English - 17

Another update from the X-funky-and-cool-front: With some Patches from Kristian Høgsberg, I got compiz running with aiglx.

For those who don't know: Compiz is a combined window/composite manager that was released together with xgl earlier this year. aiglx is another approach to get 3D-accelerated Desktops on Linux/Xorg.

I've merged the appropriate (very experimental stuff, big fat warning!) gentoo packages into my overlay. For all non-gentooers: You are on your own, but you can grab Kristian's patches here. Update: Kristian told me that Fedora Rawhide users are also lucky.

You can get it with
svn co http://svn.hboeck.de/xgl-overlay
(It's still called xgl-overlay, although it should probably be named »various-funky-x-stuff« or so, but I was too lazy to rename it)

To install it, check it out like above, put the path into your PORTDIR_OVERLAY-var in make.conf. Then re-merge libdrm, mesa, xorg-server and compiz (all ~x86). You can also merge experimental libcm/metacity-packages (metacity with 3d-effects), therefore add xcomposite to your USE-flags and merge metacity-2.15.5.

To start compiz on aiglx (that means »normal« X):
LIBGL_ALWAYS_INDIRECT=1 compiz --replace --strict-binding move resize minimize place decoration wobbly cube rotate scale switcher zoom &
gnome-window-decorator
(replace plugins with anything you want, the LIBGL-var and strict-binding are required for running in aiglx, this should be automatically detected soon)

For metacity use:
USE_WOBBLY=1 metacity --replace

As before, there is still a package for xgl, so you now can try both.

There are some interesting news about the situation of the bittorrent-tracker The Pirate Bay.

It seems to me that this case can turn into a publicity desaster for the MPAA and the swedish anti piracy organizations. gulli has a longer article in german.

Chaosradio has a long podcast-interview with one of the TPB guys (english), which also turns out some interesting things, for example the question why they took the dna from the arrested activists (for possible copyright violations through the internet, you surely need the dna).

Several organizations are calling for demonstrations today in sweden, as you can read on Piratbyråns temporary website.

I very much like the actions of those swedish groups, I think more people should act like them. I assume that a vast majority of the people in some way do filesharing of copyrighted content, but just a small minority of them fights for their right to do so.

Update, Saturday 11h: They are back online.

planet is a famous python software to combine the feeds of various blogs (or other feed-sources) to one website. It's used by various free software projects, organizations etc.

While thinking about creating a planet karlsruhe, I thought about possible licensing/copyright problems, in theory you would have to ask everyone you aggregate. As there are many blogs using free or semi-free licenses like FDL or Creative Commons that at least allow re-distributing unchanged content if you stick with the license, adding license-data would make it perfectly legal to add those feeds without asking.

planet is already flexible enough to do this, as you can just add additional variables. Change the config.ini to something like this:

[https://blog.hboeck.de/feeds/atom.xml]
name = Hanno Böck
license_name = Creative Commons by-sa
license_link = http://creativecommons.org/licenses/by-sa/2.5/

Add some Code to the template:

<TMPL_IF channel_license_name>
<TMPL_IF channel_license_link><a href="<TMPL_VAR channel_license_link ESCAPE="HTML">"></TMPL_IF>
<TMPL_VAR channel_license_name ESCAPE="HTML">
<TMPL_IF channel_license_link></a></TMPL_IF>
</TMPL_IF>

And you're done.

I usually don't like to do too much blogging about my blog, but I recently installed two new features I find worth mentioning.

One is that I have installed the serendipity calendar plugin, which you can see on the right (if you aren't reading rss). It'll contain events I find interesting/worth mentioning and will probably visit and maybe write reports about. It's a bit limited, it doesn't support more detailed time information (events longer than a day, time etc.), it shows the days till the event, but not for the first one, which I don't understand yet why. Maybe I'll hack a bit on it.

The other thing is that this blog is now available on IPv6 and there also with a correct, CAcert-signed ssl-certificate. So you can now read my blog secure ;-)
CAcert is a noncommercial certification authority based on a web-of-trust mechanism and I suggest you install their root-cert in your browser.

This tuesday, Stephane Lhomme, a french anti nuclear activist, has been arested for 14 hours because he has published a document about the new european nuclear reactor type EPR.

In France, there is a law that confidential information about nuclear plants is kept as a military secret. This has been established some years ago to prevent activists from publishing the timetable of nuclear transports because of the protest against them. It's purpose is obviously not to secure anything, but to censor activities against nuclear power.

Réseau »Sortir du nucléaire« (network of french anti nuclear groups) and other organizations are now calling to spread this document.

When I was asked in the past what linux desktop lacks I kept on telling that we need a way to have a more common look and feel among several desktop environments. Opening a gtk/gnome-app shouldn't look weird in kde, same thing with opening a qt/kde-app in gnome. Dialogs for files, printing etc. should look common. You can discuss hours if the button-order should be »Ok«/»Cancel« or »Cancel«/»Ok«, but it's definitely the worst if this changes from app to app.

Today I found this little tool called KGtk, which (partly) does what I want. It's a wrapper around gtk-apps to call the kde file open dialog. It also contains the same thing for qt apps (that don't use kdelibs).
Using it is quite trivial, just start
kgtk-wrapper.sh [somegtkapp]
or
kqt-wrapper.sh [someqtapp]

I really like it, because there are some gtk-apps I don't want to miss (especially gimp), but I think the new gtk fileselector is really a sin of usability.

While this is (cited from webpage) »a quick-and-dirty LD_PRELOAD hack«, it imho shows exactly how it should work. The freedesktop.org standardisation is a very good thing, but it has to go much further. We need something like »app tells DE to open a file-open dialog« instead of »app opens it's file dialog«. We need the same thing for printing, iconsets, button-order and probably much more.

I'm on Linuxtag in Wiesbaden since yesterday.
As this year there's no gentoo booth, it's the first time for many years that I'm here just as a visitor. First set of pictures uploaded, detailed report may follow.

No, it's not a fake. Sadly it has no year on the display.

Back from Breakpoint, uploaded rest of images. My submissions this year were quite limited: One Photo that didn't make it through the preselection and one effect for the Never-Demo (which made place 28 out of 29, n0y asked at a very late time »hey, can you code us some effect, the interface is really simple?«, so I did some ascii-art-shading).

I didn't manage to visit all seminars I wanted to see, I hope they'll get the recordings up soon.

One I find worth mentioning:
Peci from Scoopex managed to get a dos-COM-file running windows-code without any win32/PE-headers (smaller, good for 4k intros). What he's doing is basically abusing an api for attaching drivers to the DOS-Emulation (VDD). It is able to call initialization-functions of DLLs from within DOS with invalid Opcodes. Calling it without initializing a library causes to jump to position 0. The memory from the DOS-process is mapped 1:1, so this is a valid adress, where you can put a jmp in the COM-file before calling. Very weird, but seems to work fine.
(I hope they'll put up the seminar-slides on the ftp, I'll link them when they're available)

First two days at breakpoint, everything quite okay, beside the usual chaotic organization (it wouldn't be a demoparty without that). The network sucks, so I don't know when I can publish what I'm writing right now.

Yesterday evening was a live-act called Ultrasound, they played guitar-music to demos shown on the screen. The beam-team didn't manage to show second reality (probably they don't have any real DOS any more...). Quite nice.

On Saturday I missed most of the compos because I did something very unscenish and got some fresh air and light (ok, not so much light, it was cloudy), visited Bingen city, took a ship to the other side of the rhine and walked around there a bit. I like this landscape, I did some bicycle-trips here in the past.

Next was the Welle:Erdball concert. They're doing electronic music with old computer sounds like C64-SID with a (imho) great live-show.

First set of pictures are here, more to come.

In a few minutes I'll head off to the Breakpoint in Bingen, one of the biggest events of the demoscene.

This year I'm especially looking forward that there are a couple of interesting seminars, I'll probably write some reports about that. And have a look at their website, I like this years design very much.

If you ever asked yourself how a cartoon of your favorite movie would look like, vlc has some very nice filters to play around with (see screenshot).

You'll need latest vlc 0.8.5_beta2 (yes, it's really unstable), gentoo has masked ebuilds for it.

To enable the filter, try out:
vlc --vout-filter distort --distort-mode edge

(Pictures from the Creative Commons by-nc-nd licensed movie Teezeit)

From todays solar eclipse, which could be partially watched from Germany, I tried to take some pictures.

Good that I kept my special eclipse sun glasses from 1999 (when we had a total eclipse over south Germany I completely missed due to the bad weather back then). Most of the time it was cloudy, but I still managed to get some nice pics.

Yesterday I played around a bit with what hardware sensors can do and how to access them in linux.

hddtemp

The first, and quite trivial tool I tried was hddtemp. You don't need to do anything further, just install it and run
hddtemp /dev/hda
(Assuming your harddisk is hda, which is usually the case)

It supports a bunch of harddisks by default and if it doesn't know your HD, it tries to access it with some default-values. Extending the hd-database seems to be trivial, I already sent a patch for my HD. Output looks like this:
/dev/hda: SAMSUNG MP0804H: 46°C

lm_sensors

lm_sensors is a bunch of drivers and tools to use hardware-sensors on motherboards. As you probably have no idea what chips your motherboard has, lm_sensors brings a tool called sensors-detect to help you. The way to go is just enabling everything (except debugging, which you usually don't need) in the kernel-sections i2c and hardware monitoring as module and let sensors-detect to the work.
Basically, pressing return all the time should be okay. At the end, it'll tell you which kernel-modules are useful for your system.

After that, running sensors shows something like this:
max6657-i2c-0-4c
Adapter: SMBus I801 adapter at 1100

M/B Temp: +40°C (low = -65°C, high = +127°C)
CPU Temp: +36.6°C (low = +35.1°C, high = +72.2°C)
M/B Crit: +110°C (hyst = +100°C)
CPU Crit: +110°C (hyst = +100°C)

Well, not that useful, but interesting to know that I have at least 3 temperature-sensors in my laptop.

Update: As noted by Joshua Jackson in the comments, with smartctl /dev/hda (from smartmontools) you get the temperature and much more information about your HD.

onlinetvrecorder, a service that let's you record broadcasts from some german television stations, provides it's files in .otrkey-format, which can be decoded using their binary otrdecoder-tool, considering you have requested the recording in advance.

As there is no information how the format and authentication work, I had a deeper look at it.

Getting the key

Using some network sniffer, the authentication is very simple, it just requests them with http, the URL is
http://www.onlinetvrecorder.com/uncrypt.php?email=[email]&pass=[pass]&filename=[file]
(filename is the .wmv-name without otrkey)
Inside that file is an ascii/hex-encoded number with 128 bit. That very much looks like a key.

This already gives us the possibility to manually download the key and, if we want to re-decode some movie (because we lost the wmv or because we want to decode a file before it's completely downloaded to already start watching the recording), save the key to a local webserver as uncrypt.php, forward the hostname to 127.0.0.1 and re-start otrdecoder.

The cryptography

From what I found out yet, the file is encrypted with some sort of blowfish. The encrypted and decrypted files are exactly the same size, that means we have no IV and a variant of blowfish that does no padding.

The best I got till now was using mcrypt with ecb-mode:
mcrypt -d -a blowfish-compat -s 16 -o hex -b --noiv -m ecb --nodelete -f [keyfile] [file]

This decrypts the first 256 bytes correctly, after that it seems to mix up things (the correct decryption continues at byte 512). From what I read in Schneier[1996] (»Applied cryptography«), there is an ecb variant using ciphertex stealing that avoids padding. I found no easy-to-use implementation of that.
Having a commandline-cryptography tool that supports more options than mcrypt would be handy here.