There is an interesting column on the Chronicle of Higher Education’s Web site today about “No Turtles: Faculty-Media Relations.” While librarians aren’t usually high on the totem pole for media interviews, it can still happen. I agree with the author. Michael C. Munger. that we should not act like a turtle and go into our shells when and if the media come a calling about a topic we are experts in. He offers some good advice on how to deal with the media and some tips including:

• Ignore the question: The premise of this one is that often the reporters aren’t experts, so they don’t know what to ask. He says you should ignore bad questions and just say what you really want to say… that is what they are looking for anyway.
• Every answer stands on its own.: The premise here is unless it is a live interview, expect t only some answers to be aired, thus do not answer questions with phrases similar to “”As I already said,” The viewers won’t know what you already said if it has been cut out!
• Watch the end chat: Always consider the camera and/or audio is still rolling and what ever you say is “on the record.”
• Silence is power: Gather yourself: The idea is that unless the interview is live, you should take time to gather your thoughts and come up with a clear concise answer.
• Let the editor edit: The concept here is that producers are looking for some things they can use, so let them do there job and take the answers they thought were best.

I think this is all good advice but I would add at least two caveats. One is that if there is some sort of event like a campus shooting, it might be a good time to go into the shell if approached (unless you talk to the campus PR department first), Really it is a probably good idea to talk to them before giving a media interview if it is about any news story that is happening on campus.

The second caveat is I thinkthat many of these (esp. “Let the editor edit” apply more to established news organizations then they do to marketing/trade publications - you know those glossy thigns with lots of ads they send out for free. I’ve seen a number of trade publications do a horrible job writing up an article and using quotes from an interview. In fact I’ve actually been quoted as saying something that I never said in one. In those cases I’ve learned to always ask for a copy before publication so that I can clarify anything that may come up. Typically I won’t even suggest any changes, but it may save you from being horribly mis-quoted or completely taken out of context.

There is an interesting opinion piece today on the Wall Street Journal’’s Web site that discusses Why Technologists Want Fewer Patents. Basically, the subtitle, We shouldn’t grant monopolies on concepts, sums up what many technologists believe. Patents on concepts, ideas, and software do very little to help innovation. Software, at least, already has copyright protections, so extended patent rights is, IMO, overkill. Patents are supposed to spearhead innovation and while maybe in some cases they do, it is hard for me to see an argument that they do in the case of software and of business concepts. In fact, just the opposite is true. If I have to worry about whether or not an emoticon some concept or method that has been in use in thousands of other computer programs has previously been patented, I have no hope of ever building a better computer program. I know some people who favor software patents will point to patents being a way of protecting income streams, but as the column points out, studies have shown that “aside from the chemical and pharmaceutical industries, the cost of litigation now exceeds the profits companies generate from licensing patents.”

I’m not saying there should be no patents, but they need to be limited to real things. Not code. I hope that the Supreme Court rules to servilely limit what can be patented after they review Bilski v. Doll. If they don’t, the expressed goal of patent law in the United States Constitution — “to promote the progress of science and useful arts” will be defeated.

Hey. It's still internet.

The Chronicle of Higher Education had an interesting article about the WolframAlpha Web site. WolframAlpha has gotten some attention in library circles, understandable so, since according to the Web site, it “is the first step in an ambitious, long-term project to make all systematic knowledge immediately computable by anyone.” An ambitious goal, no doubt.

This article, “A Calculating Web Site Could Ignite a New Campus ‘Math War’” focused on how WolframAlpha will not only supply answers to complex mathematical problems, but will also list the steps out on how to do them. Mathematics professors are obviously taking notice. Is using WolframAlpha cheating? Is it a teaching tool? Is it both? I’m not sure, but it is a game changer. I know I would have liked to use it when I was getting my undergrad degree in college - not so much tofsolve a problem, but to double–check my assignment before handing it in.

"Unfreezing" is a term I took out of a text book about organizational change. People have their ideas "frozen" about how things should work, so the first thing you should do to change them, is to do some "unfreezing".

How did I approach "unfreezing" with OpenOffice:
Communication:

• Say the organization is going to change (gasp)
• Email them with more information on WHY, and how they can learn more
• Speak rationally and honestly, if it's money, say that. If it's more flexibility say that. If it's both, you get the idea...
• Get feedback (I used a google docs form, somewhat ironically)

What should be in the feedback? Most will not just want to change, you should expect that. Feedback let's you identify what concerns they have and see if they are legitimate (or if you can easily explain them away). It's also essential to determine what different use cases are covered by different users.

Training: Take the feedback and engineer some training to cover the common 80% of users. (For the other 20 you can do advanced training later). A key part of training is to make sure the users have OOo installed on their machine, so they can follow along and get used to it. Another important training item is how to convert a .doc to .odt, etc (and redo any formatting that breaks).

Get more feedback on training and see if the users feel better about switching and also if you are doing a good job in training. When you think the
organization is ready, switch to OpenOffice opening all .docs, .xls, and .ppts (I haven't done that yet).

Oh right and make sure everyone gets this:
Internal docs: use .od* (ods,odt,odp)
External docs (and no external editing): use .pdf
External docs (and need to edit): use .doc, xls, ppt

So, Planet, what do you do differently?

Random Picture from India..

A while ago David posted about how he switched to using FsckVPS over Linode. He showed that it was cheaper, faster, etc.

Today I saw this on Reddit. Take a look at the linked picture. Basically, it’s Fsck saying that it’s too hard to not store passwords in plaintext, and then an email saying that they were hacked, and lost tons of data.

This is David’s original post. I went to go comment, but his site is down…

Btw, David, that’s the difference between Linode and Fsckvps.

JoeTerranova.net

I’ll be presenting on Asterisk at CHLUG tonight, so if you’re in the Cherry Hill (New Jersey) area, come on down! I’ll be presenting to what I think will be a mostly empty room, so if you have questions about Asterisk, tonight’s a good time to get them answered.

JoeTerranova.net

I read this (http://mrooney.blogspot.com/2009/05/karmic-desktop-uds-run-down.html) and quite like almost everything I see.

Pidgin being replaced by Empathy is somewhat sad (I really like Pidgin), but the reasons are quite good.

Disclaimer: I am quite against any Mono (the technology beyond Banshee/F-Spot/Tomboy) applications being on the Ubuntu Desktop CD for other reasons. You can likely read why somewhere else :P. This isn't necessarily about Mono.

Banshee replacing Rhytmbox on the other hand, not so much.

However, it does seem to use 3-10x more memory than RB which is very troubling (60-300MB compared to RBs fairly consistent 25MB),

Please, Please think of those of us who only have 512 Mb of ram in a laptop, or even those with less.

But clearly Banshee will get better memory usage over time..?
I reviewed it's memory usage (and others) about 2 years ago (Banshee was in dead last, then). http://gquigs.blogspot.com/2007/12/more-players-out-in-memory-performance.html

And yes, I realize Rhytmbox isn't going away, but development seems to slow in applications that lose "default" standing in Ubuntu.

Other items I am curious about: replacing gnome-pilot with multisync? any screensaver (removing) discussions? Remote desktop viewer vs terminal server client?

About a week ago I boarded a plane bound for Delhi, India (actually Dubai, but transferred) to begin my first out-of-college job. I am working for a non-profit that helps communities through microinsurance. [What is microinsurance]

I will be working on several projects but the primary project will be migrating this non-profit from a Windows platform to a Linux one (quite likely Ubuntu). This includes reviewing every application currently used and finding an alternate (or wine, virtualization, etc). The first thing we are doing is an OpenOffice switch.

I am currently writing up the Project Plan for OpenOffice and have already noticed a couple things. Upon importing a .doc Project Plan template:

• Table Of Contents breaks
• Header/Footer no longer covers the entire document

Fixing Table of Contents
It breaks because OpenOffice uses styles - Headings specifically to do a ToC. Most people who use Microsoft Office use numbering. So you need to go through the document turning off numbering, and assigning it to a Heading #.

1. Go through the document
2. For each line that is numbered and that you want to make part of the ToC
   
   • Turn off numbering by clicking anywhere on the line
   • Bullets and numbering should appear
     
   • And then click Turn Off Numbering (third button from left)
     
3. Change that line to be on Heading #
   
   • Based on the previous numbering scheme
     
   • So for 3. You make it heading 1, For 3.8 you make it heading 2, For 1.3.8 you make it Heading 3.
   • You select the style in the drop down box to the right of the font (or by using F11)

Styles are a much better way of doing things, and you should learn more about them.

Fixing Header/Footer
It doesn't matter what page you do this on, but don't you want different Headers/Footers on different series of pages!

1. Bring up "Styles and Formatting" by pressing F11
2. In Styles go from Paragraph to Page (fourth button on the top)
3. If you see any Convert 1, Convert 2, etc - Right click and delete them

That should be it. Oh and this is my street..

The OCLC Review Board of Shared Data Creation & Stewardship has posted the presentation slides and a recording from their update to Members Council on May 18. I haven’t been able to connect to their streaming server, but the PDF shows, that among other things, they have recommended to “Formally withdraw the proposed policy” on WorldCat record use.

This is great news for those who were very concerned about the proposed policy and the process that was originally used to try to put it in place. They do say that a policy is needed but stress that it should not be this policy, They have also said that the Nov. 16, 1987 “Guidelines for the Use and Transfer of OCLC-Derived Records” should be kept in place until a new policy is created. They have further recommendations about the direction of this that I believe are well reason and well thought out. Key among them is the recommended direction of:

Devise a process for drafting and maintaining a new policy that:
• Includes formal participation by members of the Global Council, the OCLC Board, and the OCLC Strategic Leadership Team
• Incorporates input from the broader community
• Recognizes the complexity of the information ecosystem in which OCLC and its members operate
• Is transparent

and that the new policy should:

• Be based on clearly articulated principles
• Impart confidence to members and partners building strategies predicated on WorldCat
• Support innovation

I am extremely happy that the Review Board has come to these conclusions and I hope that OCLC decides to follow them and creates a fair policy using a transparent process that does indeed support innovation. Three cheers to Jennifer Younger and the rest of the review board members!

Christina is looking to get into graphic design, but doesn’t have much experience in it. Does anyone know/recommend an open-source project (or other similarly noble effort) in need of graphic design?

I posted a thread on reddit asking the same question, so if you have any suggestions, I’d prefer you post there (but here is also OK if you’re Web 2.0 phobic).

Of course, the obvious elephant in the room is “why not Ubuntu artwork/marketing”? She’d like to, but from our impression it’s mostly “post something complete and maybe we’ll use it”. If she can do graphic design for Ubuntu, while getting direction and feedback, she’d be more than happy to.

JoeTerranova.net

The LoCo Team went to the Trenton Computer Festival on April 25th and 26th.

Here are some pictures (courtesy of Christina):

The rest of the pictures can be found here.

While at TCF, I gave a presentation on VOIP, Asterisk, and FreePBX. As promised, here are the presentation slides.

I’ve also written a how-to on how to set up Asterisk and FreePBX in Ubuntu. The how-to can be found here. If I’ve left out a step, done something incorrectly, or if you have a better, cleaner way of doing something, feel free to edit the article, or let me know. I’m open for putting the how-to elsewhere (the Ubuntu wiki, voipinfo.org, etc) if people want me to.

JoeTerranova.net

I am happy to report that three major independent library automation user groups have agreed to co-endorse the International Coalition of Library Consortia (ICOLC) Statement on the Proposed OCLC Policy for Use and Transfer of WorldCat Records, dated May 11, 2009. The user groups represented are Ex Libris Users of North America (ELUNA), Unicorn Users Group International (UUGI) and Customers of Dynix, Inc. (CODI), Combined they represent over 2500 libraries. This is the first time I am aware of different library automation user groups coming together to co-endorse any statement or position. As a member of the ELUNA Steering Committee I am also happy to say that it came together very quickly. It is apparent that many librarians and organizations representing librarians are very concerned about the proposed policy. The statement reads:

The leadership of three library vendor user communities in North America have agreed to co-endorse the the International Coalition of Library Consortia (ICOLC) Statement on the Proposed OCLC Policy for Use and
Transfer of WorldCat Records, dated May 11, 2009 (http://www.library.yale.edu/consortia/statement-oclcrecorduse.htm).

The Ex Libris Users of North America has 313 institutional members, including consortia, in the United States, Canada, Mexico and the Carribean and represents approximately 1950 libraries in these countries that license Ex Libris’ library applications and systems.

The Unicorn Users Group International (UUGI) represents 250 institutional members, including consortia, in the United States and Canada representing libraries that use the SIRSI Unicorn ILS.

The Customers of Dynix, Inc. (CODI) represents 532 institutional member libraries, including consortia, in the United States, Canada, Australia and the United Kingdom representing libraries that use the Dynix ILS.

Pascal V. Calarco
ELUNA Steering Committee Chair, 2009-2010
University of Notre Dame/Michiana Academic Library Consortium
Notre Dame, IN

Carla Clark,
Chair, UUGI
Noel Memorial Library
Louisiana State University in Shreveport
Shreveport, LA

Colleen Medling
CODI President
Salt Lake County Library Services
Salt Lake City, UT

Adding some updates with indications. - 13 May 2009. More updates. - 1 June 2009.

Today, I was in the midst of info security discussions about a Chinese operating system called "Kylin". This set of discussions was launched by a Washington Times article by Bill Gertz today, "China blocks U.S. from cyber warfare". The article claimed: --- China has developed more secure operating software for its tens of millions of computers and is already installing it on government and military systems, hoping to make Beijing's networks impenetrable to U.S. military and intelligence agencies. The secure operating system, known as Kylin, was disclosed to Congress during recent hearings that provided new details on how China's government is preparing to wage cyberwarfare with the United States. ---

The hearings mentioned by the Washington Times included the 30 April 2009 US-China Economic and Security Review Commission's Hearing on China’s Propaganda and Influence Operations, Its Intelligence Activities that Target the United States, and the Resulting Impacts on U.S. National Security. At that hearing, Mr. Kevin G. Coleman, Senior Fellow with the Technolytics Institute was on the panel concerning Chinese cyber-espionage directed at the US. In his opening statements, Coleman stated:

---
Chinese authors believe the United States already is carrying out offensive cyber espionage and exploitation against China. China therefore must protect its own assets first in order to preserve the capability to go on the offensive. While this is a highly unpopular statement, WE ARE IN THE EARLY STAGES OF A CYBER ARMS RACE AND NEED TO RESPOND ACCORDINGLY!

This race was intensified when China created Kylin, their own hardened server operating system and began to convert their systems back in 2007. This action also made our offensive cyber capabilities ineffective against them given the cyber weapons were designed to be used against Linux, UNIX and Windows. Refer to our report - RED SOS.
---

(I was not able to find the RED SOS report online yet.)

Looking at my Twitter feeds throughout the day, I was seeing much tweeting about Kylin OS. Then, I mentioned the topic to Heike of The Dark Visitor blog about Chinese hackers. As I kept learning more about Kylin, it became clear that I should compile the information and post it on this blog.

The Kylin Web Site

Kylin's Web site is at http://www.kylin.org.cn/
[Rough rendition of the site into English via Google Translate]

By the way, some people have noted that, ironically, the site for a secure OS has an SQL injection vulnerability.

Kylin OS History

I learned that the Kylin OS has been around for several years, going back to 2001.

China Military Online, a Web site sponsored by the PLA Daily of the Chinese Peoples Liberation Army, reported in February 2005 of the development of Kylin as a the PRC's own operating system that could replace foreign OSes. The Kylin OS was developed by the University of Science and Technology for National Defense (affiliated with the PLA). The project began when...

---
In 2001, the central government decided to assign the mission of developing an operating system with independent intellectual property right, a major special project of the state's "863 Hi-tech Program", to the Computer Science Institute of the National University of Defense Technology. Upon receiving the mission, the institute swiftly organized a strong scientific and technological task group to brave difficulties and hardships and make bold innovations. Eventually, the group succeeded in making breakthroughs in a series of core technologies and developed the first 64-bit operating system with high security level (B2 class)-the Kylin server operating system. The system is not only compatible with the mainstream operating systems in the world, but also supports several multiple microprocessors and computers of different structures. In addition, the system is also the first operating system without Linux kernel that has obtained Linux global standard authentification by the international Free Standards Group (FSG).
---

In December 2006, Xinghua reported about Kylin OS. One of the things this report mentioned was that the University had signed an agreement with the LENOVO for production and application of the Kylin system.

FreeBSD Roots?

Information Warfare Monitor has a post "Kylin operating system plagiarized from the FreeBSD5.3?" and pointed to the Dancefire site with it comparison of Kylin and FreeBSD 5.3. The similarities between the two OSes reportedly reached 99.45 percent.

The interesting Kylin information is under the Dancefire site's News section, which is in Chinese. The good news for those of us who cannot read Chinese is that Google Translate does a passable rendition of the texts. (Kylin is rendered by Google as "Kirin". I don't think it has anything to do with the Japanese beer. Does it?)

ADDED 1 June 2009: Jumper at The Dark Visitor blog has been taking a look at Kylin and has a good posting there.

How "Secure" is This "Secure OS"? [added 13 May 2009]

Much of the reporting about Kylin, including the PRC's PR about the OS, seems to take the claims it is a "secure OS" at face value. But I have not yet come across any extensive security testing of Kylin. Also, I am wondering how much ongoing security support for Kylin is there. I mean things such as security patches, forums, etc.

Security researcher Dancho Danchev raises several excellent points that challenge the notions that the PRC's (or any other country's) "secure OS" poses a real threat to the US cyber-offensice capabilities.  Danchev writes regarding the "re-branding" of FreeBSD as Kylin and about the limits of "national security OSes":

---
All warfare is indeed based on deception, especially when you’re re-branding.

The rush to participate in the “national security operating system” arms race is pretty evident across the world, with the European Union’s secure OS Minix, the U.S Air Force new ‘secure distribution of Windows XP‘ and Russia’s interest in a similar secure OS.

What everyone appears to be forgetting is the fact that security is proportional with usability, and as well as the fact that complexity is the worst enemy of security.
---

Then, Danchev provides the example of a US penetration test of a US government site and found "763 high-risk, 504 medium-risk, and 2,590 low-risk vulnerabilities, such as weak passwords and unprotected critical file folders.” The assortment of applications on the systems and their complexity gave ample footholds for exploitation. Then, there are human factors, including human foibles, that can affect security. Although better designed or hardened OSes can help, they are but one component of security.

So is the PRC's Kylin a Part of Cyber-Warfare, Cyber-Security, or Both?

It's both. (Note, I am leery of the cyber-warfare term. It can encourage massive, costly projects and bad analogies.)

I understand Mr. Coleman's concerns about cyberwarfare aspects and how the PRC's cyber-defence could hinder US cyber cababilities against their systems. But, we should not deem overall attempts to have more secure operating systems as "warfare" in a sinister sense per se. Improving cyber-security is something that we all should be doing. Being "peaceful" in the networked world does not mean having servers running unpatched Windows. The US, UK, etc. should be encouraging their government, corporate, and infrastructure systems to be better secured. (The US has done projects such NSA's work on Security Enhanced Linux. Some might call that as an example of US cyber-warfare.)

Special thanks to

• The Information Warfare Monitor [Web] [Twitter]
• "Heike" on The Dark Visitor
• Richard Stiennon for the @Cyberwar tweets on Twitter.
  Added 13 May 2009:Stiennon has a good posting, "Kylin reports unsubstantial" on his Threat Chaos blog. That post references my post here.

Regards,
Jonathan D. Abolins

The International Coalition of Library Consortia (ICOLC) has released it’s “Statement on the Proposed OCLC Policy for Use and Transfer of WorldCat Records.” I think it is good to see them issue a statement on this. I wish it was worded a little stronger, but it still calls for OCLC to start-a-new which would be a great thing. I hope, and expect, that we see more library organizations weigh in on this.

Thanks to the power of twitter, I have found a blog that is publishing Dracula in “real time.” Bram Stoker’s Dracula is an epistolary novel, which is a novel written as a series of letters or diary entries. The blog is adding new entries on a the day that it was written by the narrator “so that the audience may experience the drama as the characters would have.”

I have never read Dracula but I have subscribed to the Dracula Atom feed and will be following along. This is a great use of social media and I suspect others will publish epistolary novels this way.

Google just announced a new Public Data Search Feature. You can use it to search for population or unemployment rates in the US. Just go to Google and type something like “population broome county” and you will see the new feature. It is pretty neat but I’d like to know what other data might be available. As far as I can tell from the help page right now they only have US population and unemployment data. Hopefully they’ll be adding more data sources in the future.

"Linux Breaks 1% on the client!"
http://marketshare.hitslink.com/operating-system-market-share.aspx?qprid=8&sample=35

Towards the end of last week, OCLC announced a “quick start” version of the OCLC WorldCat Local service. I was at ELAG last week a and traveling so I didn’t have a lot of time to look at it until today when I watched the Webinar they offered. There are really two separate, but related things going on here. One is that they are providing a limited version of Local WorldCat at no additional cost to First search Libraries. They are calling it WorldCat Local “quick start”. I think that is a silly name so I’m calling it Mini-Local World Cat. The other part of the news is that they are expanding Local WorldCat to include more traditional Integrated Library Systems (ILS) functionality. While both a significant announcements, I think the latter part is more game changing.

First, lets look at the examine Mini-Local World Cat. This new service “provides a single search result that delivers your library’s resources and those of the world’s libraries.” It is basically another discovery layer that can be used on top, more likely at this point, in addition to your ILS. It doesn’t have all of the features of WorldCat Local, but it has most of the features a single library would want. According to the FAQ, some features that the “full” version of WorldCat Local has that the mini version does not include:

• Interoperability with multiple ILSs
• Visibility of group/consortium-level collections in search results
• Interoperability with consortial borrowing systems to surface smart delivery options to searchers.
• Ability to display branch-level holdings when Local Holdings Records are present.
• Full suite of statistical reports.
• Expanded search functionality coming in July 2009:
  • Search electronic content in OCLC and non-OCLC services
  • Integrate results from WorldCat and your library’s licensed content services in a single result list
  • Initially, 100 of the most widely used, licensed resources from multiple providers will be active on the service, with more databases and other materials being added each month

• .

What does this mean for libraries? I’m not sure really, but I do think it does take aim at some of the discovery products that interact with the ILS. Proprietary products such as Encore and Primo as well as Open Source projects like BlackLight, VUFind and xC are now on notice that another competitor is in the marketplace with a great price point and because of OCLC’s monopoly on library metadata, it is going to be hard, if not impossible, for other products to offer some of the functionality that the mini Local Worldcat can (and this is even more the case for the full version). If my library can get a modern discovery tool at no additional cost with the power of the WorldCat data behind it, why should I pay extra for something like Encore or go to the trouble of installing, hosting, and maintaining VUFind?

The other portion of this announcement is the part about expanding Local Worldcat to include more traditional ILS features like circulation and acquisitions and moving them into the cloud. As Karen Combs points out, this isn’t really a surprise. They have been doing a number of things building in this direction. In many respects, this also isn’t a new idea. Ex Libris announced they wanted to do this two years ago with their new URM product. The difference is OCLC has the data to make this work and with the proposed changes to the OCLC WorldCat record use and transfer policy, they may not be able to get it. As Andrew Pace says, this is “a first step to WorldCat Local and to a truly next-generation cooperative library management service.”

In many ways having something like OCLC do this could be a good thing for libraries. Very few libraries are in finical position to do things that OCLC can. This type of innovation may be what libraries need to survive and thrive into the future. But at the same time, danger abounds. With OCLC controlling the data and the software, choices will become limited and OCLC may not always be on the fore-front of innovation. If this move servilely inhibits innovation by the vendor and Open Source community, we may find ourselves in trouble. As Tim Spalding points out, this “move casts new light on [OCLC's] Policy defenses. OCLC isn’t ‘curating’ library records; it’s leveraging them to enter a new market. WorldCat isn’t a ’switching mechanism’ to local catalogs. It will replace them.”

Two things really are loaming over this announcement that I think will have to be addressed at some point. One is the record use policy creating an illegal monopoly? In many ways I think what they are doing, while in a smaller venue, is more monopolistic like then say what Microsoft did with Windows and Internet Explorer. The second issue is OCLC’s status as a nonprofit membership cooperative. As Josh Hadro writes, citing Carl Grant, in his Tough Questions Emerge on OCLC’s Competitive Advantage and Data Policies piece, “OCLC seems remarkably and increasingly similar to the for-profit vendors in the marketplace.” The non-profit status allows OCLC a huge finical benefit compared to companies such as Ex Libris or III. Between the non-profit and record control, I have to imagine someone will call the bluff and bring some sort of legal challenge. I don’t know what a result of such a challenge will be, but it will be interesting. I think libraries ought to look at what giving all this power to OCLC will mean for libraries in the long run. Not just from a monopolization standpoint, but also from an outsourcing situation. Do we want to outsource many of our core back-office systems to OCLC and the cloud? What are the ramifications of such a decision. Individual libraries should look at this closely before jumping aboard the OCLC cloud bandwagon. In some cases maybe it is worth the risk, but in many cases it may not be and only by evaluating alll the issues surrounding this will libraries be able to make an informed choice.

As they say, may you live in interesting times. This is certainly an interesting time in library technology.

A screensaver wastes power when it shows you the pretty graphics. It keeps the screen out of power-save mode and keeps the CPU and GPU active.

This is my attempt to quantify just how much power the screensaver wastes for just one average Ubuntu user. Using the default Ubuntu setup the screensaver starts after 10 minutes as a blank screen and it asks the monitor to sleep after 40 minutes. *Diff = difference between device in normal operation and power save mode in watts.
Variables

• % CRT Use: 50%
• Diff CRT: 60
• Diff LCD: 25
• Time screensaver is active a day: 2 hour

.50 * 60 + .50 * 25 = Diff Avg Monitor 42.5 Watts (also Watt hours)
Total for one user per day is 85 Watt hours.
That is 31 KwH for a year. Or at $ .15 a KwH, $5.

Variables

• User Base Of Ubuntu Desktop: 10 Million
• Diff Screensaver: 85 Watt-hours (a day)

That is 850 MWH (Million Watts) a day for all Ubuntu users.
That is 31 GWH a year. Or somewhere in the range of $46,537,500 a year.

Please if you can get more accurate variables please tell me about them, also send corrections. Kill the screensaver, Save the World.

I've been teaching courses at the local library for some time now (almost a year now). I've been meaning to make my materials public. Here are a few of them.

Course - "The Best Free Stuff on The Internet: Introduction to Free and Open Source Software"

Description
Need new computer software that won’t break the bank? A quiet revolution is growing in the world of computer software. You may have heard of it simply as a source of software for free, but it’s far more than that. This program introduces some popular free software like Firefox, OpenOffice and Linux. Come learn about these reliable, easy-to-use, and, most importantly, free software.

Presentation BestFreeStuff.odp
Before you present review all linked sites for familiarity, yes I provide links to the free stuff more than describing it.

Handout BestFreeStuff.odt
Change the local resources at the bottom before use!

Course - "Safely Exploring the Internet with Mozilla Firefox"

Description
Learn how to browse the Web like a pro with the Mozilla Firefox Web Browser. You will learn how Firefox protects you from threats, techniques for searching and browsing the Web, and tips to keep your browsing experience organized.

Presentation FirefoxSecurity.odp
This just covers a couple key Firefox Security features. I usually do the rest as a hands on exercise having the students do various things. Look here for ideas.

Here is a starting point, go out and teach a course! Also, looking for suggestions/comments for my current materials.

Response to "I eat FUD like you for breakfest"

I suppose I am one of the vocal minority you are speaking about. A little known guy by the nickname of RMS is another. And yes there are others that go a little overboard.. on both sides of this debate.

First off, we obviously do care about patents. Ubuntu doesn't play MP3s out of the box. And no, it isn't just because we like Ogg (or FLAC) better.

Let me make this clear. In a patent-free world I would still not like Mono installed by default in Ubuntu. Why? Because we let Microsoft be the leader, we follow. They create .NET, we follow. They modify it, we follow again. We do need to follow Microsoft on some things in order to compete (like opening .docs) but we should choose our battles wisely.

I, however, am completely fine with Mono "stealing" development resources from all the other programming languages. Because,it's not stealing resources, someone is volunteering or being paid to do the work and odds are they are having fun doing it.

It is their choice if they want to work on Mono or a complete reimplementation of a good Mono application in C++ so it's faster, uses less memory, and is in their favourite language.

You eat pieces of FUD for breakfast? Perhaps you should stop following Microsoft.

Normally, I'd be speaking about computer "pathogens" but, for a change, I'll speaking at the New Jersey Infragard chapter April meeting. The meeting's theme is Pandemic Flu Planning.

My presentation is:

Lessons for the 21st Century from the 20th Century History of the Flu:

There were three major influenza pandemics in the 20th Century. The 1918-19 "Spanish Influenza" was particularly deadly, killing anywhere between 30 and 50 million people around the world. The 1957-58 Asian flu was not as deadly, but still killed about 70,000 Americans. The "mildest" pandemic, Hong Kong Flu of 1968-69, caused about 34,000 US deaths. Then there was the 1976 "Swine Flu" abortive pandemic and a nationwide vaccination program which some called a fiasco.

What lessons for today can we glean from these events decades ago? This presentation will point out lessons to help us to better prepare for future pandemics.

Also speaking will be Heather Benamati, MPH, CHES, Health Services, Human Services Coordinator of the Bernards Township Health Department. She focus upon public health aspects of pandemic flu preparedness. There will be a third speaker who'll cover business contingency planning.

Date:		Tuesday, April 21, 2009
Time:		9:30 am to 10:00 am - networking session 10:00 am to 1:00 pm - the Chapter meeting
Location:		AFFINITY FEDERAL CREDIT UNION 73 Mountain View Boulevard Basking Ridge, New Jersey 07920. [Map] [Directions] Parking will be available at the Credit Union for attendees.

If you are near Central New Jersey and are interested in creative ways to improve energy use, environmental sustainability, "reducing your carbon footprint", and similar topics. you might like this meeting

From a MAKE:Princeton announcement...

<<---
All,

We have a MAKE:Princeton meeting tomorrow! This one will be inside
and away from flame as we discuss sustainability, energy, and ways to
make your home more energy efficient. Discussion will include an
analysis of (1) how energy is used in a home, (2) how energy is wasted
in a home, (3) how wasted energy can be reduced or reclaimed, and (4)
different ways to think about energy efficiency.

And, since this is make, feel free to bring your projects to show and
tell and bring a friend.

Where: Room 039, East Pyne Hall, Princeton University Campus [Visitor Info]
When: Tomorrow, 15 April 2009, 7:00pm
What: MAKE:sustainability
Who: You and your friends.
--->>

I am one of the MAKE:Princeton members. The group has some bright, creative people and the sessions are interesting techie brainstorming learning sessions. You don't have to be coder, engineer, or a techno-geek to enjoy the meetings. We are looking for creative people who like to find new ways of solving problems or doing cool things. Tinkers, Hackers, Artists, what-have-you.

Alas, I have other obligations for Wednesday nights until mid-May, so I won't make it out to this meeting. But I encourage interested people to attend.

Cheers,
Jonathan "J.D." Abolins

Marcus Carey of SunTzu security firm & founder of DoJoSec		The March 5th DoJoSec was the second one of their monthly briefings I have attended. Although it is almost a three-hour drive from New Jersey, these evening sessions have been worth attending. I had to miss April's session because of schedule conflicts, but plan to attend the upcoming sessions of what has been called "dinner theatre for security geeks." Since the videos of the presentations are available (embedded & linked on this page), I won't bother summarising them in detail. Just watch the videos. Rather, I'll highlight some of the things I found especially interesting in the presentations. iPhone Forensics - Walter Barr and Sean Morrissey I had heard much about iPhone forensics from Jonathan Zdziarski, so I was interested in hearing what these fellows had to say on the subject. One of the interesting aspects of the presentation was the influence of the speakers' different professional background when it came to the issue of "jailbreaking" iPhones in the course of forensic examination. Morrissey came out of law enforcement background while Bar did not. This difference was the most evident when they covered "jailbreaking" iPhones to extract evidence data. Bar saw jailbreaking as an option. Morrissey strongly insistented that jailbreaking should not be used. Besides Apple's claim that jailbreaking iPhones is illegal, the use of "hacker tools" might open up challenges in court where opposing attorneys imply one is using "criminal" or somehow suspect tools. He exhorted the audience to do forensics right so we don't have bad cases and alluded to the forensic problems in the OJ murder case. The "hacker tool" & potential for court challenges stirred up quite a lively discussion during the Q&A. Some people pointed out that valuable security/forensics tools such as Wireshark could be maligned as "[criminal] hacker tools" and yet we use them, so why avoid jailbreaking tools. The problem appears to be that jailbreaking tools don't have as strongly established reputation for constructive uses as do Wireshark, nmap, nessus, and many other dual-/multi-purpose tools. Snort - The Forensics Tool? - David Warren Because I have been dealing with malware and network analyses recently, I was particuarly interested in seeing what Warren had to say. The main thing I got was that Snort's rules features and its support for extensive text and hex pattern searches make it handy for going through packet capture data. Cyberwar is BS - Marcus J. Ranum I looked forward to hearing Marcus Ranum's take on popular cyberwar concepts. I had read his thought-provoking "Six Dumbest Ideas in Computer Security" and saw that even if I didn't agree with everything he said, his ability to make us think more deeply about security was a valuable talent. Ranum's presentation was even better than I had expected. I am not even going to bother summarising anything else from it. Just view the video. enjoy, and think! Cheers. Jonathan "J.D." Abolins P.S. Dustin L. Fritz has more photos from the March DoJoSec Monthly Briefing on his blog.
Bar & Morrissey speaking on iPhone forensics
DojoSec Monthly Briefings - March 2009 - Wally Barr & Sean Morrissey from Marcus Carey on Vimeo.
David Warren reminding us of computing in the early 1980s. Remember the TI-99/4A home computer?
DojoSec Monthly Briefings - March 2009 - Dave Warren from Marcus Carey on Vimeo.
Marcus Ranum speaking on cyberwar
DojoSec Monthly Briefings - March 2009 - Marcus J. Ranum from Marcus Carey on Vimeo.

There was an interesting piece about students studying Walt Whitman called “Whitman Takes Manhattan” on the Chronicle of Higher Education Web site. The article discuses how students from

CUNY’s New York City College of Technology — will explore the Fulton Ferry Landing that Whitman described in the poem and record their investigations on a Web site. Meanwhile, thanks to open-source software, students at three other institutions — New York University, Rutgers University at Camden, and the University of Mary Washington, in Virginia — will be recording their own literary and geographical explorations of Whitman’s work on that same Web site

The Open Source Software in question is Wordpress Mult-user along with two sets of themes, CommmentPress and BuddyPress.

CommentPress was developed by the Institute for the Future of the Book. It’s tag line is A WordPress Theme for Social Texts. It “allows readers to comment paragraph by paragraph in the margins of a text.”

Buddy Press is a suite of WordPress plugins and themes that aims to allow members socially interact. I.e., it makes WordPress more of a social media site then a typical blog.

It will be interesting to see how this works out. Teaching an online course I know that many of the course ware systems really don’t do a great job in areas involving social interaction.

.

Recent studies of teenagers' online behaviour report that one in five teens have snet nude or semi-nude images of themselves to others via mobile phones or computer networks. In the midst of several child pornography prosecutions of teenagers for "sexting" in the US, this 1 in 5 statistic is jolting.

But this 1 in 5 stat might be misleading as Carl Bialik, the "Numbers Guy" of the Wall Street Journal, explains. Among the things he brings up are:

 

• The self-selecting factor in which teens are more likely to answer the survey. The online poll-takers are more likely to be "Internet cowboys & cowgirls" who might be more likely to do sexting than other teens.
• The definitions of teens included 18 and 19 year olds, who are technical both teens and young adults.
• The definition of "semi-nude" is vague and the stats don't break out the number of respondents who sent nude images versus those who sent "semi-nude" images. One psychology professor commented, " "Most of the mainstream media uses semi-nude models to sell us things -- so why is it surprising if teens have modeled this?"

Interesting column.

Jonathan D. Abolins

While I’m not surprised, I am disappointed that the Rutgers Board of Governors approved the name change of Rutgers University’s School of Communication, Information and Library Studies (SCILS) will be known as School of Communication and Information. The name change will go into place on July 1, 2009. I know that the administration says that the School says they are not diminishing the commitment to the MLIS program, but it seems obvious to me that is not true. Dropping the name out of the School’s name, in and of it self, is diminishing the importance of its largest graduate program — even if funding and support stay steady or increase. Words mean something, and so does the lack of words. A communication school should know that.

Mirrors is my attempt at creating a remix or respin of Ubuntu. Although this first phase is nothing more than a customization of the included packages and changing of default themes and wallpaper. The goal for this release was to get in the range of using 100 mb of ram in the initial liveCD boot. It is close, but still needs work.

It currently only exists as a script for use by UCK. Among the major things it removes are:

• Evolution
  
• Tomboy
• F-Spot
• Pulseaudio
• Gnome-pilot
• Screensavers
• Bluetooth
• Virtual Terminals 2 - 6. Saves about 10 megs on livecd

This is not necessarily because I think these are "bad". It's just I don't use them and am tired of them taking up space / memory / processor cycles. Download it from here.

It was bound to happen...

The Guardian abandons the printing press in favour of Twitter tweets!

1 APRIL 2009: Twitter switch for Guardian, after 188 years of ink

<<---
The move, described as "epochal" by media commentators, will see all Guardian content tailored to fit the format of Twitter's brief text messages, known as "tweets", which are limited to 140 characters each. Boosted by the involvement of celebrity "twitterers", such as Madonna, Britney Spears and Stephen Fry, Twitter's profile has surged in recent months, attracting more than 5m users who send, read and reply to tweets via the web or their mobile phones.

[...]
"[Celebrated Guardian editor] CP Scott would have warmly endorsed this - his well-known observation 'Comment is free but facts are sacred' is only 36 characters long," a spokesman said in a tweet that was itself only 135 characters long.

[....]
A mammoth project is also under way to rewrite the whole of the newspaper's archive, stretching back to 1821, in the form of tweets. Major stories already completed include "1832 Reform Act gives voting rights to one in five adult males yay!!!"; "OMG Hitler invades Poland, allies declare war see tinyurl.com/b5x6e for more"; and "JFK assassin8d @ Dallas, def. heard second gunshot from grassy knoll WTF?"
--->>

Although this blog will stodigly continue with its more than 140 characters posts, I realise that much of the world is heading towards compressed communications. The growth of information flowing around the globe makes the nuances and details of tradition prose actually dangerous to the average human brain. The extra bytes threaten to cause the brain to dump its core, leaving the victim drooling and babbling.

Biographies would benefit from Twitterisation as well. Once everybody's bio is reduced to 140 characters or less, we'll learn how much alike we all are.

Tweet dreams!
Jonathan D. Abolins

If you've got some time go check out and test Fedora Beta. It was released today and incorporates some very exciting features. Particularly for me:

"Further improvements to the boot process that include NVidia, ATI, and Intel video adapters, using the revolutionary kernel mode setting feature in an effort to cut boot time and provide pleasing visuals." - and lay the ground work for better 3d and video performance, better suspend and resume, not running X as root, and a bunch more.

Ubuntu will likely adopt kernel mode setting in the Karmic Koala release but if we test it and find the bugs now we could get less bugs later. You can read the Red Hat Press Release here. And grab the torrents here.

So apparently some don't like that Ctrl-Alt-Backspace is going away. Others say this will motivate us to fix bugs.

Once upon a time I was new to Ubuntu and was somehow accidentally pressing Ctrl-Alt-Backspace and couldn't figure out what the heck was going on. I was using multiple workspaces (key combo Ctrl-Alt-Arrow Keys and editing documents). Needless to say, it took me a long time to figure out what the cause was.

The bottom line is Ctrl-Alt-Backspace is the WRONG way to help people regain control of their computer when a runaway application or buggy driver is not letting go. What if they are doing something important?
No! Going to a terminal through Ctrl-Alt-F# is still WRONG. Why should our users need to know the command line, if there system goes crazy? They should not.

Most users aren't going to use either of those, they are going to restart the machine, thus losing all their data.

But there is a key combo many users know that on Windows can help them kill a runaway application and get back the rest of their applications. Ctrl-Alt-Del. It is by far the most user friendly way for a user to regain control of their misbehaving computer. From this discussion we do have a need for it. I'm also not planning on holding my breath for there to be no bugs in Ubuntu or any software package for that matter (that's not to say we shouldn't try). Our users deserve a user friendly way to keep them (and not bugs) in control of their computer.

Oh and they just moved the key combo for Killing the X server to something less likely to be pressed. DONT DO THIS! Finish reading your tabs, close your documents, etc.
Right Alt - Print Screen - K (Alternate Screen Kill, I like :)

Tonight, CBS-TV (US) programme 60 Minutes just ran a segment on "The Conficker Worm: What Happens Next?"

<<---
The Internet is infected. Malicious computer hackers have been creating more and more weapons that they plant on the Internet. They call their weapons viruses and worms - they're creepy, crawly toxic software that contaminate our computers without our ever knowing it. You can be infected by simply visiting your favorite Web site, or just by leaving your computer on, overnight while you're asleep.

[...]
One of the most dangerous threats ever, a computer worm known as "Conficker," is spreading through the Internet right now. By some estimates, 10 million computers have been infected worldwide.
--->>

While the segment had a couple of interesting moments, I did not find it to give a good understanding of what's going on with Conficker.c worm.

I found Washington Post's Brian Kreb's piece, "Conficker: Doomsday, or the World's Longest Rickroll?" to give a better perspective:

<<---
Computers already infected by the worm are supposed to be automatically updated with some unknown software component on April Fools Day. That's more or less the sum of what computer experts know about the rhyme or reason behind this worm, but it hasn't stopped pundits and the press alike from issuing ominous warnings.
--->>

Krebs points to various examples of press reports with dire warnings of things such as "an undercurrent of potential chaos building - a malicious piece of code that has already prompted the French military to ground some fighter planes."

(George Hulme's Information Week security blog had similar overview of Conficker.c FUD reports.)

Much of the speculation is coming out the mystery concerning the worm's author's motives. So far, nothing obvious, such as financial gain from spams & scams, has been noticed. The code, especially for the c variant, is rather clever and sophisticated. (SRI International has an excellent technical analysis of the Conficker.c code and behaviour. Note: due to the worm's interaction with various Internet sites, even good analyses such as this one cannot predict what will happen later on.)

Krebs noted that perhaps the biggest impact of the Conficker worm will be it serving as a motivator to get international cooperation in trying to block the registration of domains to be used for the worm.

<<---
What I find most fascinating about Conficker is that its real legacy may well turn out to be beneficent. To date, there really hasn't been a threat that has given countries on opposite ends of the globe a unifying, urgent reason to work against a single Internet menace. Yet, due to the work of the Conficker Cabal and affected parties, that is starting to change.

"We're literally relying on people in Latvia to protect computer networks in Brazil, and the other way around, too, so each country has some capability and some responsibility once they understand the role they can play here," Wesson said. "No matter what happens with Conficker, it's created something here....a beautiful opportunity to bring cyber security to the kitchen table."
---->>

I, too, think is a great development.

Other Resources

• F-Secure has a helpful Conficker FAQ and a free Conficker removal tool.
• Byron Acohido's Conficker Timeline.

Regards,
Jonathan D. Abolins

Recycling is good when it is papers, plastics, and metals. But recycling old Hotmail addresses that haven't been used in over a year, can cause problems as I'm learning from a LiveJournal news item Keeping Your Journal Safe:

<<---
Recently some journals and communities have been broken into, their contents deleted, and their owners locked out. We want to explain how this can happen and give you some steps you can take to help prevent this from happening to your journal or community.

First of all, we would like to dispel the rumor that these break-ins have something to do with the accounts that have recently been friending large numbers of users (sometimes called friending bots). We do not believe these are related. The problem appears to stem from Hotmail's policy of recycling inactive email addresses.

The recent break-ins resulted from hijackers finding and accessing lapsed Hotmail accounts that were used with LiveJournal accounts and publicly displayed on Profile pages in the past. You should be aware that Hotmail recycles email addresses that haven't been used in more than a year. If you validated a Hotmail address for your journal and displayed it publicly in the past, but then let the address lapse, someone who finds and re-registers that address can use it to obtain control of the journal.
--->>

The new "owner" of the Hotmail address could use the LiveJournal services' help for lost passwords to the get the password info sent to the Hotmail address. LiveJournal has no way of knowing that the email address has been recycled.

Other sites may be vulnerable to the recycled Hotmail address exploitation of the "forgot password" functions. All too often, there's an assumption that only you will have access to the email address associated with you. (Then there is the security economics where for most sites it is more cost effective to email the password info than to do extensive checks of the requesters. If it's a free email service, what do you expect?)

Some countermeasures:

1. Review online accounts at Web/blog hosting, online banking, etc. services periodically to make sure that the email and other contact info is still correct.
2. Use additional security features, such as "secret questions" for your online accounts, if available.
3. If abandoning an email address, let your more important contacts know so they don't send anything sensitive to the old address. Abandoning an email account does not mean it will never resurface.

Remember to recycle those electrons!
J.D. Abolins

There are other posts about regular boot times, so how about the worst case, file system checks. That's that check that runs every 30 boots or so just because we are paranoid about making sure the file system is sane.

Boot	Intrepid (est)	Jaunty with ext4
Normal	30 – 45 seconds	18 – 22 seconds
File System Check	5 – 10 minutes	43 seconds

Of course a lot of this is due to the use of the new ext4 file system (ext3 will be the default in Jaunty again because we are paranoid). At 43 seconds I don't mind the file system check nearly as much. Progress. :)

Please go and vote: http://www.nasa.gov/externalflash/name_ISS/index.html

You can vote once a day until the 20th (or including, not sure).

This is going to be my last blog post on this so I thought I'd try my hand at convincing Firefly fans to vote for Ubuntu as a better name for Nasa Node 3.

Might be a weak argument, but wouldn't you rather Serenity be the name for a ship, not a node?
How about the first manned ship to Mars. Any takers? :)

Also Ubuntu really does capture the concept of international cooperation better than any name on that board. "I am what I am because of who we all are".

To recap what I hope to happen if we get in first:

1. Colbert is currently in first place (From a very popular comedy central show)
2. Ubuntu passes Colbert and wins the naming
3. Colbert mentions Ubuntu on his show and eventually (preferably timed about a week after the Jaunty release) ends up inviting Mark Shuttleworth to the show.
4. Many many more users try Ubuntu and other free software. They love it.
   
5. We Win. (http://www.youtube.com/watch?v=ZtdnZNYN0MM)

So, please blog, slashdot it, digg, share, and whatever else you can do to spread the word.Thanks!

I don’t normally do food recipes on my blog, but a couple people on facebook have asked me how I cook corned beef and cabbage in my crock pot. Here is how I do it. I really like the way this comes out, but as they say, your mileage may vary:

Ingredients:

Corned Beef (I like ones with separate seasoning package)

1 head cabbage

Carrots

3 or 4 white or red potatoes (I keep the skin on)

1 Turnip (optional, if you use turnips, make pretend they are potatoes in the rest of the recipe)

1 onion (I usually use red, but it doesn’t matter)

1 bay leaf (optional)

1 or 2 crushed garlic cloves (optional - I don’t bother dicing it, because I’m going to take it out and not eat it)

Water

2 tablespoons of dry white wine OR 1 splash of white wine vinegar

Method:

1.Skin and cut carrots into about 1 1/2 or 2 inch long pieces or so (less if they are thick) (optionally: cheat and use baby carrots)

2. Cut onion up into disks (about 1/3 to 1/2 inch thick… it doesn’t really matter because I don’t eat them)

3. Cut potatoes (usually in thirds, depending on size). I keep the skin on, but do what you want

4. Place onions and carrots on bottom of crock pot (if they don’t all fit, don’t worry, just put them in with the the potatoes).

5. Place corned beef on top of onions and carrots.

6. Place potatoes and any remaining carrots.onions around the corned beef.

7. Cover with water

8. Add wine or vinegar. I’ve also used beer in the past and it was OK, but I think wine is better. If you use wine, for best results place a little extra into chef.

9. Throw in bay leaf and crushed garlic

10. Turn crock pot on low.

11. Make coffee and go to work

12. Come home from work

13. About 20 or 30 minutes before you want to eat (depending on how al dente you want your cabbage) cut your cabbage into wedges. Depending on the size of the cabbage, I either quarter it or cut it into sixths

14. Place cabbage in crock pot.

15. Turn crock pot on high

16. Cook until cabbage is to your liking

17.

Serve with spicy mustard and if you can get it, some nice rye bread. Note: In Binghamton rye bread is not a viable option :-(.

Note: If you cook the corned beef all day, the corned beef will basically fall apart when you try to cut it. I like that, but you may choose to cook a little shorter length of time if you rather have nice slides. If you live close enough to work, you can get everything ready before work and go home for lunch and turn the crock pot on then.

Note 2: If I have some other extra veggies, such as celery, I might throw them in to the pot as well, but I take them out before serving.

I had finally finished my We're Linux video when I find out the Linux Foundations website doesn't support Ogg :(. (I can convert to other formats fine, but still)

On a better note, Go Vote For Ubuntu again in the Nasa Node 3 contest. Bookmark it and vote Everyday.

In the Help NASA name Node 3 of the International Space Station Contest Ubuntu just made it on to the bottom of the suggestion board (Original Post).

Thanks to everyone who voted, but there are still 8 days left!

We are currently sitting in 10th place on the suggestion board. In 9th Place is the name Vista. Hmm...

Again, you can vote once a day. So go vote again (and again).
Vote Here http://www.nasa.gov/externalflash/name_ISS/index.html

Vote Here: http://www.nasa.gov/externalflash/name_ISS/index.html

Help NASA name Node 3 of the International Space Station after Ubuntu. Ubuntu is a great name to capture the collaborative nature of the International Space Station.

You can vote once a day. So, Vote Every Day!

Stephen Colbert is telling his followers to vote for him, challenging him could get us some publicity even if we don't win. (Maybe it could even get my old idea to come to pass)

Note on voting: it appears their CAPTCHA is case sensitive (or maybe just all capital letters?).

Good practical advice in this New York Times tech article. It covers problems such as

• mobile phone losing its charge
• remote car key transponder doesn't have enough range to reach the vehicle
• dried up inkjet cartridge
• mobile phone took a dive into the loo
• extending WiFi reach (has a link to http://freeantennas.com/projects/template/)
• dirty CD or DVD disc -- no, not smut, but schmutz. (a nice excuse for keeping a small botlle of vodka in the office desk. "It's for cleaning my discs, yes, indeed. Oh, the smell on my breath?  Hmmm.....")
• camera flash too bright
• crashed hard disk disk drive.

The site: http://www.modernliberty.net/
Cory Doctrow's post on Boing Boing: http://www.boingboing.net/2009/02/27/tomorrow-is-britains.html

The Modern Liberty site explains why the convention is needed:

We are entering a dangerous period in our country. Economic turmoil threatens profound hardship and disharmony. Disenchantment with politics is growing and even legitimate protest is threatened by an unprecedented programme of challenges to our rights, freedoms and democracy. Sixty years ago Britain was a proud co-author of the Universal Declaration of Human Rights and Fundamental Freedoms. Now it is increasingly centralized, abandoning its historic principles some of which date back to the Magna Carta.
The Government’s continued stated determination to extend detention without charge in terrorism cases to 42 days is one symbol of the damage done to our hard-won rights and freedoms. The Regulation of Investigatory Powers Act 2000 (RIPA), which gives hundreds of agencies access to people’s records without their knowing, is another. The collection of all available records on a huge central database for the use of the authorities is a third.
We believe that such threats can be overcome but only if the public is woken to the dangers. While we may be impatient for action, the issues must be addressed in an open-minded way with as thorough and accessible public debate as possible.
Therefore we invite you to join a Convention on Modern Liberty. It will ask three broad questions:

• Are our freedoms and rights threatened by an over-powerful state and if so how do we defend ourselves from this?
• Are dangers to our security from terrorism and other threats, from climate change to pandemics being used to attack our rights, and how can we best defend ourselves?
• How can we arouse sustained public interest?

We are making Modern Liberty a convention not a conference. We want to bring as many people together to see what common ground can be reached in defence of our freedoms. The Guardian is the main media partner. The Rowntree Reform and Charitable Trusts and the Rowntree Foundation are initial supporters. A wide range of organisations are joining the event from across the political spectrum.
Fundamental rights and freedoms are common to us all. The Universal Declaration recognises ‘the equal and inalienable rights of all members of the human family as the foundation of freedom, justice and peace in the world’. In Britain such values have an even longer history. We are indeed the inheritors of an inspiring tradition of liberty.
At the same time technical advances from information technology to explosives and the threats of catastrophic climatic change have altered the framework of power and fear.
This calls for a renewal of our democratic self-confidence. This is the purpose of the Convention on Modern Liberty. Whether you agree or not we hope you will join us to debate these issues.

British liberties and privacy issues might seem irrelevant to those of us in the US. But I see interplays with what goes on in the UK and in the US. For example, the pervasive public surveillance of British society is often cited as a good example for the US. Unfortunately, the lessons learned in Britain about what works and what doesn't with surveillance don't get noticed as well in the States.

Also, with the new US President and Administration, I believe we will see much reshuffling about privacy, security, and liberties. 20th Century concepts of these values might not hold up well in the 21st Century. It will be important for citizens to learn about the issues and get involved. Learning from other countries' experiences can be helpful.

If you are not able to attend the meetings, the Modern Liberty site will have video and photos.

Here's looking at you,
Jonathan D. Abolins

There is an interesting news brief on The Chronicle of Higher Education Web site about Oregon State University releasing photo collections to Flickr Commons. While OSU already had the same images up on their own Flickr account for seven months they found significant usage increases after putting the photos on Flickr Commons. The article quotes Ms. Edmunson-Morton as saying “When we launched into the Commons, it was literally shocking: Our first week, we had 15,000 image views. And we hadn’t that many in our other Flickr account, total.” More information about the OSU Archives’ Flickr Commons Experience is available on their Web site.

I think using these places are a great way of providing content to users. Many universities, including the one I work at. have put many images in local digital library tools, but get no where the level of use as OSU’s photos are now seeing. I don’t see Flickr Commons as a preservation solution, but it is a great way to provide access to digital collections. Of course, there are many reasons, including copyright, why libraries can’t do this with all of there digital imagea, but it is something I hope more libraries start following OSU’s lead when possible.

From afar it looks like a sea of darkened solar panels in otherwise empty space. In the middle of the panels, dwarfed, by the panel's massive size lies a small ring suspended by the electromagnets surrounding it. The ring looks perfectly round and the inner perimeter is but the outer perimeter is just spinning, tremendously fast. The electromagnets keep pushing it to go faster but they've been becoming less effective.

A probe approaches the spinning ring while the capacitors start charging.

The capacitors discharge causing a flash of lightning that jumps through the ring as the probe disappears from sight.

My participation in the latest meme.

At the beginning of the year, I wrote a post about the demise of JournalSpace. JournalSpace’s demise was caused because they lost all of the data on their database server and didn’t have an adequate backup. Well it has happened again to another Web 2.0 site: the social bookmarking site Ma.gnolia. While Ma.gnolia did have backups, they apparently were not keeping older copies of the backups. There was a data corruption issue on the server, and backing up bad data isn’t going to help when you have an issue. The person who ran Ma.gnolia, Larry Halff was interviewed by Citizen Garden and takes full responsibility and discusses what went wrong. It is a learning lesson for everyone in the Web 2.0 world.

While neither JournalSpace or Ma.gnolia were the biggest in their Web 2.0 niches, it is a big loss to users of these services. I am sure this will happen to other sites, so if you use these sites and you want to make sure you have perpetual access to your data,you need to make sure you have your one backups. Also, if you put one of these services up, make sure you have a proper backup strategy.

Last week after an article on Consumerist.com brought up Facebook’s new Terms of Use (since rescinded), a bit of a kerfuffle ensued. Blogs were full of posts about how this was unacceptable and Facebook groups were formed to protest the change and some people even joined groups say they were going to delete their accounts if the policy wasn’t changed back (or to something else). For a good summary, see Katherine Lynch’s blog post about the situation.

For the most part, I just sat by on the sidelines and smiled. First off, although people didn’t like Facebook’s explanation, they were correct when they explained that section of the policy did say it was subject to a users privacy settings. More importantly, while I would like some things to be kept to my friends, it is just unrealistic to expect in this day and age. Maybe I shouldn’t by so cynical but the reality is that if you share stuff with people, you have to expect that it might get out.

I’m a realist to know that Facebook might find a way to use what I post for some reason, friends can see what I posted so they can share it, and also understand that Facebook is a big target for hackers. Thus, there is nothing that makes me believe anything I post will remain private. I understand this is a trade-off for using this service. With that in mind I don’t post anything I don’t expect others to see. I can understand that might feel only slightly comforting to some, but it is good enough for me.

Also, and probably more importantly, I believe in Open Access. With that in mind, I have no problem with people using the content I post in other ways. In fact about the only thing this latest kerfuffle has changed with my actions on Facebook is that I have decided to explixitly license the my original content that I post on Facebook under the Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States. I am also doing the same with my Twitter account. My ‘dents’ on Identi.ca, like all data on the service, continues to be available under the Creative Commons Attribution 3.0 license.

So I previously created a very simple DTV coverage map, apparently the FCC has a similar idea and it does pretty much exactly what I would have wanted it to do.

http://www.fcc.gov/mb/engineering/maps/

Also interesting is to click on a station and the Gain/Loss map which is supposed to predict what will happen come the new transition date. (Although I haven't actually found a key for it)

Nick O'Neil suggested "10 Privacy Settings Every Facebook User Should Know" at the AllFacebook blog.

This was quite timely. Over the past several months, I've had discussions about social network site and blog mishaps and problematic disclosures. One set of discussions recently was the wisdom of blogging if one is seeking to work in the security or law enforcement field.

Some people say that people heading for such careers would do best to stay off the blogs and social network sites. There are all too many examples of people disclosing too much personal information or posting rants for the world to see.

Then there is the matter of the easy global availability of one's photos and biographical details making a career with covert or undercover work more difficult. An opinion piece in the UK edition of SC Magazine wonders about the impact of social network sites upon available recruits for UK security services. Ken Munro writes:

Donald Pleasance as Bond villain Blofeld. The photo is on this BBC page.

Imagine the scene. James Bond enters the HQ of a criminal mastermind intent on world destruction. Waiting for him are a host of henchpersons, all armed to the teeth. “We've been expecting you, Mr Bond,” says the evil Blofeld, stroking his white Persian cat. “We saw your Twitter update.” The UK's universities are a prime recruiting ground for our intelligence services. Clever, well-versed students apparently make excellent espionage agents. Herein lies the problem: if you're planning on having a second identity for undercover work, it doesn't help if your photos, friends and real name are splattered all over various social networking sites. Try finding a student at a university who hasn't done just that. >>

This concern seems to be more of a British one than an American one. Americans are more talkative than the Brits. Even a look at the two countries intelligence services' Web sites reflect such differences. (Here are the links to the CIA and the NSA for the US and the MI5, MI6, and GCHQ for the UK. Interestingly, both of the US sites have kid's pages, something that seems to be a US only phenomenon for intelligence service sites.)

In this era, people -- especially young people -- who are totally offline are relatively rare and the data holes might draw even more attention. Security service will find ways to adapt. Data profiles might be cultivated to fit cover identities or stories covering data holes might be developed. Some services are finding the value of internal social network tools such as wikis and blogs. And so on.

Still, no matter what is one's career direction, it is wise to learn how the tools one uses work and to manage the message that goes out.

J.D. Abolins

Did the last test of broadcast tv in my area before February 17th. NJN and WHYY join the 1080i HD crowd (total 5 1080i, 3 720P). Other than that no big changes, except didn't see any flaky channels during my last test.
February 9th Results

Should be interesting to see what, if anything actually changes on the 17th.

Another related TV item is how much power we might save from the DTV transition, these are power stats from our HDTV:

Digital Broadcast (OTA): 132
Analog Boradcast (OTA): 171
Digital Cable: 131
Analog Cable: 170

That adds up when you do it to an entire country. Of course thats only a saving with DTV ready TVs, TVs that need a converter box will use more power (the converter box needs power).

On yet another related note, I just watched MacGyver for free on cbs.com (they also have original Star Trek). They have just 1 ad in each of the commercial break segments so I actually don't zone out during them. Clever. Must make a media center that let's me stream that (and hulu) to my TV.

Update Voicepulse replied in a comment to this post. Though my post was a bit venomous, they replied thoughtfully, and they’re considering GPLing their FreePBX module. Keep in mind, while the Freepbx module annoyed me, and the contract annoyed me, I’m still using their service, I’ve switched to it full time, and I may be switching my mother to it if she goes VOIP. A 19 ping (versus 100-120) and 4 channels will do that.

1. Write a FreePBX plugin that automatically creates trunks and inbound routes for people using your service.
2. In the process, do the following
   1. Blindly try to install curl (using yum. On my Ubuntu machine.)
   2. Include FreePBX and your own function files with hardcoded paths for Trixbox, instead of using relative paths.
   3. Make tar.gz backups of my /etc/asterisk directory and quietly add them to your modules directory. Make sure not to do any checks for file size or free disk space.
   4. Write to my sip_general_custom.conf and extensions_custom.conf (bad FreePBX extension! bad!)
3. Use PHP Obfuscator on your code, and copyright it, so that no one can see all the horrible things you’re doing to their system, or figure out why it doesn’t work.

• I installed the extension and saw the paths didn’t work.
• I looked at the code, and was appalled that they obfuscated it.
• I symlinked /var/www/html so that it would install, then found out none of their actions (adding trunks, adding inbound routes) actually worked.
• After seeing some of the fun things it does, I’m quite glad it didn’t work at all!

Thanks Voicepulse! Your rates are good, the voice quality seems great, but emailing you a signed contract and waiting for “verification” was annoying, and I wouldn’t touch your FreePBX extension with 9 1/2 foot poll. Your customers (including me) would probably clean up your mistakes if you GPL’d it. The only downside would be the possibility of helping someone you didn’t intend to.

JoeTerranova.net

I don’t think it was really surprising to anyone that PALINET & SOLINET merger has been approved (PDF). Maybe the initial announcement of the plan was, but at this point I think most of us following it were not surprised by the vote (95% in favor).

I don’t know any more about the merger than any other outsider, but I think the combined PALINET & SOLINET, which will be called Lyrasis, will be a force to be reckoned with. As Library Journal points out, their “combined resources, shared expertise, and improved operating efficiencies to achieve rapid implementation of new programs; greater consortia savings opportunities; extended networking and collaboration among members; innovative technology solutions; and an expanded education curriculum/”

What I wonder is how with this combined mega-organization effect other Regional Service Providers/Cooperatives such as NELINET, NYLINK and MLC? Lyrasis’ vision statement calls for a “regional base and national scope” and says that Lyrasis “will be an acknowledged leader – regionally and nationally – in innovation, collaboration, and effective support for libraries and cultural heritage organizations in helping them fulfill their education, information, and community-building missions.” (emphasis mine)

With online learning and new ICTs they will be able to offer training and other programs and services nationally. Will the smaller regions be able to compete in this environment? Long gone are the days of being the middle-man between OCLC and member libraries was sufficient for these service providers. While it may still be a significant function of regional providers, additional revenue streams and business models are necessary. Will the smaller regions be able to do this alone, or will they have to join with each other, or merger in with a larger group such as Lyrasis? Only time will tell, but there are many challenges (and opportunities) ahead for these organizations.

So, back in college (a whole 3 months ago). A group and I gave a presentation on Free and Open Source Software. The presentation went well until we got to the end where I wanted to show a nice Compiz demo. Unfortunately, right after I made some comment like, "and these are some features Windows and Mac just don't have", the Microsoft mouse decided to die (keeping free software down conspiracy of course :) ). So, needless to say, my Compiz demo was pretty much ruined. (I was able to show multiple desktops, that's it)

That got me thinking that maybe we should at least at boot automagically determine if the user is missing either a mouse or a keyboard and try to help them around that. It became my most popular idea on Ubuntu Brainstorm (http://brainstorm.ubuntu.com/idea/5231/)

I then decided to try to implement it and with a good amount of help got it to work ok on my machine. (The current code is here https://wiki.ubuntu.com/Specs/no-input-recovery).

So, right now, I'm looking for comments, suggestions, testing, what I should do to get it into Ubuntu proper, and output of "xinput list --short" clearly labeled with what you have in the computer at that time and with difference scenarios.
Thanks

On Linux, Flash Media Server only supports Redhat. In February, Markus Bertheau posted a patch for FMS 3, so that it would run on Ubuntu. Based on that patch, here is a patch for FMS 3.5 . It’s patched in a similar way. From the installer directory, run:

patch -p1 < fms-3.5-ubuntu.patch

That gets it to install. I’ve not tried running it though. If you run into problems running it, please let me know.

JoeTerranova.net

If you ever signed up for one of the frequent shopper cards in order to get cheaper prices and wondered if they track what you individually bought, I can tell you from personal experience they do. Today I received a call from an 800 number that turned out to be a recording telling me some ice cream cone novelties were being recalled and that I should return them. The novelties had peanuts on them and apparently they were from the same plant that is blamed for the recent salmonella outbreak. I shouldn’t say I am surprised… it is obvious they are using this data for marketing, however I was a bit surprised when I received the call it was used in this way. I guess the moral of the story is if you don’t want anyone to know you eat ice cream cones, pay for the item without the use of a frequent shopper (or credit) card.

There really wasn’t much new reported by Library Journal about the WorlCat Record Use policy discussion at ALA MW but it is still worth a read. I wish I could have stayed around Denver to attend the session. One thing that I found interesting is that Karen Calhoun is reported to have “clarified that the FAQ was indeed part of the policy.” This is an interesting development because the way I and many others read what is up there it does not appear to be, I have asked via a comment on Karen Calhoun’s blog post about the session to confirm that this is so. Karen also posted the slides from her portion of the session, Creating and Sustaining Communities Around Shared Data: The Case of OCLC, on SlideShare. I looked through them briefly and I think they are worth taking a look at if you are interested in this issue (and if you are a librarian, IMHO you should be).

Calhoun is quoted in LJ as saying OCLC regrets that the “value of participatory decision-making nearly seriously enough.” I am happy to see OCLC openly discussing this new policy (which is now set to be put into place 3Q 2009). I think that they now have a review process in place is a big positive. Obviously, I (and I’m guessing in retrospect OCLC) wish this was done from the beginning. However hindsight is 20/20 and it is better late then never. OCLC pushing back the policy implementation in order to take time to take and consider input is a huge positive. I’m sure many of us won’t agree with the whole policy in the end, but I will feel much better about the situation with a more open discussion then was originally taking place.

I know Dr. Katherine Albrecht from various privacy & cyber-rights conferences. She is the co-author of Spychips: How Major Corporations and Government Plan to Track Your Every Move with RFID. Now, she has a new project as as announced in this BusinessWire press release:

For Immediate Release
January 27, 2008

Dr. Katherine Albrecht to Head US Media Relations for Ixquick.com
Noted privacy expert will help raise awareness for privacy-friendly search engine

The world's most privacy-friendly search engine, Ixquick.com, announced today that Dr. Katherine Albrecht will head up the company's US media relations and marketing outreach efforts.

Dr. Albrecht is a respected expert in the privacy arena, with a decade of experience as a privacy researcher, activist, and frequent media commentator. She is a perhaps best known for her work on privacy issues associated with RFID (radio frequency identification) and retail data collection. Albrecht co-authored the best-selling book "Spychips," and hosts a daily, syndicated radio talk show. Her writings on privacy have appeared in several notable publications, including Scientific American and the Denver University Law Review.

"I'm excited to be working with Ixquick because I'm a huge fan of their product," said Albrecht. "Ixquick.com guarantees to delete all search data so it can't be abused by Big Brother bureaucrats and snoopy marketers. I've been using Ixquick as my own search engine for months, and I can't wait to tell others who care about privacy as much as I do."

Albrecht is in a good position to spread the word, having granted literally thousands of interviews to radio, print, and television journalists worldwide. Executive Technology Magazine calls her "possibly the country's single most vocal privacy advocate and staunchest opponent of technologies that track consumers," and Wired.com calls her a "PR genius."

Albrecht will work from New Hampshire and report to Ixquick CEO Robert Beens at the company's headquarters in the Netherlands. She will be responsible for strategy, execution, and management of all media communications and marketing initiatives in the US.

"We are thrilled to have Katherine on board," said Ixquick CEO Robert Beens. "Her knowledge of privacy and her media experience will be a tremendous asset to Ixquick. We are confident that she will do a great job of educating the American public about search engine privacy and how Ixquick.com can help."

Albrecht holds a Doctorate in Consumer Education and a Masters in Instructional Technology from Harvard University. She received an undergraduate degree in International Marketing from the University of Southern California, graduating with magna cum laude honors.

About Ixquick

Ixquick.com is the world's most private search engine, leading the industry with its promise to delete all user IP addresses within 48 hours of collection. The company's innovative privacy policy and stringent data handling practices have been certified by an independent third-party auditor. Ixquick is the first and only search engine to earn the prestigious European Privacy Seal, which is awarded for adherence to exemplary privacy standards.

Ixquick is owned by Surfboard Holding BV, a Dutch company. Further information on Ixquick can be found at www.ixquick.com Further information on the EU Privacy Seal can be found at http://www.european-privacy-seal.eu/about-europrise

For press inquiries please contact:

Dr. Katherine Albrecht
U.S. Media Relations
877-434-3100 [US toll free]
+1 973-273-2125 [for International access]
kma@ixquick.com

# # #

I have not really used ixquick.com metasearch site much, but now I'll definitely check it out. Whilst Google has many useful features, it also raise many privacy questions. So I am interested in seeing how ixquick.com compares. Their explanation of how ipquick.com protects your privacy is interesting. More on this later.

J.D. Abolins

Tonight, Kenyan singer Samba Mapangala performed at Pan African Inaugural Celebration of President Barack Obama in Arlington, VA. One of the songs he sang was Obama Ubarikiwe (Swahili for "Obama be blessed"). Nice song. The YouTube video on the right is from a performance of the song last September. More info Mapangala's MySpace page PRI's The World story on Mapangala Another The World story J.D. Abolins		The Swahili lyrics say: "There's a new leader in America. Let's applaud him. We wish you long life. Do a good job for us. Viva Obama!" ... "Obama, leadership is a gift from G~d, and you have it. Please help to bring peace, change and hope to all Americans and all the world. We love you!"

The posting's title sounds like a joke involving changing lightbulbs. Something like, "How many techies does it take to wipe a disk clean?...."

But, seriously, disk wiping is a valuable procedure for security, privacy, and confidentiality. A common answer to the number of writes question has been the US Department of Defense's standard seven passes. But is this really necessary for most purposes?

Heise Security reports that one pass will suffice. This is based upon the study Overwriting Hard Drive Data: The Great Wiping Controversy by Craig Wright, Dave Kleiman, Shyaam Sundhar R. S. Heise Security summarised:

They concluded that, after a single overwrite of the data on a drive, whether it be an old 1-gigabyte disk or a current model (at the time of the study), the likelihood of still being able to reconstruct anything is practically zero. Well, OK, not quite: a single bit whose precise location is known can in fact be correctly reconstructed with 56 per cent probability (in one of the quoted examples). To recover a byte, however, correct head positioning would have to be precisely repeated eight times, and the probability of that is only 0.97 per cent. Recovering anything beyond a single byte is even less likely.

Seven passes will, of course, achieve the disk wipe after the first pass. But it will waste time with the additional passes.

Some people and organisations may have to do more than one pass because of legal and/or policy requirements until the laws and policies are adjusted to reflect the new study.

Elsewhere on the Web:

• Craig Ball of the EDD Update blog comments upon the reseach, saying "Told Ya So!"
• Craig Wright, one of the researchers, has posted some technical background about the research.

J.D. Abolins

Patrick McGoohan, the creator & star of The Prisoner and starred as John Drake in Danger Man (AKA Secret Agent man), died on 13 Jan 2009.

John Leyden of The Register wrote a good obituary of McGoohan. focusing upon his role as Number Six on the Prisoner. I remembered watching The Prisoner as a child, enjoying it but not fully understanding the programme's depth. Looking back at some of the episodes, I seeing interesting things I missed back then. Having dealt more with security, privacy, and liberties matters, I now better appreciate Prisoner Number Six's struggle.

"I will not be pushed, filed, stamped, indexed, briefed, debriefed, or numbered! My life is my own."

Elsewhere in the series was this exchange between Number Six and Number Two: 6: Where am I? 2: In the Village. 6: What do you want? 2: We want information. 6: Whose side are you on? 2: That would be telling, we want information, information information. 6: You won't get it. 2: By hook or by crook, we will. 6: Who are you? 2: The new Number 2. 6: Who is Number 1? 2: You are Number 6. 6: I am not a Number, I am a free man! 6: Who is Number 1? 2: You are, Number 6. 6: I am not a Number. I am a person.

Some other The Prisoner and Danger Man items:

• Some say that Number Six was really John Drake and that the Danger Man and The Prisoner series were connected to each other.
• The art design theme of HOPE Number Six in 2006 was, appropriately, The Prisoner series.
• The theme music for Danger Man was an instrumental piece quite different from the Secret Agent Man song by Johnny Rivers used for the US version of the series.
• I liked the ahead of its time technology in The Prisoner. Although the electromechanical filing device depicted in the series intro is retro today, it was quite amazing back then.
• The Village in The Prisoner was filmed in Portmerion, North Wales.A beautiful resort... even if you're a prisoner. Better, if you are a free person.

I am a person, not a number - be it rational or irrational, prime or not!
Jonathan "J.D." Abolins