New Heise Feeds

Even after Heise updated its CMS it doesn’t deliver Atom Feeds with an abstract. I hope they’ll at least produce well formed XML… As I think the abstracts, which can be found on the main page or the mobile version, are quite handy, I wrote a parser which will generate an Atom feed with the teaser (and not the first paragraph of the article) built in. I couldn’t use MakeMyRSS not just because it prints an ad every month or so, but because I had the requirement to link to the print URLs instead of the web URLs (I don’t have that requirement anymore). But since MakeMyRSS is not free, I liked to have my own solution anyway 🙂 Plus, it’s not written in Bash 😉

You can find the Atom feed at http://muelli.cryptobitch.de/rss/heise-atom.xml or the parser here. But you’d be better off cloning the repository (hg clone http://hg.cryptobitch.de/geRSSicht/) because you can send me patches more easily 😉

You’ll also find a parser for the adminstrative court of Hamburg and for Telepolis. All the news are in German though, but at least the Heise feed should be easily portable for The H…

Engrish

Alright, the following stuff is probably only funny, if you know German and Germans a bit. At least I had to laugh a couple of times, so you might enjoy that as well 🙂

I received a PDF with some weird English translations of German idioms and I tried to extract the text information from that, so I stumbled upon a page explaining how to do OCR with free software on Linux. I got the best results using Tesseract with the German language set, but I had to refine the result (leaving some typos intact).

that’s me sausage = ist mir wurst
go where the pepper grows = geh hin wo der pfeffer wächst
I think my pig whizzles = ich glaub mein schwein pfeift
sorry, my english is under all pig = entschuldige, mein englisch ist unter aller sau
now can come what want…i ready = letzt kann kommen was will, ich bin fertig
I think I spider = ich glaub ich spinne
the devil will i do = den teufel werd ich tun
what too much is, is too much = was zu viel ist, ist zu viel
my lovely mister singing club = mein lieber herr gesangsverein
don’t walk me on the nerves = geh mir nicht auf die nerven
come on…jump over your shadow = komm schon…spring ueber deinen schatten
you walk me animally on the cookie = du gehts mir tierisch auf den keks
there my hairs stand up to the mountain = da stehen mir die haare zu berge
tell me nothing from the horse = erzaehl mir keinen vom pferd
don’t ask after sunshine = trag nicht nach sonnenschein
free like the motto: you me too = frei nach dem Motto, du mich auch
I have the nose full = ich hab die nase voll
lt’s not good cherry-eating with you = es ist nicht gut kirschen essen mit dir
it’s going up like smiths cat = es geht ab wie Schmidts katze
to thunderweather once more = zum Donnerwetter noch mal
not from bad parents = nicht von schlechten eltern
now it goes around the sausage = jetzt geht’s um die wurst
there you on the woodway = da bist du auf dem holzweg
good thing needs while = gut ding braucht weile
holla the woodfairy = holla die waldfee
we are sitting all in the same boot = wir sitzen alle im selben boot
don’t make you a head = mach dlr keinen kopf
there run me the water in the mouth together = da läuft rnlr das wasser im mund zusammen
I understand just train-station = ich versteh nur bahnhof
I hold it in head not out = ich halt’s im kopf nicht aus
shame you what = scham dich was
there we have the salad = da haben wir den salat
end good, everything good = ende gut, alles gut
zip you together = reiß dich zusammen
now butter by the fishes = jetzt mal butter bei die flsche
he made himself me nothing you nothing out of the dust — er machte sich mir nichts, dir nichts aus dem Staub
I belive you have the ass open — ich glaub du hast den Arsch auf!
you make me nothing for = du machst mir nichts vor
that makes me so fast nobody after = das macht mir so schnell keiner nach
I see black for you = ich seh schwarz fur dich
so a pig-weather = so ein Sauwetter
you are really the latest = du bist wirklich das letzte
your are so a fear-rabbit = du bist so ein angsthase
everybody dance after your nose = alle tanzen nach deiner nase
known home luck alone = trautes Heim, Glueck allein
I think I hear not right = Ich denk Ich hör nicht richtig
that have you your so thought = das hast du dir so gedacht
give not so on = gib nicht so an
heaven, ass and thread! = Himmel, Arsch und Zwirn’
of again see = auf wiedersehen
Human Meier = Mensch Meier
now we sit quite beautiful in the ink = jetzt sitzen wir ganz schoen in der Tinte
you have not more all cups in the board = du hast nicht mehr alle Tassen im Schrank
around heavens will = um Himmels willen
you are heavy in order = du bist schwer in Ordnung
l wish you what = ich wünsch dir was
she had a circleroundbreakdown = sie hatte einen kreislaufzusammenbruch
you are a blackdriver = du bist ein schwarzfahrer
I know me here out = ich kenn mich hier aus
l fell from all clouds = Ich fiel aus allen Wolken
that I not laugh = das ich nicht lache
no one can reach me the water = niemand kann mir das wasser relchen
that’s absolut afterfullpullable = das ist absolut nachvollziehbar
give good eight = gib gut acht
not the yellow of the egg = nicht das gelbe vom Ei
come good home = komm gut heim
evererything in the green area = alles im gruenen bererch
I die for Blackforrestcherrycake = Ich sterbe fuer Schwarzwalderkirschtorte
how too always = wie auch immer
I make you ready! = Ich mach dlch fertig!
I laugh me death = ich lach mich tot
it walks me icecold the back down = es lauft mir eiskalt den rücken runter
always with the silence = Immer mit der Ruhe
that’s one-wall-free = das Ist einwandfrei
I’m foxdevilswild = lch bin fuchsteufelswild
here goes the mail off = hier geht die post ab
me goes a light on = mir geht ein licht auf
it‘s highest railway = es ist hoechste Eisenbahn

Universal Parcel Tracking with BoxOh.com

Again, this is a quick reminder for myself and I want to share it with you.

There is an interesting webservice which tracks nearly all your (read: mine) parcels. It also offers an RSS feed and maps 🙂

The service is available under http://boxoh.com/

CCC Artwork

There are several images related to the CCC which I looked for for quite some time. Probably the oldest is the Pesthoernchen (also as SVG):

While you can get the image above from the official Logos, you can’t get the lower ones (yet): Sterntastatur from 18C3 (Hacking Is Not A Crime) also as SVG:

Sterntastatur - Logo of the 18C3

You might like the inverted version (also as SVG):

There is a modified version which aims to be more like the original RAF logo by mimicking a shotgun (also a SVG):

Sterntastatur2 - More like the RAF logo

Hacking Is Not A CrimeHacking Is Not A Crime

Making posters with PosteRazor

I had to create a huge poster out of an image. The normal way you do that is to somehow prepare many DIN A4 sheets, so you have to enlarge a given image, cut it into many pieces, probably add some padding and if you’re lucky, you get your PDFs you can print.

But how do you actually do this? I used to use psresize and friends because I just wasn’t aware of anything more useful. Of course, dealing with psresize, psnup etc wasn’t very comfortable and I rarely was successful. I remember that I’ve asked a friend of mine to do it for me several times in the past. He owned a Mac and it was rather comfortable with those authoring tools. I began using OpenOffice to create those posters, but it really is uncomfortable: You have to remember which cutout you’ve used in the previous page, then move the image within the page and hope that you match the previous page. Needless to say, that this takes a considerable amount of time.

I always wanted to have a tool which works like this: makeposter --format=DINA0 < input.png > poster.pdf It would scale the image, cut it, add padding for glueing and produce several pages in a single PDF.

I now was told about PosteRazor! An incredibly useful tool to do more or less the stuff I want. It is free software and pretty easy to use. It uses neither Gtk+ nor Qt. Instead, Fulltick is used to build the GUI. I have never heard of it, but it’s okay. The widgets are not as beautiful as Gtk’s and the filechooser is especially bad, but the rest seems to be fine. So it serves almost every need I have 🙂

Awesome, isn’t it? I mean not just that it’s really easy, and you have your own poster in five minutes including printing! They even have extremely good marketing! 🙂

GNOME Membership stats

In case you are interested in the GNOME foundation, here are some quick stats: During the second quarter of 2009, we have received 22 applications for a new GNOME Foundation membership, plus 24 applications for renewing the membership. Due to applications arrived before 2009/Q2, 24 applications for a new GNOME Foundation membership have been accepted. During the same period 13 members haven’t renewed their membership and we ended with 368 members.

We can also see the number of members over time on this (pretty huge) graph:

GNOME Foundation Members over time from 2001-10 until 2009-08

We actually managed to cut our membership base by 25% within the last two years. Nothing too much alarming though because we still have more members than we ever had on average. But still, the trend goes slightly downwards although we probably should catch steam for GNOME 3.0. I would not mind if the people come after they have seen GNOME 3.0 though 😉

Let’s get a closer look onto the new foundation members:

Count of new GNOME Foundation members from 2009-01 until 2009-08

Actually, nothing interesting, I think. 6 new members per month on average.

And the members who dropped out:

Count of GNOME Foundation members who dropped out between 2009-01 and 2009-08

And we can get that compiled into one graph as well:

New and Dropped Members 2009-01 until 2009-08

If you have ideas for interesting graphs, don’t hesitate to comment. Note that we don’t have much data though, because we don’t collect that much data anyway. And I really think this is a feature! Actually we could do even better because we currently have no policy when to delete data. So once you are a GNOME foundation member, you’ll be in the database forever. I guess we should fine a policy some time to not keep unused data.

In case you wonder what status your application is in, check the status page of the tickets we receive. New means, that nobody has done any action on it yet. Open is waiting for information from the contacts you’ve supplied and stalled is either no or a not satisfactory answer from your contacts yet.

Replace LaTeX Itemize Icon with Foot

If you use the LaTeX Beamer package for your presentation and you want to replace your itemize bullets with something more fancy, you might be interested in the following commands:

\setbeamertemplate{itemize item}{\includegraphics[height=1em]{bin/gnome-foot}}
\setbeamertemplate{itemize subitem}{\includegraphics[height=0.8em]{bin/gnome-foot}}

These will set your bullets to anything you want 🙂 A plain LaTeX solution, which won’t work with Beamer, is to use \labelitem:

\renewcommand{\labelitemi}{\includegraphics{foo}}
\renewcommand{\labelitemii}{\includegraphics{bar}}

Hope this helps 🙂

GNOME Bugsquad Meeting

I am very excited that the Bugsquad has met last month. Finally we got some action in our beloved QA team. Also, I’d like to thank Max Kanat–Alexander for porting our Bugzilla installation from Bugzilla 2.20 to Bugzilla 3.4. I believe that this, and the migration on new servers, will increase the performance a lot and that we can be even more productive. Let’s not hope that the people will file more bugs though 😉

So Javier Jardon kicked that meeting off and we were having productive three hours, I guess. It was really good to see people caring about our bug database. The decisions we’ve made are visible in Andres Blog or on our Wiki page of course.

We’ll have a next meeting and right now, we are using a Doodle to determine the next time and date. Feel free to add something to the preliminary agenda and participate! I am sure we’ll have lots of stuff to discuss, especially due to our brand new bugzilla! 🙂 We can now have a look at other folks like KDE and exchange hacks on our bugzilla! 🙂

Also, I am looking for ways making our processes easier: One thing is giving away bugzilla permissions so that a new Triager can start modifying bugs. We are supposed to track the people we are giving permissions to check that they don’t screw up, but it’s not that easy to track someone right now. Also, we can think about automatically giving away canedit permissions once we have given commit access to git. The argumentation is, that a committer might submit patches from bugzilla and thus needs to be able to close bugs. We’d need to talk to the Sysadmins in order to implement that…

I’m thinking about using a Gobby session while having the meeting just that everybody, including people joining the meeting lately, can see what the current topic is. Another reason is that we you can order or prepare for the next topics if you are a bit bored. Also, we might have an easier protocol at the end, because if everybody writes everything directly in that gobby session, the log will be ready once the meeting is over. I’ll make up my mind and come up with something at the meeting.

Also I think, not using #bugs, but rather #bugs-meet for the meeting is a good idea because you can see who’s actively participating. Moderating the session without knowing who’s actively interested in the debate is not that easy, because you either wait for people who are either offline or have just left or you don’t ask people willing to participate. These are not really big issues but moving to another channel is also not a big deal.

Back from HAR2009

I have just arrived from HAR2009 which was a very awesome event! We were camping for 5 days, drinking beer and attending lectures. Some of us visited Workshops, but sadly I didn’t. I probably was too busy attending talks and visiting the Toasti booth 😉

The CCC has built up a great Dome as well as a big tent for hacking. CCCHH brought Milliways, the last pub at the end of the universe and it was a really cool place to hang out. There were many people from different countries which made it really interesting and enjoyable to just be there. Last but not least, the beer was great 😉

Others have brought a GSM Network! How awesome is that?! Harald Welte and his fellow GSM-Tent members have set up the “42” Network and we were able to place as many (internal) phone calls and SMS as we liked. Of course, we started to script that 😉 So I found out, that sending an SMS via a serial connection to my phones modem is as simple as the following lines:

import serial
import time
 
DEVICE = '/dev/ttyACM0'
 
def send_sms(nr, msg):
    ser = serial.Serial(DEVICE, 115200, timeout=1)
    ser.write('AT\r')
    line = ser.readline()
    line = ser.readline()
    assert line == "OK\r\n"
 
    ser.write('AT+CMGF=1\r')
    line = ser.readline()
    line = ser.readline()
    assert line == "OK\r\n"
 
    ser.write('AT+CMGS="%s"\r' % nr)
    ser.write('%s\n' % msg)
    ser.write(chr(26))
    time.sleep(3)
    lines = ser.readlines()
    print lines
    ser.close()

Sadly, I couldn’t hack more with the GSM network because it was shut down rather early and I didn’t use my computer much during the lecture time. So next time I’ll try to reproduce the Curse of Silence and play around with PDU SMS.

So I have been to a lot of interesting villages and I met some interesting people but sadly GNOME people couldn’t make it. Maybe we’ll have a GNOME Village next time… 🙂 If you are interested in how the camp looked, watch this impressions movie or click through the media.

The next CCCamp will probably be in two years and according to rumours it’ll happen in Finowfurt again. I’m really looking forward to that event!

BufferOverflow Workshop at EasterHegg09

During Easterhegg I held a workshop together with hc. It was about Buffer Overflows, which used to be the most common security vulnerability a couple of years ago.

We gave a talk explaining the basic concepts of processes and how they work on x86 machines. This was heavily packed with information and I really think we couldn’t make everything clear in the first run. But as it was planned as workshop, we intended to give people stuff they can chew on 😉 Basically, we took stuff from the excellent Phrack article Smashing the Stack for Fun and Profit which is nearly 13 years old by now.

As modern operating systems protect themselves against the consequences of buffer overflows, we prepared a virtual machine with QEmu/KVM so that exploits will work. It’s an old debian woody with an SSH daemon and build essentials.

Of course I have changed the image in the last minutes, because I wanted to improve it. And of course something went terribly wrong: The root filesystem was corrupted and fsck deleted important files, leaving the image in a useless state. We had to port my changes back to the old image.

Of course, we wanted to distribute the ~1GB image among our workshop guests. As we expected 50 people to show up and didn’t want to stress the WiFi so much, I intended to use BitTorrent, but it’s not as easy and smart as it could be: We are NATted, so using an external tracker would FAIL. Also, it can’t multicast the packets, which would perfectly make sense if many people start to download the torrent in the same network. We ended up having a usb pendrive and a thttpd serving the tarred image. Not very smart or efficient.

After the people ran that images, they couldn’t login with SSH due to a mysterious heisenbug. I suspect our last-minutes changes to be the culprit but I can’t provide a more technical error description. The SSH daemon worked quite well *in* the image, but as soon as you wanted QEmu to redirect the traffic into the machine, it FAILed: The connection was established, but no data was transferred. Could be a bug in QEmu as well.
The people either worked through the QEmu widget or set up a TUN device to get the network up and running…
That pissed some people off which then left. We ended up with 20 people trying to hack themselves 🙂

We prepared examples in the image, some of them copied from Gera, e.g.:

/* stack1.c                                     *
 * specially crafted to feed your brain by gera */

int main() {
	int cookie;
	char buf[80];

	printf("buf: %08x cookie: %08xn", &buf, &cookie);
	gets(buf);

	if (cookie == 0x41424344)
		printf("you win!n");
}

The people were supposed to make the program print “you win!”. If you know, how a stack works, it’s actually simple. Do you know, what input you have to feed in order to win!?
Oh, you don’t want to compile this program with anything other than -O0 because the compiler rearranges the variables on the stack so that you can’t overwrite the integer…

In the end, I think I am satisifed with the workshop, although things could have worked better. We had pretty smart people which were really curious how stuff works. They have learned a lot and I guess they had fun with that as well 🙂