rfc2822's blog

Android is as “open” as Windows 2000 when the source code has been leaked

As a former Android evangelist, I have reconsidered my views and have come to the conclusion that Android is not an “open” but a proprietary platform. Google themselves say that Android is not the goal, but a “vehicle” to ensure all people (including the ones using other platforms like Google’s own Chrome platform, but also iOS and Windows) use and are fully dependent on all the other Google services.

To make it short: Android is as “open” as Windows 2000 when the source code has been leaked.

What makes the difference between an “open” platform and a proprietary one? Let’s have a look at some properties of the Android platform:

You (as the customer, not as a device manufacturer) can’t modify it for yourself (because your device manufacturer puts it onto your device and you are not allowed to be root on your own device; if you flash it, you lose your warranty)
You can’t modify it for others (for the same reason: if you fork and release a modified version yourself, nobody will use it because as a user, you can’t decide which system you use – you get a version from your device manufacturer or service provider, and those cooperate with Google and won’t do anything that Google doesn’t want). You may of course do some free work for Google and contribute patches, but you may only do the dirty work. Decisions are made by Google only, APIs are designed by Google only.
Strategy decisions are made by Google for the sole purpose of increasing market share and sales (that’s what companies do). There’s no claim to be open or fair, there are no rules.
You don’t have the possibility to get involved in any way. Google has absolute power over the whole project, there is no democratic cooperation with developers – It’s sink or swim. In contrast, other Linux flavours are developed in a much more open way.
From the beginning, there have been questionable decisions regarding open formats, tools etc. How many Linux systems without gzip, bzip2 and Ext support do you know? Why doesn’t MTP work with connected Linux PCs (I tried several MTP clients) but “requires Windows XP SP3+” (that’s what a Samsung Note 10.1 told me when I tried to connect it with a Linux PC using MTP; of course file transfers > 1 GB always fail)?
Android is only a “vehicle” on the way to make all people depend on Google services. It forces you to use proprietary Google services (Gmail instead of email [WHY do I need a GMAIL account to use Android? A Google account with every other email address would be enough, but no, it has to be GMail!], Google Calendar instead of CalDAV, Hangouts instead of XMPP, Google+ instead of RSS/Atom [even if Reader won’t rise from the dead, it’s obvious that Google wants all content providers to “share on Google+” instead of providing an RSS feed])
It forces you to do things you don’t want to do (I don’t want to have a Google+ profile, never did, and now I can’t rate apps any more because a Google+ profile is required for that). Also, nearly every click on any Google site encourages me to finally create my Google+ profile and drown into debility, or to enter my real name or mobile phone number etc.
Oh, apps – the Play market is not “open” because there’s an entry fee and non-conforming apps like ad-blockers are being removed from the market.
They call it “open” and emphasise that it’s based on Linux just to make people think they are the “good ones”. (Also think about the Summer of Code – how many money does Google spend and what’s the purpose of all this?)
Of course, Google doesn’t give a sh*t about data protection and ignores laws (at least in the EU), but that’s another story.

Summary: They have chosen Linux to get a good base system and the “open-source” or “free software bonus” in the geek scene, but Android is a fully proprietary system whose only purpose is to increase the market share of proprietary Google services. There’s nothing open about it.

If you’re concerned about open platforms, you may have to look for alternatives.

View Separately

Drawn with GfxTablet :)

Postfix + ClamAV + SpamAssassin without Amavis

Postfix mail filtering with clamdscan and spamc, no amavisd needed.

postfix/master.cf:

smtp      inet  n       -       n       -       -       smtpd
  -o content_filter=scanner:dummy

scanner    unix  -       n       n       -       4       pipe
  flags=Rq user=nobody null_sender=
  argv=/opt/mail-scanner.sh -f ${sender} -- ${recipient}

In this configuration, mail-scanner processes will be limited to 4 (meaning up to 4 simultaneous clamdscan / spamc calls).

/opt/mail-scanner:

#!/bin/sh

EX_OK=0
EX_BOUNCE=69
EX_DEFER=75

SENDMAIL="/usr/sbin/sendmail -G -i"

# prepare for scanning
INPUT=`mktemp /tmp/mail-scanner.XXXXXXXX`
OUTPUT=`mktemp /tmp/mail-scanner.XXXXXXXX`
if [ "$?" != 0 ]; then
    logger -s -p mail.warning -t scanner "Unable to create temporary files, deferring"
    exit $EX_DEFER
fi
trap "rm -f $INPUT $OUTPUT" EXIT TERM
cat &gt;$INPUT

# check for viruses
/usr/local/bin/clamdscan --quiet - &lt;$INPUT
return="$?"
if [ "$return" = 1 ]; then
    logger -p mail.info "ClamAV found virus, discarding"
    exit $EX_OK
elif [ "$return" != 0 ]; then
    logger -s -p mail.warning -t scanner "Temporary ClamAV failure $return, deferring"
    exit $EX_DEFER
fi

# check for spam
/usr/local/bin/spamc -u spamd -E -x &lt;$INPUT &gt;$OUTPUT
return="$?"
if [ "$return" = 1 ]; then
    logger -p mail.info "SpamAssassin found spam, discarding"
    exit $EX_OK
elif [ "$return" != 0 ]; then
    logger -s -p mail.warning -t scanner "Temporary SpamAssassin failure $return, delivering"
    # 1) deliver original mail
    OUTPUT=$INPUT
    # 2) or defer instead of delivering:
    # exit $EX_DEFER
fi

# deliver
$SENDMAIL "$@" &lt;$OUTPUT
exit $?

Q:Hello, I'm so sad that the sources of myisam_suggest are not anymore on your blog... If you still have them, can you send them to me ? Thanks by advance !

Anonymous

Do you still need the sources? Found them here: http://contrib.spip.net/IMG/c/myisam_suggest.c

Maybe I’ll upload them on github somewhen.

[X.org] Use your Android tablet as a graphics tablet

Important update: This article is obsolete because there is a new version of the app, including a uinput driver instead of the X.org input driver available here: http://rfc2822.github.com/GfxTablet/

Motivation

Recently, we have bought an Android tablet for our company. The touch-screen is pressure-sensitive and can be used with a stylus pen. While there are many apps for all kinds of use, I couldn’t find anything that allows me to use the tablet as a graphics tablet for my desktop PC.

So I have decided to make the Android tablet a “graphics tablet”. The drawing data should be transmitted via network (WiFi). Because I use Linux, my choice was to write two pieces of software:

an Android app that shows a canvas and sends all touch events via network to the PC
an input driver that receives the data via network and posts them to the operating system / graphics server.

Please note that there is no input driver for Windows, so this won’t work under Windows. I don’t use Windows and therefore don’t plan to write one, but if you are interested in doing so, please tell me.

Demonstration

You can see the virtual network tablet in action here:

http://www.youtube.com/watch?v=QgTm2TEt4Yc (BTW, it’s not me on the video)

The app: XorgTablet GfxTablet

GfxTablet homepage

~~Source code of the XorgTablet app~~

Requirements: Android 4.0+, touch-screen (ideally with stylus pen, and ideally large)

How to use:

~~Just download the XorgTablet .apk file and install it on your phone (make sure that installation of non-Play apps is allowed in Settings / Applications).~~
Start the app, choose “Settings”
Enter a host name or IP address instead of the pre-configured 127.0.0.1.
Hover and touch events will be sent via UDP to the specified host at port 40117. You may use tcpdump or Wireshark on this port to watch the data.

The X.org input driver: xf86-networktablet

~~Source code of the xf86-networktablet input driver~~

~~How to compile / use:~~

Install the necessary packages for compiling. On my testing machine (I have developed in a VirtualBox) which is running Ubuntu 11.10, I can find git, gcc, libtool, make, xserver-xorg-dev, xtrans-dev, xutils-dev, libx11-dev and many others. Depending on your distribution, you may need other packages, but in any case you will need the X.org development packages.
~~Download the code from Github: git clone https://github.com/rfc2822/xf86-networktablet.git~~
~~Adapt the Makefile, if required. Compile with make, install with sudo make install. Now there should be a file called networktablet_drv.so in /usr/lib/xorg/modules/input.~~
~~Add the xf86-networktablet virtual tablet to your X.org configuration. A minimal /etc/X11/xorg.conf would look like this:~~
```
Section "ServerLayout"
    Identifier     "DefaultLayout"
    InputDevice    "NetworkTablet0"
EndSection

Section "InputDevice"
    Identifier     "NetworkTablet0"
    Driver         "networktablet"
EndSection
```
~~When you restart your X server, you should be able to see the XorgTablet in the logs, and xinput list should show a “NetworkTablet0” device.~~
~~Now the virtual tablet listens on 0.0.0.0:40117 for UDP packets. You may now control it via the XorgTablet app.~~

Using the network tablet with GIMP

You can use the network tablet as a graphics tablet in GIMP, too: Edit / Input Devices / Network tablet / Mode: set to Screen. Now you can draw on your Android tablet and all events will be sent directly to GIMP, including the pressure.

My favourite hotel directory

They’d just need to couple it with www.hotel-os.com to make it perfect!

ASUS “Overclocking failed” without even overclocking

I had a strange problem with an ASUS mainboard that sometimes turned off immediately after switching on, then at the next try saying “Overclocking failed”. After entering the BIOS and rebooting, everything worked.

After some investigation, I managed to identify a defect power switch on the PC case as the root of the problem. The switch has a rubber damping which held the switch in position too long when it was pressed. When turning on the PC, the switch didn’t release fast enough, so it was pressed >4 seconds and the PC turned off again sometimes.

Apparently, the ASUS BIOS thinks there is an “overclocking failure” when the PC is turned off a few seconds after power-on (as it may be when overclocking leads to too high temperatures). So this message isn’t related to specific overclocking settings.

The solution was to fix the power switch on the case by replacing the spring with a stronger one.

[DD-WRT] IPv6 and 6to4 with dynamic WAN IP

If you have a dynamically assigned WAN IP address (for instance, with PPPoE) and want to configure IPv6 with 6to4 (Teredo) on DD-WRT:

Be sure to meet the http://www.dd-wrt.com/wiki/index.php/IPv6#Prerequisites. You can also find IPv6 instructions on this page, but I have adapted them to my configuration. Be sure that you can ping 192.88.99.1 (the next 6to4 gateway should respond to this IP address).
Enable (and clean) JFFS2 in Administration / Management, if not already done (we’ll need this to store our configuration script on a non-volatile memory)-
Enable IPv6 and radvd in Administration / Management. Paste this into “Radvd config”:
```
interface br0 {
   MinRtrAdvInterval 3; 
   MaxRtrAdvInterval 10; 
   AdvLinkMTU 1280; 
   AdvSendAdvert on;
   prefix 0:0:0:1::/64 {
    AdvOnLink on;
    AdvAutonomous on;
    AdvValidLifetime 86400;
    AdvPreferredLifetime 86400;
    Base6to4Interface ppp0;
  };
};
```
The Base6to4Interface parameter has to be set to your WAN interface (ppp0 in my case, could also be vlan2 or something else). It tells radvd to construct the global-scope IPv6 block from the WAN IPv4 address.

I don’t know if the short router advertisement intervals are necessary because radvd will be restarted on IP address change. However, it works so I have decided to keep the lines for demonstration purposes.

This configuration will enable IPv6 and create /tmp/radvd.conf with the specified content when booting.

Use telnet or SSH to create the file /jffs/etc/config/6to4.wanup:

#!/bin/sh

# remove 6to4 tunnel and IPv6 addresses from your previous WAN IP
ip tunnel del tun6to4
ip -6 addr flush dev br0 scope global
ip -6 addr flush dev tun6to4

# use WAN IP to construct 6to4 IPv6 block address
WAN_IP=$(ip -4 addr show dev ppp0 | grep 'inet ' | awk '{print $2}' | cut -d/ -f1) 
IPV6_PREFIX=$(printf '2002:%02x%02x:%02x%02x' $(echo $WAN_IP | tr . ' '))

# set up 6to4 tunnel
ip tunnel add tun6to4 mode sit ttl 255 remote any local $WAN_IP 
ip link set tun6to4 mtu 1280 
ip link set tun6to4 up 
# add your 6to4 block to tunnel
ip addr add $IPV6_PREFIX:0::1/16 dev tun6to4 
# assign first IP of your 6to4 block to router
ip addr add $IPV6_PREFIX:1::1/64 dev br0 
# global, routable Unicast addresses can be reached via 192.88.99.1 (6to4 gateway)
ip -6 route add 2000::/3 via ::192.88.99.1 dev tun6to4 

# (re)start radvd
if [ -f /var/run/radvd.pid ]
then
    kill -HUP $(cat /var/run/radvd.pid)
else
    radvd -C /tmp/radvd.conf
fi

# view the timestamp of this file to see when this script has been executed
touch /tmp/6to4.is_up

Make sure to replace ppp0 in the WAN_IP assignment line if your WAN interface is not ppp0.

That’s it. /jffs/etc/config/*.wanup is executed every time the WAN interface goes up. So, just reboot your router, disconnect and connect your WAN or execute the script manually. If the script was executed, there should be a file called /tmp/6to4.is_up.
Clients get their global IPv6 address via radv (not DHCP). Make sure that you get a valid global-scoped IPv6 address when you connect a client to the router and go to some IPv6 testing site to verify your connection.

Tested with DD-WRT v24-sp2 on a Linksys WNDR3700 (a very good device in my opinion, 811.n and Gbit-capable), Tele2 ISP. I have configured their Tilgin router to be modem/bridge only, NOT a gateway. The WNDR3700 router does the PPPoE dial-up.

[Typo3] Workaround for too dark images since ImageMagick 6.7.5-5

Since ImageMagick 6.7.5-5, the colorspace “sRGB” has to be used instead of “RGB”.

This also affects Typo3 because it uses commands like '/usr/local/bin/convert' +profile '*' -geometry 150x120! -colorspace RGB '/.../typo3/sysext/install/imgs/jesus2_transp.gif'[0] '.../typo3/typo3temp/pics/install_scale_gif.gif' for its image operations (see Install Tool). The colorspace is hard-coded and can’t be changed by parameters (at least, up to the current version 4.7.4).

So, all images generated by Typo3 appear much darker. The correct solution is of course that Typo3 gets another setting for the target colorspace, so it can be set to “RGB” for older ImageMagick versions and to “sRGB” for newer ones.

Until then, you have only three possibilities:

Use an ImageMagick version < 6.7.5-5 – not recommended because there were security flaws and this solution is not future-safe.
Change the Typo3 source (see Typo3 bug report)
Use an ImageMagick wrapper that emulates the old behaviour:
1. Create a directory “imagemagick-srgb” where the wrappers will be placed and chdir into it.
2. Symlink the identify command: ln -s /usr/local/bin/identify.
3. Create a convert wrapper with the following content:
```
#!/usr/local/bin/bash
echo /usr/local/bin/convert "${@/#RGB/sRGB}"
```
4. Use the same script for “composite”.
5. Set the wrapper directory as im_path in Typo3. Make sure your other ImageMagick settings are correct, including im_combine_filename (“composite”).
6. Check graphics generation in Install tool.

[Typo3] Adding robots=noindex if no_search page option is set

To add a robots noindex meta tag for pages which have the “No search” option set (which is originally intended for the search plugin not for meta tag generation), just use this TypoScript:

page.meta {
    robots = noindex
    robots.if.isTrue.field = no_search
}

Page 1 of 6

← Newer • Older →