 The DEBCONF 7 Lightning Talks, these are a series of very short 5 minute talks by people to give a better idea or introduce an idea to everyone here. So first up we have balloon open hardware board and license, which will be followed by why tracker is cooler than unsliced cheese. So I'll hand over to Wookie and we'll get going. Hello, I've gone a bit soggy. Right, I carefully written a 15 minute talk, compressed from the 45 minute normal version, just being told I've got precisely five. So this is the short made up version. I got into open hardware because of the LARP project, TU Delft University. Open hardware is a highly overloaded term, people mean all sorts of things like FPGA designs which are actually software that creates hardware. I'm talking about actual designs you can make like that thing there. So here's a real one in a box, very fancy. I don't really want to talk about the hardware itself per se. I'm more interested in the licensing, but I'll just mention this as I'm here. So that's a relatively powerful ARM box. It's reasonably fast. You have useful amounts of RAM and memory and you can see the little ring of pins around there, you get a choice of either a low power CPLD or a higher power FPGA. Engineers get very excited when you tell them there's a million gate FPGA on because there's a whole lot of wires going into that and you can connect it to arbitrary inputs and do live FFTs and analysis in hardware on whatever data you're getting in. So that lets you do neat stuff and there's a standard bus on the back of this thing. So this isn't very useful on its own as a computer. It hasn't got any useful sockets, it's just got a load of FFCs. So you have to stick in like a second board like this with USB ports on or whatever special IO you need for your interesting project. That's how it's intended to be used. So for example, I have here a light writer. This is a Bloom 2 in here in fact. So the company that now pays me to do cool stuff makes these things. And if I can get this to work. So that one's French. So they make speech synthesizers for people who can't themselves. There's a Linux box inside and there's their own IO to drive all the funky input devices they use for depending what sort of input the user can use. What else do I need to tell you? So licensing. People have used all sorts of different licensing for hardware designs. The people who actually write software to make hardware can use standard software licenses. And there have been various people got quite excited about open hardware around about 2,000. Quite a lot of you have probably heard of the Simputa project in India, which was a strong arm design, quite a lot like what's inside that light writer. And that was a lawyer written license. They called it the Simputa GPL, which was intended to allow people to make similar designs. And if they were enough like a Simputa, they could call it a Simputa. But then they had to pay the Simputa foundation, quarter of a million dollars, to actually make them. So that was partly successful. There were a few thousand sold, about the same number as have been sold of balloon 2s, in fact, which is a lot less popular as a project. And that was done by a guy called Steve Wiseman, whose license was. You can make as many as you like, but you have to persuade me if you want to make any changes. So what we've done is tried to formalize this a bit better for balloon 3 with having looked at all the various licenses. We decided, of course, that we had to write our own. The problem with hardware, unlike software, is that it's very expensive to copy. The Simtech guys explained to you why it costs serious money to make things. You spend a lot of money on prototypes. Then they don't work, so you have to do it again. You spend a lot of money designing stuff. Even if all your time of expertise is free, there's still quite a lot of money to be spent on actual stuff. And of course, the copying cost, I can't give you a URL and you can all download a balloon to play with. Well, actually, with QMU, you can kind of do that. So because of the copying costs, and also because you sell people actual hardware, a whole load of new laws apply like the sale of goods act and the fact that you have to be able to send it back within seven days if you don't like it. And it has to be disposed of in a particular way. And the ROHS, there isn't allowed to be any lead in it act and so on. So we've tried to write a license which covers the various legal aspects and allows people to do what they want in a copy left sort of way. So you can derive designs from this and you can manufacture as many of these as you like and you can sell them and so on. But if you want to change the design, you have to join the design group, which is really just a formalization of the normal software process. There are some people who know how this is all done and they are the geeks in charge of this project. And we can have as many balloon subprojects as we like, but because of the manufacturing requirements, there has to be a list of people. And that's how the current license works. Now, what I want is for anybody who actually is interested in this to tell me whether that license is actually any use to them. I think there's a little bit too much formalism in it, but the principles are sound and I'd very much like to have some feedback on it. There's URLs on my link. That's it. Okay, it's not to use notebooks, so I'll skip the quick demo I had prepared. Probably I broke it anyway. Hi, my name is Philipp Kalutza. I'm not a Debian developer, but someday I will be. And I want to talk about Tracker. I'm not a Tracker developer either, but I think it's interesting. The title, someone asked me that, refers to while I was writing this up, I read a blog post and it talked about something, something being the best thing since sliced cheese. So to the people of the interweb, get your facts straight, sliced cheese sucks. Yeah, why do I talk about Tracker to you guys? Well, building a distribution is all about integration of different software. And I think that Tracker is a good way to do that. Good opportunity. Basically Tracker started out as a desktop search engine, similar to what Beagle is doing. Yeah, Beagle is a bit heavyweight for its purpose, I think while I really like developing in C sharp, I think Beagle is, or a search engine is too central apart to write it in such a heavyweight language. Tracker also had a second mission, and that was to be like a central store for all the metadata that happens on the desktop. So any data that actually you could collect to a file, for example, I downloaded from this and that URL at this and that time, or possibly the link to this URL was sent to me by this and that friend. That's the kind of metadata that I think is really interesting to collect, that you cannot extract automatically while you do know about the file creation time, but actually finding out this kind of metadata is, yeah, would need to be collected, is not collected nowadays. And once you have that, I think the computing experience might change for the better for most desktop users. This file searching is especially targeted for the desktop, for usual documents that you handle, not for system-wide files. And yeah, the architecture works roughly like this. You have one demon per user indexing the files that this user is interested in. So mainly his home directory, which also means that if you have a shared directory for documents or for sound or something, that every user will index it himself. There's not yet any provision for having a system-wide service doing this. This per user demon is started by debus automatically whenever it is needed, but it has a bit of startup overhead to see what stuff changed while it wasn't running. So it makes sense to start this as early as possible in the session. And yeah, while the demon is running, it will watch with iNotify what happens in your home directory or wherever. The whole thing is backed by SQLite database. You can look at it directly, but if you want to manipulate it, you should go through the debus interface through the tracker demon. And it has a separate word index for full text searching. This will include, for example, PDFs that contain real text, not scanned PDFs of course. And yeah, you can find your documents easily that way. Tracker is fast and small. I haven't done any memory measurements myself, but the last numbers I heard is that you should be able to keep it running with just six megabyte of memory used. And yeah, as I said, it wants or aims to be your one-stop shop for all the metadata. So especially interesting at the moment, I guess, are keywords, sometimes also just called tags. Many of the Web 2.0 applications allow users to just mark up your files simply with that. There's a patch also floating around where you can replace the, in GNOME, the Nautilus emblem mechanism with keywords. So it shows the emblems on the files for keywords that have a defined emblem. That was what I wanted to demo. Also, of course, it can extract keywords from PDFs and stuff if they are created properly. Yeah, so time's almost up. I'll skip the demo. Any application that you might be hacking on or maintaining and doing some more stuff on it, what can your applications do? Of course, it can search the metadata. It can, but there's centralized search tools also. It would be important to tell Tracker about metadata that you have and that can't be extracted automatically, like where did I download that, the file. And yeah, hopefully that will in the long-term lead to a nicer desktop integration and nicer user experience. Thank you. Okay, next up is Pandora's technology box followed by talking about Debian or not. Talking about Debian? P-Builder. Debeday.debian.net. Yay! Okay, well that crashed my laptop. So I think we'll move swiftly on while we try and get this sorted to Conspiracy, Descent and Fund, which may be slightly longer than five minutes now. Yes, and so nobody's gone so far. Maybe I'll take a little extra time. So as many of you guys know, I'm from the U.S. and from Seattle, where Microsoft is from. So I thought I would come up with a conspiracy theory that would link these two. This is from last year at DebConf over drinks that came up with this crazy conspiracy theory and it was kind of used to describe some of the trollish behavior that's happened in Debian. Some people told me I should turn it into a lightning talk this year, so I did. So this is somewhat funny and tangentially related to Debian, but it's, you know, anyway. So 1999, the European Parliament Directorate General for Research requested a report on the development of surveillance technology and the risk of abuse of economic information for political control. This was actually written by a guy from Edinburgh. And this report detailed state of art in communications intelligence, which is also known as COMMENT, basically the automated processing of intelligence for purposes basically targeted in communications intelligence activities by the U.S. government. And this was a report that followed the echelon technology that everybody knows about. Two of the key findings of this report was that basically at the moment in 1999, there are comprehensive systems that exist at the moment to access, intercept and process every important modern form of communications that exist. And another one is that there is a wide-ranging evidence there is wide-ranging evidence that indicates that major governments are routinely utilizing communications intelligence to provide commercial advantage to companies and trade. This last part is particularly important to note because typically the targets of COMMENT operations are military diplomatic communications like narcotics trafficking or money laundering terrorism, that sort of thing. But since the 1960s, following increase in world trade, the collection of economic intelligence has been increasingly important aspect of COMMENT. And it's clearly been demonstrated to be exploited to obtain economic advantage for the U.S. In fact, the U.S. officials acknowledge that the NSA collects economic information through these methods. And these methods or this information that's gathered is used to produce intelligence of direct commercial benefit to companies like Boeing and I will posit Microsoft. In fact, in the 70s, the executive director of the U.S. Foreign Intelligence Advisory Board Intelligence Advisory Board mandated that from here on out, economic intelligence be considered a function of the U.S. national security interest, which is up there with diplomatic military and technological intelligence. So if we take that and we combine that with the second part of this conspiracy theory that involves a little bit of U.S. history about a program that the FBI initiated in the 60s called COINTELPRO. This is something that Wikipedia defines as a program that was used to or designed to investigate and disrupt dissident political organizations within the U.S., particularly targeted organizations which were considered to have politically radical elements, although the range was pretty broad. It went from anti-war groups to Martin Luther King's organization, that sort of thing. Basically how COINTELPRO worked was FBI agents infiltrated organizations and exposed and disrupted and misdirected, discredited and otherwise neutralized the activities of these movements. They used methods by basically infiltrating and pretending to be part of the group and then they increased factionalism and caused disruption and defections within the group. So this program was secret until the early 70s when a FBI office in Pennsylvania was burglarized by a group of left-wing radicals who stole a bunch of files from the FBI and then published them. Basically the effect of this program is pretty widespread in the U.S. and it caused a lot of disruptions in organizations. And the reason that the U.S. gave for this program, they said they dismantled it, but a lot of people think it still exists. But the reason they gave for this program was it was created for the purposes of protecting the U.S. national security interests. So let's turn to Microsoft here for a second where Microsoft's profits are somewhere in the range of about $15 billion a year. That means daily net income is about $55 million. That's every 24 hours they make $55 million in pure profit. Apparently it takes Microsoft about 10 hours of business to exceed Red Hat's entire quarterly profits about $20 million. So we also can combine this with the report that was released in January in the Washington Post about Microsoft working with the NSA to include a backdoor key in Windows NT in order to have access or whatever. It's probably, everybody knows, somewhere in NT-4, Service Pack 5, Microsoft screwed up and forgot to cover this information that it was identified. And the NSA and Microsoft are pretty adamantly against asserting that this is for any purpose otherwise other than something very innocuous. But anyways, as I was discussing earlier about the comment interception capabilities report to the EU Parliament, one of the areas that the U.S. now considers important for protecting national security interests includes economic interests. And if we take this information, combine it with the knowledge of the well-documented Cointel program, we can sort of develop a conspiracy theory that asserts the very viable possibility that the U.S. could within reason consider the free software movement fairly revolutionary and by extension debbing itself and dangerous to the U.S. national security interests and as a direct attack against the national security interests of the state of America. So if we construct a thread between all these elements we get a fairly conspicuous picture that could lead you to conclude that the free software projects in Debbie in particular is likely infested with agent provocateurs. Well-paid technical professionals frequently contracted by the U.S. three-letter agencies. And so it would be relatively trivial for a paid technical agent of one of the CIA or FBR or whatever to pass through the NMQ and permeate Debbie's web of trust and slowly disrupt our inevitable progression towards total world domination with free software and the erosion of the various proprietary profits that companies like Microsoft have enjoyed over the years. And of course, Microsoft's scope patent licensing schemes that are coming out recently that are claiming open source vendors must respect Microsoft's intellectual property and some of which they claim is Linux itself and Steve Ballmer's partnership with Novell and all that sort of stuff. Clearly Microsoft considers Linux a threat. We all know that. And we sort of celebrate it with a certain amount of glee. But they are a significant economic part of the U.S. economy. And by extension, because of this, this threat to Microsoft could be considered a threat against the U.S. government. So if Microsoft's threatened by Linux, U.S. government is threatened by Linux. Covert operations are undertaken to disrupt Linux. Trolls appear on our mailing list. So we know Boeing, for example, also a Seattle company, no coincidence there, has engaged in actual activities such as this in the past. And Microsoft's past cooperation with the government on covert operations with this NSA key can lead one to sort of an inevitable if not ridiculously crazy conspiracy theory. So there you go. Those slides were not mine. Okay, so as you all know, we have about 15,000 packages in the archive. There's a lot of crap. But there are also a lot of little gems which are from most of them totally unknown. So I'm part of the team behind Debian package of the day. You have a picture here of the website. So the goal is to introduce little gems that nobody knows about to our users. So you should submit us entries because we don't write the entries. We just edit them. For example, this one, this was an entry a few months ago about calculate. Who knows calculate? Okay, so all of you are there. It's desktop calculator. With a GTK and a QT interface. There are about two packages. It does unit conversion, which is quite convenient to think about current threads on Debian level. And we have quite a lot of readers. We are syndicated on Planet Ubuntu on Debian times. We are not syndicated on Planet Debian because of the non-personal blogs or policy. We got slash dotted in March. And the result is that when an entry gets published, the popcorn score of the package really increases. That's the popcorn score for calculate. The red line indicates when it was published. So really submit us entries about package you like, or package you package. You can also become an editor. Debian Day, with this current form, exists since last December. We publish two entries per week. We currently have three active editors. There's Anna, me, and Tincho. And we really need someone else to help us. So if you think that you can help us, just mail us and join. You don't need to write English very well. We don't. So if you do, it's even better. Okay, that's all. Oh, and since I have lots of time remaining, one of the first entries that were published on day-by-day was about WebSec, which is a cool package that allows you to monitor websites for changes. That is, you say that, for example, a personal homepage of someone you want to follow can just, it just mails you when that page changes. And these packages are found now. So if someone is interested in this, just adopt it. Okay, you've all heard the conspiracy. So I've got a solution. In fact, I'm quite sure that I met some of those trolls, those flame war people that have come from somewhere in the United States by way of somewhere in Europe. My talk is about the two commands of success. I see that many things in the world can be carried from one organization to another organization. And so if you look at the world to see what organization has been most successful, in my opinion, there's a fellow that came and they ask him, what are the two great commands? Or they ask him the first one, actually. And he said, the first one is hero Israel. The Lord our God is one, love your neighbor as yourself. And the second one is like, and the second one was, the first one was love him because he's one. The second one was love your neighbor as yourself. Unity was his number one command. He started out by saying, we're one. If any organization wants to be successful, unity is the first command. That's why the United States, as he documented, sent people in as spies to infiltrate the organization and cause dissent within the organizations. Because later on the Bible says where there is division, there is every evil work. And the last day that he was here on this earth, he spent sweating like drops of blood, praying that all his disciples might be one. And he said two times, the reason was so that the world might know. So if Debian is going to be even more successful than the great success we've already enjoyed, the path to the greater success is going to be through greater unity within the organization. And I've used half of my time and that's all I need to say. Thanks. I have like two seconds to make my laptop work and make the worst lighting dog ever because it's completely improvised to filling the gap. So I have basically no chance that it works, but let's see if that will work. It doesn't, okay. That's very fine. I had a good idea to improvise a talk actually. Anyway, so this is about the Smith Review Project, also known as the worst announcement ever. Actually, it happened on April 1st, 2007. Some guy, some random French guy announced that he would launch a project to review English in all of your templates, control files or whatever. So actually, nobody ever imagined that it was serious and it was. So basically this lighting dog is meant to say you that this is a serious project. So this is basically on purpose than one of the guys that speak the most awful English ever. You have ever heard in a dep conf. It's just here to tell you because most of you also suck in English. Right. Everybody agrees. So the point of the project is pretty obvious. It's meant to review the use of this wonderful language and make Debian the best English speaking distribution ever. It's already the best Spanish speaking, French speaking, etc. So we have to be the best English speaking distribution ever. The point of my slide was to give you a kind of wiki page or pointer or whatever to have all the native speakers of this beautiful language join us and replace me as the worst leader ever. This is somewhere lost on the wiki.debian.org under I-18N. So you just have to go around there and look for Smith because this stupid name was chosen also by me, which is yet another stupid announcement. Initially I wanted to use Cambridge, which sounds like more British style. Someone very keen in both English and legally stuff told me that Cambridge Dictionary is something that's non-free. So Smith is supposed to be an English dictionary, which was this name. The point is whenever you have something written in English, think about the male English, Debian, Elton and English, and ask for a review, please, and just make us mad with a lot of work. And of course, native speakers, please join so that we can deal with that. So that was basically the point. And the very last, as I still have two minutes, and this morning I was disappointed and I didn't have any enough attendance to the Butan talk. So I wanted to say thank you to everybody and thank you to the Debcon organizers, but I wanted to say it in Zonka. So my slide was supposed to explain you how to say thanks in Zonka. So we will do it together. So I will ask you to say kujutsangpo to all Debcon organizers, please. Lada, kujutsangpo. Thank you. Good afternoon. Right. What was the first one I was going to be doing? Ah, yes. Thank you very much. I have been writing an article called Pandora's Technology Box. And I wanted to tell you about it. Now, you know what Pandora's Box is? It's the box that somebody opened and all of the world's illnesses came out of it. When you apply that to technology, basically it means all of the things that when you open the boxes of the technology and you sit in front of a computer, especially like us, for prolonged periods of time, it has an effect on you. We know this. Yeah, you get RSI from Standing Thing, that Microsoft Student. I don't know if you've seen the photograph. The student is down like this with the laptop on the floor. Yeah. Now, how many people actually sit like that? How many people have you seen today sitting like that bent over the laptop? Now, for how long? Ah, my neck. Oh, ah, thing. 50 hertz, 60 hertz screens flickering under 50 hertz lights causing interference patterns. We've got to look after ourselves for goodness sake. And the reason is very simple. It's because technology is in our entire world, our first world, is now entirely dependent on technology. And that is a, in some ways for our health, that is a really bad thing. But it's also, it's necessary because from a communications perspective, the fact that we're able to communicate globally, share information and knowledge globally. And as one person was pointing out in one of the buffs, you can now, you can create something in a file, send it to somebody and they will ship you a physical product. You have to send them money as well, but you can get a physical product back. So, we are, we have an enormous amount of responsibility, all right? To keep ourselves healthy, all right? I'm, I've, both psychologically and physically. So, please, please, please, don't punish yourselves, all right? With, with these, these rules, these social conventions. Oh, I'm, you know, all of my peers are drinking, or so I must. My employment contract says that, you know, all my intellectual property is owned. Therefore, I must, you know, I must sign it. You know, for goodness sake, stay in your integrity, all right? Everybody here, all right? Some of the talks that I've been to, and people I've spoken to, have been absolutely fantastic, all right? The, you know, the emphasis on things, I'm just so delighted to have been here to, to, to a sample and opportunity to talk to people about things. That social, the social survey that I think that guy was giving, that they talk about his social survey. Speaking to Ian Jackson about them getting some information about the fact, Debian is, you know, insight into Debian being basically a political organisation. It is political, everybody's political. Being in that guy's talk, that was a fantastic boff you did. About the, you know, what, you know, what's, what's our relationship to the external world and these, and these things. What do wanna people see from Debian? The insights from that are fantastic. Every single one of us is here for a very, a very specific reason, all right? It's because we, we, we believe in something and we're not going to give it up. That's fantastic. You know, there's that wonderful quote, the, the reasonable man adapts himself to the world. The unreasonable man adapts the world to himself. Therefore all progress depends upon the unreasonable man. Now please be unreasonable, as unreasonable as you'd like, all right? And enjoy it. Stay in your integrity, all right? At this man here, all right? This idea of the, the idea of unity. Fantastic. Absolutely brilliant. A really, really good thing, yeah? You don't have to believe in God. You're just, you know, if you spot something, do it. You know, if you think that it should be done for goodness sake, do it. Don't wait for anybody else, all right? Please don't wait for anybody else, all right? Don't wait for any social conventions, but also at the same time. Please look after your health. Look after yourselves. Enjoy your life. Enjoy doing what you're doing. Thank you. So thank you, Morgan, for dredging the very bottom of the barrel and coming up with me to talk. So I'm going to give a lightning talk about calendaring extensions for distributed authoring and versioning. Does anybody know what that is? CalDAV. So last debconf, one of the things that's been pissing me off about free software for the last 10 years is that something I used to do back in the early 90s when I was using Windows 3.1 was to share my calendars with other people. And it's just something that I have not been able to do successfully with free software ever since, really, other than web-based calendars are there now. Yeah, it doesn't work so well on aeroplanes, but then neither does CalDAV, perhaps, although it can sync later. But there are some kind of light at the end of the tunnel with CalDAV and GroupDAV and the API for Google Calendar. So last debconf I started working on writing a CalDAV server. And it's pretty much kind of working now. So there is an option there for people who want to have shared calendars to look at other calendars. And the way webDAV works and is supported by a lot of calendaring software is to write the entire calendar out as a file using DAV, which is very prone to collisions. If you've got two people maintaining the same calendar, it will easily collide. CalDAV has a bunch of mechanisms around it that avoid those collisions partly by simply writing individual events out rather than writing the whole calendar and partly locking mechanisms and using e-tags. If you've ever looked at the RFC specifications, CalDAV is one of the finest examples of standing on the shoulders of others that I've ever seen, but it makes it a bloody nightmare to read because it's built on top of HTTP 1.1, it's built on top of DAV, it's built on top of DAV permissions, and it's built on top of iCalendar, which is built in turn on top of other things. So does anybody have any questions about CalDAV or anything like that? The URL for my server is rscds.sauceforge.net, and rscds stands for the really simple CalDAV store. It also stands for the Royal Scottish Country Dancing Society for a little bit of humor since we're in Edinburgh. Any other questions? I know Apple recently released their CalDAV server under some license that at least OSI is happy with, probably the APSL or maybe something more DFSG free. Does anybody, have you compared yours to theirs and how does it differ? Sure. I have tried the Apple CalDAV server, it's written in Python, and it uses extended attributes in the file system to store the metadata, and it works to some extent. It will crash evolution hard, if you try and use it with evolution, but that's a bug in evolution, not a bug in Apple's CalDAV server, so no doubt somebody could exploit that if they were security or anti-security minded. But yeah, generally it's okay, it probably goes further than my one does because mine's a solo effort and Apple's calendar server is the work of several people, including one of the authors of the CalDAV specification and other specifications related to CalDAV. But I'm having fun doing mine. Any other questions? I've only got one second left anyway, so thank you for putting up with me.