Open Source and security

I came across an interesting and a very informational post by Thomas Koch while reading And I really believe that this has to be talked about a lot more, Primarily to create awareness among novice (and seasoned) users of FOSS.

It is a common practice with most of us to download source tarballs and binary packages from all over the interweb. Although few of the seasoned/experienced users among the FOSS community follow the double-check-with-signatures-and-hashes process before blindly trusting the source, I think it pays to exercise caution even if it seems like paranoia. Like the age old adage 'it is better to be safe, than sorry',  it is better to be over-cautious than to have our data lost and/or our identity stolen.

In this age of online-transactions (money and data) and ubiquitous use of wireless networks, our 'security' is only as strong as the processes we follow to ascertain the source of the software we use or the websites we visit. A few things that i tend to follow:

* Install software from authorised software channels (like official repositories, whose keys/signatures are verified and trusted)
* if building and installing from source, make sure that the source is downloaded from authorised source repository and even then double check with signatures and MD5 hashes.
* And if installing from source, test before you actually install it on your primary machine (on a virtual machine)

Bringing about process changes are always difficult, but these changes will go a long way in protecting your system and eventually your 'virtual identity' and data.

Opensolaris (snv 111)

The next scheduled release of Opensolaris is 2009.06. This will be based on snv111. I just recently upgraded to dev snapshot of Opensolaris. And i should say, this release is indeed great. A lot of nitty-gritties have been taken care of.
* The boot-up time has considerably improved. On my Dell Precsion M4400(intel centrino 2.5Ghz, 4 Gig RAM) – it takes 40-50 seconds to boot to the GDM login screen.
* The shutdown is an amazing improvement since the last releases – it just takes 8-9 seconds on an average.
* Comes with gnome 2.24 and firefox 3.1 beta 3
* Lot more packages in the IPS respository (last count 33987).

Heres a screenshot of the Device Driver Utility (ddu) on my machine.
Click to Enlarge picture

More updates to come soon.

An N810 in my pocket

Last week, i got something that i take great pleasure in owning. A Nokia N 810 Internet Tablet. I have seen them with the team earlier, and now i finally have one of my own. And it really feels great.
Me and my n810

First, i should really thank team and of-course those guys at Nokia who have been so kind to give out such amazing stuff. And shreyas, thanks a ton dude. I owe it to you.

The N810 runs Linux (on ARM) – and has quite impressive specs. It works quite well mostly, except for a few glitches here and there, specially with the GPS stuff. And it has the camel libs for its tinymail client. I┬áhave done a lot of work on the Camel Libs for Evolution, and Philip Van Hoof has made significant changes for camel to work efficiently on a mobile device.

I’m spending sleepless nights, trying to get stuff built and running (using the Maemo SDK). And its been fun so far. I hope to make some significant contributions to the Maemo platform. Will keep my log updated with whatever i do.

Mailing List Rants

Each one of us who is subscribed to mailing lists, specially those related to FOSS is quite used to rants. Having ranted on a couple of occasions myself, i don’t find most of the rants appalling anymore.
But mails such as this are quite upsetting. They tend to shift the focus from the more important issues at hand.
Everybody is entitled to an opinion. And i do respect everybody’s right of speech/thought, after all that is the essence of ‘Free’dom, Freedom of expression, in any form. But, i believe, that this ‘Freedom’ should lead to a constructive/positive outcome at the end of the day. Otherwise it just defeats the whole purpose of a movement rooted in ‘Freedom’

The FOSS community in India is relatively a small community, and among us we have so many conflicting opinions. Its not surprising that our Government gets nothing done, since there are so many stake-holders who in trying to express their opinion deviate from the core issues. The people who lose out at the end, are the guys who actually get things done. And such people ultimately get so pissed of with the way things work (or otherwise), they just stop doing whatever good they set out to do. And the world starts to rot even more.
And you will find this happening day-in day-out all around you. Its just like in Ayn Rands’ Atlas Shrugged. I wont be surprised if one fine morning if i find those, who slog their lives out for the world to keep ticking, vanish, never to return.

God save us.