Apple has patented a piece of technology which would allow government and
police to block transmission of information, including video and photographs,
from any public gathering or venue they deem “sensitive”, and “protected from
In other words, these powers will have control over what can and cannot be
documented on wireless devices during any public event.
And while the company says the affected sites are to be mostly cinemas,
theaters, concert grounds and similar locations, Apple Inc. also says “covert
police or government operations may require complete ‘blackout’ conditions.”
And those who think that this is not coming for Android in the future are
deluded. If Apple managed to get this technology into the field, it is only a
matter of time that Android handset manufacturers are forced to incorporate this
as well. If the technology exists, in today's post 9/11 world, it is difficult
to resist government pressure on such matters.
Of course, it would be interesting to see the security features for this tech,
as this is very likely to be abused - by repressive governments (read, every
one) as well as criminal enterprise (recording-free drug zones everybody?)
Who said the field of security cannot have humour! An Android app to
control the commode in Japan (you know the
land of fully programmable toilets, I kid you not) has announced a
vulnerability because the bluetooth pairing code is hardcoded.
Curious about several peculiar Apple related 404 errors for images in my web
server logs, I decided to find what is going on, and became knowledgeable about
yet another nugget that I really didn't want to know. (sigh)
Just now read a rather disturbing article from Sophos security. The
article describes the interpretation of the law by NSA and some of the internal
policies that they use in surveillance.
They also reveal that courts don't always determine who's targeted for
surveillance because that discretion is practiced by the NSA's own analysts,
with only a percentage of decisions being reviewed by regular internal audits.
To make those decisions, NSA analysts use information including IP addresses,
potential targets' statements, and public information and data collected by
In the absence of such information - for example, if a potential target
is using online anonymity services such as Tor, or sending encrypted email and
instant messages - agents are encouraged to assume that the target is outside
This is the part that needs to be emphasized again and again - all this hullaboo
in USA about NSA's surveillance is about snooping on American citizens. If you
are not one, you have no rights at all and NSA has no limits to what they can
sniff out of you and how long they can keep that info. I know, it is pretty much
common sense, but when I see Indians getting all worked up about this
revelation, I sometimes feel that some of them don't get this.
So coming back to the article, if an American is using Tor or
encrypted email or encrypted chat messages, unless the American has been
positively identified as an US citizen, he will be treated like a foreign
person - essentially with no rights.
And this part is interesting:
If communication is encrypted - particularly if a US person is using certain
types of cryptology or steganography known to have been used by "individuals
associated with a foreign power or foreign territory” - the NSA is free to
collect it and store it "indefinitely" for future reference and cryptanalysis
That is a loophole right there in my opinion - will they still keep the crypto
data if they already have the means to crack it? :-)
High Scalability had an interesting link today about a project that combines
Raspberry PI, btsync and owncloud to create
essentially a personal Dropbox replacement with none of the costs or the storage
limitation. Also very importantly, keeping up with the hot topic nowadays, the
peace of mind from knowing that you are not making it easy for intelligence
agencies to go through your most important and personal data.
The players in this solution here are:
btsync: A still alpha lab product from the original bittorrent
creators, which allows you to securely sync a folder between multiple devices
owned by you. Ready to use binaries are provided for all the major platforms
(desktop and mobile) as well as several ARM architectures (which is where
Raspberry Pi comes in). The UI interface is not great, which is probably why
the next piece of the puzzle comes in - Owncloud. But if you really want the
basics, this is all the software that you need for a synchronized folder
among multiple devices.
Unfortunately, btsync is notOpensource software.
So it is entirely upto you who you trust more - Dropbox or Bittorrent Inc.
Btsync is reported to phone home for version check
and uploading anonymized stats. I have looked around. btsync doesn't have any
open source competition yet.
Owncloud: This is actually a standalone application for sharing
your files via a dropbox like web interface. It has an extensive list of
features - sync between devices, multiple user support, file
versioning, undelete, Lucence based search, shared calendar, tasks,
data migration/backup and many more. Most importantly, this is Open source
software, with all the code available on github.
One question that came to my mind after reading the feature set is that
Owncloud already had a multiple device file sync feature. So
why would you need btsync?
From reading over the net, it seems to me that btsync is considered to be
more reliable as a file sync client. So the idea is to use btsync everywhere,
and on one of the devices, use owncloud to provide the interface to
serve/edit files over the web.
So how does Raspberry Pi - the overnight micro computing sensation
fit into all this? This is because of the way Bittorrent works. For uploads
to happen for a torrent, you need one seed up with the complete data. Since
btsync is essentially multiple torrents bunched together, it needs a seed as
well. And if all your devices are mobile and not always on, there is a good
chance that when you need a file, none of the other devices are up and
you are cut off from your data.
The solution is simple, have one of the btsync devices to always be running,
essentially acting like the seeds for your data. If this always-on computer
is a mind-numbingly low 6 watts burning tiny box hanging off a wall socket,
well .. you can see the appeal of R-pi.
But I already have an always-on device - my Synology NAS, which also
happens to be an ARM device. So to try it out, I downloaded the PPC version of
btsync and tried to run it - no luck. The btsync binary is a glibc2.4 binary
while the NAS firmware is glibc2.3. btsync uses inotify on glibc2.4
and therefore will never support glibc2.3, so I am out of luck here.
./btsync: /lib/libc.so.6: version `GLIBC_2.4' not found (required by ./btsync)
The one thing I am yet not comfortable with Raspberry Pi, is its lack of a
shutdown switch. Raspberry Pi is perfect for headless usage and with a USB wifi
dongle, the only wire it needs is the charger. However to shut it down properly,
you cannot just turn it off. Just like any other Linux machine, you need to
execute the shutdown command which will unmount the filesystems cleanly before
turning off the machine. Mess this up, and you will end up with a filesystem
which needs an fsck on bootup and the machine will not boot without you using a
keyboard and console to fsck the filesystem.
Till I get myself a hack to shut R-Pi headlessly in a clean and convenient way,
I just am not to comfortable using it for serious applications, let alone touch
my precious data. There is a nice discussion on raspberry pi
forums that I need to readup to do this, and a few blogs (like
this) already provide various ways to do that. I just need to
find some time to go through all that.
Another "hey there is a term for it" moment today!
Years ago when I was running a business of my own, my intention was never to be
wildly successful. All I wanted to do was to make my ends meet, learn a lot of
stuff, do a lot of work on stuff that really interested me, and work in a way
that made sense. After giving this some time, and when I am somewhat
self-sustaining, the next stage was to organically scale up with a set of
productized services (as an Opensource focused company normally does) which
will fund the next stage which was to come out with actual products which really
rakes in the moolah. Being an overnight sensation was neither my style, nor did
I consider it practical.
The common response I got from anybody who wanted to give advice on how to run
my company (read everybody) was on the line of:
You working alone? Why? Get some staff, grab a few high profile jobs, approach
some VC and then ramp up. That way, you don't have to run around doing
collections and focus on your work.
When I put forward my intentions, there were generally two reactions - either
one of confusion (what the heck is this guy trying to do?) or smirking
condescension(this guy is not serious about business).
Over years, I have met and read about several individuals who think about
running a business the same way. Unless you have a brilliant web/mobile based
idea which has network-effect friendly features, it really doesn't make sense to
me why you would effectively hand over part ownership of your company to someone
just because you are impatient and want to get big/rich quick.
Turns out this thought process has been given a name - ramen profitable, by
the startup guru Paul Graham (article). He defines it thusly:
Ramen profitable means a startup makes just enough to pay the founders' living
expenses. This is a different form of profitability than startups have
traditionally aimed for. Traditional profitability means a big bet is finally
paying off, whereas the main importance of ramen profitability is that it buys
There are several advantages to this business model.
You are no longer at the mercy of investors, and have a partner who has a
different term view of the investment. You invest with your time, effort and
money for the long term, they invest with their time and money for their window
of investment (which is generally more short term).
You make yourself more attractive to investors by showing seriousness and
fiscal discipline. You also show a working model by having paying customers -
it is no longer a theory that you need to pitch to investors.
It is great for the morale for both the founders and the staff. Work is
lesser of a gamble if you are being paid by company income rather than by the
This is not a permanent business model as Paul points out repeatedly.
It does not, for example, imply that you're "bootstrapping" the startup—that
you're never going to take money from investors. Empirically that doesn't seem
to work very well. Few startups succeed without taking investment. Maybe as
startups get cheaper it will become more common. On the other hand, the money
is there, waiting to be invested. If startups need it less, they'll be able to
get it on better terms, which will make them more inclined to take it. That
will tend to produce an equilibrium.
Ramen profitability is not the destination. A startup's destination is to grow
really big; ramen profitability is a trick for not dying en route.
I believe that if you are starting off on your own, you don't necessarily have
to keep the flipkarts and facebooks as your idols. This is much more sane advice
if you are in for the long haul.
In a sensational release yesterday, Guardian has revealed scary
details of how Microsoft has been collaborating with NSA to give access to its
customer data for PRISM purposes. The extent of privacy breach is shocking:
Access to data before encryption for Outlook.com and Hotmail emails and
Access to its cloud storage Skydrive
Access to not only Skype voice calls but also video calls
Apparently all this data is routinely shared between FBI and NSA.
The information the NSA collects from Prism is routinely shared with both the
FBI and CIA. A 3 August 2012 newsletter describes how the NSA has recently
expanded sharing with the other two agencies.
The NSA, the entry reveals, has even automated the sharing of aspects of Prism,
using software that "enables our partners to see which selectors [search terms]
the National Security Agency has tasked to Prism".
The document continues: "The FBI and CIA then can request a copy of Prism
collection of any selector…" As a result, the author notes: "these two
activities underscore the point that Prism is a team sport!"
Hmm, so I guess nowadays the point of encryption while using mail, Skype, chat
etc is only about hoping that bad guys (???) will not snoop on our data. Big
brother already has all the access it needs.
There is no doubt that Wordpress is a wonderful blogging system. But being a
dynamically generated website, all the nightmares of scripting languages kick
in. Patches come regularly to Wordpress and until you login and update, it keeps
nagging you inside and ruins your happiness.
There is an alternative - hosting on wordpress.com directly. But not only does
it cost unnecessary money (I already have a shared hosting account), it is also
severely limited by what you can run on it - no plugins or themes or custom
I manage several WP blogs now, and for a long while I have been looking forward
to moving to a static blog generation system. After all, the only dynamic part
of a blog is the comments and I anyway outsource it to
I looked at Python blog generators first - because such frameworks are often
extended by using the same language as the framework itself, and I am most
comfortable with Python. I looked at Pyblosxom and Hyde.
Not quite satisfied with the current state of these, I looked at generators in
Github has popularized Jekyll a lot, so I looked at that first. While
it was great, it still required you to write a decent blog theme from scratch.
And then I discovered Octopress. This used Jekyll, but came with a
standard theme which looked good and was also well designed for mobile. All
these frameworks use Ruby and since I was anyway picking up the language, it
wasn't so bad.
I exported the data from wordpress using its own export tool, and then converted
it to Jekyll using the exitwp tool which converted wordpress' html
source to markdown format. For a Jekyll utility, amusingly exitwp is written in
Python and makes you install a bunch of python libraries to work.
Some layout tweaks here and there and some additonal sidebar content later, my
new blog is ready!
The only gripe in this whole process is that many of the images were broken.
Wordpress used to upload images into its own uploads directory. I could have
copied that directory and fixed my problem, but I wanted a clean break from
wordpress so bad, that I decided to move the images to a common blog images
directory. I used a quick and dirty perl script to fix the links, but I suspect
I will still be finding out some image 404s.
Till then, with static html out there on my blog, some peace of mind.
For a while I have been puzzled why Nautilus doesn't allow me to simply unmount
an USB pen drive from the context menu. The only options I could see for USB
pen drives was - eject and safely remove drive, which was puzzling on its
own as them meant the same to me.
Selecting "eject" or "safely remove" drive does the same thing for USB drives -
it unmounts the drive and powers it down. To mount it again, you will have to
physically detach it from the USB socket and attach it again.
This trips up several things - it doesn't allow me to remain in GUI land for
any use case involving simply unmounting the volume but not detaching it.
Applications like gparted, unetbootin, palimsest which I use frequently cannot
access the device after it has been "safely removed".
The only GUI way to simply unmount but not detach the USB device seems to be
either using gparted or palimsest itself. While I can do that, it seems silly
why I would need to open a different application to do something so basic in an
Unix system - unmount filesystems, something which we have always been able to
do from the earliest of desktop environments.
After ignoring the issue for months(probably years), I decided to find out why
the UI was the way it is. And I found this Gnome bug and
this one which gave me all the answers.
Here is the gist of the bug:
eject is meant for unmounting and removal of media from CDROM like devices.
Unlike "unmount" which works only on a single volume, "eject" will unmount
ALL volumes on the devices so that it can be removed physically. However,
since USB pen drives sometimes advertise their nature as removable, Gnome
cannot find out if the device is really removable or not. So this option is
made visible for all USB pen drives. On pen drives, it does the same work as
"safely remove" it seems.
safely remove is meant for unmounting the media and powering off the
device. Using this on USB attached CDROM devices will end up shutting down
the CDROM drive in such a way that it would only come back on after a reboot.
So, this option will NOT be shown on CDROM drives. It would however be shown on
unmount: Now this is the most outrageous thing I found in the bug. The
opinion of the developers was that this option would be confusing for the
users (especially when they are already confused between the previous two
options), and therefore removed completely from the UI. In the words of a
developer on the bug:
We could also nuke the "Unmount" option and just tell people to use a
terminal instead for doing that (or Palimpsest). I don't know if that's
screwing over existing users too much though (I'm personally fine with it).
I think what the developers are missing is this - using the GUI is not just for
dumb/less technical users. It is also a productivity enhancement for power
users! Opening a terminal, finding out the mount point and unmounting volumes
can always be done from the terminal, but why should a historically common
operation be removed from the GUI which lets us power users get our work done
in two clicks? In this particular case, there is already a dead simple way for
non-technical users - there is an eject button right next to the device icon!
I am really worried that soon the desktop UI will get so dumbed down that it
will be quite unusable for power users on it.