QiFi - the pure JS WiFi QR Code Generator

Some time ago, the QR Code Generator - WiFi Access made quite some noise on the mighty Internet. Sure, it is cool to be able to share your WiFi-access with someone by just showing him a QR code he can scan on his phone and the phone will auto-connect to the WiFi. But I get a strange feeling telling someone I do not know my WiFi credentials. No, I do not mean my guests, I know them. I mean that shiny web-service that will generate a QR code for me. The geek in you will now say: "So? Open up a terminal, install qrencode, pipe it the string WIFI:S:<SSID>;T:<WPA|WEP|>;P:<password>;; and you got our QR code". Yeah, that works. But was it one or two semicolons at the end? And was it really just WPA even if my WiFi uses WPA2? Oh and how do I encode that umlaut again? I do not want to remember this. Thus, without too much rumble, may I present you: QiFi - the pure JS WiFi QR Code Generator. QiFi is a QR code generator for WiFi access in pure JavaScript. It will generate the QR code on your machine, in your browser, not leaking your precious credentials to anyone (but your guests). Don't trust me? Read the code. Fork the code. Host the code yourself. I hope you will find QiFi at least slightly useful ;-)

1410065408S

Do you deliver your mail with maildrop? If not, this post is only for your "amusement". My mailserver runs Postfix as MTA and maildrop as MDA, a pretty common setup I'd say. And it happens that maildrop supports quota. It supports it so good, that I have no idea how to disable that support, but I also actually never cared, as my user database declares each user has 10GB quota for mails (courier's authtest says "Quota: 10000000000S", so does the configuration). And 10GB should be enough for everybody, right? Well, so I thought until I noticed that my Icedove indicated a 99% full mailbox and shortly afterwards maildrop stopped delivering mails with "maildir over quota". Looking at the maildirsize file in my maildir, I noticed that the quota is set to 1410065408S, a mere 1.4GB. Where does this number come from? The proficient reader will quickly see that 10000000000 mod 2^32 = 1410065408, so this is actually an integer overflow happening somewhere in the code handling the maildirsize file (read: in maildrop). A short dig through the Debian BTS revealed a bug from 2003, saying exactly the same. The bug also indicated, the issue is fixed since maildrop 2.5. A short cowbuilder run later, I had a maildrop_2.5.5-2_i386.deb, installed it and after the next mail delivery, my quota was at 10GB as it should. TL;DR: If you run into strange "maildir over quota" errors with maildrop on Debian Squeeze, get a newer maildrop (or backport that single patch to Squeeze's maildrop).

Spaß mit Vodafone, erm, Maschinen

Vodafone hat offensichtlich einen lustigen Webseiten-Assistenten, der bei der Navigation auf der Seite behilflich sein soll. Wenn sie meinen, dass ein solcher Assistent nötig ist, sollten sie vielleicht das Geld mal in einer bessere Webseite und nicht in so einen komischen Service stecken, aber meinen Spaß hatte ich dennoch: Alexander: Hallo! Ich helfe Ihnen gerne bei der Navigation auf der Vodafone-Website. Was kann ich für Sie tun? Sie: sind sie ein mensch? :) Alexander: Nein. Alexander: Ich bin echte Person. Alexander: Was kann ich für Sie tun? Sie: Mir sagen, warum ich heute früh eine E-Mail bekommen habe, ich soll meine neue E-Mail Adresse bestätigen. Alexander: Auf Ihr Anliegen komme ich gerne zurück Alexander: Klicken Sie bitte auf „Ja“, um für den Chat ein neues Fenster zu öffnen. Sie können dieses Fenster dann frei auf Ihrem Bildschirm verschieben, so dass Sie auch die Website gut sehen. Alexander: Danke, und nun zu Ihrer Frage: Alexander: Was möchten Sie genau machen? Sie: Mit einem Menschen sprechen. Alexander: Ja. Sie: Und jetzt will ich wissen, warum meine E-Mail Adresse angeblich geändert werden soll. Alexander: Handelt es sich um eine MobileMail- oder DSL E-Mail? Sie: Was ist die Wurzel aus zwei zum Quadrat? Alexander: Ich bin nicht so gut bei der Mathematik :-) Sie: Deswegen wollte ich ja auch mit einem Menschen und nicht mit einem Roboter sprechen. Alexander: Ich bin ein Vodafone Mitarbeiter und sitze vor einem Computer, falls Sie das meinen. Alexander: Wie kann ich Ihnen helfen? Sie: Sie könnten meine Frage von vorhin beantworten: Sie: Mir sagen, warum ich heute früh eine E-Mail bekommen habe, ich soll meine neue E-Mail Adresse bestätigen. Alexander: Es tut mir leid. Ich habe aus Sicherheitsgründen keinen Zugriff auf Ihre Daten, da ich nur für die Navigation auf unserer Vodafone-Website zuständig bin. Sie: Hatten Sie denn wenigstens die Möglichkeit in der Zwischenzeit rauszufinden was die Wurzel aus zwei zum Quadrat ist? Alexander: Um das zu klären, wenden Sie sich bitte direkt an die Kollegen in der Kundenbetreuung. Rufen Sie mit Ihrem Vodafone-Handy einfach kostenlos die 12 12 an oder aus anderen deutschen Netzen die 0 800 172 12 12. Alexander: Meine Kollegen dort helfen Ihnen gerne dabei. Alexander: Entschuldigen Sie bitte. Dazu kann ich Ihnen Online nicht behilflich sein. Wenden Sie sich bitte an unsere Kollegen von der Kundenbetreuung. Alexander: Kann ich Ihnen zu Vodafone Website behilflich sein? Alexander: Sind Sie noch bei mir? Sie: Nein, Sie können mir nicht behilflich sein, haben Sie gerade doch selber gesagt. Alexander: Wenn Sie keine weiteren Fragen mehr haben, danke ich Ihnen und wünsche Ihnen einen angenehmen Tag. Alexander: Falls später doch noch Fragen aufkommen, sind wir jederzeit für Sie da.

sorry for the spam

This especially goes to planet.debian.org: SORRY! My WordPress thought it is a great idea to deliver empty (no date, no link, no content) posts, randomly, and planet started to post everything as new as it took the feed. I still haven't reenabled all the plugins, but it runs stable for several hours now and I'll try not to break it again.

Looking for new NAS hardware

I will be moving soon and would like to replace my current NAS with something smaller, quieter and less power-hungry. Currently my NAS is dorei with an AMD Athlon II X2 240e and two 3.5" SATA2 disks. It's a nice machine, but I do not use its whole power and it's too bulky for the new place. So, what do I really need?

  • Debian, obvioulsy
  • 2 (or more) SATA ports
  • 1 GigE port
  • preferably hardware crypto support (Intel AES-NI, VIA PadLock, etc)
  • enough power (CPU, RAM) to run the two disks in RAID-1 with dmcrypt and LVM (I do not need 200MiB/s, but 60-80 would be nice)
  • still enough power to run some mutt, irssi, mpd, icecast2 while idling
And what could I get?
  • VIA LN10000EG, x86, 1GHz VIA C7, only 2xSATA1, only FastEthernet, "only" 1GiB RAM possible, fanless, has hardware crypto, pretty old, I could get one used from a friend almost free
  • Qnap Turbo Station TS-219P II (or other TS-219...), ARM, 2GHz Kirkwood, 2xSATA2 + 2xeSATA, 1GigE, 512MiB RAM, 3xUSB2.0, not fanless, seems to have hardware crypto, about 280€ at Amazon
  • Synology DiskStation DS213 (or other DS21x), ARM, 2GHz Kirkwood, 2xSATA2 + sometimes eSATA, USB3.0, not fanless, seems to have hardware crypto, about 270€ at Amazon
  • ASUS NAS-M25, ARM, 1.2GHz Kirkwood, 2xSATA2, 3xUSB2.0, GigE, not fanless, no idea whether hackable enough to run Debian, about 150€ at Amazon
  • (update) HP ProLiant MicroServer N40L, x86, 1.5GHz AMD Turion II Neo, USB2.0, GigE, not fanless, seems to run crypto at about 60MB/s, about 200€ at Amazon
  • (update2) excito B3, ARM, 1.2GHz Kirkwood, 1xSATA2, 1xeSATA, 2xGigE, fanless, would love to see some crypto information, about 300€ at Amazon
  • (update3Zotac ZBOX nano VD01, x86, 1.2GHz VIA Nano X2, 1xSATA2, 1xeSATA, GigE, not fanless, VIA hw crypto, about 140€ at Amazon
What shouldn't I get?
  • something self-built would be expensive (about 200€ for CPU and board only, meh)
  • all those nice CuBoxes, CubieBoards, PandaBoard,Trim-Sliceand what else is out there seem to have either only one (e)SATA or only FastEthernet or even both
  • the (really nice) Mele A1000 has also only one SATA and only FastEthernet
So, dear Lazyweb, tell me where to spend my money, please! Are the Kirkwoods capable of doing LVM-on-DMCrypt-on-RAID1? Are there new Atoms that are capable of such a setup (my old Atom 330 stops at about 20MB/s)? Or should I stop worrying and switch to punch cards?

Why I hope Twitter will die with the new API

First of all, allow me to say that I am a more or less passive Twitter user. Yeah, my profile page says I have almost 4 thousand tweets since I joined Twitter in June 2009, but most of them are either retweets or forwarded messages from identi.ca and Google+. Very few are actual Twitter-only conversations. You could say "drop that shit and use only free services" now, but Twitter has the same problem as ICQ: it was the first (widely adopted) service of that kind and still has the most users. For me this means I can reach more people and receive messages from more people (this is why I still have an ICQ account and did not switch to Jabber/XMPP-only). And this is also the only way Twitter can die: it has to lose users. But this is today, the status-quo. Twitter is about to change how messages can be distributed around the web. Radically. And I really hope they will choke and die. Preferably painfully but not necessarily slow. I do not want to repeat all those posts with rumors that Twitter wants to force the users to see their promoted tweets by forcing the clients to stricter display rules etc. That has been said. It is most probably true, but it has been said. I want to speak about two other usecases which will be killed in the future.

1. Embedding tweets in websites

As far as I know I am not the only one who likes his tweets to be displayed somewhere on the personal website. As my site runs WordPress and writing plugins for WordPress is so dead simple, I wrote a plugin that fetches my timeline as RSS and displays it as a widget: wp-statusnet-widget. I have chosen RSS over JSON back then for one simple reason: WordPress does the job for me. Using fetch_feed I am able to fetch and parse a remote feed in a breeze, using WordPress' internal caching mechanism etc. For JSON I would have had to write all this by myself (parsing JSON in PHP is easy, though). I do not like to write code which may contain mistakes and errors when I can rely on a perfectly working codebase. But now Twitter kills the RSS and Atom API because these "are infrequently used today". Okay. Switching to JSON would be a bit of pain, but doable. With one tiny exception: Twitter has decided to hide all JSON endpoints behind OAuth. They do this because it will "allow us to prevent abusive behavior" and help "further understand how categories of applications are using the API". Both are lies. Given wp-statusnet-widget is open-source, I would publish its OAuth key on the internet and every jackass could copy and abuse it. Or I would not ship a key and every user would have to go through the burden of acquiring their own key, destroying all the possible statistics Twitter wants to get. Oh and I would have to get OAuth working in the first place, which means more code that can contain bugs, even if there are many OAuth libraries for PHP that I could embed (and track their updates, yay). TL;DR: there won't be any Twitter support in wp-statusnet-widget when Twitter will switch to the new 1.1 API.

2. Following people without having a Twitter account

I know a bunch of people who do not want to have a Twitter account. Their reasons may vary but they have one in common: they use their regular feed reader to follow interesting accounts on Twitter. This won't be possible with the new API. And I am pretty sure this won't be a reason for them to get a Twitter account. Both killed usecases mean a smaller reach for a single tweet and the people still using Twitter. When there are fewer minds to reach, why not stop using Twitter and go somewhere else? Which means less content and even less reach. Vicious circle, huh? Please die inside it, Twitter.

Debian at FrOSCon 2012

Just saying "Hi" ;-) Debian developers/contributors/friends also around: XTaran, bzed, h01ger, _rene_, MrFai, mirabillos, nattie, Anselm, debalance, costela, RoRo, Zugschlus, hoexter, <add your name here?> Thanks Conny for the photo!

RC bugs 2012/29

RCBW report for 2012/29 (16.7.-22.7.)

The motto for this week was: shut up and take my patches! (Don't take it personally, it's just a meme :P)
  • 681583 python-blist empty package patch to properly build a python module sent
  • 681584 python-colorama missing dependency on python patch to use dh_python2 sent
  • 681678 licq Fails to start without recommends being installed commented about a possible solution, awaiting maintainer comment
  • 681379 django-celery FTBFS: building documentation fails patch to skip the building of the issuelist from github sent, uploaded by maintainer shortly afterwards
  • 681328 blockdiag FTBFS: pep8: 21 errors / 0 warnings found patch in upstream's mercurial repository, sent it to the BTS
  • 681901 datapm missing dependency on python-pkg-resources NMU uploaded with maintainer approval, filled 682053 while fixing
  • 682053 datapm FTBFS if built twice in a row NMU uploaded with maintainer approval
  • 681316 httpie missing dependency on python-pkg-resources trivial patch submitted, filled 682076 while fixing
  • 682076 httpie FTBFS if built twice in a row patch submitted
  • 663506 httpie Always bails out with "pkg_resources.DistributionNotFound: requests>=0.10.4" while not RC, IMHO an important bug to fix. submitted a patch while working on 681316 and 682076
  • 682177 suitesparse libsuitesparse-dbg doesn't contain any debug information submitted a patch that fixes the issue, no intent to NMU as I cannot test the changes good enough
  • 682249 frontaccounting fails to install: SQL syntax error submitted a patch to use ENGINE=(MyISAM|InnoDB) instead of the deprecated and removed TYPE=...
  • 682354 gthumb glib errors, crash on startup tracked the problem down to too old libgtk-3, suggested tighter dependencies to be generated

RC bugs 2012/27 and 2012/28

Last week I thought I could join the RCBW bandwagon again and immediately missed to blog at the right time, so here comes a two-week report.

RCBW report for 2012/27 (2.7.-8.7.)

The week actually started on the 5th, as at some point I got bored I thought I could invest my time into something useful (RC bugs are the first thing that comes to your mind too, right?).
  • 679981 asus-oled-dkms FTBFS: tries to build module immediately patch sent, merged and uploaded by maintainer shortly afterwards
  • 680345 hyperestraier FTBFS: Not a CODE reference at /usr/lib/perl/5.14/DynaLoader.pm line 207 commented that the bug is in the parallel-build setup
  • 679761 olsrd FTBFS[kfreebsd]: fatal error: linux/types.h: No such file or directory NMU prepared, maintainer uploaded the same patch shortly afterwards
  • 679704 live-tools fails to upgrade from wheezy: ln: failed to create symbolic link `/usr/bin/uptime': File exists patch sent, uploaded by maintainer shortly afterwards
  • 679734 ntop Maintainer address bounces poked maintainer via IRC, he fixed his mailsetup, bug closed
  • 678762 node-xmpp FTBFS: Error: Cannot find module 'node-expat' actual bug is in node-node-expat, moved as needed, fixed by maintainer of node-node-expat afterwards
  • 672048 qwbfsmanager FTBFS: src/gui/pColorButton.h:35:25: fatal error: FreshExport.h: No such file or directory NMU uploaded to DELAYED/2
  • 677930 qwbfsmanager FTBFS with gcc 4.7 NMU uploaded to DELAYED/2
  • 680399 asus-oled-dkms FTBFS: make: *** /lib/modules/2.6.32/build: No such file or directory. Stop. closed as 0.04-2 fixes it and it was filled against -1
  • 679586 dia Fails to run commented "works for me → downgrade", later downgraded by maintainer
  • 678108 httpcomponents-core FTBFS twice in a row - broken clean rule NMU uploaded to DELAYED/2, got beaten by gregoa in speed (he uploaded the same patch hours earlier and I didn't notice).
  • 635091 software-center After upgrade from Squeeze, it doesn't start still unreproducible, pinged submitter
  • 613842 spread Uninstall of spread breaks dpkg sent patch, no NMU due to 639916
  • 669486 django-auth-ldap FTBFS: django.core.exceptions.ImproperlyConfigured: settings.DATABASES is improperly configured. Please supply the ENGINE value. Check settings documentation for more details. sponsored upload for the maintainer

RCBW report for 2012/28 (9.7.-15.7.)

  • 680822 pyside FTBFS: build-dependency not installable: libphonon-dev commented about the bug being in libphonon-dev and reassigned
  • 680834 ipadic FTBFS: debian/utf8dict: 37: debian/utf8dict: /usr/lib/chasen/makemat: not found patch to find multiarched chasen files sent, uploaded by maintainer
  • 680827 mecab-cannadic FTBFS: make[1]: /usr/lib/chasen/makemat: Command not found patch to find multiarched chasen files sent, later discussion with maintainer lead to removal of the package 681333
  • 680825 gromacs gromacs: FTBFS: mv: cannot stat `/«PKGBUILDDIR»/debian/gromacs-mpich/usr/lib/*.so': No such file or directory submitted a working but hacky patch, further debugging by Brad King revealed a bug in cmake and thus 681428
  • 681191 scratch fails to install: scratch.postinst: update-mime-database: not found trivial patch proposed, uploaded by maintainer shortly afterwards
  • 681216 collectd package fails to upgrade when collectd is disabled patch sent, maintainer proposed and uploaded a better shortly afterwards
  • 671768 software-center fails to display list of software if "gir1.2-gstreamer-0.10" is not installed the gstreamer import is unused but causes Python errors, proposed to remove the import