already have solved as byproduct in the search for censorship resistance?

So, what’s still to be said? Well, if Freenet sounds interesting: Join in!

Exploring the probability of successfully retrieving a file in freenet, given different redundancies and chunk lifetimes

In this text I want to explore the behaviour of the degrading yet redundant anonymous file storage in Freenet. It only applies to files which were not subsequently retrieved.

Every time you retrieve a file, it gets healed which effectively resets its timer as far as these calculations here are concerned. Due to this, popular files can and do live for years in freenet.

# encoding: utf-8
from spielfaehig import spielfähig
from collections import defaultdict
data = []
res = []
for chunknumber in range(5, 105, 5):...
byred = defaultdict(list)
for num, prob, red, retrieval in data:...
csv = "; num prob retrieval"
for red in byred:...

# now plot the files

plotcmd = """
set term png
set width 15
set xlabel "chunk probability"
set ylabel "retrieval probability"
set output freenet-prob-redundancy-2.png
plot "2.csv" using 2:3 select ($1 == 5) title "5 chunks", "" using 2:3 select ($1 == 10) title "10 chunks", "" using 2:3 select ($1 == 30) title "30 chunks", "" using 2:3 select ($1 == 100) title "100 chunks"
set output freenet-prob-redundancy-3.png
plot "3.csv" using 2:3 select ($1 == 5) title "5 chunks", "" using 2:3 select ($1 == 10) title "10 chunks", "" using 2:3 select ($1 == 30) title "30 chunks", "" using 2:3 select ($1 == 100) title "100 chunks"
set output freenet-prob-redundancy-4.png
plot "4.csv" using 2:3 select ($1 == 5) title "5 chunks", "" using 2:3 select ($1 == 10) title "10 chunks", "" using 2:3 select ($1 == 30) title "30 chunks", "" using 2:3 select ($1 == 100) title "100 chunks"
"""
with open("plot.pyx", "w") as f:...

from subprocess import Popen
Popen(["pyxplot", "plot.pyx"])

from spielfaehig import spielfähig
return spielfähig(0.99, 100, 100)
→ 0.366032341273

from spielfaehig import spielfähig
return spielfähig(0.999, 100, 100)
→ 0.904792147114

from spielfaehig import spielfähig
return spielfähig(0.99, 101, 100)
→ 0.732064682546

from spielfaehig import spielfähig
return spielfähig(0.995, 101, 100)
→ 0.908655654736

from spielfaehig import spielfähig
return spielfähig(0.984, 101, 100)
→ 0.518183035909

from spielfaehig import spielfähig
return spielfähig(0.712, 150, 100)
→ 0.904577767501

from spielfaehig import spielfähig
return spielfähig(0.663, 150, 100)
→ 0.500313163333

# encoding: utf-8
plotcmd = """
set term png
set width 15
set xlabel "redundancy"
set ylabel "lifetime [weeks]"
set output "freenet-prob-function.png"
set xrange [0:10]
plot (2/x) * 4 * (2**((0.5-1/x)/0.2))
"""
with open("plot.pyx", "w") as f:...

from subprocess import Popen
Popen(["pyxplot", "plot.pyx"])

Freenet anonymity: Best case and Worst case

As the i2p people say, anynomity is no boolean. Freenet allows you to take it a good deal further than i2p or tor, though. If you do it right.

• Worst case: If all of Apple would want to find you, because you declared that you would post the videos of the new iDing - and already sent them your videos as teaser before starting to upload them from an Apple computer (and that just after they lost their beloved dictator), you might be in problems if you use Opennet. You are about as safe as with tor or i2p.

• Best case: If a local politician would want to find you, after you uploaded proof that he takes bribes, and you compressed these files along with some garbage data and used Freenet in Darknet-mode with connections only to friends who would rather die than let someone take over their computer, there’s no way in hell, you’d get found due to freenet (the file data could betray you, or they could find you by other means, but Freenet won’t be your weak spot).

Naturally real life is somewhere in-between.

Things which improve anonymity a lot in the best case:

• Don’t let others know the data you are going to upload before the upload finished (would allow some attacks).
• Use only Darknet with trusted friends (Darknet means that you connect only to people you know personally. For that it is necessary to know other people who use Freenet).
• Upload small files so the time in which you are actively uploading is short.

Implied are:

• Use an OS without trojans. So no Windows. (Note: Linux can be hacked, too, but it is far less likely to already have been compromised)
• Use no Apple devices. You don’t control them yourself and can’t know what they have under the hood. (You are compromised from the time you buy them)
• If you use Android, flash it yourself to give it an OS you control (Freenet is not yet available for Android. That would be a huge task).
• Know your friends.

Important questions to ask:

• Who would want to find you?
• How much would they invest to find you?
• Do they already try to monitor Freenet? (in that case uploading files with known content would be dangerous)
• Do they already know you personally? If yes and if they might have already compromised your computer or internet connection, you can’t upload anything anonymously anywhere. In that case, never let stuff get onto your computer in the first place. Let someone else upload it, who is not monitored (yet).
• Can they eavesdrop on your internet connection? Then they might guess that you use Freenet from the amount of encrypted communication you do and might want to bug your computer just in case you want to use freenet against them some day.

See the Security Summary (mostly possible attacks) in the freenet wiki for details.

Freenet: WoT, database error, recovery patch

I just had a database error in WoT (the Freenet generic Web of Trust plugin) and couldn’t access one of my identities anymore (plus I didn’t have a backup of its private keys though it told me to keep backups – talk about carelessness :) ).

I asked p0s on IRC and he helped me patch together a WoT which doesn’t access the context for editing the ID (and in turn misses some functionality). This allowed me to regain my IDs private key and with that redownload my ID from freenet.

I didn’t want that patch rotting on my drive, so I uploaded it here: disable-context-checks-regain-keys.path

Applied to revision 4f84492d277e25618003e0e5a0cb14159a50535d of WoT staging.

Essentially it just comments out some stuff.

Infocalypse - Make your code survive the information apocalypse

Anonymous DVCS in the Darknet.
This is a mirror of the documentation of the infocalypse extension for Mercurial written by djk - published here with his permission. It is licensed solely under the GPLv2 or later.

Introduction

The Infocalypse 2.0 hg extension is an extension for Mercurial that allows you to create, publish and maintain incrementally updateable repositories in Freenet.

Your code is then hosted decentrally and anonymously, making it just as censorship-resistant as all other content in Freenet.

It works better than the other DVCS currently available for Freenet.

Most of the information you will find in this document can also be found in the extension's online help. i.e.:

hg help infocalypse

HOWTO: Infocalypse 2.0 hg extension

Table of Contents

• Introduction
• Requirements
• Installation
• Updating
• Background
• Basic Usage
  • Generating a new private key
  • Creating a new repository
  • Pushing to a repository
  • Pulling from a repository
• Using FMS to send and receive update notifications
  • The update trust map
  • Reading other people's notifications
  • Posting your own notifications
  • Pulling an announced repository
• Reinserting and 'sponsoring' repositories
• Forking a repository onto a new USK
• Sharing private keys
• Inserting a freesite
• Risks
• Advocacy
• Source Code
• Fixes and version information
• Freenet-only links
• Contact

Requirements

The extension has the following dependencies:

• Freenet
  You can more information on Freenet here:
  
  http://freenetproject.org/ [HTTP Link!]

• Python
  I test on Python 2.5.4 and 2.6.1. Any 2.5.x or later version should work. Earlier versions may work.

  You probably won't have to worry about installing Python. It's included in the Windows binary Mercurial distributions and most *nix flavor OS's should have a reasonably up to date version of Python installed.

• Mercurial
  You can find more information on Mercurial here:
  
  http://mercurial.selenic.com/ [HTTP Link!]

  Version 1.0.2 won't work.

  I use version 1.2.1 (x86 Gentoo) on a daily basis. Later versions should work.

  I've smoke tested 1.1.2 (on Ubuntu Jaunty Jackalope) and 1.3 (on Widows XP) without finding any problems.

• FMS
  Installation of the Freenet Messaging System (FMS) is optional but
  highly recommended. The hg fn-fmsread and hg fn-fmsnotify commands won't work without FMS. Without fn-fmsread it is extremely difficult to reliably detect repository updates.

  The official FMS freesite is here:

  USK@0npnMrqZNKRCRoGojZV93UNHCMN-6UU3rRSAmP6jNLE,~BG-edFtdCC1cSH4O3BWdeIYa8Sw5DfyrSV-TKdO5ec,AQACAAE/fms/106/
  
  

[TOC]

Installation

You checked the requirements and understandthe risks right?

Here are step-by-step instructions on how to install the extension.

• Download the bootstrap hg bundle:
  

  CHK@S~kAIr~UlpPu7mHNTQV0VlpZk-f~z0a71f7DlyPS0Do,IB-B5Hd7WePtvQuzaUGrVrozN8ibCaZBw3bQr2FvP5Y,AAIC--8/infocalypse2_1723a8de6e7c.hg
      

  You'll get a Potentially Dangerous Content warning from fproxy because the mime type isn't set. Choose 'Click here to force your browser to download the file to disk.'.

  I'll refer to the directory that you saved the bundle file to as DOWNLOAD_DIR.

• Create an empty directory where you want to install the extension.
  I'll refer to that directory as INSTALL_DIR in the
  rest of these instructions.

• Create an empty hg repository there. i.e.:
  

  cd INSTALL_DIR
  hg init
  

• Unbundle the bootstrap bundle into the new repository. i.e:
  

  hg pull DOWNLOAD_DIR/infocalypse2_1723a8de6e7c.hg
  hg update
  

• Edit the '[extensions]' section of your .hgrc/mercurial.ini
  file to point to the infocalypse directory in the unbundled source.

  # .hgrc/mercurial.ini snippet
  [extensions]
  infocalypse = INSTALL_DIR/infocalypse
  

  where INSTALL_DIR is the directory you unbundled into.

  If you don't known where to find/create your .hgrc/mercurial.ini file this link may be useful:
  
  http://www.selenic.com/mercurial/hgrc.5.html [HTTP Link!]

• Run fn-setup to create the config file and temp dir. i.e.
  

  hg fn-setup
     

  If you run your Freenet node on another machine or on a non-standard port you'll need to use the --fcphost and/or --fcpport parameters to set the FCP host and port respectively.

  By default fn-setup will write the configuration file for the extension (.infocalype on *nix, infocalypse.ini on Windows) into your home directory and also create a temp directory called infocalypse_tmp there.

  You can change the location of the temp directory by using the --tmpdir argument.

  If you want to put the config file in a different location set the cfg_file option in the [infocalypse] section of your .hgrc/mercurial.ini file before running fn-setup.

  Example .hgrc entry:
  # Snip, from .hgrc
  [infocalypse]
  cfg_file = /mnt/usbkey/s3kr1t/infocalypse.cfg

• Edit the fms_id and possibly fms_host/fms_port information in the.infocalyse/infocalypse.ini file. i.e.:
  
  

  # Example .infocalypse snippet
  fms_id = YOUR_FMS_ID
  
  fms_host = 127.0.0.1
  fms_port = 1119
  

  where YOUR_FMS_ID is the part of your fms id before the '@' sign.

  If you run FMS with the default settings on the same machine you are running
  Mercurial on you probably won't need to adjust the fcp_host or fcp_port.

  You can skip this step if you're not running fms.

• Read the latest know version of the extension's repository USK index from FMS.
  

  hg fn-fmsread -v
  

  You can skip this step if you're not running fms.

• Pull the latest changes to the extension from Freenet for the first time. Don't skip this step! i.e.:
  

  hg fn-pull --aggressive --debug --uri USK@kRM~jJVREwnN2qnA8R0Vt8HmpfRzBZ0j4rHC2cQ-0hw,2xcoQVdQLyqfTpF2DpkdUIbHFCeL4W~2X1phUYymnhM,AQACAAE/infocalypse.hgext.R1/41
  hg update
  

  You may have trouble finding the top key if you're not using fn-fmsread. Just keep retrying. If you know the index has increased, use the new index in the URI.

  After the first pull, you can update without the URI.

[TOC]

Updating

This extension is under active development. You should periodically update to get the latest bug fixes and new features.

Once you've installed the extension and pulled it for the first time, you can get updates by cd'ing into the initial INSTALL_DIRand typing:

hg fn-fmsread -vhg fn-pull --aggressive hg update

If you're not running FMS you can skip the fn-fmsread step. You may have trouble getting the top key. Just keep retrying.

If you're having trouble updating and you know the index has increased, use the full URI with the new index as above.

[TOC]

Background

Here's background information that's useful when using the extension.See the
Infocalypse 2.0 hg extension page on my freesite for a more detailed description of how the extension works.

Repositories are collections of hg bundle files

An Infocalypse repository is just a collection of hg bundle files which have been inserted into Freenet as CHKs and some metadata describing how to pull the bundles to reconstruct the repository that they represent. When you 'push' to an infocalypse repository a new bundleCHK is inserted with the changes since the last update. When you 'pull', only the CHKs for bundles for changesets not already in the local repository need to be fetched.

Repository USKs

The latest version of the repository's metadata is stored on a Freenet Updateable Subspace Key (USK) as a small binary file.

You'll notice that repository USKs end with a number without a trailing '/'. This is an important distinction. A repository USK is not a freesite. If you try to view one with fproxy you'll just get a 'Potentially Dangerous Content' warning. This is harmless, and ugly but unavoidable at the current time because of limitation in fproxy/FCP.

Repository top key redundancy

Repository USKs that end in *.R1/<number> are inserted redundantly, with a second USK insert done on *.R0/<number>. Top key redundancy makes it easier for other people to fetch your repository.

Inserting to a redundant repository USK makes the inserter more vulnerable to
correlation attacks. Don't use '.R1' USKs if you're worried about this.

Repository Hashes

Repository USKs can be long and cumbersome. A repository hash is the first 12 bytes of the Sha1 hash of the zero index version of a repository USK. e.g.:

SHA1( USK@kRM~jJVREwnN2qnA8R0Vt8HmpfRzBZ0j4rHC2cQ-0hw,2xcoQVdQLyqfTpF2DpkdUIbHFCeL4W~2X1phUYymnhM,AQACAAE/infocalypse.hgext.R1/0 )
  == 'be68e8feccdd'

You can get the repository hash for a repository USK using:

hg fn-info

from a directory the repository USK has been fn-pull'd into.

You can get the hashes of repositories that other people have announced via fms with:

hg fn-fmsread --listall

Repository hashes are used in the fms update trust map.

The default private key

When you run fn-setup, it creates a default SSK private key, which it stores inthe default_private_key parameter in your .infocalypse/infocalypse.ini file.

You can edit the config file to substitute any valid SSK private key you want.

If you specify an Insert URI without the key part for an infocalypse command the default private key is filled in for you. i.e

hg fn-create --uri USK@/test.R1/0

Inserts the local hg repository into a new USK in Freenet, using the private key in your config file.

USK <--> Directory mappings

The extension's commands 'remember' the insert and request repository USKs they were last run with when run again from the same directory.

This makes it unnecessary to retype cumbersome repository USK values once a repository has been successfully pulled or pushed from a directory.

Aggressive top key searching

fn-pull and fn-push have an --aggressive command line argument which causes them to search harder for the latest request URI.

This can be slow, especially if the USK index is much lower than the latest index in Freenet.

You will need to use it if you're not using FMS update notifications.

[TOC]

Basic Usage

Here are examples of basic commands.

Generating a new private key

You can generate an new private key with:

hg fn-genkey

This has no effect on the stored default private key.

Make sure to change the 'SSK' in the InsertURI to 'USK' when supplying the insert URI on the command line.

Creating a new repository

hg fn-create --uri USK@/test.R1/0

Inserts the local hg repository into a new USK in Freenet, using the privatekey in your config file. You can use a full insert URI value if you want.

If you see an "update -- Bundle too big to salt!" warning message when you run this command you should consider running
fn-reinsert --level 4.

Pushing to a repository

hg fn-push --uri USK@/test.R1/0

Pushes incremental changes from the local directory into an existing Infocalypse repository.

The <keypart>/test.R1/0 repository must already exist in Freenet.In the example above the default private key is used. You could have specified a full Insert URI. The URI must end in a number but the value doesn't matter because fn-push searches for the latest unused index.

You can ommit the --uri argument whenyou run from the same directory the fn-create (or a previous fn-push)was run from.

Pulling from a repository

hg fn-pull --uri <request uri>

pulls from an Infocalypse repository in Freenet intothe local repository.
Here's an example with a fully specified uri.

You can ommit the --uri argument whenyou run from the same directory a previous fn-pull was successfully run from.

For maximum reliability use the --aggressive argument.

[TOC]

Using FMS to send and receive update notifications

The extension can send and receive repository update notifications via FMS. It is highly recommended that you
setup this feature.

The update trust map

There's a trust map in the .infocalypse/infocalypse.ini config file which determines which fms ids can update the index values for which repositories. It is purely local and completely separate from the trust values which appear in the FMS web of trust.

The format is:
<number> = <fms_id>|<usk_hash0>|<usk_hash1>| ... |<usk_hashn>

The number value must be unique, but is ignored.

The fms_id values are the full FMS ids that you are trusting to update the repositories with the listed hashes.

The usk_hash* values are repository hashes.

Here's an example trust map config entry:

# Example .infocalypse snippet
[fmsread_trust_map]
1 = test0@adnT6a9yUSEWe5p8J-O1i8rJCDPqccY~dVvAmtMuC9Q|55833b3e6419
0 = djk@isFiaD04zgAgnrEC5XJt1i4IE7AkNPqhBG5bONi6Yks|be68e8feccdd|5582404a9124
2 = test1@SH1BCHw-47oD9~B56SkijxfE35M9XUvqXLX1aYyZNyA|fab7c8bd2fc3

You must update the trust map to enable index updating for repos other than the one this code lives in (be68e8feccdd). You can edit the config file directly if you want.

However, the easiest way to update the trust map is by using the--trust and --untrust options on fn-fmsread.

For example to trust falafel@IxVqeqM0LyYdTmYAf5z49SJZUxr7NtQkOqVYG0hvITwto notify you about changes to the repository with repo hash 2220b02cf7ee,type:

hg fn-fmsread --trust --hash 2220b02cf7ee --fmsid falafel@IxVqeqM0LyYdTmYAf5z49SJZUxr7NtQkOqVYG0hvITw

And to stop trusting that FMS id for updates to 2220b02cf7ee, you would type:

hg fn-fmsread --untrust --hash 2220b02cf7ee --fmsid falafel@IxVqeqM0LyYdTmYAf5z49SJZUxr7NtQkOqVYG0hvITw

To show the trust map type:

hg fn-fmsread --showtrust

Reading other people's notifications

hg fn-fmsread -v

Will read update notifications for all the repos in the trust map and locally cache the new latest index values. If you run with -vit prints a message when updates are available which weren't used because the sender(s) weren't in the trust map.

hg fn-fmsread --list

Displays announced repositories from fms ids that appear inthe trust map.

hg fn-fmsread --listall

Displays all announced repositories including ones from unknown fms ids.

Pulling an announced repository

You can use the --hash option with fn-pull to pull any repository you see in the fn-read --list or fn-read --listall lists.

For example to pull the latest version of the infocalypse extension code, cd to an empty directory and type:

hg inithg fn-pull --hash be68e8feccdd --aggressive

Posting your own notifications

hg fn-fmsnotify -v

Posts an update notification for the current repository to fms.

You MUST set the fms_id value in the config fileto your fms id for this to work.

Use --dryrun to double check before sending the actual fms message.

Use --announce at least once if you want your USK to show up in the fmsread --listall list.

By default notifications are written to and read from the infocalypse.notify fms group.

The read and write groups can be changed by editing the following variables in the config file:

fmsnotify_group = <group>
fmsread_groups = <group0>[|<group1>|...]

fms can have pretty high latency. Be patient. It may take hours (sometimes a day!) for your notification to appear. Don't send lots of redundant notifications.

[TOC]

Reinserting and 'sponsoring' repositories

hg fn-reinsert

will re-insert the bundles for the repository that was last pulled into the directory.

The exact behavior is determined by the level argument.

level:

• 1 - re-inserts the top key(s)
• 2 - re-inserts the top keys(s), graphs(s) and the most recent update.
• 3 - re-inserts the top keys(s), graphs(s) and all keys required to bootstrap the repo.

  This is the default level.

• 4 - adds redundancy for big (>7Mb) updates.
• 5 - re-inserts existing redundant big updates.

Levels 1 and 4 require that you have the privatekey for the repository. For other levels, the top key insert is skipped if you don't have the private key.

DO NOT use fn-reinsert if you're concerned about
correlation attacks. The risk is on the order of re-inserting a freesite, but may be worse if you use redundant(i.e. USK@<line noise>/name.R1/0) top keys.

[TOC]

Forking a repository onto a new USK

hg fn-copy --inserturi USK@/name_for_my_copy.R1/0

copies the Infocalypse repository which was fn-pull'd intothe local directory onto a new repository USK under your default private key. You can use a full insert URI if you want.

This only requires copying the top key data (a maximum of 2 SSK inserts).

[TOC]

Sharing private keys

It is possible for multiple people to collaborate anonymously over Freenet by sharing the private key to a single Infocalypse repository.

The FreeFAQ is an example of this technique.

Here are some things to keep in mind when sharing private keys.

• There is no (explict) key revocation in Freenet
  
  If you decide to share keys, you should generate a special key on a per repo basis with fn-genkey. There is no way to revoke a private key once it has been shared. This could be mitigated with an ad-hoc convention. e.g. if I find any file named USK@<public_key>/revoked.txt, I stop using the key.
• Non-atomic top key inserts
  
  Occasionally, you might end up overwriting someone elses commits because the FCP insert of the repo top key isn't atomic. I think you should be able to merge and re fn-push to resolve this. You can fn-pull a specific version of the repo by specify the full URI including the version number with --uri and including the --nosearch option.
• All contributors should be in the fn-fmsread trust map

[TOC]

Inserting a freesite

hg fn-putsite --index <n>

inserts a freesite based on the configuration inthe freesite.cfg file in the root of the repository.

Use:

hg fn-putsite --createconfig

to create a basic freesite.cfg file that you can modify. Look at the comments in it for an explanation of the supported parameters.

The default freesite.cfg file inserts using the same private key as the repo and a site name of 'default'. Editing the name is highly recommended.

You can use --key CHK@ to insert a test version of the site to a CHK key before writing to the USK.

Limitations:

• You MUST have fn-pushed the repo at least once in order to insert using the repo's private key. If you haven't fn-push'd you'll see this error: "You don't have the insert URI for this repo. Supply a private key with --key or fn-push the repo."
• Inserts all files in the site_dir directory in the freesite.cfg file. Run with --dryrun to make
  sure that you aren't going to insert stuff you don't want too.
• You must manually specify the USK edition you want to insert on. You will get a collision error
  if you specify an index that was already inserted.
• Don't use this for big sites. It should be fine for notes on your project. If you have lots of images
  or big binary files use a tool like jSite instead.
• Don't modify site files while the fn-putsite is running.

[TOC]

Risks

I don't believe that using this extension is significantly more dangerous that using any other piece of Freenet client code, but here is a list of the risks which come to mind:

• Freenet is beta software
  The authors of Freenet don't pretend to guarantee that it is free of bugs that could that could compromise your anonymity or worse.

  While written in Java, Freenet loads native code via JNI (FEC codecs, bigint stuff, wrapper, etc.) that makes it vulnerable to the same kinds of attacks as any other C/C++ code.

• FMS == anonymous software
  FMS is published anonymously on Freenet and it is written in C++ with dependencies on large libraries which could contain security defects.

  I personally build FMS from source and run it in a chroot jail.

  Somedude, the author of FMS, seems like a reputable guy and has conducted himself as such for more than a year.

• correlation attacks
  There is a concern that any system which inserts keys that can be predicted ahead of time could allow an attacker with control over many nodes in the network to eventually find the IP of your node.

  Any system which has this property is vulnerable. e.g. fproxy Freesite insertion,Freetalk, FMS, FLIP. This extension's optional use of
  redundant top keys may make it particularly vulnerable. If you are concerned don't use '.R1' keys.

  Running your node in pure darknet mode with trusted peers may somewhat reduce the risk of correlation attacks.

• Bugs in my code, Mercurial or Python
  I do my best but no one's perfect.

  There are lots of eyes over the Mercurial and Python source.

[TOC]

Advocacy

Here are some reasons why I think the Infocalypse 2.0 hg extension is better than
pyFreenetHg and
egit-freenet:

• Incremental

  You only need to insert/retrieve what has actually changed. Changes of up to 32kof compressed deltas can be fetched in as little as one SSK fetch and one CHK fetch.

• Redundant

  The top level SSK and the CHK with the representation of the repository state are inserted redundantly so there are no 'critical path' keys. Updates of up to ~= 7Mbare inserted redundantly by cloning the splitfile metadata at the cost of a single32k CHK insert.

• Re-insertable

  Anyone can re-insert all repository data except for the top level SSKs with a simple command (hg fn-reinsert). The repository owner can re-insert the top levelSSKs as well.

• Automatic rollups

  Older changes are automatically 'rolled up' into large splitfiles, such that the entire repository can almost always be fetched in 4 CHK fetches or less.

• Fails explictly

  REDFLAG DCI

[TOC]

Source Code

The authoritative repository for the extension's code is hosted in Freenet:

hg inithg fn-fmsread -vhg fn-pull --aggressive --debug --uri USK@kRM~jJVREwnN2qnA8R0Vt8HmpfRzBZ0j4rHC2cQ-0hw,2xcoQVdQLyqfTpF2DpkdUIbHFCeL4W~2X1phUYymnhM,AQACAAE/infocalypse.hgext.R1/41hg update

It is also mirrored on bitbucket.org:

hg clone http://bitbucket.org/dkarbott/infocalypse_hgext/

[TOC]

Fixes and version information

• hg version: c51dc4b0d282
  
  Fixed abort: <bundle_file> not found! problem on fn-pull when hg-git plugin was loaded.
• hg version: 0c5ce9e6b3b4
  
  Fixed intermittent stall when bootstrapping from an empty repo.
• hg version: 7f39b20500f0
  
  Fixed bug that kept fn-pull --hash from updating the initial USK index.
• hg version: 7b10fa400be1
  
  Added fn-fmsread --trust and --untrust and fn-pull --hash support.
  
  
  fn-pull --hash isn't really usable until 7f39b20500f0
• hg version: ea6efac8e3f6
  
  Fixed a bug that was causing the berkwood binary 1.3 Mercurial distribution
  (http://mercurial.berkwood.com/binaries/Mercurial-1.3.exe [HTTP Link!]) not to work.

[TOC]

Freenet-only links

This document is meant to inserted into Freenet.

It contains links (starting with 'CHK@' and 'USK@')to Freenet keys that will only work from within fproxy [HTTP link!].

You can find reasonably up to date version of this document on my freesite:

USK@-bk9znYylSCOEDuSWAvo5m72nUeMxKkDmH3nIqAeI-0,qfu5H3FZsZ-5rfNBY-jQHS5Ke7AT2PtJWd13IrPZjcg,AQACAAE/feral_codewright/15/infocalypse_howto.html

[TOC]

Contact

FMS:
djk@isFiaD04zgAgnrEC5XJt1i4IE7AkNPqhBG5bONi6Yks

I lurk on the freenet and fms boards.

If you really need to you can email me at d kar bott at com cast dot net but I prefer FMS.

freesite:
USK@-bk9znYylSCOEDuSWAvo5m72nUeMxKkDmH3nIqAeI-0,qfu5H3FZsZ-5rfNBY-jQHS5Ke7AT2PtJWd13IrPZjcg,AQACAAE/feral_codewright/15/

[TOC]

Spread Freenet: A call for action on identi.ca and twitter

“Daddy, where were you, when they took the freedom of the press away from the internet?” — Mike Godwin, Electronic Frontier Foundation

Reposted from Freetalk, the distributed pseudonymous forum in Freenet.

For all those among you, who use twitter¹ and/or identi.ca², this is a call to action.

Go to your identi.ca or twitter accounts and post about freenet. Tell us in 140 letters why freenet is your tool of choice, and remember to use the !freenet group (identi.ca) or #freenet hashtag (twitter), so we can resend your posts!

I use !freenet because we might soon need it as safe harbour to coordinate the fight against censorship → freenetproject.org !zensur — ArneBab

The broader story is the emerging concept of a right to freely exchange arbitrary data — Toad (the main freenet developer)

Background

There are still very many people out there who don’t know what freenet is. Just today a coder came into the #freenet IRC channel, asked what it did and learned that it already does everything he had thought about. And I still remember someone telling me “It would be cool if we had something like X-net from Cory Doctorow’s ‘Little Brother’” — he did not know that freenet already offers that with much improved security.

So we need to get the word out about freenet. And we have powerful word to choose from, beginning with Mike Godwin’s cite above but going much further. To just name a few buzz-words: Freenet is a crowdfunded distributed and censorship resistant freesoftware cloud publishing system. And different from info about corporate PR-powered projects, all these buzz words are true.

But to make us effective, we need to achieve critical mass. And to reach that, we need to coordinate and cross promote heavily.

Call to action

So I want to call to you to go to your identi.ca or twitter accounts and post about freenet. Tell us in 140 letters why freenet is your tool of choice, and remember to use the !freenet group or #freenet hashtag, so we can find and retweet your posts!

If you use identi.ca, join the !freenet group, so you get informed about new freenet-posts automatically.

We can make a difference, if we fight together.

And if you always wanted to get an identi.ca account, here’s the opportunity to get it and do something good at the same time :)

If you already have a twitter-account, you can connect your identi.ca account to your twitter account, then post to identi.ca and have your post forwarded to twitter automatically.

Additional info

Besides: My accounts are:

• http://twitter.com/ArneBab
• http://identi.ca/ArneBab

But no need to tell me your account and connect your Freetalk ID with it. Just use identi.ca or twitter and remember to tell your friends to talk about freenet, too (so we can’t find out who read this post and who decided to join in because he learned about the action from a friend).

As second line of defense, I also posted this message to my website and hereby allow anyone to reuse it in any form and under any license (up to the example tweets), so I can’t know who saw it here and who saw it elsewhere.

→ http://draketo.de/light/english/spread-freenet-a-call-to-action-on-twitter-and-identica

I hope I’ll soon see floods of entusiastic tweets and dents about Freenet!

Some example tweets and/or dents

I’ll gladly post and link yours here, if you allow it!

!Freenet: #crowdfunded distributed and censorship resistant !freesoftware cloud publishing → http://freenetproject.org — rightful buzz! — ArneBab

#imhappiestwhen when the internet is free. I hope it will remain so thanks to projects like #Freenet http://t.co/GMRXmDt — Gaming4JC

#freenet: freedom to publish that you may have to rely on, because censorship and ©ensorship are on the rise — Ixoliva

Wrapup: Make Sone scale - fast, anonymous, decentral microblogging over freenet

Sone¹ allows fast, identi.ca-style microblogging in Freenet. This is my wrapup on a discussion on the steps to take until Sone can become an integral part of Freenet.

Current state

• Is close to realtime.

• Downloads all IDs and all their posts and replies → polling which won’t scale; short term local breakage.

• Uploads all posts on every update → Can displace lots of content. Effective Size: X*M, X = revisions which did not drop out, M = total number of your messages. Long term self-DDoS of freenet.

Future

• Is close to realtime for those you follow and your usual discussion group.

• Uploads only recent posts directly and bundles older posts → much reduced storage need: Effective size: B * Z + Y*M; B = posts per bundle, Z = number of bundles which did not drop out, Y = numbers of not yet bundled messages; Z << Y, B << X, Y << X.

• Downloads only the ones you follow + ones you get told about. Telling others means that you need to include info about people you follow, because you only get information from them.

Telling others about replies, options

• Include all replies to anyone which I see in my own Sone → size rises massively, since you include all replies of all people you follow in your own Sone.

• Include all IDs from which you saw replies along with the people they replied to → needs to poll more IDs. Optionally forward that info for several hops → for efficient routing it needs knowledge about the full follower topology, which is a privacy risk.

• Discovering replies from people you don’t know yet: Add a WoT info: replies. Updated only when you reply to someone you did not reply to before. Poll people’s reply lists based on their WoT rating. Keep a list of people who answered one of your posts and poll these more often. Maybe poll people instantly who solve one of your captchas (your general captcha queue) → new users can enter quickly. When you solve captchas in WoT, preferably solve those from people you follow.
  → four ways to discover a reply:

  1. poll those you follow,
  2. poll the people who posted the latest replies to you (your usual discussion-group),
  3. poll those who solve one of your captchas (get new people in as fast as possible) and
  4. poll the replies-info from everyone with the polling frequency based on their WoT rating.

“regarding B.S. like SOPA, PIPA, … freenet seems like a good idea after all!”

“Some years ago, I had a look at freenet and wasn't really convinced, now I'm back - a lot has changed, it grew bigger and insanely fast (in freenet terms), like it a lot, maybe this time I'll keep it. Especially regarding B.S. like SOPA, PIPA and other internet-crippling movements, freenet seems like a good idea after all!”
— sparky in Sone

So, if you know freenet and it did not work out for you in the past, it might be time to give it another try: freenetproject.org

This quote just grabbed me, and sparky gave me permission to cite it.

A short introduction to Mercurial with TortoiseHG (GNU/Linux and Windows)

Downloading the Repository

After installing TortoiseHG, you can download a repository to your computer by right-clicking in a folder and selecting the menu "TortoiseHG" and then "Clone" in there (currently you still need Windows for that - all other dialogs can be evoked in GNU/Linux on the commandline via "hgtk").

Right-Click menu, Windows:

Create Clone, GNU/Linux:

In the dialog you just enter the url of the repository, for example:

http://www.bitbucket.org/ArneBab/md-esw-2009

(that's also the address of the repository in the internet - just try clicking the link.

When you log in to bitbucket.org you will find a clone-address directly on the site. You can also use that clone address to upload changes (it contains your login-name, and I can give you "push" access on that site).

Workflow with TortoiseHG

This gives you two basic abilities:

• Save and view changes locally, and
• synchronize changes with others.

(I assume that part of what I say is redundant, but I'd rather write a bit too much than omit a crucial bit)

To save changes, you can simlply select "HG Commit" in the right-click-menu. If some of your files aren't known to HG yet (the box before the file isn't ticked), you have to add them (tick the box) to be able to commit them.

To go back to earlier changes, you can use "Checkout Revision" in the "TortoiseHG" menu. In that dialog you can then select the revision you want to see and use the icon on the upper left to get all files to that revision.

You can synchronize by right-clicking in the folder and selecting "Synchronize" in the "TortoiseHG" menu (inside the right-click menu). In the opening dialog you can "push" (upload changes - arrow up with the bar above it), "pull" (download changes to your computer - arrow down with bar below), and check what you would pull or push (arrows iwthout bars). I thing that using dialog will soon became second nature for you, too :)

Have fun with TortoiseHG! :) - Arne

PS: There's also a longer intro to TortoiseHG and an overview to DVCS.

PPS: md-esw-2009 is a repository in which Baddok and I planned a dual-gm roleplaying session Mechanical Dream.

PPPS: There's also a german version of this article on my german pages.

Gentoo live ebuild for Mercurial

We (nelchael and me) just finished a live ebuild for Mercurial which allows to conveniently track the main (mpm) repo of Mercurial in Gentoo.

To use the ebuild, just add

=dev-util/mercurial-9999 **  

to your package.keywords and emerge mercurial (again).

It took us a while since we had to revise the Mercurial eclass to always build Mercurial live packages from their Mercurial repository and nelchael took the chance to completely overhaul the eclass.

If you're interested in the details, please have a look at the ebuild and the eclass as well as the tracking bug.

To use the eclass in an ebuild, just add inherit mercurial at the beginning of the ebuild and set EHG_REPO_URI to the correct repository URI. If you need to share a single repository between several ebuilds, set EHG_PROJECT to the project name in all of them.

Have fun with Mercurial!

Learning Mercurial in Workflows

The official workflow guide for Mercurial, mirrored from mercurial.selenic.com/guide. License: GPLv2 or later.

It delves into nonlinear history and merging right from the beginning and uses only features you get without activating extensions. Due to this it offers efficient and safe workflows without danger of losing already committed work.

• Basic workflows
• Log keeping
• Lone developer with nonlinear history
• Separate features
• Sharing changes
• Summary
• Advanced workflows
• Backing out bad revisions
• Collaborative feature development
• Tagging revisions
• Removing history
• Summary
• More complex workflows
• License

With Mercurial you can use a multitude of different workflows. This page shows some of them, including their use cases. It is intended to make it easy for beginners of version tracking to get going instantly and learn completely incrementally. It doesn't explain the concepts used, because there are already many other great resources doing that, for example the wiki and the hgbook.

If you want a more exhaustive tutorial with the basics, please have a look at the Tutorial in the Mercurial Wiki. For a really detailed and very nice to read description of Mercurial, please have a look at Mercurial: The Definitive Guide.

Basic workflows

We go from simple to more complex workflows. Those further down build on previous workflows.

Log keeping

Use Case

The first workflow is also the easiest one: You want to use Mercurial to be able to look back when you did which changes.

This workflow only requires an installed Mercurial and write access to some file storage (you almost definitely have that :) ). It shows the basic techniques for more complex workflows.

Workflow

Prepare Mercurial

As first step, you should teach Mercurial your name. For that you open the file ~/.hgrc (or mercurial.ini in your home directory for Windows) with a text-editor and add the ui section (user interaction) with your username:

[ui]
username = Mr. Johnson <johnson@smith.com>

Initialize the project

Now you add a new folder in which you want to work:

$ hg init project

Add files and track them

$ cd project
$ (add files)
$ hg add
$ hg commit
(enter the commit message)

$ cd project
$ hg init

$ hg add file0* file10 file11 file12

Save changes

$ (do some changes)

see which files changed, which have been added or removed, and which aren't tracked yet

$ hg status

see the exact changes

$ hg diff

commit the changes.

$ hg commit

now an editor pops up and asks you for a commit message. Upon saving and closing the editor, your changes have been stored by Mercurial.

Move and copy files

When you copy or move files, you should tell Mercurial to do the copy or move for you, so it can track the relationship between the files.

Remember to commit after moving or copying. From the basic commands only commit creates a new revision

$ hg cp original copy
$ hg commit
(enter the commit message)
$ hg mv original target
$ hg commit
(enter the commit message)

Now you have two files, "copy" and "target", and Mercurial knows how they are related.

Check your history

$ hg log

This prints a list of changesets along with their date, the user who committed them (you) and their commit message.

To see a certain revision, you can use the -r switch (--revision). To also see the diff of the displayed revisions, there's the -p switch (--patch)

$ hg log -p -r 3

Lone developer with nonlinear history

Use case

The second workflow is still very easy: You're a lone developer and you want to use Mercurial to keep track of your own changes.

It works just like the log keeping workflow, with the difference that you go back to earlier changes at times.

To start a new project, you initialize a repository, add your files and commit whenever you finished a part of your work.

Also you check your history from time to time, so see how you progressed.

Workflow

Basics from log keeping

Init your project, add files, see changes and commit them.

$ hg init project
$ cd project
$ (add files)
$ hg add # tell Mercurial to track all files
$ (do some changes)
$ hg diff # see changes
$ hg commit # save changes
$ hg cp # copy files or folders
$ hg mv # move files or folders
$ hg log # see history

Seeing an earlier revision

Different from the log keeping workflow, you'll want to go back in history at times and do some changes directly there, for example because an earlier change introduced a bug and you want to fix it where it occurred.

To look at a previous version of your code, you can use update. Let's assume that you want to see revision 3.

$ hg update 3

Now your code is back at revision 3, the fourth commit (Mercurial starts counting at 0).
To check if you're really at that revision, you can use identify -n.

$ hg identify -n

To update to the most recent revision, you can use "tip" as revision name.

$ hg update tip

Fixing errors in earlier revisions

When you find a bug in some earlier revision you have two options: either you can fix it in the current code, or you can go back in history and fix the code exactly where you did it, which creates a cleaner history.

To do it the cleaner way, you first update to the old revision, fix the bug and commit it. Afterwards you merge this revision and commit the merge. Don't worry, though: Merging in mercurial is fast and painless, as you'll see in an instant.

Let's assume the bug was introduced in revision 3.

$ hg update 3
$ (fix the bug)
$ hg commit

Now the fix is already stored in history. We just need to merge it with the current version of your code.

$ hg merge

If there are conflicts use hg resolve - that's also what merge tells you to do in case of conflicts.

First list the files with conflicts

$ hg resolve --list

Then resolve them one by one. resolve attempts the merge again

$ hg resolve conflicting_file
(fix it by hand, if necessary)

Mark the fixed file as resolved

$ hg resolve --mark conflicting_file

Commit the merge, as soon as you resolved all conflicts. This step is also necessary when there were no conflicts!

$ hg commit

At this point, your fix is merged with all your other work, and you can just go on coding. Additionally the history shows clearly where you fixed the bug, so you'll always be able to check where the bug was.

So now you can initialize repositories, save changes, update to previous changes and develop in a nonlinear history by committing in earlier changesets and merging the changes into the current code.

Separate features

Use Case

At times you'll be working on several features in parallel. If you want to avoid mixing incomplete code versions, you can create clones of your local repository and work on each feature in its own code directory.

After finishing your feature you then pull it back into your main directory and merge the changes.

Workflow

Work in different clones

First create the feature clone and do some changes

$ hg clone project feature1
$ cd feature1
$ (do some changes and commits)

Now check what will come in when you pull from feature1, just like you can use diff before committing. The respective command for pulling is incoming

$ cd ../project
$ hg incoming ../feature1

If you like the changes, you pull them into the project

$ hg pull ../feature1

Now you have the history of feature1 inside your project, but the changes aren't yet visible. Instead they are only stored inside a ".hg" directory of the project (more information on the store).

If you didn't do any changes in the project, while you were working on feature1, you can just update to tip (hg update tip), but it is more likely that you'll have done some other changes in between changes. In that case, it's time for merging.

Merge feature1 into the project code

$ hg merge

If there are conflicts use hg resolve - that's also what merge tells you to do in case of conflicts. After you merge, you have to commit explicitly to make your merge final

$ hg commit
(enter commit message, for example "merged feature1")

You can create an arbitrary number of clones and also carry them around on USB sticks. Also you can use them to synchronize your files at home and at work, or between your desktop and your laptop.

Rollback mistakes

Now you can work on different features in parallel, but from time to time a bad commit might sneak in. Naturally you could then just go back one revision and merge the stray error, keeping all mistakes out of the merged revision. However, there's an easier way, if you realize your error before you do another commit or pull: rollback.

Rolling back means undoing the last operation which added something to your history.

Imagine you just realized that you did a bad commit - for example you didn't see a spelling error in a label. To fix it you would use

hg rollback

And then redo the commit

hg commit -m "message"

If you can use the command history of your shell and you added the previous message via commit -m "message", that following commit just means two clicks on the arrow-key "up" and one click on "enter".

Though it changes your history, rolling back doesn't change your files. It only undoes the last addition to your history.

But beware, that a rollback itself can't be undone. If you rollback and then forget to commit, you can't just say "give me my old commit back". You have to create a new commit.

Sharing changes

Use Case

Now we go one step further: You are no longer alone, and you want to share your changes with others and include their changes.

The basic requirement for that is that you have to be able to see the changes of others.

Mercurial allows you to do that very easily by including a simple webserver from which you can pull changes just as you can pull changes from local clones.

Workflow

Using the builtin webserver

This is the easiest way to quickly share changes.

First the one who wants to share his changes creates the webserver

$ hg serve

Now all others can point their browsers to his IP address (for example 192.168.178.100) at port 8000. They will then see all his history there and can decide if they want to pull his changes.

$ firefox http://192.168.178.100:8000

If they decide to include the changes, they just pull from the same URL

$ hg pull http://192.168.178.100:8000

At this point you all can work as if you had pulled from a local repository. All the data is now in your individual repositories and you can merge the changes and work with them without needing any connection to the served repository.

Sending changes by email

Often you won't have direct access to the repository of someone else, be it because he's behind a restrictive firewall, or because you live in different timezones. You might also want to keep your changes confidential and prefer internal email (if you want additional protection, you can also encrypt the emails, for example with GnuPG).

In that case, you can easily export your changes as patches and send them by email.

Another reason to send them by email can be that your policy requires manual review of the changes when the other developers are used to reading diffs in emails. I'm sure you can think of more reasons.

Sending the changes via email is pretty straightforward with Mercurial. You just export your changes and attach (or copy paste) it in your email. Your colleagues can then just import them.

First check which changes you want to export

$ cd project
$ hg log

We assume that you want to export changeset 3 and 4

$ hg export 3 > change3.diff
$ hg export 4 > change4.diff

Now attach them to an email and your colleagues can just run import on both diffs to get your full changes, including your user information.

To be careful, they first clone their repository to have an integration directory as sandbox

$ hg clone project integration
$ cd integration
$ hg import change3.diff
$ hg import change4.diff

That's it. They can now test your changes in feature clones. If they accept them, they pull the changes into the main repository

$ cd ../project
$ hg pull ../integration

$ hg bundle --base FIRST_REVISION_TO_BUNDLE changes.bundle

$ hg pull path/to/changes.bundle

Using a shared repository

Sending changes by email might be the easiest way to reach people when you aren't yet part of the regular development team, but it creates additional workload: You have to bundle the changes, send mails and then import the bundles manually. Luckily there's an easier way which works quite well: The shared push repository.

Till now we transferred all changes either via email or via pull. Now we use another option: pushing. As the name suggests it's just the opposite of pulling: You push your changes into another repository.

But to make use of it, we first need something we can push to.

By default hg serve doesn't allow pushing, since that would be a major security hole. You can allow pushing in the server, but that's no solution when you live in different timezones, so we'll go with another approach here: Using a shared repository, either on an existing shared server or on a service like BitBucket. Doing so has a bit higher starting cost and takes a bit longer to explain, but it's well worth the effort spent.

If you want to use an existing shared server, you can use serve there and allow pushing. Also there are some other nice ways to allow pushing to a Mercurial repository, including simple access via SSH.

Otherwise you first need to setup a BitBucket Account. Just signup at BitBucket. After signing up (and login) hover your mouse over "Repositories". There click the item at the bottom of the opening dialog which say "Create new".

Give it a name and a description. If you want to keep it hidden from the public, select "private"

$ firefox http://bitbucket.org

Now your repository is created and you see instructions for pushing to it. For that you'll use a command similar to the following (just with a different URL)

$ hg push https://bitbucket.org/ArneBab/hello/

(Replace the URL with the URL of your created repository. If your username is "Foo" and your repository is named "bar", the URL will be https://bitbucket.org/Foo/bar/)

Mercurial will ask for your BitBucket name and password, then push your code.

Voilà, your code is online.

Now it's time to tell all your colleagues to sign up at BitBucket, too.

After that you can click the "Admin" tab of your created repository and add the usernames of your colleagues on the right side under "Permission: Writers". Now they are allowed to push code to the repository.

(If you chose to make the repository private, you'll need to add them to "Permission: Readers", too)

If one of you now wants to publish changes, he'll simply push them to the repository, and all others get them by pulling.

Publish your changes

$ hg push https://bitbucket.org/ArneBab/hello/

Pull others changes into your local repository

$ hg pull https://bitbucket.org/ArneBab/hello/

People who join you in development can also just clone this repository, as if one of you were using hg serve

$ hg clone https://bitbucket.org/ArneBab/hello/ hello

That local repository will automatically be configured to pull/push from/to the online repository, so new contributors can just use hg push and hg pull without an URL.

Summary

Now let's take a step back and look where we are.

With the commands you already know, a bit reading of hg help <command> and some evil script-fu you can already do almost everything you'll ever need to do when working with source code history. So from now on almost everything is convenience, and that's a good thing.

First this is good, because it means, that you can now use most of the concepts which are utilized in more complex workflows.

Second it aids you, because convenience lets you focus on your task instead of focusing on your tool. It helps you concentrate on the coding itself. Still you can always go back to the basics, if you want to.

A short summary of what you can do which can also act as a short check, if you still remember the meaning of the commands.

create a project

$ hg init project
$ cd project
$ (add some files)
$ hg add
$ hg commit
(enter the commit message)

do nonlinear development

$ (do some changes)
$ hg commit
(enter the commit message)
$ hg update 0
$ (do some changes)
$ hg commit
(enter the commit message)
$ hg merge
$ (optionally hg resolve)
$ hg commit
(enter the commit message)

use feature clones

$ cd ..
$ hg clone project feature1
$ cd feature1
$ (do some changes)
$ hg commit
(enter the commit message)
$ cd ../project
$ hg pull ../feature1

share your repository via the integrated webserver

$ hg serve &
$ cd ..
$ hg clone http://127.0.0.1:8000 project-clone

export changes to files

$ cd project-clone
$ (do some changes)
$ hg commit
(enter the commit message)
$ hg export tip > ../changes.diff

import changes from files

$ cd ../project
$ hg import ../changes.diff

pull changes from a served repository (hg serve still runs on project)

$ cd ../feature1
$ hg pull http://127.0.0.1:8000

Use shared repositories on BitBucket

$ (setup bitbucket repo)
$ hg push https://bitbucket.org/USER/REPO
(enter name and password in the prompt)
$ hg pull https://bitbucket.org/USER/REPO

Let's move on towards useful features and a bit more advanced workflows.

Advanced workflows

Backing out bad revisions

Use Case

When you routinely pull code from others, it can happen that you overlook some bad change. As soon as others pull that change from you, you have little chance to get completely rid of it.

To resolve that problem, Mercurial offers you the backout command. Backing out a change means, that you tell Mercurial to create a commit which reverses the bad change. That way you don't get rid of the bad code in history, but you can remove it from new revisions.

Workflow

Let's assume the bad change was revision 3, and you already have one more revision in your
repository. To remove the bad code, you can just backout of it. This creates a new
change which reverses the bad change. After backing out, you can then merge that new change
into the current code.

$ hg backout 3
$ hg merge
(potentially resolve conflicts)
$ hg commit
(enter commit message. For example: "merged backout")

That's it. You reversed the bad change. It's still recorded that it was once there (following the principle "don't rewrite history, if it's not really necessary"), but it doesn't affect future code anymore.

Collaborative feature development

Now that you can share changes and reverse them if necessary, you can go one step further: Using Mercurial to help in coordinating the coding.

The first part is an easy way to develop features together, without requiring every developer to keep track of several feature clones.

Use Case

When you want to split your development into several features, you need to keep track of who works on which feature and where to get which changes.

Mercurial makes this easy for you by providing named branches. They are a part of the main repository, so they are available to everyone involved. At the same time, changes committed on a certain branch don't get mixed with the changes in the default branch, so features are kept separate, until they get merged into the default branch.

Workflow

When someone in your group wants to start coding on a feature without disturbing the others, he can create a named branch and commit there. When someone else wants to join in, he just updates to the branch and commits away. As soon as the feature is finished, someone merges the named branch into the default branch.

Working in a named branch

Create the branch

$ hg branch feature1
(do some changes)
$ hg commit
(write commit message)

Update into the branch and work in it

$ hg update feature1
(do some changes)
$ hg commit
(write commit message)

Now you can commit, pull, push and merge (and anything else) as if you were working in a separate repository. If the history of the named branch is linear and you call "hg merge", Mercurial asks you to specify an explicit revision, since the branch in which you work doesn't have anything to merge.

Merge the named branch

When you finished the feature, you merge the branch back into the default branch.

$ hg update default
$ hg merge feature1
$ hg commit
(write commit message)

And that's it. Now you can easily keep features separate without unnecessary bookkeeping.

Tagging revisions

Use Case

Since you can now code separate features more easily, you might want to mark certain revisions as fit for consumption (or similar). For example you might want to mark releases, or just mark off revisions as reviewed.

For this Mercurial offers tags. Tags add a name to a revision and are part of the history. You can tag a change years after it was committed. The tag includes the information when it was added, and tags can be pulled, pushed and merged just like any other committed change.

Workflow

Let's assume you want to give revision 3 the name "v0.1".

Add the tag

$ hg tag -r 3 v0.1

See all tags

$ hg tags

When you look at the log you'll now see a line in changeset 3 which marks the Tag. If someone wants to update to the tagged revision, he can just use the name of your tag

$ hg update v0.1

Now he'll be at the tagged revision and can work from there.

Removing history

Use Case

At times you will have changes in your repository, which you really don't want in it.

There are many advanced options for removing these, and most of them use great extensions (Mercurial Queues is the most often used one), but in this basic guide, we'll solve the problem with just the commands we already learned. But we'll use an option to clone which we didn't yet use.

This workflow becomes inconvenient when you need to remove changes, which are buried below many new changes. If you spot the bad changes early enough, you can get rid of them without too much effort, though.

Workflow

Let's assume you want to get rid of revision 2 and the highest revision is 3.

The first step is to use the "--rev" option to clone: Create a clone which only contains the changes up to the specified revision. Since you want to keep revision 1, you only clone up to that

$ hg clone -r 1 project stripped

Now you can export the change 3 from the original repository (project) and import it into the stripped one

$ cd project
$ hg export 3 > ../changes.diff
$ cd ../stripped
$ hg import ../changes.diff

If a part of the changes couldn't be applied, you'll see that part in *.rej files. If you have *.rej files, you'll have to include or discard changes by hand

$ cat *.rej
(apply changes by hand)
$ hg commit
(write commit message)

That's it. hg export also includes the commit message, date, committer and similar metadata, so you are already done.

Summary

So now you can work with Mercurial in private, and also share your changes in a multitude of ways.

Additionally you can remove bad changes, either by creating a change in the repository which reverses the original change, or by really rewriting history, so it looks like the change never occurred.

And you can separate the work on features in a single repository by using named branches and add tags to revisions which are visible markers for others and can be used to update to the tagged revisions.

With this we can conclude our practical guide.

More Complex Workflows

If you now want to check some more complex workflows, please have a look at the general workflows wikipage.

To deepen your understanding, you should also check the basic concept overview.

Have fun with Mercurial!

Mercurial for two Programmers who are (mostly) new to SCM

Written in the Mercurial mailing list

Hi Bernard,

Am Dienstag 03 Februar 2009 20:19:14 schrieb ... ...:
> Most of the docs I can find seem to assume the reader is familiar with
> existing software developemnt tools and methodologies.
>
> This is not the case for me.

It wasn't for me either, and I can assure you that using Mercurial becomes
natural quite quickly.

> Now, I need to coordinate with a second (also SCM clueless) programmer.
...
> I envision us both working the main trunk for many small day-to-day
> changes, and our own isolated repo for larger additions that we will each
> be working on.

I don't know about a HOWTO, but I can give you a short description about basic
usage and the workflow I'd use:

Basic usage

• Just commit as you'd have done in SVN via "hg commit".
• To get changes from others, do "hg pull -u".
  The "-u" says 'update my files'.
• If you already committed and then pull changes from someone else, you merge
  the changes with yours via "hg merge". Merging is quite painless in Mercurial, so you can easily do it often.
• Once you want to share your changes, do "hg push".
  Should that complain about "adding heads", pull and merge, then do the push again. If you really want to create new remote heads, you can use "hg push -f".

Workflow

• Firstoff: Create a main repository you both can push changes to. If you have ssh access to a shared machine, that's as simple as creating a repository on that machine via "hg init project".
• Now both of you clone from that repository via
  hg clone ssh://USER@ADDRESS:path/to/project project

  (ADDRESS can be either a host or an IP).

  That's your repository for the small day to day changes.

• If you want to do bigger changes, you create a feature clone via
  hg clone project feature1

  In that clone you simply work, pull and commit as usual, but you only push after you finished the feature.

  Once you finished the feature, you push the changes from the feature clone via "hg push" in feature1 (which gets them into your main working clone) and then push then onward into the shared repository.

That's it - or rather that's what I'd do. It might be right for you, too, and
if it isn't, don't be shy of experimenting. As long as you have a backup clone
lying around (for example cloned to a USB stick via "hg clone project
path/to/stick/project"), you can't do too much damage :)

I hope I could provide a bit of help :)

Mercurial Workflow: Feature seperation via named branches

Also published on Mercurials Workflows wikipage. Originally written for PyHurd: Python bindings for the GNU Hurd.

For Whom?

If you

1. want to develop features collaboratively and you want to be able to see later for which feature a given change was added or
2. want to do changes concurrently which would likely affect each other negatively while they are not finished, but which need to be developed in a group with minimal overhead,

then this workflow might be right for you.

Note: If you have a huge number of small features (2000 and upwards), the number of persistent named branches can create certain performance problems. For features which need no collaboration or need only a few commits, this workflow also has much unnecessary overhead. It is best used for features which will be developed side by side with default for some time (and many commits), so tracking the default branch against the feature is relevant. To mark single-commit features as belonging to a feature, just use the commit message.

Note: The difference between Mercurial named branches and git branches is that git branches don’t stay in history. They don’t allow you to find out later in which branch a certain commit was added. If you want git-style branching, just use bookmarks.

What you need

Just vanilla Mercurial.

Workflow

The workflow is 6-stepped:

1. create the new feature,
2. Implement and share,
3. merge other changes into it,
4. merge stable features,
5. close finished features and
6. reopen features.

Let’s see the steps in detail.

1. New feature

First start a new branch with the name of the feature (starting from default).

hg branch feature-x
# do some changes
hg commit -m "Started implemented feature-x"

2. Implement and share

Then commit away and push whenever you finish something which might be of interest to others, regardless how marginal.

You can push to a shared repository, or to your own clone or even send the changes via email to other contributors (for example via the mailbomb extension).

3. Merge in default

Merge changes in the default branch into your feature as often as possible to reduce the work necessary when you want to merge the feature later on.

hg update feature-x
hg merge default
hg commit -m "merged default into feature-x"

4. Merge stable features

When your feature is stable, merge it into default.

hg update default
hg merge feature-x
hg commit -m "merged feature-x"

5. Close the branch when it’s done

And when the feature needs no more work, close the branch.

# start from default, automatic when using a fresh clone
hg update default
hg branch feature-x
# do some changes
hg commit -m "started feature X" 
hg push 

# commit and push as you like

hg update default
hg merge feature-x
hg ci -m "merged feature X into default"
hg commit --close-branch -m "finished feature X"

This hides the branch from the output of hg branches, so you don’t clutter your history.

6. Reopen the feature

To improve a feature after it was officially closed, first merge default into the feature branch (to get it up to date), then work just as if you had started it.

hg up feature-x
hg merge default
hg ci -m "merged default into feature X"
# commit, push, repeat, finish

Generally merge default into your feature as often as possible.

Epilog

If this workflow helps you, I’d be glad to hear from you!

Track your scientific scripts with Mercurial

If you want to publish your scientific scripts, as Nick Barnes advises in Nature, you can very easily do so with Mercurial.

All my stuff (not just code), excempting only huge datasets, is in a Mercurial source repository¹.

Whenever I change something and it does anything new, I commit the files with a simple commit (even if it’s only “it compiles!”).

With that I can always check “which were the last things I did” (look into the log) or “when did I change this line, and why?” (annotate the file). Also I can easily share my scripts folder with others and Mercurial can merge my work and theirs, so if they fix a line and I fix another line, both fixes get integrated without having to manually copy-paste them around.

For all that it doesn’t need much additional expertise: The basics can be learned in just 15 minutes — and you’ll likely never need more than these for your work².

workflow concept: automatic trusted group of committers

Goal

A workflow where the repository gets updated only from repositories whose heads got signed by at least a certain percentage or a certain number of trusted committers.

Requirements

Mercurial, two hooks for checking and three special files in the repo.

The hooks do all the work - apart from them, the repo is just a normal Mercurial repository. After cloning it, you only need to setup the hooks to activate the workflow.

Extensions: gpg

Hooks: prechangegroup and pretxnchangegroup

Files: .hgtrustedkeys , .hgbackuprepos , .hgtrustminimum

concept

Hooks

• prechangegroup: Copy the local versions of the files for access in the pretxnchangegroup hook (might be unnecessary by letting the pretxnchangegroup hook use the rollback-info).

• pretxnchangegroup:

  • per head: check if the tipmost non-signature changeset has been GnuPG signed by enough trusted keys.
  • If not all heads have enough signatures, rollback, discard the current default repo and replace it with the backup repo which has the most changesets we lack. Continue discarding bad repos until you find one with enough signatures.

Special Files

.hgtrustedkeys contains a list of public GnuPG keys.

.hgbackuprepos contains a list of (pull) links to backup repositories.

.hgtrustminimum contains the percentage or number of keys from which a signature is needed for a head to be accepted.

Notes

With this workflow you can even do automatic updates from the repository. It should be ideal for release repositories of distributed projects.

If you want to work on the project, a very worthwhile goal might be implementing it in infocalypse: anonymous code collaboration via Freenet and Mercurial, built to survive the informational apocalypse (and any kind of censorship).

For me, Gentoo is about *convenient* choice

It's often said, that Gentoo is all about choice, but that doesn't quite fit what it is for me.

The highest ability to choose is Linux from scratch, after all, and I can have any amount of choice in every distribution by just going deep enough (and investing enough time).

What really distinguishes Gentoo for me is that it makes it convenient to choose.

Since we all have a limited time budget, that means, many of us only have real freedom to choose, because we use Gentoo which makes it possible to choose, but that doesn't ring true in general - it misses the reason, why we can choose.

So what Gentoo gives me is not just choice, but convenient choice.

Some examples to illustrate the point:

KDE 4 without qt3

I recently rebuilt my system after deciding to switch my disk layout (away from reiserfs towards a simple ext3 with reiser4 for the portage tree). When doing so I decided to try to use a "pure" KDE 4 - that means, a KDE 4 without any remains from KDE3 or qt3.

To use kde without any qt3 applications, I just had to put "-qt3" and "-qt3support" into my useflags in /etc/make.conf and "emerge -uDN world" (and solve any arising conflicts).

Imagine doing the same with a (K)Ubuntu...

Emacs support

Similarly to enable emacs support on my GentooXO (for all programs which can have emacs support), I just had to add the "emacs" useflag and "emerge -uDN world".

Selecting which licenses to use

Just add

ACCEPT_LICENSE="-* @FSF-APPROVED @FSF-APPROVED-OTHER"

to your /etc/make.conf to make sure you only get software under licenses which are approved by the FSF.

For only free licenses (regardless of the approved state) you can use:

ACCEPT_LICENSE="-* @FREE"

All others get marked as masked by license. Default (no ACCEPT_LICENSE in /etc/make.conf) is “* -@EULA”: No unfree software. You can check your setting via emerge --info | grep ACCEPT_LICENSE. More information…

One program (suite) in testing, but the main system rock stable

Another part where choosing is made convenient in Gentoo are testing and unstable programs.

I remember my pain with a Kubuntu, where I wanted to use the most recent version of Amarok. I either had to add a dedicated Amarok-only testing repository (which I'd need for every single testing program), or I had to switch my whole system into testing. I did the latter and my graphical package manager ceased to work. Just imagine how quickly I ran back to Gentoo.

And then have a look at the ease of deciding to take one package into testing in Gentoo:

• echo "cathegory/package" >> /etc/portage/package.keywords/test
• emerge -uDN world

Now I must admit, that it isn't yet perfectly convenient. What I'd really need is a tool to say something like

• equery missing --testing =cathegory/package-x.y >> /etc/portage/package.keywords/test
• equery missing --useflags =cathegory/package-x.y >> /etc/portage/package.use/test
• emerge -uDN world

The first to add testing versions of all required but missing packages into my package keywords, and the second to add useflags for all packages which need a certain useflag to support the package I want to emerge.

But even without that it's very convenient as long as the testing package doesn't have long list of requirements which are also testing.

And for some special parts (like KDE 4) I can easily say something like

• ln -s /usr/portage/local/layman/kde-testing/Documentation/package.keywords/kde-4.3.keywords /etc/portage/package.keywords/kde-4.3.keywords

(I don't have the kde-testing overlay on my GentooXO, where I write this post, so the exact command might vary slightly)

Closing remarks

So to finish this post: For me, Gentoo is not only about choice. It is about convenient choice.

And that means: It gives the power to choose to everybody.

I hope you enjoy it as I do!

• more about Gentoo

pmerge @glsa

#! /bin/sh


### Update the portage tree and the glsa packages via pkgcore

# spew a status message
echo $(date) "start to update GLSA" >> /tmp/cron-update.log

# Sync only portage
pmaint sync /usr/portage

# security relevant programs
pmerge -uDN @glsa > /tmp/cron-update-pkgcore-last.log || cat \
    /tmp/cron-update-pkgcore-last.log >> /tmp/cron-update.log

# And keep everything working
revdep-rebuild

# Finally update all configs which can be updated automatically
cfg-update -au

echo $(date) "finished updating GLSA" >> /tmp/cron-update.log

#!/bin/sh


### Update my computer using pgkcore, 
### since that also works if some dependencies couldn't be resolved.

# Sync all overlays
eix-sync

## First use pkgcore
# security relevant programs (with build-time dependencies (-B))
pmerge -BuD @glsa

# system, world and all the rest
pmerge -BuD @system
pmerge -BuD @world
pmerge -BuD @installed

# Then use portage for packages pkgcore misses (inlcuding overlays) 
# and for EMERGE_DEFAULT_OPTS="--keep-going" in make.conf 
emerge -uD @security
emerge -uD @system
emerge -uD @world
emerge -uD @installed

# And keep everything working
emerge @preserved-rebuild
revdep-rebuild

# Finally update all configs which can be updated automatically
cfg-update -au

alias pix='pquery --raw -nv --attr=keywords'

$ time pmerge -p @glsa
 * Resolving...
Nothing to merge.

real    0m1.863s
user    0m1.463s
sys     0m0.100s

How to make a million dollars in pay-what-you-want — thoughts on the Humble Indie Bundle

Some thoughts¹ on how the humble Indie Bundle managed to get more than 1.25 Million Dollars² in one and a half weeks — more than one quarter of that from GNU/Linux users.

Let me repeat that: One quarter of the money came from GNU/Linux users. And the average GNU/Linux user paid almost twice as much for the game as the average Windows user.

How they did it? If I could give you a simple recipe which is certain to work for everyone, I might just hire up at Blizzard.

But I think a big part is that (from my view — and obviously from the view of others, too) they did everything right. And I mean everything:

• The games are great.

• The message the name “humble indie bundle” conveys is great.

• You could pay whatever you want. From 1 cent to a million. The highest single contribution was 3,333.33$, with an average contribution of $9.17 over all platforms and $14.52 from the average GNU/Linux user³.

• You could directly see how much money they made on the front page, along with an info about the average contribution, split by platform.

• Normally each game would have cost 20$, so the average payment for all games also was a significant price drop.

• They donated about one third to charitable organizations. The buyers could decide how much should go to whom.

• Payment was easy via Paypal and others.

• All games work on GNU/Linux, MacOSX and Windows out of the box.

• Each game already had a community. The bundle bundled their impact so it went viral on Twitter, identi.ca, facebook, etc.

• They have clear and simple download links. Should I ever lose the games locally, I can just redownload them. If need be with wget.

• They use no DRM or similar, so I can show the games to friends and won’t be troubled by use restrictions.

• And on the last day they announced that for 4 of the 6 games the code would become free software if they would crack the 1 million dollar boundary. It took just over 16 more hours to raise additional 200,000$. And they followed up on their pledge with 2 games already freed and 2 more to follow as soon as the code is cleaned up.

To wrap it up: They did everything right, so almost everybody who saw it was delighted and there was nothing to break the viral network effects.

And I think that getting any one of these points wrong would have killed a major part of the network effect, because the naysayers are far stronger in the networking game than the fans.

Any foul trick would have cost them many fans, because someone would have been bound to find out and go viral with it.

No, it ain’t “forever” (GNU Hurd code_swarm from 1991 to 2010)

If the video doesn’t show, you can also download it as Ogg Theora & Vorbis “.ogv” or find it on youtube.

This video shows the activity of the Hurd coders and answers some common questions about the Hurd, including “How stagnated is Hurd compared to Duke Nukem Forever?”. It is created directly from commits to Hurd repositories, processed by community codeswarm.

Every shimmering dot is a change to a file. These dots align around the coder who did the change. The questions and answers are quotes from todays IRC discussions (2010-07-13) in #hurd at irc.freenode.net.

You can clearly see the influx of developers in 2003/2004 and then again a strenthening of the development in 2008 with less participants but higher activity than 2003 (though a part of that change likely comes from the switch to git with generally more but smaller commits).

I hope you enjoyed the high-level look on the activity of the Hurd project!

PS: The last part is only the information title with music to honor Sean Wright for allowing everyone to use and adapt his Album Enchanted.

Some technical advantages of the Hurd

→ An answer to just accept it, truth hurds, where Flameeyes told his reasons for not liking the Hurd and asked for technical advantages (and claimed, that the Hurd does not offer a concept which got incorporated into other free software, contributing to other projects). Note: These are the points I see. Very likely there are more technical advantages which I don’t see well enough to explain them. Please feel free to point them out.

Information for potential testers: The Hurd is already usable, but it is not yet in production state. It progressed a lot during the recent years, though. Have a look at the status report if you want to see if it’s already interesting for you.

Thanks for explaining your reasons. As answer:

Firstoff: FUSE is essentially an implementation of parts of the translator system (which is the main building block of the Hurd) to Linux, and NetBSD recently got a port of the translators system of the Hurd. That’s the main contribution to other projects that I see.

On the bare technical side, the translator-based filesystem stands out: The filesystem allows for making arbitrary programs responsible for displaying a given node (which can also be a directory tree) and to start these programs on demand. To make them persistent over reboots, you only need to add them to the filesystem node (for which you need the right to change that node). Also you can start translators on any node without having to change the node itself, but then they are not persistent and only affect your view of the filesystem without affecting other users. These translators are called active, and you don’t need write permissions on a node to add them.

The filesystem implements stuff like Gnome VFS (gvfs) and KDE network transparency on the filesystem level, so those are available for all programs. And you can add a new filesystem as simple user, just as if you’d just write into a file “instead of this node, show the filesystem you get by interpreting file X with filesystem Y” (this is what you actually do when setting a translator but not yet starting it (passive translator)).

One practical advantage of this is that the following works:

settrans -a ftp\: /hurd/hostmux /hurd/ftpfs /
dpkg -i ftp://ftp.gnu.org/path/to/*.deb

This installs all deb-packages in the folder path/to on the FTP server. The shell sees normal directories (beginning with the directory “ftp:”), so shell expressions just work.

You could even define a Gentoo mirror translator (settrans mirror\: /hurd/gentoo-mirror), so every program could just access mirror://gentoo/portage-2.2.0_alpha31.tar.bz2 and get the data from a mirror automatically: wget mirror://gentoo/portage-2.2.0_alpha31.tar.bz2

Or you could add a unionmount translator to root which makes writes happen at another place. Every user is able to make a readonly system readwrite by just specifying where the writes should go. But the writes only affect his view of the filesystem.

Starting a network process is done by a translator, too: The first time something accesses the network card, the network translator starts up and actually provides the device. This replaces most initscripts in the Hurd: Just add a translator to a node, and the service will persist over restarts.

It’s a surprisingly simple concept, which reduces the complexity of many basic tasks needed for desktop systems.

And at its most basic level, Hurd is a set of protocols for messages which allow using the filesystem to coordinate and connect processes (along with helper libraries to make that easy).

Also it adds POSIX compatibility to Mach (while still providing access to the capabilities-based access rights underneath, if you need them). You can give a process permissions at runtime and take them away at will. For example you can start all programs without permission to use the network (or write to any file) and add the permissions when you need them.

groups # → root
addauth -p $(ps -L) -g mail
groups # → root mail 

And then there are subhurds (essentially lightweight virtualization which allows cutting off processes from other processes without the overhead of creating a virtual machine for each process). But that’s an entire post of its own…

And the fact that a translator is just a simple standalone program means that these can be shared and tested much more easily, opening up completely new options for lowlevel hacking, because it massively lowers the barrier of entry.

And then there is the possibility of subdividing memory management and using different microkernels (by porting the Hurd layer, as partly done in the NetBSD port), but that is purely academic right now (search for Viengoos to see what its about).

So in short: The translator system in the Hurd is a simple concept which makes many tasks easy, which are complex with Linux (like init, network transparency, new filesystems, …). Additionally there are capabilities, subhurds and (academic) memory management.

Best wishes,
Arne

PS: I decided to read flameeyes’ post as “please give me technical reasons to dispell my emotional impression”.

PPS: If you liked this post, it would be cool if you’d flattr it:

PPPS: Additional information can be found in Gaël Le Mignot’s talk notes, in niches for the Hurd and the GNU Hurd documentation pages.

P4S: This post is also available in the Hurd Staging Wiki.

Steve Jobs, Get Your Head out Of the Sand! - Broken Apple Heart

Dear Steve,

The problem for DRM proponents is that DRM doesn't work as advertised - and you are helping perpetuate a lie. We know you know this, you've said as much about music and DRM yourself. So why do you persist in touting DRM for video?

What DRM does do is trample my rights and create a situation where, if I were to circumvent a DRM scheme to be in control of my computer, it would be a criminal act - thanks to legislation like the Digital Millennium Copyright Act (DMCA).

Do you still have Apple's head stuck in the sand?
I'm writing to suggest you take it out.
- http://defectivebydesign.com

Personal Comment:
I've been a Mac User my whole life. I left you with a broken heart, when you used the TPM chip to lock down _developer_ Macs.

Now I'm a GNU/Linux user (KDE), and even though I sometimes think back to Macs, to Shufflepuck (my first addiction), to professional video editing (With my old 66Mhz Mac), to the 6 months when I tried every beta of MacOSX even though my 266Mhz G3 was far too slow to render it in speed, and to the ease of music production on my Flat-Panel iMac, I won't come back to have my freedom taken.

You're creating great computers. Why do you still have to make them a tool for digital slavery, even though you now aknowledged yourself, that this slavery is bad?

The one who acts bad but doesn't know it, is a fool.
The one who acts bad and knows it, is a criminal, regardless of the laws.

Disappointed wishes with but a glimpse of hope,
Arne Babenhauserheide - Broken Apple Heart (german)

The “Apple helps free software” myth

→ Comment to “apple supports a number of opensource projects. Webkit and CUPS come to mind”.

Apple supports a number of copyleft projects, because they have to. They chose to profit from the work other people released as copyleft, and so they are obliged to release their improvements.

Webkit

Webkit is an especially good example of this: Apple took the khtml code from KDE, worked with it for half a year and only released binaries (which is a breach of the license of khtml) until they finally released their code in one big code-drop which the khtml folks had no chance of integrating cleanly.

That way Apple broke away from the community and created their own fork in a way which made sure that the KDE folks could not profit from Apples work without throwing out their own structure.

They still had to adhere the license, though, which enabled others to use Webkit - and essentially created a revolution in Webbrowser-development, because Apple added all the polish needed for a modern browser. If you look at the way they treated the khtml developers, though, do you really think they would have released any code on that critical part of their OS, if they had not been forced to do so by the strong copyleft used by KDE?

Cups

CUPS, the other example of Apple-maintained free software, … is GPL licensed, too. No surprise there: Why else should Apple give their work to others, if not because the license forces them to?

And even there they try to get out by adding a GPL-exception to the parts they write, which allows using those parts without giving out source code. But “This exception is only available for Apple OS-Developed Software and does not apply to software that is distributed for use on other operating systems”.

What do you think how much they will still maintain, as soon as they managed to get that header into all files - and don’t fear a free fork anymore? (also note, that shortly after Apple started maintaining cups, it broke on my GNU/Linux system - „Ein Schelm, wer böses dabei denkt“, as we say in Germany)

Darwin

Just look at what they did with Darwin. They took all the code from FreeBSD. Then they kept the uninteresting part free as long as needed to have a good name and get people work in their spare time on porting it to intel architectures, a work which greatly benefitted Apple, because they could then get away from PPC to no longer depend on IBM. The interesting part however, the graphical interface, was completely locked up from the beginning.

See why OpenDarwin stopped: “Availability of sources, interaction with Apple representatives, difficulty building and tracking sources, and a lack of interest from the community“ — OpenDarwin Shutting Down

4 of 5 reasons for stopping the free alternative directly come from Apple…

Epilogue

Should I complain about that? Actually no. After all, they are allowed to do it by the license. They just do what they can to maximize their monetary gain.

And actually I prefer seeing a big company use copyleft programs to improve its products, because that means that others will be able to achieve at least that part with free software.

If I should complain about anybody, then about all the people who praise Apple for doing what they are forced to do to get the work of others for free - and about shortsighted developers, who use non-copyleft licenses, which allow folks like Apple to save lots of money while locking out others and creating “the computer as a jail made cool”, as Richard M. Stallman put it quite nicely — I call that shackle-feats.

(A)GPL as hack on a Python-powered copyright system

AGPL is a hack on copyright, so it has to use copyright, else it would not compile/run.

All the GPL licenses are a hack on copyright. They insert a piece of legal code into copyright law to force it to turn around on itself.

You run that on the copyright system, and it gives you code which can’t be made unfree.

To be able to do that, it has to be written in copyright language (else it could not be interpreted).

my_code = "<your code>"

def AGPL ( code ): 
    """
    >>> is_free ( AGPL ( code ) )
    True
    """
    return eval (
        transform_to_free ( code ) )

copyright ( AGPL ( my_code ) )

You pass “AGPL ( code )” to the copyright system, and it ensures the freedom of the code.

The transformation means that I am allowed to change your code, as long as I keep the transformation, because copyright law sees only the version transformed by AGPL, and that stays valid.

Naturally both AGPL definition and the code transformed to free © must be ©-compatible. And that means: All rights reserved. Else I could go in and say: I just redefine AGPL and make your code unfree without ever touching the code itself (which is initially owned by you by the laws of ©):

def AGPL ( code ): 
    """ 
    >>> is_free ( AGPL ( code ) )
    False
    """
    return eval (
        transform_to_mine ( code ) )

In this Python-powered copyright-system, I could just define this after your definition but before your call to copyright(), and all calls to APGL ( code ) would suddenly return code owned by me.

Or you would have to include another way of defining which exact AGPL you mean. Something like “AGPL, but only the versions with the sha1 hashes AAAA BBBB and AABA”. cc tries to use links for that, but what do you do if someone changes the DNS resolution to point creativecommons.org to allmine.com? Whose DNS server is right, then - legally speaking?

In short: AGPL is a hack on copyright, so it has to use copyright, else it would not compile/run.

A simple solution to the dining philosophers problem

The problem

5 Philosophers do nothing but eat and think.

They have a table with 5 chairs, 5 plates and 5 forks.

Each of them eats with two forks.

Ensure that none of them starves.

The solution

First I teach them to always take the left fork first.

Then I smash one of their chairs.

Explanation

Since they can't repair the chair (they think, but they don't build), there are only 4 places left, and so they have one leftover fork which gets passed on, once one finished eating.

Inspired by Willim Stallings' Operating systems: *"Use a servant who lets only 4 dine at the same time"*

Naturally now they have to either change places or move chairs, so they might still need a servant :)

Censorship in the Streets — it’s idiocy everywhere

A man in the streets faces a knife.
Two policemen are there it once. They raise a sign:

“Illegal Scene! Noone may watch this!”

The man gets robbed and stabbed and bleeds to death.
The police had to hold the sign.

…

Welcome to Europe, citizen. Censorship is beautiful.

→ Courtesy to Censilia, who wants censorship in the EU after it failed in Germany. You might also be interested in 11 more reasons why censorship is useless and harmful.

PS: This poem is free licensed. Please feel free to use it anyway you like, as long as you provide a backlink.

def censor_the_net_2012()

def censor_the_net():
  try: SOPA() # see Stop Online Piracy Act 
  except Protest: # see sopastrike.com 
    try: PIPA() # see PROTECT IP Act 
    except Protest: # see weak links 
      try: OPEN() # see red herring 
      except Protest: 
        try: ACTA() # see Anti-Counterfeiting_Trade_Agreement 
        except Protest: # see resignation⁽¹⁾, court, vote anyway and advise against
          try: CISPA() # see Stop the Online Spying Bill 
          except Protest: # see Dangers
            do_it_anyway() # destroy free speech and computers (english video).

while wealth_breeds_wealth and wealth_gives_power: # (german text and english video)
  censor_the_net() # see wealth vs. democracy (german)

This code is valid Python.

Feel free to use and change this snippet, as long as you include a reference to this page (http://draketo.de/node/475 or http://draketo.de/light/english/politics/def-censor-the-net-2012) or my name (Arne Babenhauserheide).

El Kanban Org: parse org-mode todo-states to use org-tables as Kanban tables

Kanban for emacs org-mode.

Some time ago I learned about kanban, and the obvious next step was: “I want to have a kanban board from org-mode”. I searched for it, but did not find any. Not wanting to give up on the idea, I implemented my own :)

The result are two functions: kanban-todo and kanban-zero.

kanban-todo

kanban-todo provides your TODO items as kanban-fields. You can move them in the table without having duplicates, so all the state maintenance is done in the kanban table. Once you are finished, you mark them as done and delete them from the table.

To set it up, put kanban.el somewhere in your load path and (require 'kanban). Then just add a table like the following:

|   |   |   |
|---+---+---|
|   |   |   |
|   |   |   |
|   |   |   |
|   |   |   |
#+TBLFM: $1='(kanban-todo @# @2$2..@>$>)::@1='(kanban-headers $#)

Click C-c C-c with the point on the TBLFMT line to update the table.

The important line is the #+TBLFM. That says “use my TODO items in the TODO column, except if they are in another column” and “add kanban headers for my TODO states”

The kanban-todo function takes an optional parameter match, which you can use to restrict the kanban table to given tags. The syntax is the same as for org-mode matchers. The third argument allows you to provide a scope, for example a list of files.

To only set the scope, use nil for the matcher.

See C-h f org-map-entries and C-h v org-agenda-files for details.

kanban-zero

kanban-zero is a zero-state Kanban: All state is managed in org-mode and the table only displays the kanban items.

To set it up, put kanban.el somwhere in your load path and (require 'kanban). Then just add a table like the following:

|   |   |   |
|---+---+---|
|   |   |   |
|   |   |   |
|   |   |   |
|   |   |   |
#+TBLFM: @2$1..@>$>='(kanban-zero @# $#)::@1='(kanban-headers $#)

The important line is the #+TBLFM. That says “show my org items in the appropriate column” and “add kanban headers for my TODO states”.

Click C-c C-c with the point on the TBLFMT line to update the table.

The kanban-zero function takes an optional parameter match, which you can use to restrict the kanban table to given tags. The syntax is the same as for org-mode matchers. The third argument allows you to provide a scope, for example a list of files.

To only set the scope, use nil for the matcher.

An example for matcher and scope would be:

#+TBLFM: @2$1..@>$>='(kanban-zero @# $# "1w6" '("/home/arne/.emacs.d/private/org/emacs-plan.org"))::@1='(kanban-headers $#)

See C-h f org-map-entries and C-h v org-agenda-files for details.

Contribute

To contribute to kanban.el, just change the file and write a comment about your changes. Maybe I’ll setup a repo on Bitbucket at some point…

Example

In the Hexbattle game-draft, I use kanban to track my progress:

Table of Contents

• 1 Kanban
• 2 refactor Hexbattle
  • 2.1 Structure plan:
  • 2.2 First all logic from UiState into the model. Model gets all state which is independent of the UI. Any necessary interaction in UiState calls model methods. √
  • 2.3 Refactor in such a way that the UiState and (even more importantly) the input do not need to call the model directly anymore.
    • 2.3.1 let Presentation manage dumb sprites for all chars which are active. Then I can remove a lot of UiState dependent functionality from the chars.
    • 2.3.2 return all actions on every command: command(…) → commands (instance of Commands).
  • 2.4 Make the UiState adhere the list of possible commands.
  • 2.5 Turn the model into a pure state machine.

1 Kanban

2 refactor Hexbattle    1w6

… and so on …

emacs wanderlust.el setup for reading kmail maildir

This is my wanderlust.el file to read kmail maildirs. You need to define every folder you want to read.

;; mode:--emacs-lisp--
;; wanderlust 
(setq 
  elmo-maildir-folder-path "~/.kde/share/apps/kmail/mail"
          ;; where i store my mail


wl-stay-folder-window t                       ;; show the folder pane (left)
  wl-folder-window-width 25                     ;; toggle on/off with 'i'

wl-smtp-posting-server "smtp.web.de"            ;; put the smtp server here
  wl-local-domain "draketo.de"          ;; put something here...
  wl-message-id-domain "web.de"     ;; ...

  wl-from "Arne Babenhauserheide arne_bab@web.de"                  ;; my From:


;; note: all below are dirs (Maildirs) under elmo-maildir-folder-path 
  ;; the '.'-prefix is for marking them as maildirs
  wl-fcc ".sent-mail"                       ;; sent msgs go to the "sent"-folder
  wl-fcc-force-as-read t               ;; mark sent messages as read 
  wl-default-folder ".inbox"           ;; my main inbox 
  wl-draft-folder ".drafts"            ;; store drafts in 'postponed'
  wl-trash-folder ".trash"             ;; put trash in 'trash'
  wl-spam-folder ".gruppiert/Spam"              ;; ...spam as well
  wl-queue-folder ".queue"             ;; we don't use this

;; check this folder periodically, and update modeline
  wl-biff-check-folder-list '(".todo") ;; check every 180 seconds
                                       ;; (default: wl-biff-check-interval)

;; hide many fields from message buffers
  wl-message-ignored-field-list '("^.*:")
  wl-message-visible-field-list
  '("^\(To\|Cc\):"
    "^Subject:"
    "^\(From\|Reply-To\):"
    "^Organization:"
    "^Message-Id:"
    "^\(Posted\|Date\):"
    )
  wl-message-sort-field-list
  '("^From"
    "^Organization:"
    "^X-Attribution:"
     "^Subject"
     "^Date"
     "^To"
     "^Cc"))

; Encryption via GnuPG

(require 'mailcrypt)
 (load-library "mailcrypt") ; provides "mc-setversion"
(mc-setversion "gpg")    ; for PGP 2.6 (default); also "5.0" and "gpg"

(autoload 'mc-install-write-mode "mailcrypt" nil t)
(autoload 'mc-install-read-mode "mailcrypt" nil t)
(add-hook 'mail-mode-hook 'mc-install-write-mode)

(add-hook 'wl-summary-mode-hook 'mc-install-read-mode)
(add-hook 'wl-mail-setup-hook 'mc-install-write-mode)

;(setq mc-pgp-keydir "~/.gnupg")
;(setq mc-pgp-path "gpg")
(setq mc-encrypt-for-me t)
(setq mc-pgp-user-id "FE96C404")

(defun mc-wl-verify-signature ()
  (interactive)
  (save-window-excursion
    (wl-summary-jump-to-current-message)
    (mc-verify)))

(defun mc-wl-decrypt-message ()
  (interactive)
  (save-window-excursion
    (wl-summary-jump-to-current-message)
    (let ((inhibit-read-only t))
      (mc-decrypt))))

(eval-after-load "mailcrypt"
  '(setq mc-modes-alist
       (append
        (quote
         ((wl-draft-mode (encrypt . mc-encrypt-message)
            (sign . mc-sign-message))
          (wl-summary-mode (decrypt . mc-wl-decrypt-message)
            (verify . mc-wl-verify-signature))))
        mc-modes-alist)))

; flowed text

;; Reading f=f
 (autoload 'fill-flowed "flow-fill")
 (add-hook 'mime-display-text/plain-hook
          (lambda ()
            (when (string= "flowed"
                           (cdr (assoc "format"
                                       (mime-content-type-parameters
                                        (mime-entity-content-type entity)))))
              (fill-flowed))))
; writing f=f
;(mime-edit-insert-tag "text" "plain" "; format=flowed")

(provide 'private-wanderlust)

UPDATE (2012-05-07): ~/.folders

I now use a ~/.folders file, to manage my non-kmail maildir subscriptions, too. It looks like this:

.sent-mail
.~/.local/share/mail/mgl_spam   "mgl spam" 
.~/.local/share/mail/to.arne_bab    "to arne_bab"
.inbox  "inbox" 
.trash  "Trash"
..gruppiert.directory/.inbox.directory/Freunde  "Freunde"
.drafts "Drafts"
..gruppiert.directory/.alt.directory/Posteingang-2011-09-18 "2011-09-18"
.outbox

The mail in ~/.local/share/mail is fetched via fetchmail and procmail to have a really reliable mail fetching system which does not rely on a non-broken database or free space on the disk to keep working…

identi.ca Group: Out of Group (!oog)

What !oog is

The Out of Group group is a way to request leading an overboarding discussion out of group (so you don't spam all the people who are in the group where the discussion started, but who simply want news).

Motto

Please discuss out of group. You can wrap up the discussion afterwards (link to the context) and add a group tag then.

How To

To request taking a discussion out of group, simply join !oog, add !oog to your message and then leave the group again (except if you want to see other !oog requests).

For example you can use the following to request moving !oog:

Please let us continue the discussion !oog and wrap it up afterwards. It disturbs others in here. !group1 !group2

Background

This is a reaction to a discussion about the use of group-tags in discussions.

Archived discussion

Available under the Creative Commons Attribution 3.0 license.

• rysiek
  @teddks: stop using group tags, please. everybody on !ubuntu and !linux have heard enough, really.

• teddks
  @rysiek I respond to in-group messages in-group. If you don't want me to use them, don't use them to me. !ubuntu !linux

• arnebab
  @rysiek @teddks please leave the group tags out, both of you.

• teddks
  @arnebab My policy for group-posting rebuttals was posted a bit ago.

• arnebab
  @teddks please discuss out of the group. You can wrap up the discussion afterwards and add a group tag then. You're one post from a block.

• arnebab
  @teddks By not discussing in the group you make the others' in-group posts look silly. Otherwise you just look silly yourself.

• teddks
  @arnebab Wait, what? I only discuss in-group if the previous post was in-group.

• arnebab
  @teddks That principle doesn't scale. If we all used it groups would be useless. A wrapup post can get people to read all http://is.gd/6CoYI

• teddks
  @arnebab I might start doing that for oog discussions, but I'm not going to deny myself the same forum my opponents have.

• arnebab
  @teddks they are not opponents but discussion partners. And they look silly if they stay ingroup while you post oog. Just ask them to go oog

• arnebab
  @teddks and wrap it up later. If they insist on staying ingroup, just post one ingroup request to come oog and let peer pressure do the rest

• arnebab
  @teddks they broadcast to people who aren't interested and will block them.

• arnebab
  @teddks sorry for the phraselike answer. 140 chars aren't ideal for discussing more complex topics...

• teddks
  @arnebab I understand. I kind of regret how identi.ca has taken the place of IRC for a lot of things.

• teddks
  @arnebab That's irrelevant; in-group they get to broadcast their arguments and their views. I'm not going to deny myself that.

• arnebab
  @teddks That means I have to block you when you post your next ingroup broadcast. You lose all readers that way.

• teddks
  @arnebab Now you are inviting spam and personal attacks against me in !ubuntu. Is that pursuant to the Code of Conduct?

• arnebab
  @teddks You do know that people can see the context with one click, do you?

• teddks
  @arnebab I don't see what you're implying - that I should depend on clickthroughs to have my arguments be heard?

• arnebab
  @teddks Since you kept spamming the !ubuntu and !linux group and explicitely said you won't stop ( http://is.gd/6Cucx ) I blocked you.

• teddks
  @arnebab I can't respond fully now, but I will later. I'm sorry that the #Ubuntu group's de facto policy is now one of censorship.

Note: arnebab was no member of the ubuntu group at that time. The block was/is a purely personal one: Nothing teddks writes will appear on arnebabs timeline, till he unblocks teddks.

Internet, community cloud foo and control of my own data

Why?

What I miss in the internet is the notion of being able to control what my apps access for data.

Why can’t a chat application just connect to a neighborhood- or community-server, and why can’t the activity-stream come from the people I know — and query only their systems, like jabber does?

Almost all geolocation services should be implementable over direct friend-to-friend connections like jabber, and I don’t really see why my local identi.ca program can’t also get the news from my local jabber contacts.

Or why I can’t set a local info-provider as geolocation source and have a “phone-book” of info-providers in each town.

And when it can do that, why can’t I have a general info-server which serves as synchronization and aggregation service for any of my devices, so all my programs on any device know which sources to use?

And why can’t I tell that server to allow my friends to access a subset of my data — selected by me?

Sadly I assume that the answer is “power”. Google and Apple don’t want to lose their control on synchronization and sharing. Otherwise most of the control and centralization (=moneymaking monopoly) of the internet would fade away.

What?

For example I’d like to be able to select whose information I get, and I’d like to be able to also get the information my friends and their get. Without anyone outside knowing that I access that data (because I ask them directly). And ideally also without me knowing from which of their friends the data originates, but still being able to block those individually.

Then I could allow certain product information providers (=good advertisers) inside my network, so I get news about stuff I might like to spend money on. And automatically get information about the info-providers from my friends — or my community.

And all that without direct dependency on a single company or system.

It would make it infeasible to monopolize the services without making everyone trust you — and having to make sure most people trust you creates a reverse-dependency which could help to keep the information-providers honest.

How?

And I think one key to that is to make that service less like a full-storage and more like update-collecting and synchronization services.

There’s no reason why a synchro-server should keep any data I already pulled to all my devices.

This would be similar to using a Mercurial push-cache of kinds: When I push data to a service, it just stores a bundle against the revision of the data on my least up-to-date device. All my devices can access that bundle, and when all are up to at least a certain state, the now useless data gets stripped out and only the new data remains.

Not yet pulled information could be stored as snapshots, until the first of my devices pulls it. Then it could get replaced by synchronization data — a compressed update-bundle. That would also make sure that incoming data has to be integrated and parsed only once.

→ http://mercurial.selenic.com/

…

Maybe Akonadi (from KDE) can someday accomplish something like that.

→ http://userbase.kde.org/Glossary#Akonadi
→ http://en.wikipedia.org/wiki/Akonadi

PS: Originally this started as a comment to The state of the internet operating system by O’Reilly.

Ogg Theora and h.264 - which video codec as standard for internet-video?

We had a kinda long discussion on identi.ca about Ogg Theora and h.264, and since we lacked a simple comparision method, I hacked up a quick script to test them.

It uses frames from Big Buck Bunny and outputs the files bbb.ogg and bbb.264 (license: cc by).

The ogg file looks like this:

The h.264 file looks like this: download

Results

What you can see by comparing both is that h.264 wins in terms of raw image quality at the same bitrate (single pass).

So why am I still strongly in favor of Ogg Theora?

The reason is simple:

Due to licensing costs of h.264 (a few millions per year, due from 2015 onwards) making h.264 the standard for internet video would have the effect that only big companies would be able to make a video enabled browser - or we would get a kind of video tax for free software: if you want to view internet video with free software, you have to pay for the right to use the x264 library (else the developers couldn't cough up the money to pay for the parent license). And noone but the main developers and huge corporations could distribute the x264 library, because they’d have to pay license fees for that.

And noone could hack on the browser or library and distribute the changed version, so the whole idea of free software would be led ad absurdum. It wouldn't matter that all code would be free licensed, since only those with a h.264 patent license could change it.

So this post boils down to a simple message:

“Support !theora against h.264 and #flash [as video codec for the web]. Otherwise only big companies will be able to write video browsers - or we get a h.264 tax on !fs”

Theoras raw quality may still be worse, but the license costs and their implications provide very clear reasons for supporting Theora - which in my view are far more important than raw technical stuff.

The test-script

for k in {0..1}
     do for i in {0..9}
         do for j in {0..9}
             do
wget http://media.xiph.org/BBB/BBB-360-png/big_buck_bunny_00$k$i$j.png
         done
     done
done

mplayer -vo yuv4mpeg -ao null -nosound mf://*png -mf fps=50

theora_encoder_example -z 0 --soft-target -V 400 -o bbb.ogg stream.yuv

mencoder stream.yuv -ovc x264 -of rawvideo -o bbb.264 -x264encopts bitrate=400 -aspect 16:9 -nosound -vf scale=640:360,harddup

p2p-networks help law enforcement catch hard criminals

Comment to: Local man faces court on child pornography charges by heraldstandard.com

As I see it, the only way the authorities did track him was due to his use of p2p-networks.

At the moment, technology makes it relatively easy for the police to track hard criminals in p2p-networks, but it also allows people to do small infringements rather safely (just like people don't stop at red traffic lights when there is no car in sight),

So I'd think the current state quite ideal.

Sadly there's an organisation which drives p2p-networks underground and which will eventually cease that action or archieve the "fame" to have been the one organisation which was responsible in the end for forcing p2p-networks to evolve into completely anonymous and untrackeable networks, where hard crimes aren't trackeable anymore.

So, this case shows once again, that "piracy" shouldn't be attacked but should instead be allowed and even fostered, because they increase social welfare (the access to media is improved, while there is no significant damage to sales) and in many cases even helped law enforcement catch ciminals who really do damage (and in this case: did very much damage).

Information about the impact of p2p-networks based on a study from the university of chicago:
- http://www.journals.uchicago.edu/JPE/journal/issues/v115n1/31618/31618.h...
- http://www.journals.uchicago.edu/cgi-bin/resolve?JPE31618PDF
(open twice to read)

Patent law overrides copyright breaks ownership

Concise and clear.

In patent law, copyright and property there are two pillars: protection and control.

Protection

• Property: No person shall take that from me.
• Copyright: No person shall have the same without my permission. A monopoly.
• Patent Law: No person shall create something similar without my permission. An even stronger monopoly.

Control

• Property: I decide what happens with this.
• Copyright: I decide what happens to everything which is the same. Takes another ones property. → a monopoly¹.
• Patent Law: I decide what happens to every similar thing. Takes the copyright and property of others. → An even stronger monopoly¹.

In short: Patent law overrides copyright breaks ownership.

¹: Others may have copyrights and property rights which they can only exercise with my permission. So effectively all their rights belong to me. If you want a longer argument on this, please read Intellectual Property Is Theft.

(translation of Patentrecht bricht Urheberrecht bricht Eigentum)

pyRad - a wheel type command interface for KDE

pyRad is a wheel type command interface for KDE¹, designed to appear below your mouse pointer at a gesture.

install | setup | usage and screenshots | download and sources

Install

in any distro

• Get Python.
• call easy_install pyRadKDE in any shell.
• Test it by calling pyrad.py.

• This should automatically pull in pyKDE4. If it doesn’t, you need to install that seperately.

• For a "live" version, just clone the pyrad Mercurial repo and let KDE run "path/to/repo/pyrad.py" at startup. You can stop a running pyrad via pyrad.py --quit. pyrad.py --help gives usage instructions.

In Gentoo

• emerge -a kde-misc/pyrad

In unfree systems (like MacOSX and Windows)

• I have no clue since I don’t use them. You’ll need to find out yourself or install a free system. Examples are Kubuntu for beginners and Gentoo for convenient tinkering. Both run GNU/Linux.

Setup

• Run /usr/bin/pyrad.py. Then add it as script to your autostart (systemsettings→advanced→autostart). You can now use Alt-F6 and Meta-F6 to call it.

Mouse gesture (optional)

• Add the mouse gesture in systemsettings (systemsettings→shortcuts) to call D-Bus: Program: org.kde.pyRad ; Object: /MainApplication ; Function: newInstance (you might have to enable gestures in the settings, too - in the shortcuts-window you should find a settings button).

• Alternately set the gesture to call the command dbus-send --type=method_call --dest=org.kde.pyRad /MainApplication org.kde.KUniqueApplication.newInstance.

Customize the wheel

Customize the menu by editing the file "$HOME/.pyradrc" or middle-clicking (add) and right-clicking (edit) items.

Usage and screenshots

To call pyRad and see the command wheel, you simply use the gesture or key you assigned.

Then you can activate an action with a single left click. Actions can be grouped into folders. To open a folder, you also simply left-click it.

Also you can click the keyboard key shown at the beginning of the tooltip to activate an action (hover the mouse over an icon to see the tooltip).

To make the wheel disappear or leave a folder, click the center or hit the key 0. To just make it disappear, hit escape.

For editing an action, just right click it, and you’ll see the edit dialog.

Each item has an icon (either an icon name from KDE or the path to an icon) and an action. The action is simply the command you would call in the shell (only simple commands, though, no real shell scripting or glob).

To add a new action, simply middle-click the action before it. The wheel goes clockwise, with the first item being at the bottom. To add a new first item, middle-click the center.

To add a new folder (or turn an item into a folder), simply click on the folder button, say OK and then click it to add actions in there.

See it in action:

download and sources

pyRad is available from

• kde-apps,
• PyPI (file releases) and
• bitbucket (source repository for contributing)

PS: The name is a play on ‘python’, ‘Rad’ (german for wheel) and pirate :-)

PPS: KDE, K Desktop Environment and the KDE Logo are trademarks of KDE e.V.

PPPS: License is GPL+ as with almost everything on this site.

Python for beginning programmers

(written on ohloh for Python)

Since we already have two good reviews from experienced programmers, I'll focus on the area I know about: Python as first language.

My experience:

• I began to get into coding only a short time ago. I already knew about processes in programs, but not how to get them into code.
• I wanted to learn C/C++ and failed at general structure. After a while I could do it, but it didn't feel right.
• I tried my luck with Java and didn't quite get going.
• Then I tried Python, and got in at once.

Advantages of Python:

• The structure of programs can be understood easily.
• The Python interpreter lets you experiment very quickly.
• You can realize complex programs, but Python also allows for quick and simple scripting.
• Code written by others is extremely readable.
• And coding just flows - almost like natural speaking/thinking.

As a bonus, there is the great open book How to Think Like a Computer Scientist which teaches Python and is being used for teaching Python and Programming at universities.

So I can wholeheartedly recommend Python to beginners in programming, and as the other reviews on Ohloh show, it is also a great language for experienced programmers and seems to be a good language to accompany you in your whole coding life.

PS: Yes, I know about the double meaning of "first language" :)

Read your python module documentation from emacs

I just found the excellent pydoc-info mode for emacs from Jon Waltman. It allows me to hit C-h S in a python file and enter a module name to see the documentation right away. If the point is on a symbol (=module or class or function), I can just hit enter to see its docs.

In its default configuration (see the Readme) it “only” reads the python documentation. This alone is really cool when writing new python code, but it s not enough, since I often use third party modules.

And now comes the treat: If those modules use sphinx for documentation (≥1.1), I can integrate them just like the standard python documentation!

It took me some time to get it right, but now I have all the documentation for the inverse modelling framework I contribute to directly at my fingertips: Just hit C-h S ENTER when I’m on some symbol and a window shows me the docs:

The text in this image is from Wouter Peters. Used here as short citation which should be legal almost everywhere under citation rules.

I want to save you the work of figuring out how to do that yourself, so here’s a short guide for integrating the documentation for your python program into emacs.

Integrating your own documentation into emacs

The prerequisite for integrating your own documentation is to use sphinx for documenting your code. See their tutorial for info how to set it up. As soon as sphinx works for you, follow this guide to integrate your docs in your emacs.

Install pydoc-info

First get pydoc-info and the python infofile (adapt this to your local setup):

# get the mode
cd ~/.emacs.d/libs
hg clone https://bitbucket.org/jonwaltman/pydoc-info
# and the pregenerated info-file for python
wget https://bitbucket.org/jonwaltman/pydoc-info/downloads/python.info.gz
gunzip python.info
sudo cp python.info /usr/share/info
sudo install-info --info-dir=/usr/share/info python.info

(I also added pydoc-info as subrepo to my .emacs.d repo to make it easy to transfer my adaption between my different computers)

To build the info file for python yourself, have a look at the Readme.

Turn your documentation into info

Now turn your own documentation into an info document and install it.

Sphinx uses a core configuration file named conf.py. Add the following to that file, replacing all values but index and False by the appropriate names for you project:

# One entry per manual page. 
# list of tuples (startdocname, 
# targetname, title, author, dir_entry, 
# description, category, toctree_only).
texinfo_documents = [
  ('index', # startdocname, keep this!
   'TARGETNAME', # targetname
   u'Long Title', # title
   u'Author Name', # author
   'Name in the Directory Index of Info', # dir_entry
   u'Long Description', # description
   'Software Development', # cathegory
   False), # better keep this, too, i think.
]

Then call sphinx and install the info files like this (maybe adapted to your local setup):

sphinx-build -b texinfo source/ texinfo/ 
cd texinfo
sudo install-info --info-dir=/usr/share/info TARGETNAME.info
sudo cp TARGETNAME.info /usr/share/info/

Activate pydoc-info, including your documentation

Finally add the following to your .emacs (or wherever you store your personal adaptions):

; Show python-documentation as info-pages via C-h S
(setq load-path (cons "~/.emacs.d/libs/pydoc-info" load-path))
(require 'pydoc-info)
(info-lookup-add-help
   :mode 'python-mode
   :parse-rule 'pydoc-info-python-symbol-at-point
   :doc-spec
   '(("(python)Index" pydoc-info-lookup-transform-entry)
     ("(TARGETNAME)Index" pydoc-info-lookup-transform-entry)))

Screencast: Tabbing of everything in KDE

I just discovered tabbing of everything in KDE:

(download)

Created with recordmydesktop, cut with kdenlive, encoded to ogg theora with ffmpeg2theora (encoding command).

Music: Beat into Submission on Public Domain by Tryad.

To embed the video on your own site you can simply use:

<video 
src="http://draketo.de/files/screencast-tabbing-everywhere-kde.ogv"
controls=controls>
</video>

If you do so, please provide a backlink here.

License: cc by-sa, because that’s the license of the song. If you omit the audio, you can also use one of my usual free licenses (or all of them, including the GPL). Here’s the raw recording (=video source).

¹: Feel free to upload the video to youtube or similar. I license my stuff under free licenses to make it easy for everyone to use, change and spread them.

²: Others have shown this before, but I don’t mind that. I just love the feature, so I want to show it :)

³: The command wheel I use for calling programs is the pyRad.

Shackle-Feats: The poisoned Apple

This is a mail I sent as listener comment to Free as in Freedom.

Hi Bradley, Hi Karen,

I am currently listening to your Jobs show (yes, late, but time is scarce these days).

And I side with Karen (though I don’t use Gnome, but KDE): Steve Jobs managed to make a user interface which feels very natural. And that is no problem in itself. Apple solved a problem: User interfaces are hard to use for people who don’t have computer experience and who don’t have time to learn using computers right.

But they then used that solution to lure people into traps they set up to get our money and our freedom.

As analogy: A friend of mine told me, that Photoshop gives her Freedom, because she can do things with it, which she can’t do with anything else. And she’s right on that: She gets a kind of freedom. But she has to give up other freedoms for that, for example the freedom to do freelancing work without paying 3000€ up front.

To make the problem with that kind of freedom visible, let’s use one more analogy: When I get a flying car with which I can visit the Himalaya without having to get a drivers license, then I just got the Freedom to actually visit Himalaya. But sadly that car comes with a rule, that I am not allowed to take friends with me, and it does not allow me to drive into cities ruled by left-wing politicians. It costs so much, that I can’t afford another car, so now if I want to visit Himalaya, I can’t take friends with me even when I just want to drive to the next shop and I can’t visit left-wing friends.

That car would give me a kind of Freedom, but it would take away other freedoms I had before I used it. If all people used it, the effects would be horrible, and not just for left-wings and car owners: You would not be able to get a ride from a neighbor when you needed to get to the doctor fast.

Now imagine what would happen, if people would find ways to make money with that flying car. They would create a society, where you have to give up Freedom if you want to get one of the good jobs.

So creating a new kind of Freedom and coupling it with heavy shackles does not give you more Freedom. It creates a situation where people have a harder time living their life when they want to keep their basic freedom, because those shackle-feats become mandatory.

I need to remember the name shackle-feats :)

Apple kinda invented the shackle-feat “use shiny computers without understanding them”.
They managed to make shackles almost mandatory for parts of society by creating a pressure on people that they have to be able to do the feat, so they have to accept the shackles.

Now we have to recreate that feat without the shackles so people are able to keep up without losing their freedom.

Best wishes, Arne Babenhauserheide

PS: Steve Jobs managed to create really nice interfaces. Sadly he used his abilities to shackle people. He once was a hero to me. Even today there is stuff he did that I admire. But he decided to use his abilities for shackling people.

Simple Emacs DarkRoom

I just realized that I let myself be distracted by all kinds of not-so-useful stuff instead of finally getting to type the text I already wanted to transcribe from stenografic at the beginning of … last week.

Screenshot!

Let’s take a break for a screenshot of the final version, because that’s what we want from any program :)

As you can see, the distractions are removed — the screenshot is completely full screen and only the text is left. If you switch to the minibuffer (i.e. via M-x), the status bar (modeline) is shown.

Background

To remove the distractions I looked again at WriteRoom and DarkRoom and similar which show just the text I want to write. More exactly: I thought about looking at them again, but at second thought I decided to see if I could not just customize emacs to do the same, backed with all the power you get from several decades of being THE editor for many great hackers.

It took some googling and reading emacs wiki, and then some Lisp-hacking, but finally it’s 4 o’clock in the morning and I’m writing this in my own darkroom mode¹, toggled on and off by just hitting F11.

Implementation

I build on hide-mode-line (livejournal post or webonastick) as well as the full-screen info in the emacs wiki.

The whole code just takes 29 lines of code plus 10 lines comments and whitespace:

; hide mode line, from 
; http://dse.livejournal.com/66834.html 
; http://webonastick.com
(autoload 'hide-mode-line "hide-mode-line" nil t)

; fullscreen, taken from
; http://www.emacswiki.org/emacs/FullScreen#toc1
(defun toggle-fullscreen (&optional f)
  (interactive)
  (let ((current-value (frame-parameter nil 'fullscreen)))
    (set-frame-parameter nil 'fullscreen
             (if (equal 'fullboth current-value)
                 (if (boundp 'old-fullscreen) old-fullscreen nil)
               (progn (setq old-fullscreen current-value)
                  'fullboth)))))

; simple darkroom with fullscreen, 
; fringe, mode-line, menu-bar and scroll-bar hiding.
(defvar darkroom-enabled nil)

(defun toggle-darkroom ()
  (interactive)
  (if (not darkroom-enabled)
      (setq darkroom-enabled t)
    (setq darkroom-enabled nil))
  (toggle-fullscreen)
  (hide-mode-line)
  (if darkroom-enabled
      (progn
        (fringe-mode 'both)
        (menu-bar-mode -1)
        (scroll-bar-mode -1)
        (set-fringe-mode 200))
    (progn 
      (fringe-mode 'default)
      (menu-bar-mode)
      (scroll-bar-mode t)
      (set-fringe-mode 8))))

; Activate with F11 - enhanced fullscreen :)
(global-set-key [f11] 'toggle-darkroom)

Also I now activated cua-mode to make it easier to interact with other programs: C-c and C-x now copy/cut when the mark is active. Otherwise they are the usual prefix keys. To force them to be the prefix keys, I can use control-shift-c/-x. I thought this would disturb me, but it does not.

To make it faster, I also told cua-mode to have a maximum delay of 50ms, so I don’t feel the delay. Essentially I just put this in my ~/.emacs:

(cua-mode t)
(setq cua-prefix-override-inhibit-delay 0.005)

Epilog

Well, did this get me to transcribe the text? Not really, since I spent the time building my own DarkRoom/WriteRoom, but I enjoyed the little hacking and it might help me get it done tomorrow - and get far more other stuff done.

And it is really fun to write in DarkRoom mode ;)

PS: If you like the simple darkroom, please leave a comment!

I hereby declare that anyone is allowed to use this post and the screenshot under the same licensing as if it had been written in emacswiki.

Simple positive trust scheme with threshholds

I don’t see a reason for negative reputation schemes — voting down is in my view a flawed concept.

The rest of this article is written for freetalk inside freenet, and also posted there with my nonanonymous ID.

That just allows for community censorship, which I see as incompatible with the goals of freenet.

Would it be possible to change that to use only positive votes and a threshhold?

• If I like what some people write, I give them positive votes.
• If I get too much spam, I increase the threshhold for all people.
• Effective positive votes get added. It suffices that some people I trust also trust someone else and I’ll see the messages.
• Effective trust is my trust (0..1) · the trust of the next in the chain (0..1) · …

Usecase:

• Zwister trusts Alice and Bob.
• Alice trusts Lilith.
• Bob hates Lilith.

In the current scheme (as I understand it), zwister wouldn’t see posts from Lilith.

In a pure positive scheme, zwister would see the posts. If zwister wants to avoid seeing the posts from Lilith, he has to untrust Alice or ask Alice to untrust Lilith. Add to that a personal (and not propagating) blocking option which allows me to “never see anything from Lilith again”.

Bob should not be able to interfere with me seeing the messages from Lilith, when Alice trusts Lilith.

If zwisters trust for Alice (0..1) multiplied with Alices trust for Lilith (0..1) is lower than zwisters threshhold, zwister doesn’t see the messages.

PS: somehow adapted from Credence, which would have brought community spam control to Gnutella, if Limewire had adopted it.

PPS: And adaption for news voting: You give positive votes on news which show up. Negative votes assign a private threshhold to the author of the news, so you then only see news from that author which enough people vote for.

Simple steps to attach the GNU Public License (GPL) to your project

Here's the simple steps to attach a GPL license to your source files (written after requests by DiggClone and Bandnet):

For your own project, just add the following text-notice to the header/first section of each of your source-files, commented out in whatever way your language uses:

----------------following is the notice-----------------
/*
* Your Project Name - -you slogan-
* Copyright (C) 2007 - 2007 Your Name
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
----------------------------------------------
the "2007 - 2007" needs to be adjusted to "year when you gave it the license in the first place" - "current year".

Then put the file gpl.txt into the source-folder or a docs folder: http://www.gnu.org/licenses/gpl.txt

If you are developing together with other people, you need their permission to put the project under the GPL.

------

Just for additional Info, I found this license comparision paper by sun: http://mediacast.sun.com/share/webmink/SunLicensingWhitePaper042006.pdf

And comments to it: http://blogs.sun.com/webmink/entry/open_source_licensing_paper#comments

It does look nice, but it misses one point:

GPL is trust: Contributors can trust, that their contributions will keep helping the community, and that the software they contribute to will keep being accessible for the community.

(That's why I decided some years ago to only support GPL projects. My contributions to one semi-closed project got lost, because the project wasn't free and the developer just decided not to offer them anymore, and I could only watch hundreds of hours of work disappear, and that hurt.)

Best wishes,
Arne
PS: If anything's missing, please write a comment!

Some Python Programs of mine

Hi,

I created some projects with pyglet and some tools to facilitate 2D
game development (for me), and I though you might be interested.

• babglet: basic usage of pyglet for 2D games with optional collision
  detection and avoidance.

• blob_swarm: a swarm of blobs with emerging swarm behaviour through only pair relations.
• blob_battle: a duel-style battle between two blobs (basic graphics,
  control and movement done)

• fuzzy_collisions: 2 groups of blobs. One can be controlled. When two
  blobs collide, they move away a (random) bit to avoid the collision.

They are avaible from the rpg-1d6 project on sourceforge:
-> https://sf.net/projects/rpg-1d6/

The download can be found at the sf.net download page:
-> https://sourceforge.net/project/showfiles.php?group_id=199744

The danger of promoting dead closed clients

I had a strange feeling about people advertising the dead and closed source Gnutella client BearShare, but I only found one of the reasons for that gut feeling today.

Assumptions I use: We want Gnutella to continue to evolve and grow better.

To have Gnutella evolve, the developers of actively developed clients need feedback (and be it only encouragement).

If people now use a dead client, which won't evolve anymore, they don't provide essential feedback to actively developed clients, and it might even happen, that some developers waste time on trying to hack the dead client to make something work (again), instead of contributing to an active open client.

So every user who uses a dead closed client instead of an active open (and free) client hinders the evolution of Gnutella.

That's not the fault of the user, and it's not per se damaging to the current state of the network (as long as the user shares, he contributes to the availaable files), but on the long term it hinders Gnutella from becoming better.

And that in mind, promoting a closed dead client directly damages Gnutella.

I know I'm human and as such prone to errors, so if you see anything I overlooked, please tell me about it.

The effect of the optional restrictions of the GPLv3

I just thought a bit about the restrictions the GPLv3 allows, and I think I just understood their purpose and effect for the first time (correct me, if I'm wrong :) ).

What are the restrictions?

The GPLv3 allows developers (=copyright holders) to add selected restrictions, like forbidding the use of a certain brand name or similar.

The catch with them is, that any subsequent developer who adds anything is free to simply strip off the restrictions.

What is their effect?

Now I wondered for a long time, what that really gains us. today I then realized that subsequent develoeprs are only free to strip off the restrictions, as long as that doesn't violate any license of some part of the program.

That means, the GPLv3 restrictions simply have the effect of adding compatibility to other licenses, while keeping the option to strip off any restriction, when you replace the part under the other license with a more liberal licensed part.

So this doesn't place any additional burden on packagers, because they already have to check those other licenses for their restrictions. Now the GPLv3 description of the whole package clearly states what additional restrictions are inferred by the parts which are under different but compatible licenses.

While those parts where under seperate licenses before (and had to be checked), they can now be impcoved with GPLv3 code with additional restrictions.

And as soon as the GPLv3 code can stand on its own feet, the more restrictive licensed part can be replaces with GPLv3 code, and the restrictions can be removed again, making the work of the packagers easier.

Better still, the GPLv3 shows clearly the sum of all restrictions of the individual (differently but compatible licensed) parts, so packagers only need to check the GPLv3 license information to see all restrictions in a standardized format (GPLv3 additional restrictions).

Example

Let's assume I find this great piece of software which says "do what you want but don't touch my brand", and I want to build my GPLv3 program on it. Let's call the piece of software "foo". So I just begin coding and use the GPLv3 for my parts (simply copyright message in my code files). For the whole package I add a license information ("license.txt" or "COPYING" or similar) which give the information

  "This program is licensed under the GPLv3 
  with the additional restriction that the brand 
  'foo' may not be used for derived products. 
  The additional restriction is inferred by the package foo.

  (plus license mumbo jumbo you can find at and copy 
  from http://gnu.org/licenses/gpl.html)"

Now someone else takes my program and improves it. But he also uses the package "blah" which also says that it's brand must not be violated. Now the combined license would be:

  "This program is licensed under the GPLv3 
  with the additional restriction that the brand 
  'foo' and the brand 'blah' may not be used for 
  derived products. 
  The additional restriction for brand 'foo' is inferred by the package foo.
  The additional restriction for brand 'blah' is inferred by the package blah. 

  (plus license mumbo jumbo you can find at and copy 
  from http://gnu.org/licenses/gpl.html)"

So now a group of free software activists takes offense at the restrictions. They don't want anyone to be restricted by copyright from using a brand. One reason could be that the brand protection was voided by some trademark action.

Now they can't just say "that brand isn't protected anymore", since the protection was reinforced by copyright law.

But they can just replace the parts under the more restrictive licenses with honest GPLv3 licensed parts - either by writing them or by finding a drop-in replacement. Now let's suppose they write the packages "bar" and "baz" which implement the functionality of "foo" and "blah". They now no longer use any parts under licenses which require additional restrictions, so they are free to remove them. As they release their package, the license information might read as follows:

  "This program is licensed under the GPLv3.  

  (plus license mumbo jumbo you can find at and copy 
  from http://gnu.org/licenses/gpl.html)"

If they are nice (and we assume they are) their changelog will also contain a line saying something like "replaced 'foo' and 'blah' which allowed us to remove the additional license restrictions to avoid using the brands 'foo' or 'blah'."

Final remark

As you see (and if I understand it correctly), the additional restrictions can be a great tool for freeing software from restrictions, because they allow you to combine GPlv3 code with somewhat restrictive licensed code and get rid off the restrictions later by replacing the more restrictive licensed parts.

And since the only allowed additional restrictions are those which don't harm the four freedoms of free software, you can still make sure that you use ethically sound software by simply checking whether it is GPL licensed.

So kudos to the designers of the GPLv3. They did such a great job that it took me two years to realize one of the many powerful tools they gave us with the GPLv3 - and I did take part in the public discussion of the GPLv3 since draft 1 (but I never watched a GPLv3 speech...).

Also, since the GPLv3 allows combination with the AGPLv3 software (which adds the restriction, that the source code must also be supplied when the software is used over a network), it gives us a clear path into the future where people might use more and more software "as a service", so it doesn't get executed on their local machine and the normal GPL alone isn't enough to protect our freedom.

turn files with wikipedia syntax to html (simple python script using mediawiki api)

I needed to convert a huge batch of mediawiki-files to html (had a 2010-03 copy of the now dead limewire wiki lying around). With a tip from RoanKattouw in #mediawiki@freenode.net I created a simple python script to convert arbitrary files from mediawiki syntax to html.

Usage:

• Download the script and install the dependencies (yaml and python 3).
• ./parse_wikipedia_files_to_html.py <files>

This script is neither written for speed or anything (do you know how slow a webrequest is, compared to even horribly inefficient code? …): The only optimization is for programming convenience — the advantage of that is that it’s just 47 lines of code :)

It also isn’t perfect: it breaks at some pages (and informs you about that).

It requires yaml and Python 3.x.

#!/usr/bin/env python3

"""Simply turn all input files to html. 
No errorchecking, so keep backups. 
It uses the mediawiki webapi, 
so you need to be online.

Copyright: 2010 © Arne Babenhauserheide
License: You can use this under the GPLv3 or later, 
         if you add the appropriate license files
         → http://gnu.org/licenses/gpl.html
"""

from urllib.request import urlopen
from urllib.parse import quote
from urllib.error import HTTPError, URLError
from time import sleep
from random import random
from yaml import load
from sys import argv

mediawiki_files = argv[1:]

def wikitext_to_html(text):
    """parse text in mediawiki markup to html."""
    url = "http://en.wikipedia.org/w/api.php?action=parse&format=yaml&text=" + quote(text, safe="") + " "
    f = urlopen(url)
    y = f.read()
    f.close()
    text = load(y)["parse"]["text"]["*"]
    return text

for mf in mediawiki_files:
    with open(mf) as f:
        text = f.read()
    HTML_HEADER = "<html><head><title>" + mf + "</title></head><body>"
    HTML_FOOTER = "</body></html>"
    try: 
        text = wikitext_to_html(text)
        with open(mf, "w") as f:
            f.write(HTML_HEADER)
            f.write(text)
            f.write(HTML_FOOTER)
    except HTTPError:
        print("Error converting file", mf)
    except URLError:
        print("Server doesn’t like us :(", mf)
        sleep(10*random())
    # add a random wait, so the api server doesn’t kick us
    sleep(3*random())

Weltenwald-theme under AGPL (Drupal)

After the last round of polishing, I decided to publish my theme under AGPLv3. Reason: If you use AGPL code and people access it over a network, you have to offer them the code. Which I hereby do ;)
That’s the only way to make sure that website code stays free.

It’s still for Drupal 5, because I didn’t get around to port it, and it has some ugly hacks, but it should be fully functional.

Just untar it in any Drupal 5 install.

tar xjf weltenwald-theme-2010-08-05_r1.tar.bz2

Maybe I’ll get around to properly package it in the future…

Until then, feel free to do so yourself :)

And should I change the theme without posting a new layout here, just drop me a line and I’ll upload a new version — as required by AGPL. And should you have some problem, or if something should be missing, please drop me a line, too.

No screenshot, because a live version kicks a screenshot any day ;)
(in case it isn’t clear: Weltenwald is the theme I use on this site)

Why free speech does not equal to the right of being heard

→ written in a discussion with Sascha¹ in Freenet using Sone.

If free speech included being allowed to force all people to listen, then it would also include my right to force you to listen to everything I say.

Think this on the scale of 6 billion people all using freenet. Every one of them could force you to listen to him/her/it. Whom would you ignore?

In WoT getting some people² to see your message is possible, but it has a price: solving captchas.

The same is true for real life demonstrations: If you want to be seen, you have to get up and actually invest something - be it time, effort or risk to your reputation.

In real life we have channels through which we sell our attention. They are called advertisements and advertisement financed services, and access to our attention is tightly controlled by some few gatekeepers who make lots of money by keeping a hold on our attention.

In freenet all you have to do is solve some captchas, a rule which is the same for everyone.

Why Gnutella scales quite well

You might have read in some (almost ancient) papers, that a network like Gnutella can't scale. So I want to show you, why the current Version of Gnutella does scale, and does it well.

In earlier versions, up to v0.4, Gnutella was a a pure broadcast network. That means, that every search request did reach every participant, so the number of search requests hitting each node was for an optimal network exactly equal to the number of requests, made by nodes who were in the network. And you can see easily why that can't scale.
But that was only true for Gnutella 0.4.

In the current incarnation of Gnutella (Gnutella 0.6), Gnutella is no longer a pure Broadcast network. Instead, only the smallest percentage of the traffic is done via broadcast.

If you want to read about the methods used to realize this, please have a look at the GnuFU guide (english, german).

Here I want to limit it to the statement, that the first two hops of a search request are governed via Dynamic Querying, which stops the request as soon as it has enough sources (this stops a search as soon as it gets about 250 results), and that the last two hops are governed via the Query Routing Protocol, which ensures, that a search request reaches only those hosts, which can actually have the file (which is only about 5% of the nodes).

So in todays reality, Gnutella is a quite structured and very flexible network.

To scale it, Ultrapeers can increase their number of connections from their current 32 upwards, which makes Dynamic Querying (DQ) and the Query Routing Protocol (QRP) even more effective.

In the case of DQ most queries for popular files will still provide enough results after the same number of clients have been contacted, so increasing the number of connections won't change the network traffic at all which is caused by the first two steps.

In the case of QRP, queries wil still only reach the hosts, which can have the file, and if Ultrapeers are connected to more nodes at the same time (by increasing the number of connections), it will provide more results for each connection, so DQ will stop even earlier than with fewer connections per Ultrapeer.

So Gnutella is now far from a broadcast model, and the act of increasing the size of the Gnutella Network can even increase its efficiency for popular files.

For rare files, QRP kicks in with full force, and even though DQ will likely check all other nodes for content, QRP will make sure that only those nodes are reached, which can have the content, which might be only 0.1% of the net or even far less.

Here, increasing the number of nodes per Ultrapeer means that nodes with rare files are in effect closer to you than before, so Gnutella also gets more efficient when you increase the network size, when rare file searches are your major concern.

So you can see, that Gnutella has become a network, which scales extremly well for keyword searches, and due to that it can also very efficiently be used to search for metadata and similar concepts.

The only thing which Gnutella can't do well are searches for strings which aren't seperate words (for example file-hashes), because that kills QRP, so they will likely not reach (m)any hosts. For these types of searches, the Gnutella developers work on a DHT (Distributed Hash Table), which will only be used, if the string can't be split into seperate words, and that DHT will most likely be Kademlia, which is also proven to work quite well.

And with that, the only problem which remains in need of fixing is spam, because that inhibits DQ when you do a rare search, but I am sure that the devs will also find a way to stop spamming, and even with spam, Gnutella is quite effective and consumes very little bandwidth, when you are acting as a leaf, and only moderate bandwidth when you are acting as ultrapeer.

Some figures as finishing touch:

• Leaf network traffic: About 1kB/s if you add outgoing and incoming traffic, which is about the seventh part of the speed of a 56k modem.
• Ultrapeer traffic: About 7kB/s, outgoing and incoming added together, which is about one full ISDN line of less than 1/8th of a DSLs outgoing speed.

Have fun with Gnutella!
- ArneBab 08:14, 15. Nov 2006 (CET)

PS: This guide ignores, that requests must travel through intermediate nodes. But since those nodes make up only about 3% of the network and only 3% of those nodes will be reached by a (QRP-routed) rare file request, it seems safe to ignore these 0.1% of the network in the calculations for the sake of making it easier to follow them mentally (QRP takes care of that).

Wish: KDE with Emacs-style keyboard shortcuts

I would love to be able to use KDE with emacs-style keyboard shortcuts, because Emacs offers a huge set of already clearly defined shortcuts for many different situations. Since its users tend to do very much with the keyboard alone, even more obscure tasks are available via shortcuts.

I think that this would be useful, because Emacs is like a kind of nongraphical desktop environment itself (just look at emacspeak!). For all those who use Emacs in a KDE environment, it could be a nice timesaver to be able to just use their accustomed bindings.

It also has a mostly clean structure for the bindings:

• "C-x anything" does changes which affect things outside the content of the current buffer.
• "C-anything but x" acts on the content you're currently editing.
• "C-c anything" is kept for specific actions of programs. For example "C-c C-c" in an email sends the email, while "C-c C-c" in a version tracking commit message finishes the message and starts the actual commit.
• "M-x" opens a 'command-selection-dialog' (just like alt-f2).
• "M-anything but x" is a different flavor of "C-anything but x". For example "C-f" moves the cursor one character forward, while "M-f" moves one word forward. "C-v" moves one page forward, while "M-v" moves one page backwards.

On the backend side, this would require being able to define multistep shortcuts. Everything else is just porting the emacs shortcuts to KDE actions.

The actual porting of shortcuts would then require mapping of the Emacs commands to KDE actions.

Some examples:

• "C-s" searches in a file. Replaces C-f.
• "C-r" searches backwards.
• "C-x C-s" saves a file -> close. Replaces C-w.
• "C-x C-f" opens a file -> Open. Replaces C-o.
• "C-x C-c" closes the program -> quit. Replaces C-q.
• "C-x C-b" switches between buffers/files/tabs -> switch the open file. Replaces alt-right_arrow and a few other (to my knowledge) inconsistent bindings.
• "C-x C-2" splits a window (or part of a window) vertically. "C-x C-o" switches between the parts. "C-x C-1" undoes the split and keeps the currently selected part. "C-x C-0" undoes the split and hides the currently selected part.

Write programs you can still hack when you feel dumb

I just read the post Hyperfocus and balance of Arc Riley from PySoy who talks about trying to get to the Hyperfocus state without endangering his health. Since I have similar needs¹, I am developing some strategies for that myself (though not for my health, but because my wife and son can’t be expected to let me work 8h without any interruptions in my free time).

I try to change my programming habits instead of changing myself to fit to the requirements of my habits, though.

The guideline I learned from writing PnP roleplaying games is to keep the number of things to know below 7 at each point (well, the actual limitation for average humans is 4 objects!). For a function of code I would convert that as follows:

1. You need to keep in mind the function you work in, and
2. what it should do (purpose and effect), and
3. the resources it uses (arguments or global values/class attributes).

Only 4 things left for the code of your function. (three if you use class attributes/global values and function arguments. Two, if you have complex custom data-structures with peculiar names or access-methods which you have to understand for doing anything. One if you also have to remember the commands of an unfamiliar editor or VCS tool. See how fast this approaches zero even starting with 7 things?)

Add an if-switch, for-loop or similar and you have only 3 things left.

You need those for what the function should actually do, so better put further complexities into subfunctions.

But if you want to be able to hack that code while you feel dumb (compared to those streaks of genius when you can actually hold the whole structure of your program in your head and forsee every effect of a given change before actually doing it), you need to make sure that you don’t have to take all 7 things into account. Tune it down for the times when you feel dumb by starting with 5 things², and you get:

2 things for your function. Some Logic and calling stuff are 2 things.

If it is an if-switch, let it be just an if-switch calling other functions. Yes, it may feel much easier to do it directly here, when you are fully embedded in your code and feel great, but it will bite you when you are down. Which is exactly when you won’t want to be bitten by your own code.

To find a practical way of achieving this, Django’s concept of loose coupling and tight cohesion (more detailed) helped me most, because it reduces the interdependencies.

The effects of any given change should be contained in the part of the code you work in - and in one type of code.

As web framework, Django seperates the templates, the URI definitions, the program code and the database access from each other. (see how these are already 4 cathegories, hitting the limit of our mind again?)

For a game on the other hand, you might want to seperate story, game logic, presentation (what you see on the screen) and input/user actions. Also people who write a scenario or level should only have to work in one type of code, neatly confined in a file or a small set of files which reside in the same place.

And for a scientific program, data input, task definition, processing and data output might be seperated.

Remember that this seperation does not only mean that you put them into different files, but that these parts are only loosely coupled:

They only use lean and clearly defined interfaces and don’t need to know much about each other.

This does not only make your program easier to adapt (because the parts you need to change for implementing a given feature are smaller). If you apply it not only to the bigger structure, but to every part of the program, it’s main advantage is that any part of the code can be understood without having to understand other parts.

And you can still understand and hack your code, when your child is sick, your wife is overworked, you slept only 3 hours the night before - and can only work for half an hour straight, because it’s evening and you don’t want to be a creep (but this change has to be finished nontheless).

Note that finding a design which allows that is far more complex than it sounds. If people can read your code and say “oh, that’s easy. I can hack that” (and manage to do so), then you did it right.

Designing a simple structure to solve a complex task is far harder than designing a complex structure to solve that task.

Your browser history can be sniffed with just 64 lines of Python (tested with Firefox 3.5.3)

After the example of making-the-web, I was quite intrigued by the ease of sniffing the history via simple CSS tricks.

So I decided to test, how small I get a Python program which can sniff the history via CSS - without requiring any scripting ability on the browser-side.

I first produced fully commented code (see server.py) and then stripped it down to just 64 lines (server-stripped.py), to make it really crystal clear, that making your browser vulnerable to this exploit is a damn bad idea. I hope this will help get Firefox fixed quickly.

If you see http://blubber.blau as found, you're safe. If you don't see any links as found, you're likely to be safe. In any other case, everyone in the web can grab your history - if given enough time (a few minutes) or enough iframes (which check your history in parallel). This doesn't use Javascript.

It currently only checks for the 1000 or so most visited websites and doesn't keep any logs in files (all info is in memory and wiped on every restart), since I don't really want to create a full fledged history ripper but rather show how easy it would be to create one.

Besides: It does not need to be run in an iframe. Any Python-powered site could just run this test as regular part of the site while you browse it (and wonder why your browser has so much to do for a simple site, but since we’re already used to high load due to Javascript, who is going to care?). So don’t feel safe, just because there are no iframes. To feel and be safe, use one of the solutions from What the Internet knows about you.

Konqueror seems to be immune: It also (pre-)loads the "visited"-images from not visited links, so every page is seen as visited - which is the only way to avoid spreading my history around on the web and still providing “visited” image-hints in the browser!

Firefox 4.0.1 seems to be immune, too: It does not show any :visited-images, so the server does not get any requests.

So please don't let your browser load anything depending on the :visited state of a link tag! It shouldn't load anything based on internal information, because that always publicizes private information - and you don't know who will read it!

In short: Don't keep repeating Ennesbys Mistake:

• Mistake:

• Effects:

(comic strips not hosted here and not free licensed → copyright: Howard V. Tayler)

And to the Firefox developers: Please remove the optimization of only loading required css data based on the visited info! I already said so in a bug report, and since the bug isn't fixed, this is my way to put a bit of weight behind it. Please stop putting your users privacy at risk.

Usage:

• python server.py
  start the server at port 8000. You can now point your browser to http://127.0.0.1:8000 to get sniffed :)

To get more info, just use ./server.py --help.

(All this is) Gentoo for me

- Words and Music: Arne Babenhauserheide ( http://draketo.de )

Listen to the song: ogg
This recording is part of the music podcast singing in the winds of time.

Refrain:
  I build my kernel and I strip it down,
  my programs only do what I need
  the tree is at my very core
  it's my whole world and it is my seed.

I came to Gentoo several years ago,
it's power was my joy and woe,
replaced OSX with a mighty shell,
and learned its ways and learned them well.

(well mostly, and learning at times is a hell)

--

I rebuilt only 2 times since that day,
for at first I didn't know my way,
the second one was a lovely bird,
but a new Computer brought the third.

(someday I want a Gentoo GNU/Hurd)

--

I learned each day and my knowledge grew,
from the wiki and forums it leaped and flew,
information in structure gave power in mind,
and the strongest is what the tutorials bind.

(but read them well, or trouble's what you find)

--

A new life came when I met the snake,
I'd been asleep, now I'm awake,
for portage might be quite complex,
but reading Python's sometimes close to sex.

(go deeper and deeper and the world seems to shift)

--

Somewhere between some seedlings appeared,
with stuff for special people geared,
sometimes dangerous, but mostly good,
and the tree had grown a little wood.

(but remember where the main trunk stood)

--

And now the tree has KDE 4,
since that appeared I like it evermore.
All that nifty stuff I missed from my Mac,
usability and beauty and the vision are back.

(and don't forget power, more than any I knew before)

--

Together all this is Gentoo for me,
but there sure is more I don't get or see,
and some parts for which I feel quite strong,
just didn't fit into this song.

(Gentoo's much too large to fit into any... )

PS: I just uploaded this into my Jamendo Account.

PS: I just found another (older) Gentoo song.

A song from the icy lands

A song about sharing and free software and changing the world. Originally written to recreate the vision of the Polar Skulk in art.

Criticism and praise would be a great gift to the pup writing this song.

A song from the icy lands

Freedom for Music, for Movies and for every word,
Fighting is not quite absurd,
and we are peaceful, good and kind,
and fight for freedom of the mind.

--

Ref1:
Our world is ice,
but we're together,
calling to the moon,
the cousins of the wolf.

Our tales of freedom
light a fire
of love and family,
the song of foxes.

we teach the wolves,
and sing of beauty,
gather wisdom,
and sing the music of the world.

Our world is ice,
but we're together,
calling to the moon,
the cousins of the wolf.

Our tales of freedom
light a fire
of love and family,
the song of foxes.

we teach the wolves,
and sing of beauty,
gather wisdom,
and free the music of the world.

--

Our skulk is happy with that which is free,
we spread the free things which we see,
like Gnus, who made the firelight,
we spread the freedom in the night.

--

Ref2:
-Ref 1 but:

... learn the wisdom of the world

... free the wisdom of the world.

--

Each night we meet artists who give us their songs,
and more learn each day, where the music belongs,
and wherever we travel, a seed takes its hold,
and singing and dancing shine brighter than gold.

and wherever we travel, a seed takes its hold,
and singing and dancing grow stronger than gold.

--

Ref3:
-Ref 1 but:
... dance the rhythm of the world

... change the rhythm of the world.

If you liked the song from the icy lands, you might also like a tale of foxes and freedom and Infinite Hands.

Dragon Cycle

The War of Dragons and Birth of the Dragonriders Sung and played at FilkCONtinental 2004.

No music yet - but someday I'll get that recording...

Drowsy Pagan (and his stew) - a Filk on Dawson's Christian

To the melody of Dawson's Christian from Duane Elms.

Jason Drowsy was a hunter known to cook a burning stew,
and he turned to be a pagan in the hunt of eigthy two.
Now that pagan was the finest cook of the royal twins
and the stew of Jason Drowsy smelled like sins.

In the hunt for the kings wedding, waiting for the royal son,
he then saw a regal steed who was equal to no one,
as the royal son came by him, and he rode out for a prize,
Drowsy knew just far to well whom he must slice.

No one talking saw the battle, though the guard was quick to leave,
when they reached the site they found a scene no sane man could believe.
Dead in grass there lay the princeguard, cut to ribbons all around,
but no sign of Jason Drowsy could be found.

Chorus 1:
There are stories of the nightwatch and the ents and dragonwood,
there are stories of the unicorn with a lady at his foot,
but the tale that warms my spirit more because I know it's true
is the tale of Jason Drowsy and his stew,
yes the tale of Drowsy pagan and his stew.

- break for music -

I was second scout for heras dream, the escort was all mine,
we were shipping precious metals and a carriage with wine,
It was in the second week of the most uneventful ride,
when the cold and snow froze all our breath at night.

Now to me there was no question, for there was nowhere to run,
and you just can't keep moving when you never see the sun,
so we stopped and built a campsite for a time in freezing snow,
when in underbrush a light began to glow.

First we thought it a predator, but the color was all wrong,
then we thought it might be rescue, but no sound of horn did come,
when noone answered hailing we all felt an unknown dread,
then the fire grew and started burning red.

Now a glow came from that fire that is known by very few,
and we never knew a meal could smell just like that special stew,
never fearing our numbers then a figure left the wood,
and he carried a huge bowl which smelled too good.

Chorus 2:
And that pagans stew burned hotter than all stew I ate before,
and its taste would melt to easily the heart of any whore,
as the meal then filled our stomachs and we search for some more shreds,
all the fear of cold was wiped from our heads,
all the fear of cold was wiped from our heads.

Just as quickly as we started all the feasting then was done,
for the cold inside had vanished and the strangers stew had won,
though we tried to call and thank him, not an answer could we draw,
then he dropped the bowl and this is what we saw.

It had markings there all over and an emblem on one side,
and we knew that every owner but that pagan had long died,
for the markings spoke of royalty, and deep inside we knew,
we all ate from Drowsy pagans fabled stew.

But instead of staying with us, he then simply walked away,
but came back each night with more stew tasting as if made by fey,
when at last the cold did lift, deep inside us each one knew,
we were saved by Jason Drowsy's burning stew, yes, we were saved by Drowsy pagans burning stew.

- Chorus 1 -

Background: I really love the sound of Dawson's Christian, but I never liked the name of the ship - and I learned from my parents not to glorify violence, at least not all the time. Violence is the ultimate escalation of a conflict, so it is well suited to stories, but there are much more important things in life than being the best soldier - for example being the legendary cook who saves caravans from freezing to death and chose a life in the wilderness over the life for his king when he realized what's really important in our world.

Filk the gist

A parody on March of Cambreadth by Heather Alexander aka Alexander James Adams, the Fairy Tale Minstrel, written on the filk-de list to say “damn, we are filkers! We don’t quabble about politics — we sing about them!” (and to make crystal clear what I mean, because it wasn’t on the mailing list: Politics in song are Filk, and this song is against lying politicians! I’m sorry, Le-matya. This was meant to support your position but I forgot to doublecheck if it is clear in the context.)

Filk the gist

Keyboards klick, Cellphones ring,
Shining laptop’s hackers sing,
Newsfeeds burn with polished prose,
Show us where we find our foes,
Midnight flame with congressmen,
Fight the trolls to keep us sane,
Sound the horn and call the cry,
How many of us can spot their lie?

Fuck the orders you get told,
Make their shallow hearts get cold,
Fight until you die or drop,
A force like ours is hard to stop,
Close your mind to stress and pain,
Write till you’re no longer sane,
Let not one wrong word pass by,
How many of us can spot their lie?

Guard your disk and emails well,
Send these bastards back to hell,
We’ll teach them the cyberway,
They won’t write in our clay,
Use your shield and use your head,
Fight till every line glows red,
Raise the flag up to the sky,
How many of us can spot their lie?

Dawn has broke, the time has come,
Publish to a marching drum,
We’ll win the war and pay the toll,
We’ll fight as one in heart and soul,
Midnight flame in filkers list,
Write the songs and catch the gist,
Sound the horn and call the cry,
How many of us can spot their lie?

Hackers blog while Filkers sing,
Pegasus has spread its wing,
Yesterday we were too shy,
How many of us can spot their lie?

Happy Birthday to GNU - 25 years

Today is the 25th birthday of the GNU project - the very beginning of the free software community we are today.

This is my small, humble contribution for the birthday celebration.

Happy Birthday to GNU (ogg vorbis)

Happy Birthday to GNU,
Happy Birthday to GNU,
Happy Birthday not Unix,
Happy Birthday to GNU.

Naturally this recording is free licensed.

It is part of the music podcast singing in the winds of time.

Infinite Hands - singing a part of the history of free software (filk)

- Free Software version of "Finity's End"; original: {lyrics: CJ Cherryh, music: Leslie Fish}.
- filked by Draketo aka Arne Babenhauserheide (draketo.de) (capo 3)

- please check the dedicated site: http://infinite-hands.draketo.de -

Songtext for printing and passing on: pdf | odt (source) | txt
Audio-files: ogg | mp3
This recording is part of the music podcast singing in the winds of time.

==== Infinite Hands ====

C        a             D           a
Infinite Hands build a world to be free, 
    E       G            a
the digital space we all know, 
   C      (a)         D            a
unlimited use has the code that we write, 
    C             G            a
and freedom's the badge we all show.

     C                           D           a
The stuff runs our servers, our desktops and grids, 
     D                    a
by uncounted hands it was made, 
     a                     D         a
set out in the wild on the day it is born, 
        C             D           a
for our free running, long coding trade. 

Ref: 
    C             a          D           a
And no law shall bind us or keep us for long, 
       E       G                    a
for infinity's ours and infinity's free, 
     C          a           D             a
and no country owns us, and no land's our own, 
    C         G        a
for Infinite Hands are we. 

The companies thought that they'd pay us for lines, 
and have all the code for their own. 
"You're company people and company teams, 
your code will now serve us alone."

R.Stallman was only a student that day, 
and he said to himself, thinking deep: 
Farewell to a job, all my code shall be free, 
for what they don't own, they can't keep. 

-Ref-

The miracle came, he did not change his mind
and gathered around him a crew, 
and people could buy his free programs from him, 
sent by mail and his money got through. 

At times others came and they said, "We're free, too, 
you can take code as if in a mall. 
It will be only yours then, just say it's from us, 
and it runs and compiles where you call."

-Ref: But... -

Now Richard M. Stallman was vexed and annoyed, 
and he sent out the word as before: 
"All code must be free, free to use and improve, 
which our license ensures evermore."

But still many coders were lured from our ranks, 
Now for Windows and Apple they strived, 
- spoken in background: And for Amiga, BeOS, IBM, 
    and many more -
their doom and their fall came from finland one day, 
as to GNU a free kernel arrived.

-Ref-

"Come all to U.S.", came a call spreading wide, 
"for there is no place else you can be."
 - spoken in background: DMCA, DRM, TCPA, 
    software patents, idea patents and a war on terror - 
But Richard M. Stallman still sent out the word, 
that all code from now on must be free. 

So code would stay free and our teams did grow strong, 
but some loopholes remained in our side, 
which traitors like TiVo exploited to steal, 
so we needed a change in the right. 

- Ref-

... no words ... 

So our license reshaped by the people and GNU, 
for code contributed to trade, 
And orders be none to withhold us or bind, 
    C                       E          a
No law on our code but the license we made. 

Ref: 
      C             a           D           a
Just that law shall bind us and keep us for long, 
       E       G                   a
for infinity's ours and infinity's free, 
    C          a            D             a
and no country owns us, and no land's our own, 
    C        G               a
for Infinite Hands/Lines are we. 
    C       E        C           (G) a
are we, for Infinite Hands/Lines are we. 

Background:
This is a part of the story of free software, although it misses some details. While "Finity's End" was a work of fiction (the book is avaible on amazon.com, amazon.de and maybe at bookzilla.de), this story really happened and happens today.
For additional information please refer to GNU.

Licensing:
This song is free art avaible under the following four licenses (for details, please visit draketo.de/licenses). Permission to filk her work freely was granted by Leslie Fish (cite: "Anything to keep the internet free: Go for it!" - she's great! - maybe you'd like to listen in on her music?) and CJ Cherryh.

- GNU FDL
- GPLv2 or later or GPLv3 or later
- Art Libre v1.3 or later
- Lizenz für freie Inhalte v1.0 webstar

You can use any of those four licenses, because I can't yet know which license will make it to the general license for free art. Please keep all four licenses when you make changes, so we avoid licensing chaos. It doesn't use creative commons licensing, because cc does not protect the free avaibility of the sources (Just think LaTeX and pdf).
Sources: infinite-hands.draketo.de

It was written by Draketo aka Arne Babenhauserheide, finished on 2007-09-28, improved by Alan Thiesen 2007-10-08.
Copyright © 2007 Arne Babenhauserheide.
It's first public performance was at FilkCONtinental2007 (A filk convention on the Freusburg in Germany)

Missing topics: DRM, SCO, Open Source – I'd be glad to get suggestions from you! ( just use the comment field )

Arne Babenhauserheide

People visited Infinite Hands since 2008-04-17

Pond-erosa Puff (OpenBSD)

I recently found the OpenBSD songs, and the artists say that they are part of OpenBSD, logically as well as license-wise. And OpenBSD is licensed under a three-clause BSD license which is GPL compatible - that means I can record and publish it here!

This is the OpenBSD 3.6 release song: Pond-erosa Puff, written about people who make something free and suddenly decide to go the unfree path.

Many thanks to all you OpenBSD guys!
Your license is a bit too weak for my taste, but damn, it's free - and your code is as good as your songs!

Audio-files: ogg | mp3

This recording is part of the music podcast singing in the winds of time.

My recording is far from perfect, but I hope you enjoy it anyway! Also it should give everyone a good headstart who always wanted to play the song on the guitar. Oh, and please do listen to the ogg vorbis file. It sounds far better! - Draketo

Pond-erosa Puff

Well he rode from the ocean far upstream
Nuthin' to his name but a code and a dream
Lookin' for the legendary inland sea
Where the water was deep n' clean n' free

But the town he found had suffered a blow
Fish were dying, cause the water was low
Fat cat fish name o' Diamond Dawes
Plugged the stream with copyright laws

He said my water's good n' my water's free
So Pond-erosa, you gonna thank me!
Then he bottled it up and he labeled it "Mine"
They opened n' poured, but they ran outta time!

So Puff made a brand and he tanned his hide
Said. "this is the mark of too much pride"
Tied him to a horse, set the tail on fire
Slapped er on the ass and the water went higher!

Pond-erosa Puff
wouldn't take no guff
Water oughta be clean and free
So he fought the fight
and he set things right
With his OpenBSD

Well things were good fer a spell in town
But then one day, dang water turned brown
Comin' to the rescue, Mayor Reed
He said, "This here filter's all ya'll need"

But it didn't take long 'fore the filter plugged
Full of mud, n' crud, n' bugs
Folks said "gotta be a gooder way"
Mayor said "Hell No! She's O.K."

"The water's fine on the Open range"
And he passed a law that it couldn't change.
"No freeze, no boil, no frolicking young"
Puff took him aside, said "this is wrong"

Then he found the Mayor was addin' the crud!
So he took him down in a cloud of blood
Said "The Mayor's learnd, he's done been mean"
So they did it right and the water went clean!

CHORUS

So once agin' it was right, but then
The lake went dry, she was gone again!
Fish started flippin' and floppin' about
Yellin' "Mercy Puff! It's a doggone drought!"

So he rolled up-gulch till he hit the lake
Of Apache fish, they was on the take
They'd built a dam that was made of rules
Now Puff was pissed and he lost his cool!

I'm sick and tired of these goldarn words!
n' laws n' bureaucratic nerds!
You're full o' beans n' killin' my town
and if you's all don't shut er down

I'll hang a lickin' on every one
of you sons o' bitchin' greedy scum!
So he blew the dam, an' he let 'er haul
Cause water oughta be free for all!

CHORUS

License: The text is licensed under a 3 clause BSD license, the recording can be used under the usual free licenses and additionally under the 3 clause BSD license (the license doesn't enforce that, but I feel that it's just the right thing to do).

Realistically Me (the square root)

-Melodie partly from "Swing low, sweet chariot"-

He looked over squares, and what did he see?
coming just for driving him mad,
The rational numbers didn't fit for me,
coming just for driving him mad.

He looked over pentagrams, and what did he see?
coming just for driving him mad,
There was funny looking a cousin of me,
coming just for driving him mad.

He told his pupils, all the world is a number,
coming just for driving him mad,
And one of them said: "this one makes me wonder"
coming just for driving him mad,

He told him of me, and to his growing dread,
coming just for driving him mad,
He proved my being, and what did he get,
Pytagoras just wanted him dead.

I'm the square root,
The funny square root,
gave him a bad mood,
Just me, the square root,
And everything in me is good!

(being irrational can be great! :-) )

Seiken Densetsu 3 Bardstale

The introduction story of Angela from the SNES-Game Seiken Densetsu 3 (SD3) which you play when you start the game with her as main character, done in song-form. Infos about her and about that game: http://www.fantasyanime.com/mana/som2char_2.htm

This is the first song I ever wrote myself, text melody and guitar, and I am still not quite satisfied with the way I can play it.

-> ogg vorbis music file.

It misses a violin. (I played it once together with a fiddler, and it was exactly what I imagined. But I had no recording accessories at hand at that time, and I'm sad we weren't able to play together more often... I hope you still like it the way it is now!)

Songtext and chords:

Seiken Densetsu 3 Bardstale

Chords:

D A E G
D A C G

Ref: d a d a
d a C G

The power of the magic, the magic of the spell,
brought her out of danger, brought her out of hell.
Beauty in her eyes and beauty in her face,
magic in her heart, but no magic in the mind.

Her mother was against her, the queen of the castle,
crying out for power, for power to prevail.

Ref: Lonely girl, beautiful girl, arrogant girl with magic in her heart.

Her queen needed a life, taken away from a human,
tried to take another, another than her own,
Her kingdom was freezing, the mana was fading,
by fleeing her mother, she finally ran away.

Ref: Lonely girl, beautiful girl, arrogant girl with magic in her heart.

Carried by the magic, the magic in her heart,
safe from the grip of her mothers magic hands,
Alone in the cold, but living at least,
she awoke outside the castle and ask'd her where to go.

- New Chords: -
- d a e a -
- a C G a -

Slowly she walked south to be attacked by fierce fiends,
after the victory the cold took her in its hands.

- d C a -
- Strummed: D A E G -

She awoke in the bed of an all unknown house,
selfishly stepping out without a thank you.

The truth is in there - Maxwell gives us the speed of light

- a Filk on "X as in Fox" by Cecilia Eng -

Once we believed in the speed of the light,
and experiments show that what we thought is right,
But we search our math for another sight,

'Cause we hope that the truth is in there.

When we measure the speed of something somehow,
we can only check against the distance, but now
we'll show that we get it from Maxwell', and wow!

We will know that the truth is in there!

First we take a sheet of charge at hand,
then we move it by an unseen command,
and nabla rot B shows the field where we stand,

And we know that the truth is in there.

Now that formula says, our field's everywhere,
when about the electrics we never care,
but that can't be true, for our world's still there,

And we know that the truth is in there.

Since nabla rot E is -dB/dt,
a field can never change at once all that we see,
It takes some time, which gives us the v,

And we guess that the truth is in there.

So now we take a small square far from the sheet,
when we check the change in B, it then shows quite neat,
It is width times the speed times B, which we need,

To see that the truth is in there.

For we also know that an electric field,
round a loop is (as Stokes will quickly yield),
Just the length of the loop times the strength of the field,

That's a clue that the truth is in there.

For now we take both and make the loop small,
so the length in a field is its width, and we call,
"E is v times B", which gives us all

To believe that the truth is in there.

We then do the same for nabla rot B,
But there's a c squared so we easily see,
E is also c squared times (B divided by v),

And we see that the truth is in there.

For with these we can easily tell,
that v must be c which we like so damn well,
For now we are sure we're right when we yell,

We know that the truth is in there!

So what do we know from this funny tale?
The strength of the fields leads us through the veil,
and gives us the speed of light without fail,

So we see that the truth is in there!

Now we only need to measure the attraction of charge,
and then the attraction of flowing charge,
and the root of their quotient might be quite large,

But it gives us the truth that's in there.
The invariant truth that's in there.

Jepp, that's a way to get the speed of light from the Maxwell equations and the knowledge that our world still exists :)

I hope you enjoyed reading the song as much as I enjoyed writing it!

Volkoi

There’s music in their stamping,
in their shouting to above,

There’s rhythm in their live,
in fight and death and love,

(There's rhythm in their stance,
in strike and blow and bluff,)

Where nobler people seek the truth
and never find their hearts,

A Volkoi’s always on his toes,
when the music starts.

— Eschrandar, Nayan War Engine, Mechanical Dreams (sadly only the store is left of this great game…)

With Python from the Shadows

- Written by Draketo aka Arne Babenhauserheide, originally to the melody of Moonlight Shadow on 22.2.08 but switched on 2008-06-27 to be able to put a recording under free licenses -

Audio-files: ogg
This recording is part of the music podcast singing in the winds of time.

With Python from the Shadows

First time ever I saw it,
carried away by its lightweight structure,
My heart grew fuzzy and sunlit,
carried away by its lightweight structure,

All I saw was the relevant part,
deep inside every programs core,
It flowed like my thoughts but it looked like art,
So clear that at once I saw through.

-

The bridge of doom I was then crossing,
carried away by its lightweight structure,
The guardsman into darkness tossing,
carried away by its lightweight structure,

( "What is the fastest way to store a list of unicode chars?"
"A mutable or an immutable list?"
"I don't know... Aaaargh!" )

It's a month now since I passed that whitening guard,
deep inside every programs core,
To know what I want is the hardest part,
since the code I can simply see through.

-

Ref: I chime, I rime, see you with Python all the time,
I chime, I rime, see you with Python, next time.

-

Four a.m. in the morning,
carried away by its lightweight structure,
you can see my fingers are still coding,
carried away by its lightweight structure,

All it takes is an idea in me,
For stuff inside any programs core,
And the code flows freely for my mindview to see,
So clear that at once I see through.

-

- Ref -

-

mmmmmmm
carried away by its lightweight structure,
mmmmmmm
carried away by its lightweight structure,

I write too late, even typing grows hard,
mmmmmmm
The night is heavy and my lids will not part,
but my mind can still simply see through.

Broken Apple Heart - Why I'm a Mac user no more

Beware of that Fruit (Broken Apple Heart) ( http://bah.draketo.de/?p=13 )

• download ogg
• download mp3

(What do you think, why Macs no longer Smile?)

Chorus: I was an Apple User and loyal to the core,
But one grey day I realized what made my heartache soar,
They want to make the big bucks now and want no one to see,
That ever more surveillance takes the Users rights as fee.

–

I was a little Bugger, when I saw the first of Mac,
Discovered there then Shufflepuck and all the time came back,
It belonged to parents friends then, but my will it showed its grip,
And when they tried to take “My Mac”, their efforts meant a zip.

–

My third Mac, it was bigger, not so cute, but lovely, too,
And to my greatest pleasure, I owned the smiling goo,
I was a big fanatic, Apple was it all the time,
And when I got to talking, all my friends could do was wine.

–

Then came the time of MacOSX, it was the thing for me,
The beta was the slowest beast, but with it I felt free,
I worked and it grew faster and I never bid the time,
And every single Update pushed the speed another line.

–

But then they made the panther and it hated my old Mac,
And though I bought a new one, my belief did not come back,
Then came OSX on intel, my belief lost every race,
Apple takes “trusted computing”, hits me squarely in the face.

–

Now my Mac here owns a Linux and Apple makes no gain,
Since for my precious income I want freedom and no chain,
So I switch on to a Linux, MacOSX I use the least,
with those lovely little penguins I take midsummers feast.

–

Some days Im feeling sad and my parting brings me pain,
But without freedom for their Users, all their genius is in vain,
When I’d come back to Apple, I will tell them with delight,
To get me back they must adhere to freedom and my rights,
They must adhere to freedom and to every Users rights.

• Arne Babenhauserheide ( http://draketo.de )

Dear Steve Jobs,

I once left Apple after a Life of using Macs because you included the TPM chip in the Intel Macs, and I’ve been an active opponent to Apple ever since, because DRM and Trusted Computing aka Treacherous Computing go against everything I believe right in informatics and you had just made Apple the spearhead of DRM.

I’m not likely return as user (I’ve grown too fond of KDE for that), but I am likely to return as supporter, if you decide to give back the rights of your users to manage their own computers freely.

DRM takes away freedom from users, and I can’t support anybody who takes the freedom of people to turn it into profit. You have the option now, to shape Apple into a “good guy” again, and I urge you with all my heart to do it. You broke my heart in the past, but you might be on the way to mend it… and until you do so, I’m going to sing the song into which I shaped my pain back then:

free software, unfree software, ethics and social behaviour

Some of my answers to basic questions

Written in a survey about attitudes towards free software.

Is proprietary (=unfree) software immoral or unethical?

it isn't immoral (moral = what's the current stance of mainstream society), but it is unethical.

In a society where people are used to being forbidden to give bread to a starving child, giving bread you'd otherwise throw away to that child instead could well be immoral.

So only software which allows you to act ethically is ethical - and that's free software. Even better is free software under strong copyleft licenses like the GPL, because that protects our right to act ethically for any future versions of the software.

Do you believe that proprietary software is "illegitimate"?

No.

Legitimate doesn't mean "not contrary to existing law". Even in countries where the police is allowed to torture people, torture is illegitimate. At least that's my understanding. It means that something is wrong and should be forbidden.

I believe that people have the right to make unfree software (people also have the right to do tv-shows like "popstars"). I don't think anyone should use that software, though.

I can't force people to adher to my ethics without acting against my ethics myself. But I can try to convince tham that my understanding of ethics is right.

Do you believe that proprietary software is "antisocial"?

In many cases yes. But it depends on the case,

Note

If I had to develop unfree software to earn enough to live a more or less comforting life, I'd likely choose to do so. That's why I fight now, so I can earn money ethically right later on. Or at least enable my children to do so (more detailed in german).

"Creative Content in a European Digital Single Market: Challenges for the Future"

-> sent to avpolicy@ec.europa.eu, markt-d1@ec.europa.eu in reply to "Creative Content in a European Digital Single Market: Challenges for the Future" as published by the european commission.

Thanks to Glynmoody for getting the word out!

Dear European Commission,

Summary: The goal of copyright is to get more money to more authors and more cultural works to more citizens. Due to the changes the free copying of the internet brings, additional protection doesn't help achieve that goal.
The proposal paper goes into many technical details, but loses the focus on the benefit of copyright to the citizens - and what kind of copyright protection is useful today.
Due to this, many of the measures (especially DRM) have to be reevaluated, if they really benefit our society and cultural development, or only try to cement a status which doesn't benefit the citizens in the light of the changes to technology and consumption of cultural works.

Please keep in mind that copyright is no inherent right. Instead it's a state given information monopoly with a simple goal: Increase the quality and quantity of creative works available to everyone.

As such, copyright law grants authors (copyright holders) the right to control who may be in possession of their works, because being able to make money with ones creations helps creating more and higher quality works.

Also it grants middlemen the right to make money from copies by establishing treaties with authors. These middlemen are useful, as long as they offer a major contribution in getting the works to the public and getting money to the author.

And it grants fair use rights to all citizens, which helps spreading the works and enabling more people to enjoy our culture the way they enjoy it most. These fair use rights are being accompanied by flat payments which are given directly to the authors, so creators of creative works money from an additional pool whose size is related to the amount of cultural works people share.

Currently the best balance between these different kinds of rights (copyright of the creator, use rights of the middlemen and fair use rights of the citizens) is changing due to almost costfree copying of digital content.

Now the middlemen often no longer serve as waybuilders between authors and citizens, but as gatekeepers who lock out citizens from our culture. Also they often take a high percentage of the money citizens pay for cultural works, even though their costs for spreading works (and finding good works) were reduced greatly. When a musician gets a few tens of a Euro from each sale of a 15 Euro CD, it's quite clear that the middlemen use up money which then doesn't help the authors create more cultural works.

Traditional (expensive) ways of spreading content are becoming unnecessary by the faster ways of spreading content digitally. But the middlemen control the flow of content from author to citizens (partly by copyright law), and they use their control to draw a major share from the money citizens want to give the author of the works they enjoy.

More: They often also hinder citizens from telling others about the works they like. In the digital world, people can instantly send music they enjoy to their friends, and if their friends like it, they can buy it - or send it onward to other people who might like it more. And once someone gets something she/he enjoys very much, she/he most times wants to give the author money, so the author can create more works she/he enjoys.

By using "illegal downloads", people learn about new works and decide wether they are worth paying money - and recent studies show that those who use p2p networks to download music illegally are also the ones who buy the most music.

Because of this, I think that the paper focusses too much on the "protection of the copyrightholders" and too little on the question, how laws can help making as many cultural goods available to every citizen as possible. So I want to offer some thoughts:

To achieve that goal, copyright always has to strike a balance between different objectives:

1) Authors need money to be able to work full time. So they want as much money as possible for their works. Some kinds of works take far longer to create, but have great cultural value (for example science books and investigative journalism), so authors who spend very much time on research (or similar) need a way to earn enough from their work, even though they have a smaller quantitative output.

2) Citizens want as much culture they enjoy as possible for the money they have available.

3) Authors and citizens need to find each other, so the citizens can find works they enjoy.

4) Cultural works have to be brought from the authors to the citizens and money has to be brought from citizens to authors of works they enjoy (with as little loss as possible). "Bringing works to the citizens" can include polishing the work, so the citizens can enjoy the works more. A book with 10 errors on each page is very hard to enjoy for most people, as is one with glaring errors in the plot. And a CD without coverimage will find far fewer listeners, regardless of the quality of the music.

In earlier times, the balance which brought citizens the highest amount of cultural works they enjoy was to have big middlemen who were able to shoulder the high cost for printing books, recording tapes, pressing CDs and carrying these from country to country (as well as a part of the risk of promoting unknown authors).

Today the cost for spreading cultural works is almost zero (more exactly: We already pay it by paying for our broadband connections) and finding an author I enjoy is easier with a search engine or using resources written by online communities for free, so the best balance is shifted. Due to this, having stronger fair use rights (so people can more easily pass on works and turn others into paying fans of an author) could be a far more efficient way to bring cultural works to everyone while paying the authors.

And stronger protection of "rightholders" (which today more often serve as gateeepers than waybuilders) could backfire quite badly and harm the cultural development of Europe (even today musicians complain, that they only get a very minor share of the money people pay for their works).

And since the cost of spreading a cultural work to people is almost zero (with technologies developed in filesharing communities, even the bandwidth cost drops to almost zero, since every participant contributes some bandwidth for spreading the work), so there is no real reason, why someone who has only 15€ to spare each month should enjoy far fewer cultural works than someone who earns 10.000€ a month.

In earlier times, if a poor person spent 15€ on a book, more than 10€ were needed to pay for producing the book. That was a natural restriction on the number of works he could enjoy. 5€ went to the author he liked best (if the author was very lucky), because he could only pay for at most one book. He couldn't afford to read works from other authors.

Today that same person could read 15 books and pay 5€ to the 3 authors she/he likes best, and the author of the first book would gain just as much money, two others would get money (who wouldn't have gotten money otherwise), and the remaining 12 authors wouldn't lose anything compared to the high-production-cost alternative.

And this clearly shows a glaring error in ever increasing the "protection" of monopolies: Someone who has 15€ to spend on cultural works doesn't get more money to spend if he can't read works for free. So the main question is, how to get the people to give the money they have available to the authors while giving them as much access to cultural works as possible. And since for example in germany about 50% of the citizens have too little money to pay any relevant amount of taxes, this thought is valid for about 50% of the people in germany.

Adapting copyright laws to the current times has to take into account how copyright laws benefit the society. Copyright monopoly rights are being granted by the state (since we're living in a democracy that means: by all citizens) to individuals for the benefit of all citizens. So the goal of any copyright change should be to benefit all citizens.

It's the interest of society, that as many people as possible can enjoy as many cultural works as possible.

Criminalizing most citizens doesn't come close to that goal. And restricting what people can do with works they purchased (DRM), doesn't achieve that, either. Both only protect the middlemen, but neither the authors (or their income from which DRM is effectively financed), nor the citizens. DRM makes spreading cultural works more expensive, so it harms authors as well as citizens. It adds a needless control structure which sucks away money that should go to the authors.

And people like Howard Taylor (the creator of the free webcomic http://schlockmercenary.com) and all the free software programmers out there who make a living with their programming show that many citizens today are mature enough to pay for the things they enjoy, even though there is no gatekeeper forcing them to.

So please leave the "we need more protection" track. What we need is more money for more authors and more cultural works for citizens.

Cementing the current power-structures in creative business despite the changing technological environment doesn't achieve that.

When considering, how a single-market (a market accessible to everyone in the same way) affects the creation and spreading of creative works, the focus should instead be on comparing the different possible approaches how to strengthen the creation and spreading of cultural works and to see which balance between these ways is most efficient. This requires rethinking the support which copyright law gives to the different revenue sources of authors (flat payments on copying devices, income from direct sales, money from middlemen, money from "additional value products" like signed copies, direct donations by fans so they keep producing, and many more) and as such adjusting the balance between state-granted monopoly rights for authors, state granted monopoly exploitation rights for middlemen and fair use rights of citizens to make it fit for the current technological and social situation.

There's one more interesting fact on that topic I want to spotlight: The german group for spreading the money from flat payments on printers and photocopies "VG-Wort"[1] now pays Webloggers with money from flat payments, because they acknowledge, that these create a considerable share of currently consumed cultural works. Since most webloggers work without direct payments, this is a major change for the commercial viability of creating works which are freely available to everyone with an internet connection, regardless of the financial situation.

At the same time, projects like Creative Commons[2] show, that for a major share of authors of creative works it is most important that noone can misrepresent their content as the creation of someone else, while "forbidding people to pass on the work without making money from it" isn't very interesting (and isn't even useful financially for lesser known authors, because it stops people from spreading the word about the author).

So the first question to be answered is not "how can we ensure that the copyright protection holds in the light of current technology", but "which balance of monopoly protection, fair use rights and direct state-support of authors (like the sponsoring of theaters in germany) is most efficient in achieving the goal to enable as many citizens as possible to have access to as many cultural works as possible in the changed technological environment". Detailed questions about monopoly protection schemes and such (and which of them benefit our society today) only make sense once this basic question has been answered for the current situation.

And "Copyright is the basis for creativity" isn't an answer to that question, because it a) is clearly wrong. People created at all times, while copyright law is only a few hundred years old, and b) doesn't answer, how copyright law benefits European citizens - and how that benefit changes with digitization where every act of viewing is in fact a copy.

Best wishes, Arne Babenhauserheide

PS: Some additional notes:

• on differing content and goals: The content of the article shows a nice overview of problems of the current licensing system between companies, while the 'Strategy for "Creative Content Online"' talks of goals (DRM, filesharing prevention) which aren't more than brushed by the content.

• on the focus of the paper: Important topics like user/created content are only named but missing the simple point, that most of these works are simply illegal today. Companies can clear their licensing with each other - they don't necessarily need new rights for that. But most citizens can't. They can't just sit together and decide to only buy media licensed under specific terms, because the companies can almost completely control the supply. Ordinary citizens are the ones who need clearer laws. And in a democracy, they are the ones for whom laws should be made.

• on "financial incentives for creatives": As psychological studies show, creativity is best fostered by giving creatives enough money to live a comforting live, but the hunt for as much money as possible can stifle creativity instead of strengthening it. So strengthening a single-minded market-driven revenue model for a state-given monopoly doesn't help create creative works of higher quality.

• on the justification of copyright itself: You can also find related thoughts about the reasons for having certain kinds of copyright (in german) at http://draketo.de/licht/politik/geistiges-eigentum-sinn-des-urheberrecht...

• on DRM systems: DRM-systems establish a control inside peoples computers which isn't in turn legitimated and controlled by the state. As such it takes the role of the police without being authorized by the state (which in turn is being authorized by the citizens). To force citizens to accept this additional foreign-control on their actions, middlemen abuse the monopolies granted by copyright law, because these give them the right to establish new rules on how their content may be consumed. That way the DRM restrictions are being established with powers granted by the state, though they aren't legitimated by democratic processes. They even undermine fair use rights. Also any DRM system breaks the premise, that people are free to act, as long as they are willing to face the legal consequences. While I am free to ignore speed limits when I'm on the way to the hospital because my daughter is bleeding to death on the backseat, but might lose my drivers license afterwards (what's a drivers license compared to the death of a daughter?), a DRM system would keep me from taking that decision and would force me to let my daughter die, because my car simply wouldn't drive faster than allowed. That way DRM systems break the premise of the responsible citizen, but since any democracy requires responsible citizens as its basic premise, this leads our whole legal system ad absurdum. So DRM shouldn't be supported by laws. Also fair use laws need to be protected against DRM restrictions. These restrictions are forced on people by using the monopoly granted by copyright law, and they keep people from exercising their fair use rights, granted by the same copyright laws.

• on "culture industry": A culture industry isn't useful for society by definition. It is only useful, if it helps getting more and more enjoyable cultural works to everyone (or at least the vast majority of citizens - including those who earn only very little money). Only in that case is it warranted to give it any additional legal support.

• on "market as regulator": Using the "market" to regulate the behavior of the middlemen with the power of the consumers doesn't work, because copyrighted works are monopolies by law and the market only works without monopolies. Creative works can't directly compete against each other, because people have no way of getting an equivalent alternative since every creative work is unique.

• on forcing people to pay: Today almost noone is forced to pay for any digital goods, because almost everything is available for unpaid download somehow (sometimes illegally). That people still pay for the creative works they enjoy shows clearly, that most people want to pay authors for the goods they enjoy. That's something which is deeply engrained in our psyche: If someone gives us something, we want to give something back. Due to these two effects, it's quite clear that building bigger and bigger restrictions into legally bought content only harms the people who want to give the authors money. It would be far more useful to establish a system which enables people to securely and effortlessly give a few Euro to someone else - or even just a few cents. A "one click donation" which every EU citizen could use, could give authors of creative works far more support than any "harmonization of restriction management systems".

• on me: I am a stakeholder, as I am at the same time a music and book customer, a hobby free software programmer and a hobby writer who publishes under free licenses (on http://draketo.de and http://1w6.org ). I learned about the music genre I enjoy the most (Filk) when I downloaded some tracks in a filesharing network many years ago and I now own more CDs of that genre than of any other genre - and every year I add three or four CDs to my collection. If there had been any effective fair-use-prevention-measure in place back then, I still wouldn't know my favorite kind of music and I still wouldn't buy more than one CD every two years or so.

"Person caught who stole IDs via Gnutella" - ridiculous p2p bashing

Comment to LimeWire ID theft case.

That means, people who spread child porn were caught because they used public p2p networks (where law enforcement can find them), and instead of thanking LimeWire that they were able to catch a criminal because he was lured in the open (instead of selling the material invisible via the postal service), politicians blame LimeWire for the existence of the material which had existed in the dark long before Gnutella made sharing easy and public.

These people don't become criminals because of LimeWire.

But they get caught because they use it and don't realize that everyone can find what they share and track them down - including the cops.

As soon as the crime is bad enough that the cops inquire at a court to get the data of the criminal internet user, that user can easily be tracked down. It's far less effort than stopping someone from sending illegal material via the postal service.

So LimeWire and public p2p help the cops.

That ID theft case is even weaker. It is as if we'd ban cars because some people forget to lock them - or ban wallets because some people lose them (including their ID). The main difference is that you have to actively disable security to lose your ID via LimeWire while your wallet just slips out.

Somehow I smell other motivations than stopping crimes here...

A downside of networking and public reputation: No communication for the sake of communication (alone)

-> A comment on The Importance of Managing Your Online Reputation.

I read your article, and I found the points you make very interesting, though not only in a positive way.

You tackle the “we have a network others can see” from the active side: “How can I make sure my employer likes what he sees?”.

But there's also the other side: We use the web for communicating with people, and this communication is being pulled into the open, and everything we do online is being instrumentalized to draw information about us.

This also means that no communication over a public channel can be done for the sake of the communication itself, and so the channel becomes more and more useless for any creative communication (as opposed to just exchanging preconceived and unchanging ideas).

This might sound hard, but it stems from two concepts:

• When we want to act creatively, we are most efficient, when we do it for the sake of the activity itself. -> http://www.gnu.org/philosophy/motivation.html

• When people know that they are being watched, they act differently (sadly I have no link on this).

Another issue is an adaption of the “unclear prophecy” problem: If people know that their online activity is being measured, they will change their behaviour to please their intended future employer, and so any measurement doesn't give you estimations about the person which are relevant to the job. Instead they only measure one parameter: “How good are you at concious social network building?”

And for many jobs that skill is almost irrelevant.

So using public communication for calculating a score of some kind runs into a paradox as soon as people know that they are screened, and it harms normal communication. Due to that I hope, that more and more people will realize that unscreenable but efficient communication is important.

For example a network similar to identi.ca / twitter could be built on jabber with decentral buddy-lists, which can't easily be read out as massively as twitter, and the really paranoid could completely switch over to freenet as their news communication provider: http://freenetproject.org

ACTA - A trend to be reversed

A reply to a comment on slashdot named Can we fight the trend?:

There was a trend to having only proprietary software (by former free software being enslaved in the job contracts its creators took) and to having the hacker community die out.

That trend was reversed by GNU with the invention of the GPL and the GNU System.

And today millions of people use free software and we have organizations like the EFF and FSF who work for a free software society.

- That huge success story in about 4 minutes: infinite-hands.draketo.de

More people than ever before use free software, and it becomes an integral part of out society as more and more government offices (e.g. in germany: Munich) and companies adopt it.

Today we have a trend to having only nonfree culture (by the laws being turned upside down and politicians being bought) and members of the free speech community to give up.

What I learn from history is:

That trend can be reversed, too, and our society might become a free culture society, just like it slowly becomes a free software society, even though most people will only realize it in hindsight.

"Do you still remember the times, when every office had Windows in it?"

"Only barely, but do you still remember the times, when we feared lawsuits when we accessed the predecessors of the culture pool?"

"Sure! Those were the times. Now, let's get writing again. Don't want to let our fans wait for the next storyarch, do we?"

The ones who profit from unfree media will give a fight this time, though.

And that they choose to go semi-criminal shows, that different from the proprietary software vendors back when GNU was invented, the unfree media companies are already losing, and they know it.

ACTA horror - what can we do?

a comment to: Embattled ACTA Negotiations Next Week In Geneva; US Sees Signing This Year:

I didn't yet manage to get really safe information on what ACTA actually does (that's a marker for 'this is dangerous' in itself), but what I see on wikileaks sounds horrible:

"The deal would create a international regulator that could turn border guards and other public security personnel into copyright police. The security officials would be charged with checking laptops, iPods and even cellular phones for content that "infringes" on copyright laws, such as ripped CDs and movies."
- http://wikileaks.org/wiki/ACTA_trade_agreement_negotiation_lacks_transpa...

'Check my laptops content'???

What about my electronic diary, then?

Without a clear judges sentence, noone is allowed to look at my private files, and should they remove that restriction, they can as well remove all privacy.

And it gets worse:
"The guards would also be responsible for determining what is infringing content and what is not."

and worse:

"Mr. Fewer and Mr. Geist said, once Canada signs the new trade agreement it will be next to impossible to back out of it.
In a situation similar to what happened in the Softwood Lumber trade dispute, Canadians could face hefty penalties if it does not comply with ACTA after the agreement has been completed."

Ouch!
That doesn't sound like a treaty between nations, but more like some big players conspiring to create law which binds all others, and that clearly is antidemocratic.

So a big question looms: What can we do against ACTA?

What can we do?

Ways to act I found:

• Get informed: Read the Article on wikileaks
• Join the Free Software Foundation (FSF) and the Electronic Frontier Foundation (EFF) in the fight against acta.
• Get more information and keep it current.
• Blog about it. Blog about it now.

Amarok - context on music - yahoo comes a tiny bit too late

There was a talk of Ian Rogers from Yahoo! who explained how labels did a hell of many horrible missteps in fighting p2p and in trying to push DRM, how Yahoo now offers a free music service, and how music software terribly lags behind the music scene. http://www.netribution.co.uk/2/content/view/1317/182/

But....

The context he talks about already exists. Just have a look at Amarok:

- Context: http://amarok.kde.org/d/en/index.php?q=gallery&g2_itemId=1375
- Wikipedia: http://amarok.kde.org/d/en/index.php?q=gallery&g2_itemId=1381
- Lyrics sites: http://amarok.kde.org/d/en/index.php?q=gallery&g2_itemId=1378
- and an integrated store where you don't have to buy to listen:

And all that in a free software program, so noone dictates any rules upon you.

I don't know about you, but I definitely get excited by it!

british telekom wants to block accounts just for using Gnutella or BitTorrent

-> a comment to BT to cut off file sharers from TechWatch.

I can read this article in two ways:
1) They took part in sharing/downloading that music file
2) They just had a bittorrent or Gnutella program running.

1 is unlikely, because not every fourth internet user will have downloaded that song.

And if 2 is the case, BT should be sued to its knees.

Having a Gnutella program is not illegal, and blocking access to Gnutella means vastly reduced service.

It's as if they'd take away your flat, because someone saw you using a kitchen knife.

The same is true for BitTorrent which for example gets used by millions of people to download GNU/Linux distributions without creating too much traffic on the servers.

It's what you do with your tool that might be illegal, but having the tool is perfectly legal, and when BT blocks it, they are unduly worsening the service for their customers.

Best wishes,
Arne

Defective by Design is doing something important - actions like theirs got me to GNU/Linux

-> A reply to bashing against Defective By Design.

I was a rabid MacUser 5 years ago.

Then I learned about DRM, TPM and privacy. And I left Apple because they put in TPM chips into developer machines.

Today I'm a happy GNU/Linux user and I contribute from time to time to Gentoo, KDE and Mercurial.

(my way from Apple to GNU/Linux:
- http://bah.draketo.de/ (Broken Apple Heart in German)
- http://draketo.de/english/songs/light/broken-apple-heart (in english) )

So DBD isn't only talking to the converted. Without actions like theirs, I wouldn't be a free software user today.

They just don't reach every average Joe with a single campaign. But who could? With a few hundred people?

What they can achieve is that once an average joe gets into problems with DRM, there's a chance that he won't think “surely I made a mistake. I'll just buy the stuff again” but “weren't there people who said that Apple tries to take my freedom? Seems they were right. I won't fall for DRM again!”

And they can reach critical thinking people, who realize they should also think about their freedom when they buy a new device.

deletion attempt against the dwm article on wikipedia (comment)

-> a comment to
Wikipedia, Notability, and Open Source Software by ubunTARD.

2010-03-23
Update: I just got unblocked by henrik who also sent me an excuse for the way the whole process was handled: “…The block was partly an individual misjudgment, but also a result of the systemic culture and some poorly thought out policies. If you're interested, I'd be happy to discuss it in more detail…”. And that restores a lot of my faith in the wikipedia community — thank you very much for your excuse, henrik!
Also they are currently discussing on the incidents board how to avoid similarly overboarding blocking like that in the future.

Just as an inside notice from the discussion: I joined the first deletion discussion when I got note of it (I don't know anymore through which channel) and when it got closed, I joined the second one and got heavily frustrated when people tried to turn “he sent the developers a berliner bratwurst” into “the magazine which published his article is a first source” (which would mean it wouldn't count as source for “notability”).

In that discussion I was mostly alone, and I could only talk there, because I've been a wikipedia user since 2004, and I casually corrected smaller errors in articles whenever I happened to see them while looking something up. I was one of the many small contributors who might not write largescale articles all the time, but who do their share to improve the quality of the articles.

Most others couldn't join up, because the discussion was marked as “semi-closed”, so only longtime users could contribute. And the major contributor to the previous discussion was blocked for meatpuppetry, along with the developer of dwm (additional info) who didn't even cast a vote but only provided sources (reason: “mass ban the meatpuppets” — the dwm developer was unblocked afterwards by others).

After spending hours on refuting their claims, I got frustrated enough that I stopped discussing — and I posted that to identi.ca -> http://identi.ca/arnebab/tag/dwm

Subseqently I got blocked from editing on wikipedia “indefinitely” (except on my talk page) for “canvassing” (since when is ‘they want to delete dwm’ equal to ‘come all here and vote for keeping dwm for the following reasons…’?) and for quoting policy which says that you shouldn't contribute to a deletion discussion if you don't know much about the topic — and that I think that Psychonaut isn't in a position to judge free wm’s.

-> Threat of blocking
-> Blocked and my reply

In my view the policy that you must not speak about the deletion attempt outside wikipedia or risk a ban is even worse than nondisclosure agreements: “You must not speak about this public discussion, or you get banned for meatpuppetry and canvassing.”

I am now pissed off bad enough, that I won't go appealing for an unblock. If the powers-that-be in wikipedia don't see themselves that the block is unjustified, then the power structures in there are such that any contribution I do is on the mercy of moderators who abuse policy for harassing free software since they are not stopped by the ones who don't agree with their doing.

Every public resource run by volunteers faces the danger of falling into the hands of dedicated abusers, and wikipedia is no exception. But it is exceptionally vulnerable, since the ones who contribute content are normally not interested in the necessary day-to-day maintenance, so writers and maintainers are strongly seperated, but the maintainers get most of the power, because they are the ones who get informed of actions which concern articles they are interested in — and because they have the connections inside wikipedia.

But as if that wasn't bad enough, I think there's a third and easily overlooked group: Those who don't write full articles, but do fact checking when they come upon an article on a topic they are knowledgeable about and that way improve the general quality of wikipedia a lot (unstructured peer review). These don't take part in discussions, but mostly use wikipedia as a source, and so they don't want to spend hours on reading some new policy. Instead they generally trust that Wikipedia lives up to it's goal of collecting the sum of human knowledge in encyclopedic articles - and they do their share to help achieve that goal.

They aren't seen as huge contributors, since every one only does some few changes each year, but together they make a huge difference.

I'm mostly a member of the last group (and to some degree article author) — I'm almost sure you expected that :)

And I think that anti-canvassing rules (“don't tell people that the project they feel strongly about is in problems on wikipedia”) and overboarding deletions chase away a major part of these casual editors (don't ask for a citation - this is gut feeling and my own thoughts: “Why should I spend 5 minutes on correcting a few errors in an article on a topic I know much about, when the article could be gone in 5 months time?”).

The article authors might come regardless of the rules and try to add the topic they know much about. But the casual editors will likely be gone for good (and won't ever become authors).

And that would create a major change in the community, cutting wikipedia off from the normal people on the web. And you can imagine how that would affect the value of wikipedia to these people (the vast majority) and its resistance against being misused by some few people to further personal goals.

Besides: Who Writes Wikipedia suggests, that even the main authors are mostly casual contributors, so the effects of alienating casual users would be even worse than I write above: Wikipedia would lose it's source of information.

PS: I didn’t join in the Appeal to delete anyway. Luckily it got refuted. Clearly.

Don't completely rely on something you don't control (SaaS)

in reply to You do know you can't rely on Gmail, right?

You're citing some of the reasons why I dislike SaaS, but there's one more:

Whenever I use a SaaS application, I trust someone whom I really can't reach, and I trust him without being able to exert any kind of control.

He wants to use my data for marketing purposes? No problem - I won't ever find out, since I can't check the physical disks last accessed flag. So what about that being illegal? If I can't find out about it, why should he care? I won't ever be able to sue him.

Sure, most people are nice and law-abiding, but I prefer not to rely on everyone being honest who has access to my data on some remote server.

Sure, I can use encryption for the data I upload, but any data generated on the server will be open for the admin - regardless of the security scheme on the server, because the admin could just fake that.

So it's always back to trusting people, and I prefer not to trust others too far (nor to little).

So your company keeps its company secrets in gmail accounts? How long will it take for Google to find it, if they chance to become a competitor in the field?

If you use gmail without GnuPG encryption, you can just as well give your data directly to Google.

And the same holds true for every other SaaS solution. You can't ever trust the remote server.

It also holds true for all unfree software, by the way. You can't look inside it (or get someone else to do that), so you can't know what it does. Do you really dare to trust it?

How Drupal will save the world - Simplicity for beginners, complexity for experts - get in quick

Written in reply to: How Drupal will save the world.

I experienced the same with modules (having to search for hours), and I think I know at least two ways to make Drupal more accessible to newcomers.
A bit of background: I just setup my third Drupal page and I find new modules even now. The pages were of three slightly different but very similar types:

• A newssite, needed mostly taxonomy.
• A personal site, needed book and taxonomy, as well as themes.
• A site for a free roleplaying system. Mostly needed book.

But even though the pages where quite different, I find myself reusing most modules.

And it took me hours to hunt them down.

To make the modules more accessible to newcomers, they should be more organized.

One way to organize them would be, to give them another sorting done by type of page I want to use them for (usecase). A blog, for example, needs different modules, than a newssite. But there will be much overlap.

Then users could simply check "I want a blog. Which modules do I need?"
Still they'd have far too many to choose from and the choice needs to be simplified for first-time users. To do that, users should be able to sort modules by popularity

Ways to sort by popularity:

• Download-count: The number of times they were downloaded during the last month or six months.
• Vote: Allow users to vote for modules and show the votes.

The second way to make Drupal more accessible would be to create rich compilations. That means: Don't just offer a "general drupal, search your modules by hand" download, but also some specialized precompiled versions, best with adapted config already included.

Some ideas for downloads:

• Drupal Community Bookwriting
• Drupal Community Newssite
• Drupal Personal Webpresence
• Drupal Blog
• Drupal Webshop
• Drupal Wiki
• Drupal Forum
• Drupal Rich Community Site (Forums, Community Book, Blogs, Webshop, Wiki - the full package)

These should then be the downloads a visitor first sees, to make the Drupal site a site for users.

Examples:

• Drupal Community Bookwriting: http://1w6.org - mine, german. If you like it, I'll gladly send you the details of the setup. http://1w6.org/contact .
• Drupal Community Newssite, if not perfect: http://gute-neuigkeiten.de - my first drupal installation.
• Drupal Personal Webpresence: http://draketo.de - my second Drupal installation, misses Photo-Albums (since I don't yet need them) and similar to be a full fledged personal webpresence.

- All parts of the design on these sites are licensed under free licenses (one of them being the GPL). -

These two ideas still give experts the full power of Drupal, but enable newcomers to get a site running quickly.

If you like the idea, please feel free to contact me: http://1w6.org/contact

Howard-Taylor: A rising figure

A comment to The newspaper said it, so it must be true:

You already made the "I get paid for doing a free webcomic" rise, now next part is... ?

Some ideas:

• Being paid really well
• Having Sandra be paid really well, too
• Having a Schlock foundation which pays you for the online comic directly
• Getting a six figures income from Schlock
• Having the Schlock foundation grow enough that it becomes the Taylor Webcomic fund which pays webcomic authors all over the world
• Founding a team of Space Mercenaries and writing the comic about your actual adventures as Schlock sidekick
• Really having someone do the research so the Schlockers can beat NASA to Mars
• Learning the trick to living long enough to go on inking where no one has inked before
• Founding the Schlock colony fund which pays people to leave earth, meet interesting live forms and take over their planets :)
• Finally taking a strange scientist on board who starts the biggest intergalactic war by revolutionarizing galactic transportation.
• And at last, building a time machine and going back in time to be a webcartoonist again :)

I hope French Filesharers turn to Freenet

→ Comment to France Starts Reporting ‘Millions’ of File-Sharers by Torrent Freak.

I hope they all turn to freenet. There’s scance chance of getting many user-addresses there, and it can provide a service similar to torrents and decentral tracker in one, but anonymously and safe from censorship.

→ http://freenetproject.org

I’ve been running it for years now, and it got better and more secure every year.

The really paranoid can use it in darknet-mode: Only connect to people they know personally. Then it gets really hard to find out that you use freenet.

But even in Opennet, it’s extremely hard to find out what you share or download. Freenet is built for the needs of dissidents in repressive regimes and to avoid any kind of censorship, so it delivers sufficient privacy and anonymity for filesharers.

A word of warning, though: Compared to well-seeded torrents, freenet is slow. That’s the price of anonymity and privacy. But nowadays it’s fast enough for fansubbed anime and beats many weakly seeded torrents :)

Maybe then the media companies will learn that the way to make money with entertainmant is to make it good and personal enough that people want to give them money to make sure they keep producing more great stuff. They could learn from Howard Taylor and Schlock Mercenary.

KDE and Gnome vs...

I'm a KDE user and quite excited about KDE 4, but I think the progress of Gnome is very promising, too.

Gnome and KDE both innovate, and both push limits, and both will learn from each other.

KDE learns from Gnome and uses the Telepathy definition.

Gnome learns from KDE and switches to WebKit which originates from khtml.

Both work together under the hood of freedesktop.org

And both are moving ever faster to replace proprietary systems.

So hey, I might be a KDE user and I might care most about KDE, but Gnome and KDE are both important, because being two projects they can move in different ways, find together again and move out again and that way cover far more ground than a single project could.

I want many people to use KDE and Gnome users want many people to use Gnome.

Lets move out, then, and create guides for our users and create many great things which bring them to the respective desktop, and while we try to create a better experience than the other free desktops, we might suddenly see, that we just surpassed any non-free desktop together.

Then we can sit down, celebrate a big free software party and begin outpacing the respective other one again.

And while doing so, we can still keep contact, share ideas and work together, and we will make a difference.
- written at: http://blogs.gnome.org/desrt/2007/08/07/im-excited-about-the-future-of-g...

Killing the head of a terrorist organization doesn’t stop it

→ A comment to The Effectiveness of Political Assassinations.

Another answer why this doesn’t work is really simple: Consider that you were in a terrorist organization. You work with people in secrecy, but the ones you know are close to you, because they know your most intimate secrets.

Short: You fight alongside friends (though probably assholes by most ethical standards).

Now someone kills one of your friends.

He shown around in the media and people say how evil he was.

Now imagine not wanting revenge. Quite hard, isn’t it? A religious or power-play argument just got personal.

If it helps, imagine that the one who got killed was your father, sister or beloved one.

If it’s still hard to imagine why killing a leader is counterproductive, try to imagine that someone raped and killed your 14 year old daughter. Then he got celebrated in the media as hero. Would you manage to not start a personal war against him but to calmly go to a lawyer and accept to hear that your daughter incited him to his acts by dressing like a whore?

If this sounds unrelated: It’s the same emotional reaction, just pulled into our own cultural context. Terrorists believe that they fight for a just cause (at least if they aren’t only in it for the money). So any killing just strengthens their will to fight all out.

The only reason why killing a leader could stop the group is that the leader may be the only one whom all inside the group know and who can coordinate it. But naturally he has lieutnants who also know all, and if one of those dies, he gets replaced.

So please fight terrorism in way which works: Making sure that terrorists have no support in the general population. This naturally means that you must not be openly hostile to them.

Ask first “Why do they hate us?”, and then try to change that.

Last.fm royalties, question about free music

Written at: http://musicmanager.last.fm/contact/

Hi,

I licensed all my works under free and open licenses which permit any kind of commercial copying and reuse, but which don't permit taking away rights from the listeners.

I'd like to upload the files to last.fm, but I can only do so, if I can be sure, that no additional restrictions will be placed on the users (no DRM). Else I would violate the license agreement.

These are the terms under which I work together with other artists, so there's no way around that.

I can upload the files, but I need to know that all users will retain the following rights to my files:

• Free use for any purpose (any way they retrieve it. Paying for getting is OK)
• Free modification
• Free passing on or selling while giving other users the same rights.
• Free passing on or selling of modified works while giving other users the same rights.

Are these rights safe with you?

Best wishes,
Arne

Answer: no.

LimeWire Interview - badmouthing their own technology

Comment to the LimeWire-Interview on Slyck.

Their words, my comments (from three years of reading in and discussing on the Gnutella Development Forum (GDF):

"Gnutella has had a 2 GB file size limit, while BitTorrent excels at delivering truly enormous files."

-> That's just blabber, but it now explains, why LW wasn't that quick in closing the 2GB limit, even though the way to do it has been around for more than two years (and was posted to the Gnutella Development Forum where Gnutella developers discuss).

There is no underlying technological hurdle for sharing files with a size of more than 2GB, except for the one which LimeWire doesn't want to fix so that they can use it as an excuse to include BitTorrent.

Also Gnutella already does completely decentral swarming, and does it since more than two years ago.

The only real advantage of BitTorrent is, that it has torrent-sites where users meet and comment, but you can do the same for Gnutella (for example like http://freebase.be ).

And that the other p2p-clients don't have it.

"A Gnutella program connects to peers randomly, and broadcasts searches into its neighborhood. It can't find a file outside this neighborhood. Enter the Mojito DHT, a revolutionary new technology we've developed for LimeWire. In a distributed hash table like Mojito, the peers don't connect randomly--they organize themselves into a navigable tree. Imagine one computer has the only copy of a rare file, and another on the far side of the network wants it. With Mojito, they'll be able to find each other."

-> Except that this neighborhood is about 400,000 computers and there've been plans for years to extend it to 1 Million while reducing network traffic.

The only thing which hindered that is, that LimeWire didn't manage to get their program keep 100 connections without too much impact on performance.

And with the performance of Gnutella (traffic of only 7kB/s up and down for a fully connected ultrapeer, less then 1kB/s for a Leaf) increasing the network size wouldn't have created many problems.

-> A bit deeper: http://draketo.de/english/p2p/light/why-gnutella-scales-quite-well - if you like it, please digg it...

Still, Mojito will be a great complement to Gnutella, because it can be used to search for files and hosts _by hash_. If you want _exactly that file_, then you use mojito (aka Kademlia) and a hash string. If you want to search by keyword or tag, then you use Gnutella.

And it will help LimeWire, because other Gnutella clients won't have it at once, so they will be in front. Gnutella is an open protocol, so they need to look at all times like they are front row, else some other Gnutella client will take over their users.

I don't know, why they badmouth their own technology, but as you've seen I have some suspicions.

Never trust a company

Answer to a thread in the Gnutella-Forums.

I wouldn't begin bashing LW. They are a company, and you don't trust companies. Not because they are evil, but because they have to think of money first and foremost, else they go down and other come up front, who do. At least as long as people still buy the cheapest products, regardless of ethics.

I hold them in very high esteem for GPL-ling LimeWire and for standing up against the lawsuit.

They are a company, and that makes them non-trustworthy, but because they are a company, they can fight a battle which none of us others could fight.

Never trust a company, but don't judge them down for thinking money before morals or ethics from time to time, as long as they don't do it all the time.

And never ever deal with... - a Shadowrun saying :)

On Forums and trolls

written in the Phex Forum.

"Let them walk against a hill of politeness, and then let them slide off. Have a ban-request as forcepunch somewhere near, if they try to break the hill despite explicitely having been warned."

I try to avoid giving them a chance to justify growing angry. If they shout despite having no justification, and if they don't stop after being asked to disable their capslock (always assume the best), I try to just warn them that they'll be banned if they go on (never had to - and there was just one case where I decided to ignore a provocation instead - see our Polar Skulk forum) and just request a ban, if they don't stop.

Every post in any forum in here (not just Phex) will be read by other people, and if the tone of the posts grows too angry, angry people and trolls will flock here, because they see that provocation makes someone angry in here.

And I know, that trolls come anyway, but a hill of calmness seems to me like the best way to reduce the number of those who actually post.

And my mood is much better, when I read my own calm posts than when I read a post where I let my temper flare up.
- Arne Babenhauserheide

One Guide to rule them all,
One Guide to find them,
One Guide to reach them all
and into calmness bind them.

On keeping emotions in check

-> An answer to a distro battle at linuxhumor

Please keep your own language in check, and don't pull Stallman in here, when he isn't needed. He's got more important things to do than helping your argumentation.

If you look at what I wrote, you'll see I did never say "Your distro is bad" or anything similar.

I just said: "Your advertising is a good deal too blunt."

Why do you answer to other people who say things intended to offend you?

Or to put it differently: Why didn't you react to my post with backup information, why Ultumix is good and where it helps to convert people, cutting out the advertising language so it can be read as information?

I see that you're pissed off by Ubuntu (I don't like the "one distro to find them, one distro to ..." mindset (you told about) either, but I doubt that all Ubuntu people have it. I'm not active in Ubuntu, so I don't know much about the internals (I don't even know what LoCo means - I assume Local Coordinators or so), I just installed it for my wife, because my Gentoo might be a bit too much for her (this changed in the meantime. She now has a Gentoo, too :) )).

You're pissed off, and that's OK. I think if I had walked your way, I might be pissed, too. But it doesn't help you spread your Distro to other people.

Get a grip on your emotions - get a sandbag and hit it when you're just a bit too pissed (I do that from time to time, and unless you tested it yourself, it might be hard for you to see how very good it feels to just let out the anger at that 15kg sandbag). But stop, before your knuckles bleed :)

We are writing here, so it is possible to just sit back and have a break, which makes it easier to get a grip on oneself. At the same time we're just reading what others say, which makes it easier to misinterpret what others say, so keeping our own emotions in check (or letting them out where they don't hurt anyone but your knuckles) gets more important.

And I know I sound like a pseudo-wise great grandfather now. That isn't intentional. I'm learning my way in life myself, and I might just be wrong about it (and also about anything else I think I know), but I write it anyway, because I made some errors myself, and I want to help others not to walk into the same trap. And if what I see right now is only a necessary transition to even better ways to live, then I can at least help others reach that transition with less hardship than I had.

Powers that be - money concentration vs. democracy

-> written in reply to Bogus Copyright Claim Silences Yet Another Larry Lessig YouTube Presentation on techdirt.

This shows painfully how the powers are currently distributed.

<5% of the people have >90% of the resources, so they have more influence on the media which then influences which people are elected into positions of power, and then these elected pass laws which shift more power towards the <5%.

So the simple root of the problem is that money gets concentrated on a few people, and any selfrespecting (intelligent) democracy would have to make sure that money can't accmulate too much like that.

But guess who doesn't want laws which avoid overboarding money concentration…

Richard M. Stallman stands for Free Software

→ a comment to 10 Hackers Who Made History by Gizmodo.

As DDevine says, Richard Stallman is no proponent of Open Source, but of Free Software. Open Source was forked from the Free Software movement to the great displeasure of Stallman.

He really does not like the term Open Source, because that implies that it is only about being able to read the sources.

Different from that, Free Software is about the freedom to be in control of the programs one uses, and to change them.

More exactly it defines 4 Freedoms:

• (0) The freedom to run the program in any way you want (compare this with Windows, which does not let me start it in a virtual machine, because “the hardware changed”).

• (1) The freedom to access the source and change the program (compare this to Starcraft 2 which I can’t use in a LAN-party without having everyone connected to the internet).

• (2) The freedom to copy it and give it to others (compare that to all these iApps, which I can’t even backup easily for my own use).

• (3) The freedom to distribute my changed versions.

This is Free Software as defined by the free software movement which was initiated by Richard Stallman and which made successes like Google possible by giving them a stepping stone to build upon: Free Software users stand on the shoulders of giants.

Open Source on the other hand is often being used as name for products which don’t even fullfill freedom (1) completely. That’s why the GNU project did not take part in the first Google Summer of Code: Google required contributors to say that they work on Open Source. In the second Summer of code that was changed, so projects can now correctly identify themselves as Free Software Projects, and GNU has been taking part in the Google Summer of Code since then.

PS: But still it’s great to see Stallman in this list!

Swarming, Torrent and Gnutella

In Reply to:
http://www.computeractive.co.uk/personal-computer-world/features/2193584...

Hi,

I just wanted to add, that swarming is included in Gnutella since 2003 or something, and that it already archieved everything back then that the "new trackerless torrents" archieve today.

If you want easy to read information which doesn't need a coder to understand it, just have a look at Gnutella For Users: A guide to the changes in Gnutella for non-programmers.

http://gnufu.net

The Four Freedoms of Free Culture: Avoid Cultural Slavery

→ comment to The Four Freedoms of Free Culture on QuestionCopyright.org.

Thank you for spreading the thought of freedom in culture!

I currently don’t use creativecommons licenses on my site, because they have no source protection (you can’t exercise your right of modifying, if the work is hidden inside some non-source container, like autoscrolling flash).

Instead I use the GPLv3, for my site (draketo.de — licensing) as well as for a free roleplaying book I write (1w6.org — german).

My reason for using free licenses in all my hobby work is simple: When a cultural work becomes part of my life, any restriction on using that work takes away a part of my personal freedom.

That’s why freedom is essential for all cultural works that matter.

Becoming part of my life means that I identify with it, that it means something to me. If there’s a really cool song I listen to all day, then it becomes part of my life.

If I then can’t change and share it, when my tastes change, that part of my life is locked and my freedom taken away. Works which don’t mean something to me can’t take much of my freedom away. But if a cultural work means something to someone out there — to anyone — then it has to be free to avoid stealing that one fans freedom.

So any unfree cultural work is either useless (doesn’t mean anything to anyone) or it’s a tool for cultural slavery (stealing our freedom).¹

And I think Stallman is simply afraid. In Software he has the confidence that his work will be improved by others. In culture he doesn’t. I think that’s part of his life, and the only way to change that is to show that free culture is a success for political movements, too.

It’s hard to allow your child to spread its wings and fly on its own, and I think that for him, his manifests which spawned the free software movement are his children.

The internet means unlimited copying. What we make of it depends on us

Comment to is the web too good for us on a BBC blog:

But the web was not really free in the beginning. While its structure was open for everyone and websites bloomed and blossomed by copying code and design from others, the content of sites stayed closed by copyright.

There were many thoughts of freedom in the original web, but the structure gave more freedom than the law, and the easy copying inside the new medium still didn't reach the slow legal body of our offline communities.

Online, though, laws were first ignored, then bent and finally used to create new rules within the laws themselves.

Thus came free software a quarter of a century ago, even before the web was officially called, but already with its basic property of cheap infinite copying, when coders realized that the traditional copyright didn't fit their way of cooperating and curtailed their creative work. It spread and became the base and foundation of todays internet infrastructure, with Apache webservers on GNU/Linux computers serving its content - unbeknown to most of its users.

And from the same spring came creative commons, about 20 years later, used by artists who realize that the traditional rules do more harm than good to them.

The new digital world began before the internet was started by making the copy an integral part of even looking at data, but it grew with the internet which pushed the effects of this new technology right into the face of our societies. And so the digital world which currently finds its most well known expression in the internet is an ownership breaker by design, and many battles were fought over this most beloved and most hated feature.

You can no longer control what people do with things you put into the internet, as long as you allow them to see them. Once they saw them, if even for a moment, they could have a copy. You can only use social rules to keep them from passing on their copies, or take over their computers.

Even while I write this comment, I don't do it on your website. I write it in a local copy of your website which is stored by my browser, and I could go on writing it long after your website disappeared, as long as my computer kept the copy.

The only way around this is to go back to the analog age, where showing doesn't equal handing out a copy, or to allow some entity complete control over our computers to enforce certain rules - and over our lives which more and more move towards the digital space.

To come back to the question: The web is not too good for us. It provides more openness than many people want to provide, and far more than the law offers, but this openness gave rise to movements which shaped the openness into freedom by establishing the rule that whatever is freed must never be shackled again. They took the single inherent freedom of copying and added the freedoms of changing and using. From that source came free software which drives the internet and the Wikipedia which provides the worlds largest publicly accessable knowledge base. Creative Commons walks a similar path by always allowing the copying of the creative works, but it allows for much more control by the creator.

The internet globally removes the restriction on copying which is inherent in our analog world. Our societies and legal systems, though, will take time to adapt. If we're lucky they'll accept the internet as freedom and adapt as free software and the wikipedia did. If we're unlucky they'll try to limit the openness, either through technology or through laws. They could turn that openness from an openness for people into an openness of people, because copying doesn't only go one direction. They can just as well copy a record of every move me make and use this to create an almost perfect surveillance system with all its implications on freedom.

And they wouldn't necessarily need to establish the punishing based rules we currently have as laws. They could just as well use digital shackles, which not just disallow some action but make it impossible. The rules could be like a car which makes it impossible for me to drive faster than the law allows while my child bleeds to dead on the backseat.

So the web is neither good or bad. It's simply a world which operates on slighly different rules than the physical world, and we're still only learning the implications, promises and dangers of that tiny change of rules.

using drupal for documenting software -> blogging with a structure

-> an answer to Blog posts are no replacement for documentation by flameeyes.

Hi flameeyes,

I kinda know your problem: It's far easier to write a number of Blog posts than to write a structured book up front - and I think two major parts of that are, that a weblog provides many more "Yes, I've done it!" moments than a book and that a blog has a much lower barrier to entry.

I rather know it from the other side, though: I wrote a (german) roleplaying ruleset in a wiki, and I got very little feedback and often slacked.

My solution to that was to switch to Drupal which provides a book-style structure with (automatic) blog-style news. I now write articles which can stand for themselves but which are automatically organized by section and keyword.

I also do that for my personal page, but I think the RPG is a much better example (my personal pages are organized by content type/topic (song, poem, story, technical article, ...), while the RPG articles are more connected):

• structure example for RPG: http://1w6.org/deutsch/regeln
• blog style interface with description at the top: http://1w6.org
• blog style interface to all german stuff: http://1w6.org/stichwort/deutsch

On the righthand side you see the book navigation. the equivalent on my main page about programs would for example be:

• http://draketo.de/deutsch/freie-software/licht/mercurial "stuff about Mercurial"
• http://draketo.de/licht-lumo-light "blog style news"

A similar structure should be useful for your documentation of programs. You can even first write an uncathegorized blog post and later sort it into its place (and also move it around freely afterwards) - for example when you realize that you write more about the topic.

That way you can start with writing something about a new program, and give that program its own cathegory when you see that you're writing about it more often.

Another advantage of this is, that I began to check every single text, if it's interesting to read (cathegory pages with only a few lines of text can easily be set to not appear on the frontpage - it's simply one checkbox to untick :) - once they grow into articles in their own right, they can then be "republished" to the frontpage with updated publish-date, so they appear as new posts).

When you're happy with a free project, write a thank you!

From the Gentoo Forums:

I agree that spreading a positive 
message is good, but I've always 
been nervous to send thank you 
notes out to people I've never 
met.  
Worse, I don't want to potentially 
overload an inbox with a mes-
sage that isn't going to help all 
that much. Hopefully it would be 
received in a positve way. 

I try to remember to send "thank you"s from time to time.

Just remember that all these people are doing this in their free time, and one of the pillars of motivation is feedback and knowing that what you do is important.

For example I recently (two months ago) sent a mail to the developer of TortoiseHG in which I wrote him, that to me his Program is a revolution for version control systems, because it allows version control even for users who don't know much about their system (and added an example where I managed to use his program to work in a DVCS together with a mostly computer illiterate Windows user - and get going in just 15 minutes).

I could almost feel the happy beaming in his reply where he said even this alone would make it worth all the effort he spent on it.

And I remember my own almost unbelieving joy at having people tell me that the pen-and-paper roleplaying system I write is the best system for their one-shots. It brightens up the whole day and makes me smile much and easily :)

Naturally contributing often feels even better (people who join in, are one of the highest compliments to the project), but when that isn't possible (we all have limited time-budgets), a friendly mail - or better still: A friendly public post which will also lead others to the program - is a great way to help your favorite project!

And if it already gets very much positive feedback, you could look at all the other projects you enjoy and see if one of them could get a bit more feedback. We live through diversity, and every little program adds its share.

Especially for people who get little feedback, such a message helps very much. If nothing else, it helps the developer to see that his work has an important impact. And if the feedback is unexpected, that's even better. People who gets tons of feedback might get used to it, but people who get very little feedback can really flourish - or at least enjoy a happy smile for a few hours and think fondly of what they accomplished and look forward to doing more.

Why EMI locks channels: It’s a battle about control

To Why I Steal Movies… Even Ones I'm In by Peter Serafinowicz.

I think there’s a very simple reason why EMI remotely encumbers a channel: It’s a battle about control. The battle about who will control where, when and how people can enjoy works of art.

That battle goes against the fans (who want to enjoy stuff and pay for it on their own terms) and the artists (who want people to enjoy their stuff and pay for it).

It benefits those who want to pull money out of the revenue stream (which goes from fans to artists) even though the almost free distribution via the internet makes them mostly obsolete.

And online piracy isn’t theft. It’s unauthorized copying which, as Peter Serafinowicz very nicely explains, can even help the artists make more money. The fans get more, the artists get more, only one loses: The one who wants to take freedom from fans and artists alike.

writing together – collaborative editing is easy

→ comment to The next wave in scholarly word processors?

What I’d like to see is more people using version tracking systems.

With these you have a discussion which can be merged easily when it gets branched. I use it for anything I do, and I could use it together with an only-windows-and-GUI user with ease, installing TortoiseHG for both and Lyx for him (LaTeX made easy – you don’t have to see the sources).

• http://tortoisehg.bitbucket.org/
• http://www.lyx.org/

Just right click in a folder, call synchronize and pull and your work gets merged.

For publishing to the web and to PDF I’d use Markdown with Markdown to LaTeX:

• http://daringfireball.net/projects/markdown/
• http://johnmacfarlane.net/pandoc/ or
• http://fletcherpenney.net/multimarkdown/

Maybe with markdownify for pages which already are HTML:

• http://milianw.de/projects/markdownify/

Besides: A simple Mercurial repository with URLs as document identifiers would allow forking the web :)

For religious spammers: Shut up and help save our *planet*

-> the_gdf just got spam from a raving christian. Since I am a moderator there, I got that spam and rejected it. But because I was in a good mood, I felt compelled to answer :)

- insert random ravin' lunatic the-world-is-going-to-end talk -

*gg*

Have fun!

Me, instead, I'll rather go with the 6th world of the inkas - they were there earlier than your book.

The alternative is to just believe in science: Ecologists told us 30 years ago

"We're destroying our environment. if we keep doing this, 30 years from now the earth will warm and we'll have weather catastrophies, epidemies (through warmer climate) and much more".

Well, now it's 30 years later and we have weather catastrophies, epidemies and much more.

Also more than 30 years ago left wing economists warned us "if we keep distributing money unevenly and letting big companies run free, our economy will crash again".

Well, it's more than 30 years later, and guess what? They were right. We now have a worldwide economic crisis.

Oh, and more than 14 years ago, people tried to tell the american government "If you keep bulding up terrorists to fight against russia, these will turn around at some point and attack you". Then, 7 years ago people (including me) said "if you attack afghanistan, you will help the terrorists to find new cannon fodder and that way strengthen terrorism".

And now it's 7 years later, and the taliban and "international terroristst" are stronger than ever.

So get up from your book and look at the world. If we don't act, we let people turn our world into our own hell, so don't waste your time but act to save our world!

I don't care what your god says will happen after our dead, but if he really created this world he will be damn pissed at YOU for letting it get destroyed - and I assume that you do care about that.

And here's a little hint: Every creator god is likely to see it the same way, so even if you are wrong and some other religion which believes in a creator god is right, the only way to be on the safe side is to help keep our planet alive.

And if there is no god, then my children will thank me for helping to save their future.

That said: Don't ever spam the_gdf again or my lawyer will be happy to get a chance to sue you. You've been warned.

Which also means: Noone but me read your mail, and noone will, since it isn't going to get through.

I hope you enjoyed my answer :) I got slightly angry at the end, which I take as a warning to ignore these kinds of emails completely from now on.