Maemo profile changes and community council

maemo 1 Comment

A couple of major things are happening around Maemo just before my holidays (oooh, scary) – first is that we recently rolled out some improvements to Maemo profiles – there are many new fields, including IM and IRC usernames, and the possibility to enter multiple email addresses for karma, and in general we prettied things up.

One new field is the company that people work for – and this is particularly useful in the newly spruced up  profile ranking page – previously this page listed only usernames and karma, it now includes company and real name, allowing you to see at a glance where contributions are coming from. Of course, for this to be really useful, now that the fields are there, we need more people to fill them in ;-)

The second big thing is the inaugural Maemo community council election. The entire Maemo community will be electing 5 people from among the most active community participants to represent the community’s interests to Nokia, and to co-ordinate community initiatives.

Nominations are open now – anyone with over 100 karma points can nominate themselves by sending a mail with their name, company affiliation and motivations for running to before 23:59 UTC on the 2nd of September. The full list of eligible candidates is in the wiki.

Testing Alfresco

General 5 Comments

I’ve been evaluating Alfresco over the last day or two, and I’ve had some trouble getting started.

The main problem I’ve had is that there doesn’t seem to be any docs specifically for people trying out the 30 day hosted evaluation. All the docs I’ve seen have, at some stage, entries like “If you are unable to map your drive, contact your system administrator or refer to the topic Setting up the CIFS server in the Installation Guide”. There seems to be an underlying assumption I’m self-hosting.

So in spite of my best efforts to try and use CIFS or WebDAV to copy content, play with versioning, etc, I have no idea what to enter for server name, share & directory for a file share in Nautilus, and the links “View in CIFS” and “View in WebDAV” don’t work for me in Firefox.

I also downloaded AlfrescoEnterprise 2.2.0, which suffers from the typical problems I’ve seen most Java enterprise software suffer from – it doesn’t seem to work out of the box. I have a JDK installed, and OpenOffice, but the various install scripts fail at various points because @@ALFRESCO_DIR@@ hasn’t been replaced during installation, and once I’ve edited the scripts to handle that, one script ( looks for an soffice binary in “~/Alfresco/openoffice.org2.1/program/”. So, not heard of “which” then.

End result of several hours of playing around is that Alfresco looks like a nice web application, but I’m not in a position to recommend it to Linux users because the client software doesn’t install properly, and I can’t figure out how to use the file shares in Nautilus.

Lazyweb, can you help me out, please?

PS. Why does Nautilus’s “Windows share” dialog have all 3 of server, share and folder? I’d really like to be able to follow docs for windows that talk about entering \\YourMachineName\alfresco\Users\YourSpaceName as the share (s/\\/\//g;s/^/smb:/), and let the client software work out which bits are the share, and which bits are folders. Idem for WebDAV.

Update: I thought I’d hit the motherlode when I chose ” Custom location” and put in dav:// and got asked a username and password – but Nautilus gave me an error: “Response invalid”. No idea what that response was, or any indication of how I can fix it, though.

SSL security & Firefox

General 12 Comments

Federico:  Completely agree. In fact, you’re now training people to go through a whole new “ignore security” conditioning – previously it was just “Add exception” or whatever. Now it’s “Next, Next, Add exception, Get certificate, Next”.

From that presentation you link to, this statistic stood out:

SecuritySpace survey found that 58% of all SSL certificates were invalid (expired, self-signed, unknown CA, incorrect domain, etc)

The presentation also said that “most people only see the valid certs from big sites, so this problem isn’t very visible,” which is the point that MoCo makes.

I discussed this with Gerv during OSCON, and his take on it was toweing the party line:

  • Your cert is expired? Fix it already
  • Your cert is from a different domain? Fix it already
  • You’re self-signing a cert instead of paying $10 a year for one signed by a CA? Spend the money!
  • If you’re running a volunteer site, and want a self-signed cert just to encrypt usernames & passwords, your visitors represent less than 1% of the internet population, sucks to be you!

(this is a paraphrasal of my memory of the conversation).

I may be an edge case, but I seem to run into an awful lot of sites where the absolute correct thing for me to do is “Add exception Next Get certificate Next Next”. Sucks to be me, I guess.