Key Rollover

I have deprecated my OpenPGP Key 0xAA208D9E in favour of a new key 0x059B598E. So please use this new key which you can find, i.e. here.

muelli@bigbox ~ $ gpg --fingerprint --list-key 0x059B598E
pub   1024D/059B598E 2010-06-23 [expires: 2015-06-22]
      Key fingerprint = 610C B252 37B3 70E9 EB21  08E8 9CEE 1B6B 059B 598E
uid                  Tobias Mueller
sub   4096g/C71F0BE4 2010-06-23 [expires: 2015-06-22]

muelli@bigbox ~ $

If you’ve signed my old key, you might as well sign my new one (verifying that it’s correctly signed with the old key), assuming that my identity hasn’t changed. I recommend using caff to do so.

Practicum Status Update Week 4

Again, a small summary of my last week.

  • Filed a couple of bugs that annoyed me. My favourite: My main monitor dies randomly. Let’s hope it’s not a hardware issue. That’d seriously put me back. In fact, it’s quite cumbersome to reanimate my monitor in the middle of a working session… Oh. And qemu crashes 🙁 That’s really unfortunate for me atm.
  • Subscribed and quickly unsubscribed qemu-devel mailinglist. Way too noisy. Those low-level people don’t seem to like using bug tracker or smth like ReviewPad to submit patches. Very stressful.
  • Enjoyed a long weekend in Hamburg including watching some Worldcup games
  • Read through Qemu code and tried to grasp how things play together.
  • Started to implement simple USB packet filter. spent ages resolving a logical error: I checked for retval != -23 whereas I should have checked for retval == -23 🙁
    We can haz new commands

    So I have exported a new command to the QEmu monitor. And we can even attach some logic to that new command:

    Logic attached, nothing works yet though

    Everything returns -1 at this stage though. So the actual implementation still needs to be done.

  • It literally takes a whole night for me to boot anything with qemu though 🙁 That’s a real pain and I cannot work that way. My CPU is one of the few modern Intel CPUs that does not support hardware virtualisation 🙁 I need to think of a solution.
  • I still don’t really have a timeline 😐
  • Our deadline is on 2010-08-20 and we are supposed to hand in 3 hard copies and one soft copy. I wondering whether I have to go back to Dublin to hand my hard copies in.

GNOME Foundation Board of Directors Elections 2010

I am happy to announce the results of this years Board of Directors Elections.

At first, we had too few candidates to actually fill the 7 seats in the board. But then the deadline for announcing a candidacy was pushed back and more people considered becoming a member of the Board. So we went into the voting phase with 11 candidates.

The voting itself worked well. I knew the system from last years elections but haven’t written the necessary steps down because I was mostly exploring and not knowing whether my attempts would result in anything next to useful. But this year I have taken notes along the way and I hope to be able to provide a good documentation.

The question period was a bit weird. Nobody really came up with questions for the candidates, as if nobody cared. I encouraged the peolpe to either send the questions directly, or better, send them to the Membershi p and Elections Commitee so thaat we can sort and sift through them. But nothing happened. I decided to not give any questions right away, because I sure wanted the Foundation members to participate. But if nobody asked a question, I’d have sooner or later released those questions:

  1. Why are you running for Board of Directors? What will you do more or
    better than previous years Boards have done?
  2. What do you think is the most important item on the Board’s agenda
    right now?
  3. How do you manage your time and that of others? Are you good at
    working with others including those who might have a differing opinion
    than yours and try to reach consensus and agree on actions?
  4. How are you going to manage your current contributions to GNOME once
    you become a Board Member?
  5. What are your plans to encourage and mentor contributions to GNOME
    from Latin America, Africa and Asia? How would you increase community
  6. Which parts of the GNOME project do you think work well and would like to encourage further?
  7. What would you do to increase community participation in the GNOME community and GNOME elections?
  8. Do you have any thoughts on how to expand the developer base?
  9. How much familiar are you with the day-to-day happenings of GNOME? How much do you follow and participate in the main GNOME mailing lists?
  10. Please rank your interests:
    1. GNOME evangelizing to government, enterprise, small business, and individuals
    2. GNOME marketing and merchandising of branded items nationally and internationally
    3. GNOME legal issues like copyright and patents
    4. GNOME finances and fund raising
    5. Alliance with other organizations.

To count the votes, we used OpenSTV (r771). But to use it comfortably, I had to patch it. As we use Scottish STV this year, counting votes is as easy as opening OpenSTV, opening the Ballot file and pressing OK.

The people that are elected into the Board of Directors are:

Congrats and thanks for running.

Sadly, we had a few people showing up, who did not renew their membership in time and could thus not take part in the voting process. I wonder why that is. Is the renewal process not effective enough? If you have any suggestions, please leave them either in the comments or via mail.

Running the elections was challenging, because I was really busy with exams and other obligations. Fortunately, the Membership and Elections Committee was helpful and we managed to have a smooth election process, i.e. not like last year 😉 Anyway, I hope to see most of the Board members at GUADEC 🙂

Practicum Status Update Week 2 and 3

So I figured that we are supposed to write a blog during our practicum phase. Here I am.

  • I missed the first official week, which was right after the exams anyway. I doubt anybody was able to do anything after the Biometrics exam.
  • In the second week, I moved back to Germany. Slowly though: I attended LinuxTag and visited a friend…
  • The third week began with some administrative stuff (i.e. taxes and care about a grant). I also almost finished running GNOME Foundation Board of Directors elections: Preliminary Result.
  • More work related: I tried to updated from Fedora 12 to Fedora 13 (to get latest QEmu and tools). Didn’t work (as expected) out of the box. Encountered (and reported) a couple of annoying bugs. My favourite: The update tool tries to mount /boot and swap. But /boot is left unclean because the preupgrade tool apparently does a hard reboot (i.e. w/o unmounting the filesystems properly). And swap can’t be found by the upgrade tool (for whatever reason). In both cases the installer just stops working and reboots the machine (sic!), as opposed to just fsck /boot or continue w/o swap.
  • Began to set up working environment: LaTeX Template, cloned qemu repository, looked a bit at QEmu code.
  • Tried to install some Operating Systems to break. Microsoft didn’t let me.
  • Read some stuff
  • Filed two bugs against Zotero (my bibliography tool): One problem in fullscreen mode and one with proxied URLs.
  • Went to a regulars’ table (for the first time after 9 month) and found out that one of them runs a company and they do USB security assessment atm. They are trying to make QEmu emulate a mass storage that returns a good file on the first read and a bad file (i.e. virus) on the second read. Sounded interesting, we’ll keep in touch and exchange details.
  • Right now I’m missing kind of a plan for my work. I haven’t really structured my work or broken it up. So I’m trying to see how many weeks I actually have (I know that I’ll go at least to GUADEC, the annual GNOME conference, for one week. I might even be invited to GNOME.Asia in Taiwan…) and what I could possibly do in that time.
  • I do have a high level idea of what needs to be done, i.e.
    • Patch QEmu to pipe USB communication in and out,
    • write some backend that uses these pipes to communicate with the guest,
    • find a smart algorithm to create/modify fishy USB packets (i.e. try to understand how a webcam communicates and set funny values for resolution on purpose),
    • try to exploit an Operating System (probably best to start off with a self-broken USB driver or application)
  • I’ll try to have a roadmap by the beginning of the next week.

LinuxTag and Cream Desktop

I’ve been to LinuxTag in Berlin and meeting old and new people was quite nice. In fact, I had to opportunity to play Skat after a very long time 🙂

Unfortunately, there was no GNOME booth! (Well and no Fedora booth either) That’s a pity and I wonder what it takes to successfully run a booth next year. The Debian guys, however, rocked. They were well equipped and had enough people that care.

from last years LinuxTag though

Again, I took part in the Hacking Contest. I couldn’t last year but made up my mind how to tackle that contest best. Sadly, it was a bit different this year. I didn’t really have a team and we were not prepared for German a keyboard layout or not having “netcat” installed. This got us quite confused and although we had a (bad) set of notes, we didn’t really follow them… So we got beaten up quite heavily 😉 Maybe I’ll invest more time for preparation next year.

I was amazed by Cream Desktop though! Sadly, their screenshots don’t work atm, but they basically want to revamp GNOME and make it better 😉 Sounds ambitious and it probably is. For now, they have “Melange”, a widget system for the desktop. (think desklets). It’s visually very appealing and I think it’d enhance the GNOME desktop (I could finally get rid of my gkrellm…).

Sadly, I didn’t meet the Cream guys on the LinuxNacht which kinda sucked. The location was awesome: A beach club facing the Spree. But the food was very disappointing. It was way better two years ago…

Trying to download from MSDN-AA: Annoying Secure Digital Container

I thought I’d give Windows technology a try (actually, I just need something to break) and tried to download Microsoft Operating Systems via (MSDN-AA). But instead of an ISO, you get a Portable Executable *facepalm*. Turns out that this binary downloads “Secure Digital Containers” from, i.e. here or here. These SDCs contain the ISO and are, according to this site, encrypted. The key is supposed to be in that downloader binary. However, no tool exists to decrypt those SDC files 🙁

I burnt half a day on that. Now going to look for Torrents of the ISOs… Are there official SHA1sums of the ISOs?

Or, dear lazyweb, do you know anybody that reverse engineered the downloader and is able to provide a free tool that unpacks the ISO from the SDC? 🙂

Creative Commons Attribution-ShareAlike 3.0 Unported
This work by Muelli is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported.