You are here

Planet Ubuntu

Subscribe to Feed Planet Ubuntu
Planet Ubuntu - http://planet.ubuntu.com/
Përditësimi: 4 months 2 javë më parë

Jorge Castro: Kubernetes Ask Me Anything on Reddit

Mar, 10/04/2018 - 2:00pd

A bunch of Kubernetes developers are doing an Ask Me Anything today on Reddit if you’re interested in asking any questions, hope to see you there!

Lubuntu Blog: This Week in Lubuntu Development #2

Hën, 09/04/2018 - 6:00md
Here is the second issue of This Week in Lubuntu Development. You can read last week's issue here. Changes General We released 18.04 Final Beta this week. You can find the announcement here. The encrypted LVM bug we described last week has been fixed (thanks to Steve Langasek!). We are still working hard to try […]

Nathan Haines: Announcing the Ubuntu 18.04 LTS Free Culture Showcase winners

Dje, 08/04/2018 - 9:00pd

In just under 3 weeks, Ubuntu 18.04 LTS launches. This exciting new release is a new Long Term Support release and will introduce many Ubuntu users to GNOME Shell and a closer upstream experience. In addition, Ubuntu developers have been working long and hard to ensure that 18.04 is a big, brilliant release that builds a bridge from 16.04 LTS to a better, bigger platform that can be built upon, without becoming unnecessarily boisterous.

As with each Ubuntu release, 18.04 showcases community artwork with bravado. Thanks to the Ubuntu Free Culture Showcase, we have 12 new wallpapers that will ship with the release:

And since this is an LTS, we’re refreshing the example content on the install media. Not only can you test your graphics and audio hardware for compatibility, but with entertaining media as well:

A big congratulations to the winners, and thanks to everyone who submitted a wallpaper, video entry ,or song. You’ll find this media on your Ubuntu desktop after you upgrade or install Ubuntu 18.04 LTS on April 26th!

The Fridge: Ubuntu 18.04 LTS (Bionic Beaver) Final Beta released

Pre, 06/04/2018 - 3:07md
The Ubuntu team is pleased to announce the final beta release of the Ubuntu 18.04 LTS Desktop, Server, and Cloud products. Codenamed "Bionic Beaver", 18.04 LTS continues Ubuntu's proud tradition of integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution. The team has been hard at work through this cycle, introducing new features and fixing bugs. This beta release includes images from not only the Ubuntu Desktop, Server, and Cloud products, but also the Kubuntu, Lubuntu, Ubuntu Budgie, UbuntuKylin, Ubuntu MATE, Ubuntu Studio, and Xubuntu flavours. The beta images are known to be reasonably free of showstopper CD build or installer bugs, while representing a very recent snapshot of 18.04 that should be representative of the features intended to ship with the final release expected on April 26th, 2018. Ubuntu, Ubuntu Server, Cloud Images: Bionic Final Beta includes updated versions of most of our core set of packages, including a current 4.15 kernel, and much more. To upgrade to Ubuntu 18.04 Final Beta from Ubuntu 17.10, follow these instructions: https://help.ubuntu.com/community/BionicUpgrades The Ubuntu 18.04 Final Beta images can be downloaded at: http://releases.ubuntu.com/18.04/ (Ubuntu and Ubuntu Server on x86) This Ubuntu Server image features the next generation Subiquity server installer, bringing the comfortable live session and speedy install of the Ubuntu Desktop to server users at last. This new installer does not support the same set of installation options as the previous server installer, so the "debian-installer" image continues to be made available in parallel. For more information about the installation options, please see: https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes#Ubuntu_Server Additional images can be found at the following links: http://cloud-images.ubuntu.com/daily/server/bionic/current/ (Cloud Images) http://cdimage.ubuntu.com/releases/18.04/beta-2/ (Non-x86, and d-i Server) http://cdimage.ubuntu.com/netboot/18.04/ (Netboot) As fixes will be included in new images between now and release, any daily cloud image from today or later (i.e. a serial of 20180404 or higher) should be considered a beta image. Bugs found should be filed against the appropriate packages or, failing that, the cloud-images project in Launchpad. The full release notes for Ubuntu 18.04 Final Beta can be found at: https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes Kubuntu: Kubuntu is the KDE based flavour of Ubuntu. It uses the Plasma desktop and includes a wide selection of tools from the KDE project. The Final Beta images can be downloaded at: http://cdimage.ubuntu.com/kubuntu/releases/18.04/beta-2/ More information on Kubuntu Final Beta can be found here: https://wiki.ubuntu.com/BionicBeaver/Beta2/Kubuntu Lubuntu: Lubuntu is a flavor of Ubuntu that targets to be lighter, less resource hungry and more energy-efficient by using lightweight applications and LXDE, The Lightweight X11 Desktop Environment, as its default GUI. The Final Beta images can be downloaded at: http://cdimage.ubuntu.com/lubuntu/releases/18.04/beta-2/ Ubuntu Budgie: Ubuntu Budgie is community developed desktop, integrating Budgie Desktop Environment with Ubuntu at its core. The Final Beta images can be downloaded at: http://cdimage.ubuntu.com/ubuntu-budgie/releases/18.04/beta-2/ More information on Ubuntu Budgie Final Beta can be found here: https://ubuntubudgie.org/blog/2018/04/03/18-04-beta-2 UbuntuKylin: UbuntuKylin is a flavor of Ubuntu that is more suitable for Chinese users. The Final Beta images can be downloaded at: http://cdimage.ubuntu.com/ubuntukylin/releases/18.04/beta-2/ More information on UbuntuKylin Final Beta can be found here: https://wiki.ubuntu.com/BionicBeaver/Beta2/UbuntuKylin Ubuntu MATE: Ubuntu MATE is a flavor of Ubuntu featuring the MATE desktop environment. The Final Beta images can be downloaded at: http://cdimage.ubuntu.com/ubuntu-mate/releases/18.04/beta-2/ Ubuntu Studio: Ubuntu Studio is a flavor of Ubuntu that provides a full range of multimedia content creation applications for each key workflows: audio, graphics, video, photography and publishing. The Final Beta images can be downloaded at: http://cdimage.ubuntu.com/ubuntustudio/releases/18.04/beta-2/ More information about Ubuntu Studio Final Beta can be found here: https://wiki.ubuntu.com/BionicBeaver/Beta2/UbuntuStudio Xubuntu: Xubuntu is a flavor of Ubuntu that comes with Xfce, which is a stable, light and configurable desktop environment. The Final Beta images can be downloaded at: http://cdimage.ubuntu.com/xubuntu/releases/18.04/beta-2/ More information about Xubuntu Final Beta can be found here: http://wiki.xubuntu.org/releases/18.04/release-notes Regular daily images for Ubuntu, and all flavours, can be found at: http://cdimage.ubuntu.com Ubuntu is a full-featured Linux distribution for clients, servers and clouds, with a fast and easy installation and regular releases. A tightly-integrated selection of excellent applications is included, and an incredible variety of add-on software is just a few clicks away. Professional technical support is available from Canonical Limited and hundreds of other companies around the world. For more information about support, visit http://www.ubuntu.com/support If you would like to help shape Ubuntu, take a look at the list of ways you can participate at: http://www.ubuntu.com/community Your comments, bug reports, patches and suggestions really help us to improve this and future releases of Ubuntu. Instructions can be found at: https://help.ubuntu.com/community/ReportingBugs You can find out more about Ubuntu and about this beta release on our website, IRC channel and wiki. To sign up for future Ubuntu announcements, please subscribe to Ubuntu's very low volume announcement list at: http://lists.ubuntu.com/mailman/listinfo/ubuntu-announce https://lists.ubuntu.com/archives/ubuntu-announce/2018-April/000230.html Originally posted to the Ubuntu Release mailing list on Fri Apr 6 06:02:21 UTC 2018 by Steve Langasek, on behalf of the Ubuntu Release Team

Ubuntu MATE: Ubuntu MATE 18.04 Beta 2

Pre, 06/04/2018 - 10:15pd

Yeah baby! You know you want some of what we've got. Come and have a fling with Ubuntu MATE 18.04 Beta 2.

We are preparing Ubuntu MATE 18.04 (Bionic Beaver) for distribution on April 26th, 2018 With this Beta pre-release, you can see what we are trying out in preparation for our next (stable) version.


What works?

People tell us that Ubuntu MATE is stable. You may, or may not, agree.

Ubuntu MATE Beta Releases are NOT recommended for:

  • Regular users who are not aware of pre-release issues
  • Anyone who needs a stable system
  • Anyone uncomfortable running a possibly frequently broken system
  • Anyone in a production environment with data or workflows that need to be reliable

Ubuntu MATE Beta Releases are recommended for:

  • Regular users who want to help us test by finding, reporting, and/or fixing bugs
  • Ubuntu MATE, MATE, and GTK+ developers
What changed since the Ubuntu MATE 17.10 final release?

We've been refining Ubuntu MATE since the 17.10 release and making improvements to ensure that Ubuntu MATE offers what our users want today and what they'll need over the life of this LTS release. This is what's changed since 17.10.

MATE Desktop 1.20

As you may have seen, MATE Desktop 1.20 was released in February 2018 and offers some significant improvements:

  • MATE Desktop 1.20 supports HiDPI displays with dynamic detection and scaling.
    • HiDPI hints for Qt applications are also pushed to the environment to improve cross toolkit integration.
    • Toggling HiDPI modes triggers dynamic resize and scale, no log out/in required.
  • Marco now supports DRI3 and Present, if available.
    • Frame rates in games are significantly increased when using Marco.
  • Marco now supports drag to quadrant window tiling, cursor keys can be used to navigate the Alt + Tab switcher and keyboard shortcuts to move windows to another monitor were added.

If your hardware/drivers support DRI3 then Marco compositing is now hardware accelerated. This dramatically improves 3D rendering performance, particularly in games. If your hardware doesn't support DRI3 then Marco will fallback to a software compositor.

You can read the release announcement to discover everything that improved in MATE Desktop 1.20. It is a significant release that also includes a considerable number of bug fixes.

Since 18.04 beta 1 upstream released MATE Desktop 1.20.1 and the following updates have recently landed in Ubuntu MATE:

  • mate-control-center 1.20.2
  • marco 1.20.1
  • mate-desktop 1.20.1
  • atril 1.20.1
  • mate-power-manager 1.20.1
  • mate-panel 1.20.1
  • mate-settings-daemon 1.20.1
  • pluma 1.20.1
  • mate-applets 1.20.1
  • mate-calc 1.20.1
  • libmatekbd 1.20.1
  • caja 1.20.1
  • mate-sensors-applet 1.20.1

These roll up a collection of fixes, many of which Ubuntu MATE was already carrying patch sets for. The most notable change is that Marco is now fully HiDPI aware and windows controls are scaled correctly.

New and updated desktop layouts - new since 18.04 beta 1

I have decided to add a new layout to the collection available in Ubuntu MATE 18.04. It will be called Familiar and is based on the Traditional layout with the menu-bar (Applications, Places, System) replaced by Brisk Menu. It looks like this:


Familiar is now the the default layout, Traditional will continue to be shipped, unchanged, and will be available via MATE Tweak for those who prefer it.

Since 18.04 beta 1 the Netbook layout has been updated, maximised windows now maximise into the top panel like the Mutiny layout. Brisk Menu replaces the custom-menu and mate-dock-applet is used for application pinning and launching. When maximising a window this offers some decent space savings.

Since 18.04 beta 1 the Mutiny layout has been tweaked so the launcher icon is the same size of the docked application icons. We heard you, we understand. It's the little things, right?

Global Menu and MATE HUD

The Global Menu integration is much improved. When the Global Menu is added to a panel the application menus are automatically removed from the application window and only presented globally, no additional configuration (as was the case) is required. Likewise removing the Global Menu from a panel will restore menus to their application windows.


The HUD now has a 250ms (default) timeout, holding Alt any longer won't trigger the HUD. This is consistent with how the HUD in Unity 7 works. We've fixed a number of issues reported by users of Ubuntu MATE 17.10 regarding the HUD swallowing key presses. The HUD is also HiDPI aware now.

Ubuntu MATE Welcome - new since 18.04 beta 1

Welcome and Boutique have been given some love.

  • The software listings in the Boutique have been refreshed, with some applications being removed, many updated and some new additions.
  • Welcome now has snappier animations and transitions
Indicators by default

Ubuntu MATE 18.04 uses Indicators by default in all layouts. These will be familiar to anyone who has used Unity 7 and offer better accessibility support and ease of use over notification area applets. The volume in Indicator Sound can now be over driven, so it is consistent with the MATE sound preferences. Notification area applets are still supported as a fallback.


MATE Dock Applet

MATE Dock Applet is used in the Mutiny layout, but anyone can add it to a panel to create custom panel arrangements. The new version adds support for BAMF and icon scrolling.

  • MATE Dock Applet no longer uses its own method of matching icons to applications and instead uses BAMF. What this means for users is that from now on the applet will be a lot better at matching applications and windows to their dock icons.
  • Icon scrolling is useful when the dock has limited space on its panel and will prevent it from expanding over other applets. This addresses an issue reported by several users in Ubuntu MATE 17.10.
Brisk Menu

Many users commented that when using the Mutiny layout the "traditional" menu felt out of place. The Solus Project, the maintainers of Brisk Menu, have add a dash-style launcher at our request. Ubuntu MATE 18.04 includes a patched version of Brisk Menu that includes this new dash launcher. When MATE Tweak is used to enable the Mutiny or Cupertino layout, it now switches on the dash launcher which enables a full screen, searchable, application launcher. Similarly, switching to the other panel layouts restores the more traditional Brisk Menu.

Since 18.04 beta 1 we tweaked the style of the session control buttons in Brisk Menu and those updates will be wait for you are you install Ubuntu MATE 18.04 Beta 2.

MATE Window Applets

The Mutiny and Netbook layouts now integrate the mate-window-applets. You can see these in action alongside an updated Mutiny layout here:

Mutiny undecorated maximised windows Minimal Installation

If you follow the Ubuntu news closely you may have heard that 18.04 now has a Minimal Install option. Ubuntu MATE was at the front of the queue to take advantage of this new feature.


The Minimal Install is a new option presented in the installer that will install just the MATE Desktop, its utilities, its themes and Firefox. All the other applications such as office suite, email client, video player, audio manager, etc. are not installed. If you're interested, here is the complete list of software that will not be present on a minimal install of Ubuntu MATE 18.04

So, who's this aimed at? There are users who like to uninstall the software they do not need or want and build out their own desktop experience. So for those users, a minimal install is a great platform to build on. For those of you interested in creating "kiosk" style devices, such as home brew Steam machines or Kodi boxes, then a minimal install is another useful starting point.

MATE Tweak

MATE Tweak can now toggle the HiDPI mode between auto detection, regular scaling and forced scaling. HiDPI mode changes are dynamically applied. MATE Tweak has a deeper understanding of Brisk Menu and Global Menu capabilities and manages them transparently while switching layouts. Switching layouts is far more reliable now too. We've removed the Interface section from MATE Tweak. Sadly all the features the Interface section tweaked have been dropped from GTK3 so are now redundant.


We've added the following changes since 18.04 Beta 1

  • Added support for the modifications to the Netbook layout.
  • Added a button to launch the Font preferences so users with HiDPI displays can fine tune their font DPI.
  • When saving a panel layout the Dock status will be saved too.
Caja

We've landed caja-eiciel and caja-seahorse.

  • caja-eiciel - An extension for Caja to edit access control lists (ACLs) and extended attributes (xattr)
  • caja-seahorse - An extension for Caja which allows encryption and decryption of OpenPGP files using GnuPG
Artwork, Fonts & Emoji

We are no longer shipping mate-backgrounds by default. They have served us well, but are looking a little stale now. We have created a new selection of high quality wallpapers comprised of some abstract designs and high resolution photos from unsplash.com. The Ubuntu MATE Plymouth theme (boot logo) is now HiDPI aware. Our friends at Ubuntu Budgie have uploaded a new version of Slick Greeter which now fades in smoothly, rather than the stuttering we saw in Ubuntu MATE 17.10. We've switched to Noto Sans for users of Japanese, Chinese and Korean fonts and glyphs. MATE Desktop 1.20 supports emoji input, so we've added a colour emoji font too.

New since 18.04 beta 1 the xcursor themes have been replaced with new cursors from MATE upstream, that also offer HiDPI support.

Raspberry Pi images

We're planning on releasing Ubuntu MATE images for the Raspberry Pi around the time 18.04.1 is released, which should be sometime in July. It takes about a month to get the Raspberry Pi images built and tested and we simply don't have time to do this in time for the April release of 18.04.

Download Ubuntu MATE 18.04 Beta 2

We've even redesigned the download page so it's even easier to get started.

Download Known Issues

Here are the known issues.

Ubuntu MATE
  • The Desktop Layout button in UBuntu MATE Welcome is extremely unreliable.
    • It is best to pretend you have seen that button and avoid clicking it. It will break your desktop, I promise.
  • Anyone upgrading from Ubuntu MATE 16.04 or newer may need to use MATE Tweak to reset the panel layout to one of the bundled layouts post upgrade.
    • Migrating panel layouts, particularly those without Indicator support, is hit and miss. Mostly miss.
Ubuntu family issues

This is our known list of bugs that affects all flavours.

You'll also want to check the Ubuntu MATE bug tracker to see what has already been reported. These issues will be addressed in due course.

Feedback

Is there anything you can help with or want to be involved in? Maybe you just want to discuss your experiences or ask the maintainers some questions. Please come and talk to us.

Kubuntu General News: Kubuntu Bionic Beaver (18.04 LTS) Beta 2 Released!

Pre, 06/04/2018 - 8:13pd

The second beta of the Bionic Beaver (to become 18.04 LTS) has now been released, and is available for download!

This milestone features images for Kubuntu and other Ubuntu flavours.

Pre-releases of the Bionic Beaver are not encouraged for:

  • Anyone needing a stable system
  • Anyone who is not comfortable running into occasional, even frequent breakage.

They are, however, recommended for:

  • Ubuntu flavour developers
  • Those who want to help in testing, reporting, and fixing bugs as we work towards getting this release ready.

Beta 2 includes some software updates that are ready for broader testing. However, it is quite an early set of images, so you should expect some bugs.

You can:

 

Ubuntu Studio: 18.04 Beta Release

Pre, 06/04/2018 - 8:04pd
Ubuntu Studio 18.04 Bionic Beaver Beta is released! The beta of the upcoming release of Ubuntu Studio 18.04 is ready for testing. You may find the images at cdimage.ubuntu.com/ubuntustudio/releases/bionic/beta-2/. More information can be found in the Beta Release Notes. Reporting Bugs If you find any bugs with this release, please report them, and take your […]

Xubuntu: Xubuntu 18.04 Community Wallpaper Contest Winners!

Pre, 06/04/2018 - 12:36pd

The Xubuntu team are happy to announce the results of the 18.04 community wallpaper contest!

We want to send out a huge thanks to every contestant; last time we had 92 submissions but now you all made us work much harder in picking the best ones out with a total of 162 submissions! Great work! All of the submissions are browsable on the 18.04 contest page at contest.xubuntu.org.

Without further ado, here are the winners:

Note that the images listed above are resized for the website. For the full size images (up to 4K resolution!), make sure you have the package xubuntu-community-wallpapers installed. The package is installed by default in all new Xubuntu 18.04 installations.

Sebastian Dröge: Improving GStreamer performance on a high number of network streams by sharing threads between elements with Rust’s tokio crate

Enj, 05/04/2018 - 5:21md

For one of our customers at Centricular we were working on a quite interesting project. Their use-case was basically to receive an as-high-as-possible number of audio RTP streams over UDP, transcode them, and then send them out via UDP again. Due to how GStreamer usually works, they were running into some performance issues.

This blog post will describe the first set of improvements that were implemented for this use-case, together with a minimal benchmark and the results. My colleague Mathieu will follow up with one or two other blog posts with the other improvements and a more full-featured benchmark.

The short version is that CPU usage decreased by about 65-75%, i.e. allowing 3-4x more streams with the same CPU usage. Also parallelization works better and usage of different CPU cores is more controllable, allowing for better scalability. And a fixed, but configurable number of threads is used, which is independent of the number of streams.

The code for this blog post can be found here.

Table of Contents
  1. GStreamer & Threads
  2. Thread-Sharing GStreamer Elements
  3. Available Elements
  4. Little Benchmark
  5. Conclusion
GStreamer & Threads

In GStreamer, by default each source is running from its own OS thread. Additionally, for receiving/sending RTP, there will be another thread in the RTP jitterbuffer, yet another thread for receiving RTCP (another source) and a last thread for sending RTCP at the right times. And RTCP has to be received and sent for the receiver and sender side part of the pipeline, so the number of threads doubles. In the sum this gives at least 1 + 1 + (1 + 1) * 2 = 6 threads per RTP stream in this scenario. In a normal audio scenario, there will be one packet received/sent e.g. every 20ms on each stream, and every now and then an RTCP packet. So most of the time all these threads are only waiting.

Apart from the obvious waste of OS resources (1000 streams would be 6000 threads), this also brings down performance as all the time threads are being woken up. This means that context switches have to happen basically all the time.

To solve this we implemented a mechanism to share threads, and in the end as a result we have a fixed, but configurable number of threads that is independent from the number of streams. And can run e.g. 500 streams just fine on a single thread with a single core, which was completely impossible before. In addition we also did some work to reduce the number of allocations for each packet, so that after startup no additional allocations happen per packet anymore for buffers. See Mathieu’s upcoming blog post for details.

In this blog post, I’m going to write about a generic mechanism for sources, queues and similar elements to share their threads between each other. For the RTP related bits (RTP jitterbuffer and RTCP timer) this was not used due to reuse of existing C codebases.

Thread-Sharing GStreamer Elements

The code in question can be found here, a small benchmark is in the examples directory and it is going to be used for the results later. A full-featured benchmark will come in Mathieu’s blog post.

This is a new GStreamer plugin, written in Rust and around the Tokio crate for asynchronous IO and generally a “task scheduler”.

While this could certainly also have been written in C around something like libuv, doing this kind of work in Rust is simply more productive and fun due to its safety guarantees and the strong type system, which definitely reduced the amount of debugging a lot. And in addition “modern” language features like closures, which make working with futures much more ergonomic.

When using these elements it is important to have full control over the pipeline and its elements, and the dataflow inside the pipeline has to be carefully considered to properly configure how to share threads. For example the following two restrictions should be kept in mind all the time:

  1. Downstream of such an element, the streaming thread must never ever block for considerable amounts of time. Otherwise all other elements inside the same thread-group would be blocked too, even if they could do any work now
  2. This generally all works better in live pipelines, where media is produced in real-time and not as fast as possible
Available Elements

So this repository currently contains the generic infrastructure (see the src/iocontext.rs source file) and a couple of elements:

  • an UDP source: ts-udpsrc, a replacement for udpsrc
  • an app source: ts-appsrc, a replacement for appsrc to inject packets into the pipeline from the application
  • a queue: ts-queue, a replacement for queue that is useful for adding buffering to a pipeline part. The upstream side of the queue will block if not called from another thread-sharing element, but if called from another thread-sharing element it will pause the current task asynchronously. That is, stop the upstream task from producing more data.
  • a proxysink/src element: ts-proxysrc, ts-proxysink, replacements for proxysink/proxysrc for connecting two pipelines with each other. This basically works like the queue, but split into two elements.
  • a tone generator source around spandsp: ts-tonesrc, a replacement for tonegeneratesrc. This also contains some minimal FFI bindings for that part of the spandsp C library.

All these elements have more or less the same API as their non-thread-sharing counterparts.

API-wise, each of these elements has a set of properties for controlling how it is sharing threads with other elements, and with which elements:

  • context: A string that defines in which group this element is. All elements with the same context are running on the same thread or group of threads,
  • context-threads: Number of threads to use in this context. -1 means exactly one thread, 1 and above used N+1 threads (1 thread for polling fds, N worker threads) and 0 sets N to the number of available CPU cores. As long as no considerable work is done in these threads, -1 has shown to be the most efficient. See also this tokio GitHub issue
  • context-wait: Number of milliseconds that the threads will wait on each iteration. This allows to reduce CPU usage even further by handling all events/packets that arrived during that timespan to be handled all at once instead of waking up the thread every time a little event happens, thus reducing context switches again

The elements are all pushing data downstream from a tokio thread whenever data is available, assuming that downstream does not block. If downstream is another thread-sharing element and it would have to block (e.g. a full queue), it instead returns a new future to upstream so that upstream can asynchronously wait on that future before producing more output. By this, back-pressure is implemented between different GStreamer elements without ever blocking any of the tokio threads. All this is implemented around the normal GStreamer data-flow mechanisms, there is no “tokio fast-path” between elements.

Little Benchmark

As mentioned above, there’s a small benchmark application in the examples directory. This basically sets up a configurable number of streams and directly connects them to a fakesink, throwing away all packets. Additionally there is another thread that is sending all these packets. As such, this is really the most basic benchmark and not very realistic but nonetheless it shows the same performance improvement as the real application. Again, see Mathieu’s upcoming blog post for a more realistic and complete benchmark.

When running it, make sure that your user can create enough fds. The benchmark will just abort if not enough fds can be allocated. You can control this with ulimit -n SOME_NUMBER, and allowing a couple of thousands is generally a good idea. The benchmarks below were running with 10000.

After running cargo build –release to build the plugin itself, you can run the benchmark with:

cargo run --release --example udpsrc-benchmark -- 1000 ts-udpsrc -1 1 20

and in another shell the UDP sender with

cargo run --release --example udpsrc-benchmark-sender -- 1000

This runs 1000 streams, uses ts-udpsrc (alternative would be udpsrc), configures exactly one thread -1, 1 context, and a wait time of 20ms. See above for what these settings mean. You can check CPU usage with e.g. top. Testing was done on an Intel i7-4790K, with Rust 1.25 and GStreamer 1.14. One packet is sent every 20ms for each stream.

Source Streams Threads Contexts Wait CPU udpsrc 1000 1000 x x 44% ts-udpsrc 1000 -1 1 0 18% ts-udpsrc 1000 -1 1 20 13% ts-udpsrc 1000 -1 2 20 15% ts-udpsrc 1000 2 1 20 16% ts-udpsrc 1000 2 2 20 27% Source Streams Threads Contexts Wait CPU udpsrc 2000 2000 x x 95% ts-udpsrc 2000 -1 1 20 29% ts-udpsrc 2000 -1 2 20 31% Source Streams Threads Contexts Wait CPU ts-udpsrc 3000 -1 1 20 36% ts-udpsrc 3000 -1 2 20 47%

Results for 3000 streams for the old udpsrc are not included as starting up that many threads needs too long.

The best configuration is apparently a single thread per context (see this tokio GitHub issue) and waiting 20ms for every iterations. Compared to the old udpsrc, CPU usage is about one third in that setting, and generally it seems to parallelize well. It’s not clear to me why the last test has 11% more CPU with two contexts, while in every other test the number of contexts does not really make a difference, and also not for that many streams in the real test-case.

The waiting does not reduce CPU usage a lot in this benchmark, but on the real test-case it does. The reason is most likely that this benchmark basically sends all packets at once, then waits for the remaining time, then sends the next packets.

Take these numbers with caution, the real test-case in Mathieu’s blog post will show the improvements in the bigger picture, where it was generally a quarter of CPU usage and almost perfect parallelization when increasing the number of contexts.

Conclusion

Generally this was a fun exercise and we’re quite happy with the results, especially the real results. It took me some time to understand how tokio works internally so that I can implement all kinds of customizations on top of it, but for normal usage of tokio that should not be required and the overall design makes a lot of sense to me, as well as the way how futures are implemented in Rust. It requires some learning and understanding how exactly the API can be used and behaves, but once that point is reached it seems like a very productive and performant solution for asynchronous IO. And modelling asynchronous IO problems based on the Rust-style futures seems a nice and intuitive fit.

The performance measurements also showed that GStreamer’s default usage of threads is not always optimal, and a model like in upipe or pipewire (or rather SPA) can provide better performance. But as this also shows, it is possible to implement something like this on top of GStreamer and for the common case, using threads like in GStreamer reduces the cognitive load on the developer a lot.

For a future version of GStreamer, I don’t think we should make the threading “manual” like in these two other projects, but instead provide some API additions that make it nicer to implement thread-sharing elements and to add ways in the GStreamer core to make streaming threads non-blocking. All this can be implemented already, but it could be nicer.

All this “only” improved the number of threads, and thus the threading and context switching overhead. Many other optimizations in other areas are still possible on top of this, for example optimizing receive performance and reducing the number of memory copies inside the pipeline even further. If that’s something you would be interested in, feel free to get in touch.

And with that: Read Mathieu’s upcoming blog posts about the other parts, RTP jitterbuffer / RTCP timer thread sharing, and no allocations, and the full benchmark.

Dustin Kirkland: I'm Joining the Google Cloud Team!

Enj, 05/04/2018 - 1:48pd

A couple of months ago, I reflected on "10 Amazing Years of Ubuntu and Canonical".  Indeed, it has been one hell of a ride, and that post is merely the tip of the proverbial iceberg...

The people I've met, the things I've learned, the places I've been, the users I've helped, the partners I've enabled, the customers I've served -- these are undoubtedly the most amazing and cherished experiences of my professional career to date.

And for the first time in my life, I can fully and completely grok the Ubuntu philosophy:
I am who I am, because of who we all areWith all my heart, I love what we've created in Ubuntu, I love the products that we've built at Canonical, I love each and every person involved.

So, it is with mixed emotion that the Canonical chapter of my life comes to a close and a new one begins...

Next week, I have the honor and privilege to join the Google Cloud product management team, and work beside so, so, so, so many people who continue to inspire me.

Words fail to express how excited I am about this opportunity!  In this new role, I will be working closely with Aparna Sinha, Michael Rubin, and Tim Hockin, and I hope to see many of you at KubeCon Europe in Copenhagen later this month.

My friends and family will be happy to know that we're staying here in Austin, and I'll be working from the Google Austin office with my new team, largely based in Sunnyvale, California.

The Ubuntu community can expect to see me remaining active in the Ubuntu developer community as a Core Dev and a MOTU, and I will continue to maintain many of the dozens of open source projects and packages that so many of you have come to rely upon.  Perhaps I'll even become more active upstream in Debian, if the Debian community will have me there too :-)

Finally, an enormous THANK YOU to everyone who has made this journey through Ubuntu and Canonical such a warm, rewarding, emotional, exceptional experience!

Cheers,
@DustinKirkland

Raphaël Hertzog: My Free Software Activities in March 2018

Mër, 04/04/2018 - 12:22md

My monthly report covers a large part of what I have been doing in the free software world. I write it for my donors (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.

Distro Tracker

I reviewed and merged 14 merge requests from multiple contributors:

On top of this, I updated the Salsa/AliothMigration wiki page with information about how to best leverage tracker.debian.org when you migrate to salsa.

I also filed a few issues for bugs or things that I’d like to see improved:

I also gave my feedback about multiple mockups prepared by Chirath R in preparation of his Google Summer of Code project proposal.

Security Tools Packaging Team

Following the departure of alioth, the new list that we requested on lists.debian.org has been created: https://lists.debian.org/debian-security-tools/

I updated (in the git repositories) all the Vcs-* and all the Maintainer fields of the packages maintained by the team.

I prepared and uploaded afflib 3.7.16-3 to fix RC bug #892599. I sponsored rhash 1.3.6 for Aleksey Kravchenko, ccrypt 1.10-5 for Alexander Kulak and ledger-wallets-udev 0.1 for Stephne Neveu.

Debian Live

This project also saw an unexpected resurgence of activity and I had to review and merge many merge requests:

It’s nice to see two derivatives being so active in upstreaming their changes.

Misc stuff

Hamster time tracker. I was regularly hit a by a bug leading to a gnome-shell crash (leading to a graphical session crash due to the design of wayland) and this time I decided that enough was enough so I started to dig in the code and did my best to fix the issues I encountered. During the month, I tested multiple versions and submitted three pull requests. Right now, the version in git is working fine for me. Still, it really smells of a bad design that mistakes in shell extensions can have such dramatic consequences.

Packaging. I forwarded #892063 to upstream in a new ticket. I updated zim to version 0.68 (final release replacing release candidate that I had already packaged). I filed #893083 suggesting that the hello source package should be a model for other packages and as such it should have a git repository hosted on salsa.debian.org.

Sponsorship. I sponsored pylint-django 0.9.4-1 for Joseph Herlant. I also sponsored urwid 2.0.1-1 (new upstream version), xlwt 1.3.0-1 (new version with python 3 support), elastalert 0.1.29-1 (new upstream release and RC bug fix) which have been updated for Freexian customers.

Thanks

See you next month for a new summary of my activities.

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

Ubuntu Insights: LXD weekly status #37

Hën, 05/03/2018 - 7:17md
Introduction

So this past week was rather intense, in a nutshell, we’ve:

  • Merged LXD clustering support
  • Split python3-lxc, lua-lxc and lxc-templates out of the LXC codebase
  • Moved libpam-cgfs from lxcfs to lxc
  • Released 3.0.0 beta1 of python3-lxc and lxc-templates
  • Released 3.0.0 beta1 of lxcfs
  • Released 3.0.0 beta1 of lxc
  • Released 3.0.0 beta1 of lxd
  • Released 3.0.0 beta2 of lxd

So we’ve finally done it, most of the work that we wanted in for our 3.0 LTS release of all LXC/LXD/LXCFS repositories has been merged and we’re now focused on a few remaining tweaks, small additions and fixes with a plan to release the final 3.0 by the end of the month.

With all of this activity we’ve also had to update all the relevant packaging, moving a bunch of stuff around between packages and adding support for all the new features.

For those interesting in trying the new betas, the easiest way to see everything working together is through the LXD beta snap:

snap install lxd --beta

Note that the betas aren’t supported, you may incur data loss when upgrading or later down the line. Testing would be very much appreciated, but please do this on systems you don’t mind reinstalling if something goes wrong 

This week, the entire LXD team is meeting in Budapest, Hungary to go through the list of remaining things and make progress towards the final 3.0 release.

Upcoming conferences and events Ongoing projects

The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.

  • Various kernel work
  • Stable release work for LXC, LXCFS and LXD
Upstream changes

The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.

LXD LXC LXCFS Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.

Ubuntu
  • Uploaded python3-lxc 3.0.0~beta1 to Ubuntu 18.04 and PPAs.
  • Uploaded lxc-templates 3.0.0~beta1 to Ubuntu 18.04 and PPAs.
  • Uploaded lxcfs 3.0.0~beta1 to Ubuntu 18.04.
  • Uploaded lxc 3.0.0~beta1 to Ubuntu 18.04.
  • Uploaded lxd 3.0.0~beta1 to Ubuntu 18.04.
  • Uploaded lxd 3.0.0~beta2 to Ubuntu 18.04.
  • Several follow-up updates as we move content between packages and get automated tests to pass again.
Snap
  • Switched to Go 1.10.
  • Updated edge packaging to support LXD clustering.
  • Updated liblxc handling to reduce build time and automatically pick the right version of the library.
  • Created a new beta channel using the latest beta of all components.

Sean Davis: Parole Media Player 1.0.0 Released

Dje, 04/03/2018 - 2:38md

It’s here, it’s finally here! The first 1.0 release of Parole Media Player has finally arrived. This release greatly improves the user experience for users without hardware-accelerated video and includes several fixes.

What’s New? Parole 0.9.x Developments

If you’ve been following along with the stable release channel, you have a lot of updates to catch up on. Here’s a quick recap. For everybody else, skip to the next header.

  • Parole 0.9.0 introduced a new mini mode, boosted X11 playback, and made the central logo clickable. When your playlist is complete, the “play” logo changes to a “replay” logo.
  • Parole 0.9.1 improved support for remote files and live stream playback. Older code was stripped away to make Parole even leaner and faster.
  • Parole 0.9.2 introduced a keyboard shortcuts helper (Help > Keyboard Shortcuts), fixed numerous bugs, and included a huge code cleanup and refactor.
Parole 1.0.0: New Feature, Automatic Video Playback Output
  • We’ve finally resolved the long-standing “Could not initialise Xv output” error (Xfce #11950) that has plagued a number of our users, both in virtual machines and on real hardware.
  • In the past, we were delighted when we were able to implement the Clutter backend to solve this issue, but that API proved to be unstable and difficult to maintain between releases.
  • Now, we are using the “autoimagesink” for our newly defaulted “Automatic” video output option. This sink provides the best available sink (according to GStreamer) for the available environment, and should produce great results no matter the setup.
Parole 1.0.0: Bug Fixes
  • Fixed 32-bit crashes when using the MPRIS2 plugin (LP: #1374887)
  • Fixed crash on “Clear History” button press (LP: #1214514)
  • Fixed appdata validation (Xfce #13632)
  • Fixed full debug builds and resolved implicit-fallthrough build warning
  • Replaced stock icon by freedesktop.org compliant option (Xfce #13738)
Parole 1.0.0: Translations

Albanian, Arabic, Asturian, Basque, Bulgarian, Catalan, Chinese (China), Chinese (Taiwan), Croatian, Czech, Danish, Dutch, English (Australia), Finnish, French, Galician, German, Greek, Hebrew, Hungarian, Icelandic, Indonesian, Italian, Japanese, Kazakh, Korean, Lithuanian, Malay, Norwegian Bokmål, Occitan (post 1500), Polish, Portuguese, Portuguese (Brazil), Russian, Serbian, Slovak, Spanish, Swedish, Thai, Turkish, Uighur, Ukrainian

Downloads

Parole Media Player 1.0.0 is included in Xubuntu 18.04. Check it out this week when you test out the Beta!

sudo apt update sudo apt install parole

The latest version of Parole Media Player can always be downloaded from the Xfce archives. Grab version 1.0.0 from the below link.

https://archive.xfce.org/src/apps/parole/1.0/parole-1.0.0.tar.bz2

  • SHA-256: 6666b335aeb690fb527f77b62c322baf34834b593659fdcd21d21ed3f1e14010
  • SHA-1: ed56ab0ab34db6a5e0924a9da6bf2ee91233da8a
  • MD5: d00d3ca571900826bf5e1f6986e42992

Sean Davis: Xfce Settings 4.12.2 Released

Dje, 04/03/2018 - 1:33md

Xfce has been steadily heading towards it’s GTK+ 3 future with Xfce 4.14, but that doesn’t mean our current stable users have been left behind. We’ve got some new features, bug fixes, and translations for you!

What’s New? New Features
  • Default monospace font option in the Appearance dialog
  • Improved support for embedded DisplayPort connectors on laptops
  • Show location of the mouse pointer on keypress (as seen in the featured image)
Bug Fixes
  • Leave monitors where they were if possible (Xfce #14096)
  • syncdaemon not starting with certain locales
  • division by 0 crash from gdk_screen_height_mm()
Translation Updates

Arabic, Asturian, Basque, Bengali, Bulgarian, Catalan, Chinese (China), Chinese (Hong Kong), Chinese (Taiwan), Croatian, Czech, Danish, Dutch, English (Australia), English (United
Kingdom), Finnish, French, Galician, German, Greek, Hebrew, Hungarian, Icelandic, Indonesian, Italian, Japanese, Kazakh, Korean, Lithuanian, Malay, Norwegian Bokmål, Norwegian Nynorsk, Occitan (post 1500), Polish, Portuguese, Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Uighur, Ukrainian

Downloads

The latest version of Xfce Settings can always be downloaded from the Xfce archives. Grab version 4.12.2 from the below link.

http://archive.xfce.org/src/xfce/xfce4-settings/4.12/xfce4-settings-4.12.2.tar.bz2

  • SHA-256: af0e3c0a6501fc99e874103f2597abd1723f06c98f4d9e19a9aabf1842cc2f0d
  • SHA-1: 5991f4a542a556c24b6d8f5fe4698992e42882ae
  • MD5: 32263f1b704fae2db57517a2aff4232d

Xubuntu: Testing for Xubuntu

Dje, 04/03/2018 - 9:21pd

Xubuntu 18.04 “Bionic Beaver” is just around the corner. The first beta milestone arrives next week, and the final release is a little over a month away. 18.04 is an LTS release, meaning it has a 3-year support cycle and is definitely recommended for all users. Or it would be, if we knew it was ready. Stick around… this is a bit of a long read, but it’s important.

The ISO Tracker has seen little activity for the last few development cycles. We know we have some excited users already using and testing 18.04. But without testing results being recorded anywhere, we have to assume that nobody is testing the daily images and milestones. And this has major implications for both the 18.04 release and the project as a whole.

From the perspective of the QA team, and with full support from the development team – If we aren’t able to gauge an ISO at any of the milestones (Beta, Final Beta, Release Candidate, and the LTS Point Release), how can we possibly mark those as “Ready for Release”? And why should we?

It is notable that following any of our releases, often within less than a day, we have multiple reports of issues that were NEVER seen on the ISO Tracker. With the current SRU procedure, this means that all users will now have a minimum of 7 days before they can possibly see a fix. With development and testing time, these fixes may take significantly longer or never even make it into the 3-year support release.

Xubuntu is a community project. That includes all of you. If the community doesn’t care until it’s too late, what should we take from that? In fact, community support is part of the deal every flavor makes with Canonical to enable all of the things that make it possible for the flavor to exist. It’s actually the first bullet point in remaining a recognized flavor:

  • Image has track record of community interested in creating, supporting and promoting its use.
Ready to help? Let’s do this.

It is now time for the community to step up. Test ISOs, test the versions of packages you regularly use, check for any regressions, and record your results! Our ISO builds EVERY day around 0200UTC and the newest daily ISO is then available shortly after. The daily build can always be found on the daily builds page, regardless of the current development release name.

For those of you who do not believe you can help… you can!

Regression Testing

How hard is it to check for regression? Use the software you use every day. Does it work differently than it used to?

  • If not, no regression!
  • If it does, but works better than before, no regression!
  • Anything else, you’ve found a regression. Report it !
ISO Testing

How hard is it to check an ISO? If you have at 1Gb of disk space available, read on.

  • If you have sufficient disk space for a 10Gb file, you can probably use a virtual machine to run installation and post-installation tests.
  • If you are able to virtualize but lack the disk space for a full installation, consider using a VM to verify the ISO boots and applications run on the live disk.
  • If you have physical media available, either a DVD-R (RW to not waste the media on daily tests) or 2+ Gb capacity USB stick, you can boot Xubuntu from the media and perform installation, post-installation, and live testing.
More Information

In May of 2017, we ran a session on IRC for prospective testers. Other than our regular visitors, one new prospective tester attended and shared in the discussion. The logs for that session are still available if you want to spend 10 minutes checking out how easy it is to help.

We hope that you’ll join us in making Xubuntu 18.04 a success. We think it’s going to be the best release ever, but if the community can’t find the time to contribute to the release, we can’t guarantee we can have one.

David Tomaschik: OpenSSH Two Factor Authentication (But Not Service Accounts)

Sht, 03/03/2018 - 9:00pd

Very often, people hear “SSH” and “two factor authentication” and assume you’re talking about an SSH keypair that’s got the private key protected with a passphrase. And while this is a reasonable approximation of a two factor system, it’s not actually two factor authentication because the server is not using two separate factors to authenticate the user. The only factor is the SSH keypair, and there’s no way for the server to know if that key was protected with a passphrase. However, OpenSSH has supported true two factor authentication for nearly 5 years now, so it’s quite possible to build even more robust security.

Read more...

The Fridge: Ubuntu 16.04.4 LTS released

Sht, 03/03/2018 - 1:01pd
The Ubuntu team is pleased to announce the release of Ubuntu 16.04.4 LTS (Long-Term Support) for its Desktop, Server, and Cloud products, as well as other flavours of Ubuntu with long-term support. Like previous LTS series', 16.04.4 includes hardware enablement stacks for use on newer hardware. This support is offered on all architectures except for 32-bit powerpc, and is installed by default when using one of the desktop images. Ubuntu Server defaults to installing the GA kernel, however you may select the HWE kernel from the installer bootloader. As usual, this point release includes many updates, and updated installation media has been provided so that fewer updates will need to be downloaded after installation. These include security updates and corrections for other high-impact bugs, with a focus on maintaining stability and compatibility with Ubuntu 16.04 LTS. Kubuntu 16.04.4 LTS, Xubuntu 16.04.4 LTS, Mythbuntu 16.04.4 LTS, Ubuntu GNOME 16.04.4 LTS, Lubuntu 16.04.4 LTS, Ubuntu Kylin 16.04.4 LTS, Ubuntu MATE 16.04.4 LTS and Ubuntu Studio 16.04.4 LTS are also now available. More details can be found in their individual release notes: https://wiki.ubuntu.com/XenialXerus/ReleaseNotes#Official_flavours Maintenance updates will be provided for 5 years for Ubuntu Desktop, Ubuntu Server, Ubuntu Cloud, Ubuntu Base, and Ubuntu Kylin. All the remaining flavours will be supported for 3 years. To get Ubuntu 16.04.4 --------------------- In order to download Ubuntu 16.04.4, visit: http://www.ubuntu.com/download Users of Ubuntu 14.04 will be offered an automatic upgrade to 16.04.4 via Update Manager. For further information about upgrading, see: https://help.ubuntu.com/community/XenialUpgrades

 

https://lists.ubuntu.com/archives/ubuntu-announce/2018-March/000229.html

Originally posted to the Ubuntu Release mailing list on Thu Mar 1 21:09:03 UTC 2018 by Lukasz Zemczak, on behalf of the Ubuntu Release Team

Bryan Quigley: Stop changing the clocks

Hën, 19/02/2018 - 1:00pd

Florida, Tennessee, the EU and more are considering one timezone for the entire year - no more changing the clocks. Massachusetts had a group study the issue and recommend making the switch, but only if a majority of Northeast states decide to join them. I would like to see the NJ legislature vote to join them.

Interaction between countries would be helped by having one less factor that can impact collaboration. Below are two examples of ways this will help.

Meeting Times

Let's consider a meeting scheduled in EST with partipants from NJ, the EU, and Arizona.
NJ - normal disruption of changing times, but the clock time for the meeting stays the same.
Arizona - The clock time for the meeting changes twice a year.
EU - because they also change their clocks at different points throughout the year. Due to this, they have 4 clock time changes during each year.

This gets more complicated as we add partipants from more countries. UTC can help, but any location that has a time change has to be considered for both of it's timezones.

Global shift work or On-call

Generally, these are scheduled in UTC, but the shifts people actually work are in their local time. That can be disruptive in other ways, like finding child care.

In conclusion, while these may be minor compared to other concerns (like the potential health effects associated with change the clocks), the concerns of global collaboration should also be considered.

Daniel Pocock: SwissPost putting another nail in the coffin of Swiss sovereignty

Dje, 18/02/2018 - 11:17md

A few people have recently asked me about the SwissID, as SwissPost has just been sending spam emails out to people telling them "Link your Swiss Post user account to SwissID".

This coercive new application of technology demands users email addresses and mobile phone numbers "for security". A web site coercing people to use text messages "for security" has quickly become a red flag for most people and many blogs have already covered why it is only an illusion of security, putting your phone account at risk so companies can profit from another vector for snooping on you.

SwissID is not the only digital identity solution in Switzerland but as it is run by SwissPost and has a name similar to another service it is becoming very well known.

In 2010 they began offering a solution which they call SuisseID (notice the difference? They are pronounced the same way.) based on digital certificates and compliant with Swiss legislation. Public discussion focussed on the obscene cost with little comment about the privacy consequences and what this means for Switzerland as a nation.

Digital certificates often embed an email address in the certificate.

With SwissID, however, they have a web site that looks like little more than vaporware, giving no details at all whether certificates are used. It appears they are basically promoting an app that is designed to harvest the email addresses and phone numbers of any Swiss people who install it, lulling them into that folly by using a name that looks like their original SuisseID. If it looks like phishing, if it feels like phishing and if it smells like phishing to any expert takes a brief sniff of their FAQ, then what else is it?

The thing is, the original SuisseID runs on a standalone smartcard so it doesn't need to have your mobile phone number, have permissions to all the data in your phone and be limited to working in areas with mobile phone signal.

The emails currently being sent by SwissPost tell people they must "Please use a private e-mail address for this purpose" but they don't give any information about the privacy consequences of creating such an account or what their app will do when it has access to read all the messages and contacts in your phone.

The actions you can take that they didn't tell you about
  • You can post a registered letter to SwissPost and tell them that for privacy reasons, you are immediately retracting the email addresses and mobile phone numbers they currently hold on file and that you are exercising your right not to give an email address or mobile phone number to them in future.
  • If you do decide you want a SwissID, create a unique email address for it and only use that email address with SwissPost so that it can't be cross-referenced with other companies. This email address is also like a canary in a coal mine: if you start receiving spam on that email address then you know SwissPost/SwissID may have been hacked or the data has been leaked or sold.
  • Don't install their app and if you did, remove it and you may want to change your mobile phone number.

Oddly enough, none of these privacy-protecting ideas were suggested in the email from SwissPost. Who's side are they on?

Why should people be concerned?

SwissPost, like every postal agency, has seen traditional revenues drop and so they seek to generate more revenue from direct marketing and they are constantly looking for ways to extract and profit from data about the public. They are also a huge company with many employees: when dealing with vast amounts of data in any computer system, it only takes one employee to compromise everything: just think of how Edward Snowden was able to act alone to extract many of the NSA's most valuable secrets.

SwissPost is going to great lengths to get accurate data on every citizen and resident in Switzerland, including deploying an app to get your mobile phone number and demanding an email address when you use their web site. That also allows them to cross-reference with your IP addresses.

  • Any person or organization who has your email address or mobile number may find it easier to get your home address.
  • Any person or organization who has your home address may be able to get your email address or mobile phone number.
  • When you call a company from your mobile phone and their system recognizes your phone number, it becomes easier for them to match it to your home address.
  • If SwissPost and the SBB successfully convince a lot of people to use a SwissID, some other large web sites may refuse to allow access without getting you to link them to your SwissID and all the data behind it too. Think of how many websites already try to coerce you to give them your mobile phone number and birthday to "secure" your account, but worse.

The Google factor

The creepiest thing is that over seventy percent of people are apparently using Gmail addresses in Switzerland and these will be a dependency of their registration for SwissID.

Given that SwissID is being promoted as a solution compliant with ZertES legislation that can act as an interface between citizens and the state, the intersection with such a powerful foreign actor as Gmail is extraordinary. For example, if people are registering to vote in Switzerland's renowned referendums and their communication is under the surveillance of a foreign power like the US, that is a mockery of democracy and it makes the allegations of Russian election hacking look like child's play.

Switzerland's referendums, decentralized system of Government, part-time army and privacy regime are all features that maintain a balance between citizen and state: by centralizing power in the hands of SwissID and foreign IT companies, doesn't it appear that the very name SwissID is a mockery of the Swiss identity?

No canaries were harmed in the production of this blog.

Dustin Kirkland: 10 Amazing Years of Ubuntu and Canonical

Pre, 16/02/2018 - 6:12md
February 2008, Canonical's office in Lexington, MA10 years ago today, I joined Canonical, on the very earliest version of the Ubuntu Server Team!
And in the decade since, I've had the tremendous privilege to work with so many amazing people, and the opportunity to contribute so much open source software to the Ubuntu ecosystem.
Marking the occasion, I've reflected about much of my work over that time period and thought I'd put down in writing a few of the things I'm most proud of (in chronological order)...  Maybe one day, my daughters will read this and think their daddy was a real geek :-)1. update-motd / motd.ubuntu.com (September 2008)Throughout the history of UNIX, the "message of the day" was always manually edited and updated by the local system administrator.  Until Ubuntu's message-of-the-day.  In fact, I received an email from Dennis Ritchie and Jon "maddog" Hall, confirming this, in April 2010.  This started as a feature request for the Landscape team, but has turned out to be tremendously useful and informative to all Ubuntu users.  Just last year, we launched motd.ubuntu.com, which provides even more dynamic information about important security vulnerabilities and general news from the Ubuntu ecosystem.  Mathias Gug help me with the design and publication.2. manpages.ubuntu.com (September 2008)This was the first public open source project I worked on, in my spare time at Canonical.  I had a local copy of the Ubuntu archive and I was thinking about what sorts of automated jobs I could run on it.  So I wrote some scripts that extracted the manpages out of each one, formatted them as HTML, and published into a structured set of web directories.  10 years later, it's still up and running, serving thousands of hits per day.  In fact, this was one of the ways we were able to shrink the Ubuntu minimal image, but removing the manpages, since they're readable online.  Colin Watson and Kees Cook helped me with the initial implementation, and Matthew Nuzum helped with the CSS and Ubuntu theme in the HTML.3. Byobu (December 2008)If you know me at all, you know my passion for the command line UI/UX that is "Byobu".  Byobu was born as the "screen-profiles" project, over lunch at Google in Mountain View, in December of 2008, at the Ubuntu Developer Summit.  Around the lunch table, several of us (including Nick Barcet, Dave Walker, Michael Halcrow, and others), shared our tips and tricks from our own ~/.screenrc configuration files.  In Cape Town, February 2010, at the suggestion of Gustavo Niemeyer, I ported Byobu from Screen to Tmux.  Since Ubuntu Servers don't generally have GUIs, Byobu is designed to be a really nice interface to the Ubuntu command line environment.4. eCryptfs / Ubuntu Encrypted Home Directories (October 2009)I was familiar with eCryptfs from its inception in 2005, in the IBM Linux Technology Center's Security Team, sitting next to Michael Halcrow who was the original author.  When I moved to Canonical, I helped Michael maintain the userspace portion of eCryptfs (ecryptfs-utils) and I shepherded into Ubuntu.  eCryptfs was super powerful, with hundreds of options and supported configurations, but all of that proved far to difficult for users at large.  So I set out to simplify it drastically, with an opinionated set of basic defaults.  I started with a simple command to mount a "Private" directory inside of your home directory, where you could stash your secrets.  A few months later, on a long flight to Paris, I managed to hack a new PAM module, pam_ecryptfs.c, that actually encrypted your entire home directory!  This was pretty revolutionary at the time -- predating Apple's FileVault or Microsoft's Bitlocker, even.  Today, tens of millions of Ubuntu users have used eCryptfs to secure their personal data.  I worked closely with Tyler Hicks, Kees Cook, Jamie Strandboge, Michael Halcrow, Colin Watson, and Martin Pitt on this project over the years.5. ssh-import-id (March 2010)With the explosion of virtual machines and cloud instances in 2009 / 2010, I found myself constantly copying public SSH keys around.  Moreover, given Canonical's globally distributed nature, I also regularly found myself asking someone for their public SSH keys, so that I could give them access to an instance, perhaps for some pair programming or assistance debugging.  As it turns out, everyone I worked with, had a Launchpad.net account, and had their public SSH keys available there.  So I created (at first) a simple shell script to securely fetch and install those keys.  Scott Moser helped clean up that earliest implementation.  Eventually, I met Casey Marshall, who helped rewrite it entirely in Python.  Moreover, we contacted the maintainers of Github, and asked them to expose user public SSH keys by the API -- which they did!  Now, ssh-import-id is integrated directly into Ubuntu's new subiquity installer and used by many other tools, such as cloud-init and MAAS.6. Orchestra / MAAS (August 2011)In 2009, Canonical purchased 5 Dell laptops, which was the Ubuntu Server team's first "cloud".  These laptops were our very first lab for deploying and testing Eucalyptus clouds.  I was responsible for those machines at my house for a while, and I automated their installation with PXE, TFTP, DHCP, DNS, and a ton of nasty debian-installer preseed data.  That said -- it worked!  As it turned out, Scott Moser and Mathias Gug had both created similar setups at their houses for the same reason.  I was mentoring a new hire at Canonical, named Andres Rodriquez at the time, and he took over our part-time hacks and we worked together to create the Orchestra project.  Orchestra, itself was short lived.  It was severely limited by Cobbler as a foundation technology.  So the Orchestra project was killed by Canonical.  But, six months later, a new project was created, based on the same general concept -- physical machine provisioning at scale -- with an entire squad of engineers led by...Andres Rodriguez :-)  MAAS today is easily one of the most important projects the Ubuntu ecosystem and one of the most successful products in Canonical's portfolio.7. pollinate / pollen / entropy.ubuntu.com (February 2014)In 2013, I set out to secure Ubuntu at large from a set of attacks ranging from insufficient entropy at first boot.  This was especially problematic in virtual machine instances, in public clouds, where every instance is, by design, exactly identical to many others.  Moreover, the first thing that instance does, is usually ... generate SSH keys.  This isn't hypothetical -- it's quite real.  Raspberry Pi's running Debian were deemed susceptible to this exact problem in November 2015.  So designed and implemented a client (shell script that runs at boot, and fetches some entropy from one to many sources), as well as a high-performance server (golang).  The client is the 'pollinate' script, which runs on the first boot of every Ubuntu server, and the server is the cluster of physical machines processing hundreds of requests per minute at entropy.ubuntu.com.  Many people helped review the design and implementation, including Kees Cook, Jamie Strandboge, Seth Arnold, Tyler Hicks, James Troup, Scott Moser, Steve Langasek, Gustavo Niemeyer, and others.8. The Orange Box (May 2014)In December of 2011, in my regular 1:1 with my manager, Mark Shuttleworth, I told him about these new "Intel NUCs", which I had bought and placed them around my house.  I had 3, each of which was running Ubuntu, and attached to a TV around the house, as a media player (music, videos, pictures, etc).  In their spare time, though, they were OpenStack Nova nodes, capable of running a couple of virtual machines.  Mark immediately asked, "How many of those could you fit into a suitcase?"  Within 24 hours, Mark had reached out to the good folks at TranquilPC and introduced me to my new mission -- designing the Orange Box.  I worked with the Tranquil folks through Christmas, and we took our first delivery of 5 of these boxes in January of 2014.  Each chassis held 10 little Intel NUC servers, and a switch, as well as a few peripherals.  Effectively, it's a small data center that travels.  We spend the next 4 months working on the hardware under wraps and then unveiled them at the OpenStack Summit in Atlanta in May 2014.  We've gone through a couple of iterations on the hardware and software over the last 4 years, and these machines continue to deliver tremendous value, from live demos on the booth, to customer workshops on premises, or simply accelerating our own developer productivity by "shipping them a lab in a suitcase".  I worked extensively with Dan Poler on this project, over the course of a couple of years.9. Hollywood (December 2014)Perhaps the highlight of my professional career came in October of 2016.  Watching Saturday Night Live with my wife Kim, we were laughing at a skit that poked fun at another of my favorite shows, Mr. Robot.  On the computer screen behind the main character, I clearly spotted Hollywood!  Hollywood is just a silly, fun little project I created on a plane one day, mostly to amuse Kim.  But now, it's been used in Saturday Night LiveNBC Dateline News, and an Experian TV commercials!  Even Jess Frazelle created a Docker container. 10. petname / golang-petname / python-petname (January 2015)From "warty warthog" to "bionic beaver", we've always had a focus on fun, and user experience here in Ubuntu.  How hard is it to talk to your colleague about your Amazon EC2 instance, "i-83ab39f93e"?  Or your container "adfxkenw"?  We set out to make something a little more user-friendly with our "petnames".  Petnames are randomly generated "adjective-animal" names, which are easy to pronounce, spell, and remember.  I curated and created libraries that are easily usable in Shell, Golang, and Python.  With the help of colleagues like Stephane Graber and Andres Rodriguez, we now use these in many places in the Ubuntu ecosystem, such as LXD and MAAS.

If you've read this post, thank you for indulging me in a nostalgic little trip down memory lane!  I've had an amazing time designing, implementing, creating, and innovating with some of the most amazing people in the entire technology industry.  And here's to a productive, fun future!

Cheers,
:-Dustin

Faqet