not all change is progress
January 11, 2016
Direct download links:
MP3 &
Ogg
0:05:41 News
0:44:25 Android Without GApps
1:15:51 Feedback
1:26:44 2016 Predictions
Easing back into the old routine, this show we brought you up to date with the FOSS news of the last couple of weeks, discussed living with Android but without Google, caught up with your feedback, and cast our thoughts towards to year ahead with our predictions for 2016.
0:05:41 News
Solus
1.0 Released
darktable 2.0 Open-Source RAW Image Editor Is Out, Has Been
Ported to GTK3
Developers can unwrap Perl 6 on Christmas
Ian Murdock, father of Debian, dead at 42
Richard Sapper, Designer Of IBM’s ThinkPad, Has Died
Oracle Sinks Its Claws Into Android (or not)
FSF Vision Survey
Remix OS for
PC
$39 Lenovo LINK puts your phone screen on your PC (and
more)
Cyanogen
OS 12.1.1 Update (the fruits of
an earlier announcement)
Cyanogen OS Is Now Pushing Microsoft Ads to the “open with”
menu
Meet Chirimen, a Firefox OS-Powered IoT Single-Board Computer
Developed by Mozilla
PINE A64 crushing its Kickstarter goal
Meetup Thu 28th Jan at the Mulberry Bush pub (near Waterloo station) 6pm
0:44:25 Android Without GApps
We spoke with long-time listener Félim Whiteley about his experience of running Android without the shackles of Google’s app and services. Thanks for your time, Félim, and the gentle chastisement!
1:15:51 Feedback
A huge thank you to Andrew Neher for becoming our latest Monthly Supporter, and to George Hangs and an anonymous donor for your PayPal contributions. And a personal shout-out and thanks from Joe to Ian Barton for your extremely generous donation of a Nexus 5 to the cause.
Will returned to our previous conversation about Yahoo funding Mozilla, and wondered — quite reasonably — whether that really is a tenable long-term option for the Foundation?
Picking up on a couple of our recent reviews, Velt Technologies got in touch, as did both Riley Brandt and listener Ian.
Chris Phillips contacted us about home automation, and brought Domoticz to our attention.
Returning to our 2015 predictions, Jesse clarified matters on non-systemd derivatives for Hal 9009, and John Hanks pitched in on Google Plus with a hype-busting comment that met with approval from at least one of your humble hosts!
Thanks to everyone for your ongoing feedback to the show, and we hope that one of the benefits of a return to a fortnightly schedule will be that we’ll be able to cover your views in a more timely fashion. Keep them coming.
1:26:44 2016 Predictions
The time of year when we end up making ourselves look foolish is once again upon us. But was there anything obvious that we missed? Do get in touch if you think your powers of prognostication are stronger than ours.
Just as a side-note to Patty’s prediction about somebody dying as a result of a hack on an internet-of-things device…. There was an incident here in the US involving a Rolling Stone reporter by the name of Michael Hastings dying in a “fishy” accident a little over 2 years ago. There were many speculations that his car was hacked over some stories he had written or was working on at the time… http://nymag.com/news/features/michael-hastings-2013-11/
Gents, in this show I heard a phrase that struck a chord with me. “Just Another Distribution”. I think that JADed is an affliction that Linux does suffer. In some ways nice to have the variety of choice, in others not. To have a variety of choice of not quite finished products is a little disheartening. The reason Apple regained their popularity was having a complete package, albeit unpalatable to my taste: restricted and tied to attempts to lasso all users into the Apple orchard. I think that distros like the mint family have the right idea, and work well. A solid base with varying degrees of eye candy depending upon your preferences and choice of windowing manager.
As a community we need to maybe take a breath and look at how we are seen from outside. Currently a clamour of voices lacking direction other than the freedom and open source principles, which are also variable.
Unfortunately I think that the way society currently flows is that less knowledge required and ease of use is the way forward (it’s not I know) I see a dumbed down world of half baked applications that seem to work in the restrictions of the walled gardens of manufacturers becoming the norm.
Apologies for the rant. Although I guess that fits with my luddism. Keep up the good work guys, I truly enjoy the depth of the conversation that you guys have.
Regarding the Pocket integration in Firefox and if money changed hands: what I read somewhere is that Mozilla got no money for integrating Pocket into Firefox, but Pocket pays Mozilla a referral fee if you sign up for the payed tier via Firefox. Not sure how true this is, as the amount Mozilla would make wouldn’t amount to much would it? It’d be more like “pocket” change. Ha!
I was listening your predictions. You were bashing Ubuntu and convergence devices. I am not sure what you mean with convergence devices, but this is what came into my mind: https://www.kickstarter.com/projects/676993694/solu-a-new-breed-of-computing/ (Company website: http://www.solu.co/) They are not really promoting it but it is based on Linux and in some sense it really seems to be a convergence device.
Hi Oskar — we briefly talked about the Solu at the end of the news on show #59, as it had piqued my interest. I don’t remember my colleagues being particularly enthusiastic, though!
There was this guy suffering brain damage because all his bitcoin mining PCs overheated the room he was sleeping in…
On FLOSS on Android:
From the apps I use most on my android devices these are
the FLOSS ones:
– Firefox,
– K9 mail,
– antennapod,
– writely pro
– twidere
– syncthing.
For navigation there’s the mentioned OsmAnd which worked
well on my trips to Paris and Stockholm with maps I
downloaded at my home wifi.
As soon as I get around to setting up my own
CalDAV/CardDAV server (most likely choice would be
Radicale(.org) … and probably not before 2018…) the
playstore would be the only Google services I use.
The only proprietary app I need is Threema for its ease of use makes it easy to get less techy folks on there. I consider the company sufficiently trustworthy and their crypto seems solid.
Oh, I forgot VLC for music and Videos! Which is in f-droid, too: https://f-droid.org/repository/browse/?fdfilter=vlc&fdid=org.videolan.vlc ;)
You can uninstall Cortana from the latest Cyanogen update. I received the update on my OnePlus One, tried out Cortana for a couple of weeks, realized how bad it was and then uninstalled it.
Really cool interview, guys. I wonder if there are other segments you could have like this interviewing someone as a user rather than a developer but still informative.
Minor correction — there was some discussion of containers as providing siloed security features. For BSD jails, this might be true, but on Linux the popularity of containers has been driven by their reduction in the friction involved going between development and deployment of applications, with security just an afterthought (though recently security has been getting more attention).
Security was always a priority with the kernel guys, it’s just there’s a lot of whack-a-mole to do to plug all the holes. (All sorts of _subtle_ stuff like echo 1 > /proc/sys/vm/drop_caches shouldn’t cause a latency spike in other containers.)
The Linux containers stuff was invented by the OpenVZ project, which spun out of work a Russian bank did starting in 1999. This fork paralleled the mainstream kernel for about a decade, and then the OpenVZ guys started making a concerted effort to chip pieces off and get them into Vanilla. The kernel devs required a complete redesign of each one, using synthetic filesystems for control knobs instead of new system calls and so on. Of course people started using it before the port, was finished and then complained it wasn’t finished.
I was involved for a few months in 2010, and gave presentations explaining the difference between a VM and a container at the OpenVZ both at SCALE, with the goal of convincing people containers were a direction worth pursuing, not that the patches just starting to go into vanilla were particularly usable yet.
BSD jails were introduced with the FreeBSD 4.0 release in 2000, about the time OpenVZ started, ten years before the complete rewrite Linus and Al Viro and company demanded for the vanilla kernel. If you want to compare them with something, compare them with OpenVZ.
Thanks for the detailed information. I should state for the record that I am casual Linux user (use it for all of my personal and work computing but don’t administer any large scale systems), so my knowledge is just what I pick up from articles and podcasts like these.
When I said that popularity of Linux containers was driven by ease of deployment with security mostly an afterthought, I was primarily referring to Docker which became very popular in a short (2 year?) time span. I wrote “Linux containers” because that was what was said on the podcast and I think there are other alternative container systems to Docker that function similarly, but that is very sloppy since lxc (“real”) Linux containers have been around since well before Docker (though I think it’s fair to characterize them as not popular? By the way, I had never heard of OpenVZ. Is lxc the name for the stuff that OpenVZ has managed to get into the kernel, or does lxc have a separate history?). I have seen several articles along these lines that led me to think security was not an early priority of Docker:
https://opensource.com/business/14/7/docker-security-selinux
There is also the fact that Docker started out with the Docker which facilitates easy copying of containers off the internet which reminds me of copying and pasting code from a web tutorial into a terminal without reading it. Docker initially did not provide an easy mechanism for updating a container, so even if code was well siloed off it was siloed off in a container would likely remain frozen even as security vulnerabilities were discovered in the programs running in the container.
I would be curious if you make a distinction between OpenVZ/lxc and Docker regarding security. I do appreciate your point that BSD jails should be compared to OpenVZ. Also, do you think security has played any role in Docker’s popularity? My impression was that Docker’s popularity was all driven by how it helps with transitioning an application from development to deployment.
lxc was the first attempt to do userspace tools to drive the containers infrastructure going into the linux kernel. The openvz guys were only tangentially involved, it was driven by various big iron guys (IBM developers, vmware users, and people who thought creating a container requires a giant config fileto track the “deployment” rather than a lightweight thing you spawn ad-hoc as needed).
LXC needed to die starting about 6 months into the project.
It’s entirely possible _docker_ didn’t care about security, but docker is new, part of the “devops” fad. There’s container stuff built into systemd, I’ve got some (very) basic container support in toybox, there’s coreos and rkt and lots of other stuff.
I was surprised that in your predictions (also last show, http://linuxluddites.com/shows/episode-68/ ) that it didn’t get a thumbup for Jessie’s prediction (“a major security bug”) when a few weeks before your show, the GRUB 2 vulnerability was released, and recently patched. I didn’t hear this on any Luddites episode actually.. :) Just press backspace like 24 times, was it? (or was it up up down down, left right left right B- A start !!:) ) — to get sub-root on any machine with physical proximitiy. Combine that with some other bug, or some part of intels remote-access bios stuff.. and you can even do this remotely possibly…?
keep up the great shows boys!!
Dear Luddites,
Thanks for having Mr. Whiteley on the show. I think you missed his main point, he does not like depending on Google to have access to his data. I have my own tale of woe on that front.
I used to have a number of Palm Pilots, for my data. I had everything in there — email, contacts, calendar, notes. It was incredibly useful, and the data was always backed up on my desktop machine. I would only lose my data if both my Pilot and my Desktop were lost, stolen, or damaged. And I always had a spare Pilot around anyway. Heck the Pilot even communicated quite nicely with Linux via the J Pilot software. Then Palm went belly up, I could not find replacements; and my data was trapped in a dead device.
I ended up laboriously copying the most important addresses into my paper address book, and using a paper weekly planner. I still have not found any solution at all app-wise to synchronize my data from my phone to my PC. I don’t *WANT* my data in the cloud. I’m not afraid of the NSA or Google snooping around in my life — they’d be bored to tears. What I *DO* fear is losing access to my data, because of a court ruling that Google can’t use my data in ways that they make money, causing the company to pull the plug on their services. Or even Google just changing focus and deciding to drop various services in favor of something else. They’ve done that frequently in the past, even with very popular products and services.
I also object to Google making money off my personal data, but my main objection having been burnt with the Palm Pilot is losing my data. My current solution is fairly fragile — I lose my planner or address book and I lose my data. I have a Windows Phone — a Nokia Lumia 635 that I can thank Joe for alerting me to. It has that critical MicroSD expansion slot, and a cheap (under $50) price point that I find critical. I don’t like spending much on a phone, and I like having lots of memory to put my music, photos, and podcasts. Yes I listen to Linux Luddites on the Windows phone. [Also the Pi Podcast!]
I would appreciate it if you could post links to the apps that Mr. Whiteley uses in a future show notes; I realize that being on Windows Phone is like a lonely island (at least I get fairly regular security updates); but I would love a solution that allows synchronizing between my PC and my phone. Hopefully one that is Linux friendly. Hopefully some of the apps Mr. Whiteley uses are available on the Windows Phone store as well.
PS, for users of Windows phones with MicroSD expansion cards, the package gphotofs will mount the expansion card no problem. Just make a directory your user account has full ownership permissions, then mount it with:
gphotofs /path/to/user_directory/
It will mount the entire phone, main memory and SD card under that directory. Thunar works fine with it under XFCE. At least for me. I use Xubuntu 14.04.
To unmount, simply use fusermount:
fusermount -u /path/to/user_directory/
Thanks. Have a happy new year Luddites!
I agree Perl is uninteresting, but I personally stopped shipping any Python code due to the 2.x/3.x split. I have no interest in Python 3 and don’t consider it the same language, but the language developers are committed to burying Python 2 in a sea trench and chasing existing developers off of it. The problem is, leaving python 2 doesn’t mean going to Python 3, let alone the eventual complete rewrite when Python 4 comes out.
I still bang out the occasional quick Python 2 script to mangle files, but if I ever have to check something into a repository I use a different language. I can’t guarantee Python 2 will be installed on the target system.
A python 3 advocate recently compared its adoption process to the Kubler-Ross five stages of grief, clearly a ringing endorsement. Linux Weekly News’s article on that post (https://lwn.net/Articles/669768/) has twice as many comments as the “bitcoin has ended” post on same site (https://lwn.net/Articles/671980/), and the post where half the “debate” is a single vociferous defender telling everyone else they’re wrong is _not_ the bitcoin post.
What language(s) do you use instead?
Personally, I love Python 3 and use it a lot. I do still write more Python 2 than 3 though, and I agree that it is a different language. Maybe when Python 4 comes out I will finally get burned enough to leave Python.
For deployment? Shell scripting and C are my first choice because they’re most portable; if it’s a Linux box, both should just work. If I need a gui, do in a browser as javascript (my choice of gui toolkit is Not Going There), although I’ll probably be forced to get back into Java for android apps at some point. Last time I had to recommend a scripting language for a bespoke embedded system (something we’d install ourselves so could depend on it to be there) I recommended Lua.
For me Python’s dropped down into the “Ruby, Go, Swift, Rust, PHP” pile of languages I really haven’t got a _reason_ for unless you’re extending an existing project already written in it. And that’s _entirely_ due to Python 3 forcing me off of my comfortable reliance on Python 2.
Rob
Thanks guys, Great show! I really like this longer format better.
I especially enjoyed hearing Félim talk about using Android with F-Droid and without the google stuff. I also ditched gapps sometime ago and I pretty much share his opinions. When I first removed google from my phone was the first time I felt like the device really belonged to me. One thing I don’t remember Félim mentioning though was that Android runs much faster without the google services. Even old Galaxy S is still snappy running Kitkat.
Currently I’m running Sailfish but a great chunk of my apps still comes from F-Droid and I’ll probably switch back to Android if Jolla someday stops with the regular safety updates.
I also think the point Joe made about Félim’s phone not being his primary computing device would hit me spot on. For me the phone is very much a secondary device I use in addition to a laptop. Maybe this will change someday when security of the phones gets better and more transparent. Currently none of them just are mature enough for me to trust them with important data.
Looking forward to the next show!
Comments are now closed.
The content of this website, and that of the podcasts produced by the website owners, is licensed under the Creative Commons Attribution-NonCommercial 4.0 International License.