Tech

  • Weak crypto keys in NetBSD

    Steve WoodsOpen Source, Tech

    NetBSD logoA serious error has occurred in the random number generator in free Unix derivative NetBSD, which can result in the system’s cryptographic keys being too weak and allowing them to be cracked, German IT news website Heise reports. The cause is misplaced brackets in the program code of the NetBSD kernel. The developers have made a kernel update available to preclude the problem in future. In addition, they are recommending that users of keys produced with either NetBSD 6.0 or the current version of NetBSD change these as a matter of urgency.

    The programming error can result in the system producing random numbers which are not particularly random. This danger is especially great if the system is just booting as the system has very little entropy available at this time. The problem has particularly serious effects on 32 bit platforms where cryptographic keys containing only some 32 bits entropy are produced under these circumstances. The resulting 4 billion possibilities can be tried in turn. NetBSD 6.1 will remedy the error.

    In particular, keys for SSH servers (which are normally produced at system start-up) are definitely affected. All SSH server keys which have been produced on NetBSD 6 systems should be changed as a matter of urgency. Since the ECDSA algorithm was first introduced with version 6, the relevant keys are very likely to be weak.

    Full details of the problem can be found in this NetBSD security advisory notice.

  • Ubuntu Kylin is to become reference system in China

    Steve WoodsLanguage, Linux, Open Source, Tech

    Ubuntu logoAccording to German IT news website Heise, the Chinese Ministry for Industry & Information Technology has selected Ubuntu as the basis for its reference architecture for operating systems. The China Software and Integrated Chip Promotions Centre (CSIP), part of the Industry & IT Ministry, Ubuntu manufacturer Canonical and the Chinese National University of Defence Technology (NUDT) are working to adapt the Chinese Kylin variant of Ubuntu to the requirements of the Chinese markets under the aegis of the CCN Open Source Innovation Joint Lab.

    Ubuntu Kylin is to appear in April this year together with Ubuntu 13.04 with support for the input of Chinese symbols and the Chinese calendar and will integrate Chinese web services. The integration of Baidu Maps, the Chinese Amazon competitor Taobao, payment processes for Chinese banks and Chinese timetables and flight schedules is planned for subsequent versions. In addition, the WPS office suite, which is popular in China, is to be adapted for Kylin.

    Ubuntu Kylin is to be widely used as the reference for a flexible, open operating system. The announcement of is part of a Chinese five year plan which should promote the use of open source software and speed up the development of an open source ecosystem.

  • UK Parliament: no open standards here

    Steve WoodsOpen Standards, Politics, Social Media, Tech

    Did you know House of Commons Select Committees only accept submissions in Microsoft’s proprietary formats?

    Today in my Twitter feed I read a tweet announcing the deadline for submissions to the Transport Select Committee for a new inquiry on local authority parking enforcement.

    Reading through the notes on the submission of written evidence, I was struck by the following:

    2. Evidence should be submitted by e-mail to transev@parliament.uk in Word or Rich Text format, with as little use of colour and images as possible. If you wish to submit written evidence to the Committee in another format you must contact a member of staff to discuss this.

    image of Parliament's crowned portcullis
    Parliament: we’re a Microsoft-only shop.
    Both Word and Rich Text format are Microsoft proprietary file formats. How long they remain readable is totally in the hands of a private American corporation whose first concern is making a return for its shareholders, not preserving the proceedings of Parliament and its committees for the benefit of future generations.

    For those future generations, I’d recommend that parliamentary select committees start accepting submissions in other, non-proprietary formats, such as plain text or open standards such as Open Document Format. The latter is an internationally accepted standard (ISO/IEC 26300:2006/Amd 1:2012) and is being widely adopted by other governments and official bodies (such as NATO, where ODF use is mandatory. Ed.) around the world for official document exchanges.

    Finally, the notes give no details any member of staff for the public to contact for submissions in other formats.

    Update: Since alerting the Transport Select Committee to this post via Twitter, I’ve received the following reply from them:

    Interesting post. We’re happy to accept other formats- and do – as long as we can process them using the software we have. We will certainly pass your points up the Committee Office chain to see if more can be done to accommodate this.

    Thanks, very much folks. I’ll await developments with interest.

  • Budget shocker: “one pence”

    Steve WoodsPolitics, Social Media, Tech

    Gidiot Osborne looking smarmyToday was a momentous day for George Gideon Oliver Osborne (aged 41 and three-quarters), a man who does Chancellor of the Exchequer impressions. Firstly, he joined Twitter. Needless to say, there was the usual warm Twitter welcome for politicians, as evidenced by the use of the hashtag #gidiot. Those using the hashtag were slightly more polite than other reactions to George’s embracing of Twitter.

    Secondly, it was also the day of the Budget. In summary there was very little to cheer about, except the abolition of the beer duty escalator.

    However, what made me cringe while listening to the Chancellor’s speech live on radio (apart from his whining, grating tone. Ed.) was his language: at one point near the end, I distinctly heard him refer to the amount of “one pence“.

    Now, George isn’t exactly the sharpest knife in the drawer, but one would at least expect the Chancellor of the Exchequer to know the difference between penny and pence.

    Since the end of the budget speech itself, BBC Radio 4 news readers have also reiterated Osborne’s ‘one pence’ blunder – repeatedly. 🙁

  • Python Software Foundation reaches settlement in trademark dispute

    Steve WoodsOpen Source, Tech

    Python logo image
    Python – saved for software in the EU
    The Python Software Foundation blog announced yesterday that an amicable settlement had been reached in the dispute over the Python trade mark in Europe (posts passim) between the Foundation and PO Box Hosting Limited, which trades as Veber.

    The dispute centred around Veber’s use of the Python name for its cloud hosting services and its application for a figurative trademark incorporating the word “Python”. While the Foundation is the trademark owner for Python in the USA, it did not have a filing within the EU. According to the terms of the settlement, Veber has withdrawn its trademark filing and has agreed to support the Python Software Foundation’s use of the term.

    The amicable agreement reached between the two sides will result in a rebranding of Veber’s Python cloud server and backup services, which continue to be available at http://www.veber.co.uk. Veber will rebrand the Python services later under a yet to be determined name.

    “We are happy to come to an agreement with Veber,” said Van Lindberg, chairman of the Python Software Foundation. “What the PSF wants most is to support the global community of Python developers. To Veber’s credit, they were willing to recognise the Python brand without protracted negotiations. We are grateful for Veber’s support and we wish them luck in their business.”

    The Python Software Foundation expressed its thanks the Python community for its support throughout the dispute, both financially and through their campaigning across EU member states.

    This is a repost from Bristol Wireless.

  • Whatever happened to netiquette?

    Steve WoodsOpen Standards, Tech

    Picture the scene: 3 gently maturing Bristol Wireless techies sat in the pub having a post-lab pint. Between us we’ve got some 6 decades’ worth of experience in using the internet, having started back in the days of dial-up access.

    Two of us have some experience of web development: one in a professional capacity, the other purely amateur but enthusiastic. We recalled how we used to craft web pages by hand (none of your bloated WYSIWYG rubbish! Ed.), especially since in the bad old days of dial-up, access was paid for by the minute and the baud rate of dial-up modems made snails look speedy. Lean, hand-crafted HTML loaded more quickly.

    Back in those days, plain text email also loaded more quickly than HTML (also referred to as ‘rich text’) email. The former didn’t have the latter’s mark-up tags. This led us naturally onto the topic of netiquette.

    We noted its sad decline on just about every mailing list to which we subscribe. Many years ago, people would have had the error of their ways pointed out to them – particularly on lists with a high nerd factor – if they used HTML email or top-posted replies; plain text emails and bottom-posting being the accepted standards. Indeed, committing either – or both – of these transgressions would be tantamount to ‘flamebait‘.

    Discussion threads were another source of controversy: in no way should a departure from the original topic of the thread be broken.

    Back in the mid-1990s communication via email was still a relatively new affair and in 1995 the Internet Engineering Taskforce (IETF), whose goal is to make the internet work better, attempted to lay down some basic rules for communication via the internet in RFC (Request For Comments) 1855.

    Even though it’s now nearly two decades old, RFC 1855 contains some good, practical advice about online communication, most of which is plain common sense; for example:

    A good rule of thumb: Be conservative in what you send and liberal in what you receive. You should not send heated messages (we call these “flames”) even if you are provoked. On the other hand, you shouldn’t be surprised if you get flamed and it’s prudent not to respond to flames.

    As regards ‘flaming’ itself, RFC 1855 has some sound suggestion to make too:

    Wait overnight to send emotional responses to messages. If you have really strong feelings about a subject, indicate it via FLAME ON/OFF enclosures.

    I have put this advice to good use myself: every now and again I’ll clear out my email drafts folders and surprise myself at what I almost sent. 🙂

    One more element of our conversation is perhaps worthy of mention: the digital native. This creature – usually under two and a half decades in age – has spent its entire life in a world of networked communication, but oldies such as me do wonder if it’s even heard of RFC 1855, let alone uses its guidelines in online exchanges. If you’re one that does, comments are welcome below!

  • “Hopelessly incompetent”

    Steve WoodsLanguage, Tech

    At the end of last week, Judge Richard Bray branded Capita “hopelessly incompetent” after he was unable to sentence and expedite deportation proceedings against a Vietnamese drug king because no interpreter arrived at Northampton Crown Court, according to a report in yesterday’s Sunday Express.

    The same report also revealed that Capita Translation and Interpreting, which is making a shambles of providing interpreters for courts and tribunals (posts passim), is using its Capita Polski call centre in Wroclaw, where its 500 Polish staff are meant to match requests for linguists on Capita’s register who are then called or e-mailed with offers of work. However, this is also reported not to be working very well.

    How much longer before the whole Capita/ALS/Ministry of Justice Framework Agreement comes crashing down; and more importantly who’s going to be left to pick up the pieces?

  • More everyday sexism: ePad Femme

    Steve WoodsOpen Source, Tech

    Dubai-based tech company Eurostar Group knows exactly what women want (apparently. Ed.) and has designed a tablet especially for them – the ePad Femme. Eurostar itself calls the ePad Femme “the first tablet specifically for ladies.”

    The ePad Femme is an 8-inch tablet running Android 4.0 Ice Cream Sandwich and comes pre-loaded with a light pink wallpaper and apps concerning yoga, grocery shopping, and cooking, as shown below.

    image of ePad Femme
    Don’t like yoga, shopping or recipes? Ever thought of buying another tablet?

    Speaking to the Jerusalem Post, Mani Nair, Eurostar’s associate vice-president of marketing, said the tablet comes with pre-loaded ‘womanly’ applications so the user can “just turn it on and log in to cooking recipes or yoga”, adding that the ePad Femme “makes a perfect gadget for a woman who might find difficulties in terms of downloading these applications.”

    Needless to say, such sexism has hardly been greeted with enthusiasm by women tech writers. For instance, Casey Johnson has a piece on arstechnica entitled “Finally, a tablet simple enough for a woman to use </sarcasm>”.

    However, such criticism seems likely to fall on deaf ears in Dubai.

  • LibreOffice 4.0.1 released

    Steve WoodsOpen Source, Tech

    Yesterday The Document Foundation blog announced the release of LibreOffice 4.0.1 for Linux, MacOS and Windows. This follows the release of LibreOffice 4.0 at the start of last month (posts passim).

    image of LibreOffice Mime type icons
    LibreOffice for all your office suite needs: word processing, spreadsheets, presentations, database, drawing and formulas

    The Document Foundation describes the new release is a step forward in the process of improving the overall quality and stability of LibreOffice 4.0. However, for business use The Document Foundation suggests the more solid and stable LibreOffice 3.6.5.

    Nearly 100 bugs have been fixed in the 4.0.1 release, according to the release notes.

    The Foundation’s Documentation team has also released a “Getting Started with LibreOffice 4.0” guide. This is available in PDF and ODF formats from the LibreOffice website and as a printed book from Lulu.

    LibreOffice 4.0.1 can be downloaded from the LibreOffice website, whilst extensions for LibreOffice are available from the extension repository.

    LibreOffice Impress Remote image
    Now available from Google Play
    In addition, the release has been announced of LibreOffice Impress Remote (posts passim), which will allow users to control Impress presentations from an Android smartphone. LibreOffice Impress remote is now available free of charge from Google Play for all platforms – Linux, MacOS and Windows, whilst instructions for its use can be found on the Document Foundation wiki.

  • LibreUmbria’s 5 good reasons to switch to LibreOffice

    Steve WoodsOpen Source, Open Standards, Tech

    The LibreUmbria blog features a new post today entitled (in English) 5+5 good reasons to adopt LibreOffice. The 10 reasons themselves are split between those for end users (PDF, Italian) and administrators and managers (PDF, Italian).

    image of LibreOffice Mime type icons
    LibreOffice for all your office suite needs: word processing, spreadsheets, presentations, database, drawing and formulas

    The post also features a fine graphic setting out 5 of the reasons. These are:

    • Quality. When using Office, you will happen to notice that the 2000 version is being officially dropped. This is because there is a new licence to acquire for each update for commercial software. LibreOffice is a product being continuously improved because it is the users who ask the developer community to fix bugs and add and simplify its features. LibreOffice is a product that shall never run out.
    • Freedom. LibreOffice is free software not linked to any company in particular. It can be freely used without limits and conditions imposed by user licences. You can install LibreOffice on your home computers, you can give to a friend and download it free of charge from the internet.
    • Training. Switching to LibreOffice means being able to take a training course which will teach you all the functions you need to know about.
    • Open format. With LibreOffice we use an open format (.odt) instead of .doc. You’ve surely never thought of it, but open formats ensure accessibility in the long term, but above all ensure transparency of the data exchanged; distributing content different from that which you seen on the screen will never happen with .odt.
    • Help. When you start working with LibreOffice you can always count on help from a colleague, as well as its large developer community, research centres and companies ready to fix any bugs in the working of the software.

    As previously reported, Italy’s Umbria region has a project to migrate 5,000 public sector workers from MS Office to LibreOffice (posts passim).

Posts navigation