Planet OpenNMS

February 01, 2016

Adventures in Open Source

Add a Weather Widget to OpenNMS Home Screen

I was recently at a client site where I met a man named Jeremy Ford. He’s sharp as a knife and even though, at the time, he was new to OpenNMS, he had already hacked a few neat things into the system (open source FTW).

Weathermap on OpenNMS Home Page

One of those was the addition of a weathermap to the OpenNMS home page. He has graciously put the code up on Github.

The code is a script that will generate a JSP file in the OpenNMS “includes” directory. All you have to do then is to add a reference to it in the main index.jsp file.

For those of you who don’t know or who have never poked around, under the $OPENNMS_HOME directory should be a directory called jetty-webapps. That is the web root directory for the Jetty servlet container that ships with OpenNMS.

Under that directory you’ll find a subdirectory for opennms. When you surf to http://[my OpenNMS Server]:8980/opennms that is the directory you are visiting. In it is an index.jsp file that serves as the main page.

If you are familiar with HTML, the JSP file is very similar. It can contain references to Java code, but a lot of it is straight HTML. The file is kept simple on purpose, with each of the three columns on the main page indicated by comments. The part you will need to change is the third column:

<!-- Right Column -->
        <div class="col-md-3" id="index-contentright">
                <!-- weather box -->
                <jsp:include page="/includes/weather.jsp" flush="false" />

Feel free to look around. If you ever wanted to rearrange the OpenNMS Home page, this is a good place to start.

Now, I used to like poking around with these files since they would update automatically, but later versions of OpenNMS (which contain later versions of Jetty) seem to require a restart. If you get an error, restart OpenNMS and see if it goes away.

Now the weather.jsp file gets generated by Jeremy’s python script. In order to get that to work you’ll need to do two things. The most important is to get an API key from Weather Underground. It is a pretty easy process, but be aware that you can only do 500 queries a day without paying. The second thing you’ll need to do is edit the three URLs in the script and change the location. It is currently set to “CA/San_Francisco” but I was able to change it to “NC/Pittsboro” and it “just worked”.

Finally, you’ll need to set the script up to run via cron. I’m not sure how frequently Weather Underground updates the data, but a 10 minute interval seems to work well. That’s only 144 queries a day, so you could easily double it and still be within your limit.

[IMPORTANT UPDATE: Jeremy pointed out that the script actually does three queries, not just one, so instead of doing 144 queries a day, it’s 432. Still leaves some room with 10 minute queries but you don’t want to increase the frequency too much.]

Thanks to Jeremy for taking the time to share this. Remember, once you get it working, if you upgrade OpenNMS you’ll need to edit index.jsp and add it back, but that should be the only change needed.

by Tarus at February 01, 2016 09:29 PM

January 28, 2016

Adventures in Open Source

Dev-Jam 2016 Dates Announced

Yay! We have settled on dates for the eleventh (!) OpenNMS Dev-Jam Conference.

Dev-Jam 2015 Group Picture

Once again we will descend on the campus of the University of Minnesota for a week of fun, fellowship and hacking on OpenNMS and all things open source.

Anyone is welcome to attend, although I must stress that this is aimed at developers and it is highly unstructured. Despite that, we get a ton of things done and have a lot of fun doing it (and I’m not just saying that, there’s videos).

We stay at Yudof Hall on campus, and while that can scare older folks I want to point out the accommodation is quite nice and I’ve been told they they have recently refurbished the dorm. If you want to stay on campus the cost is US$1500 for the week which includes all meals.

If you prefer hotels, there are several nearby, and you can come to the conference for US$800.

Registration is now open and space is limited. If you think you want to come but aren’t sure, let me know and I’ll try to save you a space. We’ve sold out the last two years.

Oh, sponsorships are available as well for $2500. You will help us bring someone deserving to Dev Jam who wouldn’t ordinarily get to attend, and you’ll get your logo and link on www.opennms.org for a year.

Dev Jam!

by Tarus at January 28, 2016 09:55 PM

January 25, 2016

Adventures in Open Source

OmniROM 6.0

For the last few days it has been hard to remain true to my free and open source roots. I guess I’ve been spoiled lately with almost everything I try out “just working”, but it wasn’t so with my upgrade to OmniROM 6.0 on my Nexus 6 (shamu).

I’ve been a big fan of OmniROM since it came out, and I base my phone purchases on what handsets are officially supported. While I tend not to rush to upgrade to the latest and greatest, once the official nightlies switched to Android “Marshmallow” I decided to make the jump.

Now there are a couple of tools that I can’t live without when playing with my phone. They are the Team Win Recovery Project (TWRP) and Titanium Backup. The first lets you create easy to restore complete backups and the latter allows you to restore application status even if you factory reset your device, which I had to do.

[NOTE: I should also mention that I rely on Chainfire’s SuperSU for root. It took me awhile to find a link for it I trust.]

When I tried the first 6.0 nightlies, all I did was sideload the ROM, wipe the caches, and reboot. I liked the new “OMNI” splash screen but once the phone booted, the error “Unfortunately process com.android.phone has stopped” popped up and couldn’t be cleared. Some investigation suggested a factory reset would fix the issue, but since I didn’t want to go through the hassle of restoring all of my applications I decided to just restore OmniROM 5.1 and wait to see if a later build would fix it.

Well, this weekend we got a dose of winter weather and I ended up home bound for several days, so I decided to give it another shot. I sideloaded the latest 6.0 nightly and sure enough, the same error occurred. So I did a factory reset and, voilà, the problem went away.

Now all I had to do was reload all 100+ apps. (sigh)

I started by installing the “pico” GApps package from Open GApps and in case you were wondering, the Nexus 6 uses a 32-bit ARM processor.

I guess I really shouldn’t complain, as doing a fresh install once in awhile can clean out a bunch of kruft that I’ve installed over the past year or so, but I’ve come expect OmniROM upgrades to be pretty easy.

One of the first things I installed from the Play store was the “K-9 Mail” application. Unfortunately, it kept having problems connecting to my personal mail server (the work one was fine). The sync would error with “SocketTimeoutException: fai”. So I rebooted back to Omni 5.1 and things seemed to work okay (although I did see that error when trying to sync some of the folders). Back I went to 6.0 (see where TWRP would come in handy here?) and I noticed that when I disabled Wi-Fi, it worked fine.

As I was trying to sleep last night it hit me – I bet it has something to do with IPv6. We use true IPv6 at the office, but not to our external corporate mail server, which would explain why a server in the office would fail but the other one work. At home I’m on Centurylink DSL and they don’t offer it (well, they offer 6rd which is IPv6 encapsulated over IPv4 but not only is it not “true” IPv6 you have to pay extra for a static IP to get it to work). I use a Hurricane Electric tunnel and apparently Marshmallow utilizes a different IPv6 stack and thus has issues trying to retrieve data from my mail server when using that protocol.

(sigh)

I tried turning off IPv6 on Android. It’s not easy and I couldn’t get any of the suggestions to work. Then I found a post that suggested it was the MTU, so I reduced the MTU to 1280 and still no love.

So I turned off the HE tunnel. Bam! K-9 started working fine.

For now I’ve just decided to leave IPv6 off. While I think we need to migrate there sooner rather than later, there is nothing I absolutely have to have IPv6 for at the moment and I think as bandwidth increases, having to tunnel will start to cause performance issues. Normal traffic, such as using rsync, seems to be faster without IPv6.

That experience cost me about two days, but at the moment I’m running the latest OmniROM and I’m pretty happy with it. The one open issue I have is that the AOSP keyboard crashes if you try to swipe (gesture type) but I just installed the Google Keyboard and now it works without issue.

I have to say that there were some moments when I was very close to installing the Google factory image back on my Nexus 6. It’s funny, but the ability to shake the phone to dismiss an alarm is kind of a critical app with me. Since the last time I checked it wasn’t an available option on the Google ROM, I was willing to stick it out a little longer and figure out my issues with OmniROM.

Heh, freedom.

by Tarus at January 25, 2016 10:18 PM

January 22, 2016

Adventures in Open Source

OpenNMS at Scale

So, yes, the gang from OpenNMS will be at the SCaLE conference this weekend (I will not be there, unfortunately, due to a self-imposed conference hiatus this year). It should be a great time, and we are happy to be a Gold Sponsor.

But this post is not about that. This is about how Horizon 17 and data collection can scale. You can come by the booth at SCaLE and learn more about it, but here is the overview.

When OpenNMS first started, we leveraged the great application RRDTool for storing performance data. When we discovered a java port called JRobin, OpenNMS was modified to support that storage strategy as well.

Using a Round Robin database has a number of advantages. First, it’s compact. Once the file containing the RRD database is created, it never grows. Second, we used RRDTool to also graph the data.

However, there were problems. Many users had a need to store the raw collected data. RRDTool uses consolidation functions to store a time-series average. But the biggest issue was that writing lots of files required really fast hard drives. The more data you wanted to store, the greater your investment in disk arrays. Ultimately, you would hit a wall, which would require you to either reduce your data collection or partition out the data across multiple systems.

No more. With Horizon 17 OpenNMS fully supports a time-series database called Newts. Newts is built on Cassandra, and even a small Cassandra cluster can handle tens of thousands of inserts a second. Need more performance? Just add more nodes. Works across geographically distributed systems as well, so you get built-in high availability (something that was very difficult with RRDTool).

Just before Christmas I got to visit a customer on the Eastern Shore of Maryland. You wouldn’t think that location would be a hotbed of technical excellence, but it is rare that I get to work with such a quick team.

They brought me up for a “Getting to Know You” project. This is a two day engagement where we get to kick the tires on OpenNMS to see if it is a good fit. They had been using Zenoss Core (the free version) and they hit a wall. The features they wanted were all in the “enterprise” paid version and the free version just wouldn’t meet their needs. OpenNMS did, and being truly open source it fit their philosophy (and budget) much better.

This was a fun trip for me because they had already done most of the work. They had OpenNMS installed and monitoring their network, and they just needed me to help out on some interesting use cases.

One of their issues was the need to store a lot of performance data, and since I was eager to play with the Newts integration we decided to test it out.

In order to enable Newts, first you need a Cassandra cluster. It turns out that ScyllaDB works as well (more on that a bit later). If you are looking at the Newts website you can ignore the instructions on installing it as it it built directly into OpenNMS.

Another thing built in to OpenNMS is a new graphing library called Backshift. Since OpenNMS relied on RRDTool for graphing, a new data visualization tool was needed. Backshift leverages the RRDTool graphing syntax so your pre-defined graphs will work automatically. Note that some options, such as CANVAS colors, have not been implemented yet.

To switch to newts, in the opennms.properties file you’ll find a section:

###### Time Series Strategy ####
# Use this property to set the strategy used to persist and retrieve time series metrics:
# Supported values are:
#   rrd (default)
#   newts

org.opennms.timeseries.strategy=newts

Note: “rrd” strategy can refer to either JRobin or RRDTool, with JRobin as the default. This is set in rrd-configuration.properties.

The next section determines what will render the graphs.

###### Graphing #####
# Use this property to set the graph rendering engine type.  If set to 'auto', attempt
# to choose the appropriate backend depending on org.opennms.timeseries.strategy above.
# Supported values are:
#   auto (default)
#   png
#   placeholder
#   backshift
org.opennms.web.graphs.engine=auto

If you are using Newts, the “auto” setting will utilize Backshift but here is where you could set Backshift as the renderer even if you want to use an RRD strategy. You should try it out. It’s cool.

Finally, we come to the settings for Newts:

###### Newts #####
# Use these properties to configure persistence using Newts
# Note that Newts must be enabled using the 'org.opennms.timeseries.strategy' property
# for these to take effect.
#
org.opennms.newts.config.hostname=10.110.4.30,10.110.4.32
#org.opennms.newts.config.keyspace=newts

There are a lot of settings and most of those are described in the documentation, but in this case I wanted to demonstrate that you can point OpenNMS to multiple Cassandra instances. You can also set different keyspace names which allows multiple instances of OpenNMS to talk to the same Cassandra cluster and not share data.

From the “fine” documentation, they also recommend that you store the data based on the foreign source by setting this variable:

org.opennms.rrd.storeByForeignSource=true

I would recommend this if you are using provisiond and requisitions. If you are currently doing auto-discovery, then it may be better to reference it by nodeid, which is the default.

I want to point out two other values that will need to be increased from the defaults: org.opennms.newts.config.ring_buffer_size and org.opennms.newts.config.cache.max_entries. For this system they were both set to 1048576. The ring buffer is especially important since should it fill up, samples will be discarded.

So, how did it go? Well, after fixing a bug with the ring buffer, everything went well. That bug is one reason that features like this aren’t immediately included in Meridian. Luckily we were working with a client who was willing to let us investigate and correct the issue. By the time it hits Meridian 2016, it will be completely ready for production.

If you enable the OpenNMS-JVM service on your OpenNMS node, the system will automatically collected Newts performance data (assuming Newts is enabled). OpenNMS will also collect performance data from the Cassandra cluster including both general Cassandra metrics as well as Newts specific ones.

This system is connected to a two node Cassandra cluster and managing 3.8K inserts/sec.

Newts Samples Inserted

If I’m doing the math correctly, since we collect values once every 300 seconds (5 minutes) by default, that’s 1.15 million data points, and the system isn’t even working hard.

OpenNMS will also collect on ring buffer information, and I took a screen shot to demonstrate Backshift, which displays the data point as you mouse over it.

Newts Ring Buffer

Horizon 17 ships with a load testing program. For this cluster:

[root@nms stress]# java -jar target/newts-stress-jar-with-dependencies.jar INSERT -B 16 -n 32 -r 100 -m 1 -H cluster
-- Meters ----------------------------------------------------------------------
org.opennms.newts.stress.InsertDispatcher.samples
             count = 10512100
         mean rate = 51989.68 events/second
     1-minute rate = 51906.38 events/second
     5-minute rate = 38806.02 events/second
    15-minute rate = 31232.98 events/second

so there is plenty of room to grow. Need something faster? Just add more nodes. Or, you can switch to ScyllaDB which is a port of Cassandra written in C. When run against a four node ScyllaDB cluster the results were:

[root@nms stress]# java -jar target/newts-stress-jar-with-dependencies.jar INSERT -B 16 -n 32 -r 100 -m 1 -H cluster
-- Meters ----------------------------------------------------------------------
org.opennms.newts.stress.InsertDispatcher.samples
             count = 10512100
         mean rate = 89073.32 events/second
     1-minute rate = 88048.48 events/second
     5-minute rate = 85217.92 events/second
    15-minute rate = 84110.52 events/second

Unfortunately I do not have statistics for a four node Cassandra cluster to compare it directly with ScyllaDB.

Of course the Newts data directly fits in with the OpenNMS Grafana integration.

Grafana Inserts per Second

Which brings me to one down side of this storage strategy. It’s fast, which means it isn’t compact. On this system the disk space is growing at about 4GB/day, which would be 1.5TB/year.

Grafana Disk Space

If you consider that the data is replicated across Cassandra nodes, you would need that amount of space on each one. Since the availability of multi-Terabyte drives is pretty common, this shouldn’t be a problem, but be sure to ask yourself if all the data you are collecting is really necessary. Just because you can collect the data doesn’t mean you should.

OpenNMS is finally to the point where the storing of performance data is no longer an issue. You are more likely to hit limits with the collector, which in part is going to be driven by the speed of the network. I’ve been in large data centers with hundreds of thousands of interfaces all with sub-millisecond latency. On that network, OpenNMS could collect on hundreds of millions of data points. On a network with lots of remote equipment, however, timeouts and delays will impact how much data OpenNMS could collect.

But with a little creativity, even that goes away. Think about it – with a common, decentralized data storage system like Cassandra, you could have multiple OpenNMS instances all talking to the same data store. If you have them share a common database, you can use collectd filters to spread data collection out over any number of machines. While this would take planning, it is doable today.

What about tomorrow? Well, Horizon 18 will introduce the OpenNMS Minion code. Minions will allow OpenNMS to scale horizontally and can be managed directly from OpenNMS – no configuration tricks needed. This will truly position OpenNMS for the Internet of Things.

by Tarus at January 22, 2016 09:31 PM

January 20, 2016

Adventures in Open Source

Triggering OpenNMS Notifications Based on Event Parameters

I recently had a client ask how to notify on an event where they wanted to match on certain event parameters. I decided to put this on the wiki with the hope that people would find it useful.

by Tarus at January 20, 2016 09:03 PM

January 19, 2016

The OpenNMS Group

OpenNMS to Exhibit at SCaLE 14x

The OpenNMS Group is proud to be a Gold Sponsor of the 14th annual Southern California Linux Expo to be held 22-24 January in Pasadena, California.

In addition to having a booth in the expo hall, Ken Eshelby will be presenting a talk entitled “Internet of Thingies.

Also, join us at the “Network and Server Management” birds of a feather group! We will have a food, drinks, and good company!

by jessi at January 19, 2016 08:28 PM

Adventures in Open Source

Avoiding the Sad Graph of Software Death

Seth recently sent me to an interesting article by Gregory Brown discussing a “death spiral” often faced by software projects when issues and feature requests start to out pace the ability to close them.

Sad Graph of Death

Now Seth is pretty much in charge of managing our Jira instance, which is key to managing the progress of OpenNMS software development. He decided to look at our record:

OpenNMS Issues Graph

[UPDATE: Logged into Jira to get a lot more issues on the graph]

Not bad, not bad at all.

A lot of our ability to keep up with issues comes from our project’s investment in using the tool. It is very easy to let things slide, resulting the the first graph above and causing a project to possibly declare “issue bankruptcy“. Since all of this information is public for OpenNMS, it is important to keep it up to date and while we never have enough time for all the things we need to do, we make time for this.

I think it speaks volumes for Seth and the rest team that OpenNMS issues are managed so well. In part it comes naturally from “the open source way” since projects should be as transparent as possible, and managing issues is a key part of that.

by Tarus at January 19, 2016 04:59 PM

January 15, 2016

Adventures in Open Source

The Inverter: Episode 58 – Nappy Hue Year

It’s a new year, and that means a new Bad Voltage.

Let’s hope the Intro is not an indication of things to come. Worst … intro … ever. Seriously, just jump to the 3 minute mark. You’ll be glad you did.

Okay, brand new year and that means predictions, where I predict that Jeremy will once again win. Yes, his entries aren’t all that strong, but he always wins.

The way the game works is that each member of the BV team must make two predictions, with bonus predictions available as well.

Jeremy’s Predictions:

  • This is the year that some sort of Artificial Intelligence (AI) or Virtual Reality (VR) device goes mainstream. I’m not sure if Mycroft or Echo counts as an AI device, but after playing with the Samsung Gear VR I made the prediction that VR would really take off this year. He specifically stated that the device in question would not be the Oculus Rift.
  • Apple will have a down year, meaning that gross revenues will be lower this year than in 2015. Hrm, I’ve been thinking this might happen but I’m not sure this is the year. In the show they brought up the prospect of Apple making a television, and if that happens I would expect enough fans to rush out and buy it that Apple’s revenues would increase considerably. But without a new product line, I think there is a good chance this could happen.
  • Bonus: a device with a bendable display will become popular. There are devices out there with bendable displays, but nothing much outside of CES. We’ll see.

Bryan’s Predictions:

  • Canonical pulls out of the phone/tablet business. While the Ubuntu phone hasn’t been a huge success, it is the vehicle for exploring the idea of turning a handset-sized device into the only computer you use (i.e. you connect it up to a keyboard and screen to make a “desktop”). I can’t really see Shuttleworth giving this up, but in a mobile market that is pretty much owned by Apple and Android, this probably makes good business sense.
  • In a repeat from last year, Bryan predicts that ChromeOS will run Android apps natively, i.e. any app you can get from the Google Play store will run on Chrome without any special tricks. Is the second time the charm?
  • Bonus: Wayland will not ship as the default replacement for X on any major distro. Probably a safe bet.

Jono’s Predictions:

  • The VR Project Morpheus on Playstation will be more popular than Oculus Rift. Another VR prediction, and it is hard to argue with his logic. Sony already has a large user base with its Playstation 4 console, and if this product can actually make it to market with a decent price point, you can expect a lot of adoption. Contrast that to the Oculus Rift, whose user base is still unknown, plus an estimated price tag of US$600 and the need for a high end graphics computer, and Morpheus has a strong chance to own the market. Making it to market and the overall user experience will still determine if this is a winner or a dud.
  • Part of Canonical will be sold off. Considering that Canonical has a number of branches, from its mobile division, the desktop and the cloud, the company might be stretched a little thin to focus on all of them. Plus, Shuttleworth has been bank-rolling this endeavor for awhile now and he may want to cash some of it out. Moving the cloud part of the company to separate entity makes the most sense, but I’m not feeling that this will happen this year.
  • Bonus: a crowdfunding campaign will pass US$200MM. The current record crowdfunding campaign is for the video game Star Citizen, which has passed US$100MM, so Jono is betting that something will come along that is twice as successful. As I’ve started to sour on crowdfunding, as have others I know, it would have to be something pretty spectacular.

Stuart’s Predictions:

  • People will stop carrying cash. Well, duh. It is rare that I have more than a couple of dollars on me at any time. Now, this is different when I travel, but around town I pay for everything with a credit card. I get the one bill every month and I can track my purchases. Heck, even my favorite BBQ joint takes cards now (despite what Google says). Not sure how they will score this one.
  • Microsoft will open source the Microsoft Edge browser. Hrm – Microsoft has been embracing open source more and more lately, so this isn’t out of the realm of possibility. If I were a betting man I’d bet against it, but it could happen.
  • Bonus: he was going to originally bet that Canonical would get out of the phone business, but since Bryan beat him to it he went with smaller phones would outsell larger phones in 2016. It’s going to be hard to measure, but he gets this right if phones 5 inches and smaller move more units than phones bigger than that. I don’t know – I love my Nexus 6 and I think once you get used to a larger phone it is hard to go back, but we’ll see.

The gang seemed pretty much in agreement this year. No one joined me in the prediction that a large “cloud” vendor would have a significant security issue, but both Jono and Jeremy mentioned VR.

The next segment was on a product called the “Coin“. This is a device that is supposed to replace all of the credit cards in your wallet. Intriguing, but it has one serious flaw – it doesn’t work everywhere. If you can’t be sure it will work, then you end up having to carry some spare cards, and that defeats the whole purpose. Coin’s website “onlycoin.com” seems to imply that Coin is the only thing you need, but even they admit there are problems.

It also doesn’t seem to support some of the newer technologies, such as “Chip and PIN” (which isn’t exactly new). This means that Coin is probably dead on arrival. Jeremy brought up a competitor called Plastc, but that product isn’t out yet, so the fact that Coin is shipping gives it an advantage.

I don’t carry that many cards to begin with, so I have little interest in this. I’d rather see NFC pay technologies take off since I usually have my phone with me. I need more help with my “rewards” cards such as for grocery stores, and there are already apps for that, like Stocard. I don’t see either of these things taking off, but I give the edge to Plastc over Coin.

Note: Stocard is pretty awesome. It is dead easy to add cards and they have an Android Wear integration so I don’t even need to take the phone out of my pocket.

The last segment was an interview with Jorge Castro (the guy from Canonical’s Juju project and not the actor from Lost). Juju is an “orchestration” application, and while focused on the Cloud I can’t help but group it with Chef, Puppet and Ansible (a friend of mine who used to work on Juju just moved to Ansible). Chef has “recipes” and Juju has “charms”.

I don’t do this level of system administration (we are leaning toward using Ansible at OpenNMS just ’cause I love Red Hat) thus much of the discussion was lost on me (lost, get it?). I couldn’t help but think of my favorite naming scheme, however, which comes from the now defunct Sorcerer Linux distribution. In it, software packages were called “spells” and you would install applications using the command “cast”. The repository of all the software packages was called the “grimoire”.

Awesome.

The show closed with a reminder that the next BV would be Live Voltage at the SCaLE conference. I’ve seen these guys get wound up in front of 50 people, so I can’t imagine what will happen in front of nearly 1000 people. They have lots of prizes to give away as well, so be there. I can’t make it but I hope there is a live stream and a Twitter feed like the last Live Voltage show so I can at least follow along. I can’t promise it will be good, but I can promise it will be memorable.

So, overall not a great show but not bad. I don’t like the title, and if you listen to the Outro you might agree with me that “Huge Bag Full of Nickels” would have been a better one.

by Tarus at January 15, 2016 09:31 PM

January 13, 2016

Adventures in Open Source

Annual LinuxQuestions Poll

Just a quick note that the annual LinuxQuestions “Member’s Choice” poll is out. While I don’t believe OpenNMS is known to many of the members of that site, if you feel like showing it a little love, please register and vote.

http://www.linuxquestions.org/questions/2015-linuxquestions-org-members-choice-awards-117/network-monitoring-application-of-the-year-4175562720/

Many thanks to Jeremy Garcia for maintaining that site and including OpenNMS.

by Tarus at January 13, 2016 10:58 PM

January 07, 2016

Adventures in Open Source

Capitalism and the Open Source Way

I’m supposed to be on vacation today. My 50th birthday is coming up and I’m taking some time off to celebrate and reflect. But Jan Wildeboer posted a link to a critical article about a recent Paul Graham essay, and it touched a nerve. I wanted to write down a few thoughts about it while they were fresh.

In the essay, Graham boasts about increasing income inequality. It’s the new version of “greed is good“. He proposes that the best method for modeling democracy is that of the startup. I can’t agree with that.

Look, I work at a ten-year-old startup, but that isn’t what Graham means. He means the Silicon Valley startup which follows this basic model:

1) Come up with an idea
2) Get some rich people to give you money to pursue the idea

If you get past Step 2, this is considered “a success” because if a rich guy wants to give you money your idea must be good, right?

3) Burn through that money as fast as you can in search of turning your idea into something people will watch, download, share or buy
4) Run out of money
5) Get more money
6) Go back to step 4, eroding your share of the idea until the rich people own it

Success is then measured by an acquisition or IPO. Failure is that you can’t get past step 5 at some point.

I can’t remember who told me this, so I do apologize for not being able to credit you, but it was pointed out to me that a lot of startups tend to hit the US$5MM revenue mark and then stall. The reason, she said (and I do believe it was a she) was that startups are aimed at the culture of Silicon Valley, and quite frequently an idea that works in the Valley doesn’t work elsewhere.

The Valley consists mainly of young, white and Asian males. I’ve spent a lot of time in the Valley, and while I’ve met a lot of amazing people, I’ve met an equal number of assholes. The latter seemed to measure value strictly on wealth, and they pursue money above all else (“go big or go home”). Look, I think money is great, it can provide options and security, but the sole pursuit of money is not a good way to live. If I have any wisdom to impart after 50 years it would be to buy experiences, not things. The former will last a lot longer.

And this shameless pursuit of money, in both the Valley and on Wall Street, is creating a huge wealth inequality. From what I could find on the web, the average software engineer in the Valley makes around US$150K. Meanwhile, for the same year the average household income was a little over US$50K, so a third of that probably with more than one person working.

People will defend those salaries because they say they are valuable, but if we are talking about a startup-driven economy, most startups both lose money and eventually fail. So I’m not sure it can be defended on value creation. Plus, as the wealth gap gets larger and larger, there is a real, non-zero chance of a whole lot of people with baseball bats storming those gated communities.

When I was younger and took my first Spanish class, the teacher told us that many countries in South and Central America, where Spanish is spoken, had turbulent political histories. She explained that it was often due to wealth inequality. When you have a small but significant group of rich people and a whole lot of poor people, those at the “top” don’t tend to stay there. She then pointed to the US and its large middle class, and argued that it was one of the reasons we’ve been around for 200+ years.

Also, back in the “old days”, if you asked a kid to list jobs you’d get things like teacher, policeman, doctor, janitor, nurse, mailman, lawyer, baker, fireman and, my favorite, astronaut.

Those are wonderful, productive roles in society. Sure, the doctor and lawyer made more money, but we didn’t look down on the janitor (I can remember really liking the janitor at our elementary school and thinking he was so nice to keep our school clean). But somewhere in the last ten to twenty years, we’ve seemed to lose our way as a culture and we look down on a lot of these jobs. The message seems to be “be scared and buy shit” and success is measured on how much shit you can buy.

It’s not sustainable. In finance the idea of “grow, grow, grow!” is considered the goal. In nature it’s called “cancer”.

This is one reason I love my job. At OpenNMS our business plan is simple: spend less than you earn. The mission statement is: help customers, have fun, make money.

A lot of that comes from the fact that we base our business around open source software. One of the traditional methods for securing profit in the software industry, especially the Valley, is to lock your customers into your products so they both become reliant on them and are unable to easily switch. Then you can increase your prices and … profit!

In order to do this, you have to have a lot of secrets. Your code has to be secret, your product roadmap needs to be secret, and you have to spend a lot of money on engineering talent because you have to find highly skilled specialists to work in such an environment.

Contrast that to open source. Everything is transparent. The code is out there. The roadmap is out there. This week is the CES show in Las Vagas where products will be “unveiled”. We don’t unveil anything – you can follow the development branches in our git repository in real time. While I am lucky to work with highly skilled people, they found OpenNMS, not the other way around, because they had something to offer. Our customers pay us a fair rate for our work because if it isn’t worth it to them, they don’t have to buy it.

This has allowed OpenNMS to survive and, yes, grow, over the last decade while a number of startups have come and gone.

This transparency is important to the “open source way“. It promotes both community and participation, and it is truly a meritocracy, unlike much of the Valley. In the Valley, value is measured more by how much money you make and who you know. In open source, it is based on what you get done and how well you advance the project.

[Note: just to be fair, I know a number of very talented people in the Valley who are worth every penny they make. But I know way more people who, in no way, earn their exorbitant salaries]

Another comment that triggered this post was a tweet by John Cleese about a quote from Charlie Mayfield, the Chairman of the John Lewis Partnership which is a huge retail concern in the UK. He said “… maximisation of profit is not our goal. We aim to make sufficient profit.”

Sufficient Profit Tweet

What a novel idea.

I’m sure my comments will be easily dismissed by many as just the ranting of an old fart, similar to “get off my lawn”. But I have always wished for OpenNMS to be, above all else, something that lasts – something that survives me and something that provides value long after I’m gone. Would I like more money? Of course I would, but for longevity the focus must be on creating value and providing a great experience for those who work on the project, and the money will come.

After all, it is the experience that lasts.

by Tarus at January 07, 2016 03:59 PM

January 06, 2016

Adventures in Open Source

The Inverter: Episode 57 – Deck the Blockchains

The last Bad Voltage of 2015 is a long one. Bryan is out sick, which is surprising since he only misses the shows with which I’m involved, so I guess he was really sick this time.

Since the first BV episode of the year includes predictions, the last one of the year is used to measure how well the guys did, and this was the topic of the first part of the program.

Aq predicted that mobile phone payments via NFC (such as Apple Pay and Android Pay) would increase greatly. They did, but by more than an order of magnitude than the amount he predicted. I’m not sure why he didn’t get credit for this one since he was correct, he just missed a zero at the end. He also predicted that Steam game consoles would be a big success. One of the issues with measuring these predictions is that it is hard to get verifiable numbers, but they all agreed that had Steam shipped a million consoles they would have mentioned it.

His “extry credit” prediction was that Canonical would get bought. They didn’t, so Aq didn’t do so well overall.

Then they moved on to Jono. He predicted there would be a large migration away from traditional sources of video, such as cable television and satellite, to streaming services such as Netflix and Hulu. This was again hard to verify (remember the quote that there are lies, damned lies and statistics). I think one of the reasons is that, especially in the case of cable, the vendors bundle so much together that it is usually cheaper to get television included as part of a package instead of just going Internet-only. Considering how many people talk about shows that are only available via streaming services and how clients for those services are now ubiquitous in televisions, it seems to be a safe bet that people are spending more of their time watching those services, at the cost of traditional shows, but it is very hard to measure with any level of objectivity.

Speaking of televisions, Jono also predicted a surge in 4K televisions to the point that they would be available for $500 or less. I haven’t seen it. The content is just not there yet, and while, yes, you can buy a 4K TV on Amazon for less than US$500, no one who really cared about the quality of that picture would buy one. The best 4K TV recommended by Wirecutter is still nearly US$1600.

So I don’t think he should get credit for that one.

His extra prediction was a large increase in “connected homes”. This was vague enough to be impossible to measure, but with products like those from Nest becoming more popular, it seems inevitable. I think there was definitely a jump in 2015, but then again going from nearly zero to only a handful would still be a huge increase, percentage-wise. I think it will be some time before a majority of homes in the US are “connected” in an Internet of Things fashion.

Jeremy’s predictions were next. He predicted that laptop and desktop computer sales would actually go up after years of decline, and while the rate of decline slowed, this was a miss.

The guys gave him his second one, which was that wireless charging for portable devices would become the norm (with a notable exception in Apple). While I’m charging my Nexus 6 right now on a TYLT charger, the latest generation of Nexus phones do not support wireless charging, and with the introduction of USB-C and “fast charging” I think wireless charging has peaked. Still, he got credit for it, so I think Aq should get credit for his mobile payments prediction.

Jeremy had two bonus predictions. One was that the markets would both see a peak in the NASDAQ index (which happened) as well as a correction of more than 10% (which also happened). His prediction of an Uber IPO did not happen, however.

Bryan wasn’t around to defend his predictions, but in the first case it was the opposite of Aq’s prediction that Steam consoles would be a huge success with the prediction that they would ship zero units. That didn’t happen, of course.

He also predicted that Ubuntu phone sales would be minor compared to other “open source” handset units such as those from Jolla. While no one would claim the Ubuntu phone was a runaway success, from what can be guessed from various sales figures, it seems to have sold about as well as the options.

Finally, his bonus prediction would be that ChromeOS would be able to run all Android apps natively. That, too, didn’t happen. It would have been interesting to hear his analysis of his performance, but he was pretty blunt in that he totally expected to lose.

So, Jeremy wins.

The second segment was a bit heady even for these guys. It concerns an announcement by the Linux Foundation to promote the creation of “block chain” tools.

Now, I kind of think I have my brain around block chains, but don’t expect me to explain them. It was invented as part of the bitcoin protocol, and it is a type of ledger database that can confirm transactions and resist tampering. This can be useful, since it provides a very distributed and public way of running a list of transactions, but there is not requirement that the block chains themselves be made public.

The idea is that we could promote this for use in, say, banking, and it could both improve speed and reliability.

I’m not sure it made a great topic for the show, however. This is esoteric stuff, and for once there were a lot of pregnant pauses in the discussion. I think the overall consensus was that this is a Good Thing™ but that in practical use the data won’t be very open.

The next segment was a review of the Titan USB cable – a hardened USB cable to resist damage. While not bad for a last minute substitution since Bryan was unavailable to do his originally scheduled review, I thought the discussion went on way too long on an already long show. TL;DR: – break a lot of USB cables? You might want to check this out. No? Don’t worry about it.

While the cable part of the Titan is well protected, the connector ends, a common source for failure, aren’t much different from a normal cable. Considering the cost, if you only damage a cable occasionally, it probably isn’t worth it to get a Titan.

At least it wasn’t about that $500 gold HDMI cable. The thing I love about digital is that it pretty much works or doesn’t work. I used to agonize over analog speaker cable, but cable quality is considerably less important in a purely digital realm.

The final segment concerned an apparent conflict of interest around the Linux Foundation’s role in the lawsuit involving the Software Freedom Conservancy and VMware concerning GPL violations. There are a lot of corporate interests involved with the Linux Foundation, and the general question asks if the Foundation is more concerned with protecting those interests than software freedom?

My own experience with GPL enforcement is that it is a shit job. Many people think that if the software is “free” they should be able to do whatever they want to with it, and so they don’t understand the problem when some third party decides to commercialize your hard work.

Next, discovery is a pain. If you can see the code, it is somewhat easy to determine if it was the same or different as another piece of code, but the problem with GPL enforcement is usually the code in question is closed. Discovery costs a lot of money as well, and money is not something a lot of open source projects have in abundance.

Finally, even if you have a case, getting a judge that can understand the nuances of the issue is harder still. Without such an understanding, it is both hard to win the case as well as to get damages. Even if you succeed, the remedy might just mean open sourcing part of the infringing code with no monetary damages.

When you look at it, pursuing a GPL violation is a thankless job that most projects can’t even consider. But it is incredibly important to the future of free software that those who create it have the power to determine under what conditions their work can be used. It is why we donate to the Software Free Conservancy. They are fighting the good fight, in very much a David and Goliath scenario, for the rights of everyone involved with free software. There are not many people up to that task.

For example, it appears that the car manufacturer Tesla is in violation of the GPL. Telsa is popular and well funded. There are very few people, especially those in the technology industry, who wouldn’t want to own a Tesla. So, do you want to sue them? First, they will bury you in legal procedures that will drain what little funds you have. Next, people will be mad at you for “attacking” such a cool company. Third, your chance for success is slim.

Now I don’t have any experience with the Linux Foundation. I don’t know anyone there and I’ve never been to their conferences. I think they can play an important role in acting as a bridge between traditional corporations and the free and open source software community. It seems to me that they are at a crossroads, however. If they allow large companies like VMWare to control the message, then they will eventually become just another irrelevant mouthpiece for the commercial software industry. Yes, that stand may cost them contributions in the near term, but if they truly want to represent this wonderful environment that has grown up around Linux, they have to do it.

I just went and looked up the compensation of the officers of the Linux Foundation. This is an organization with income around US$23MM per year (in 2014). The Executive Director makes about US$500K per year, the COO a little more than that, and there are a number of people making north of US$200K. In fact, of the roughly US$7.5MM salary expense, a third of that went to eight people. Considering that much of the Linux Foundation income comes from corporate donations, I think these eight would have a strong incentive to act in a way to protect those donations, even at the expense of Linux and open source as a whole.

Let’s compare that to the Software Freedom Conservancy. For the same time period they had about US$868K in total revenue, so about 1/30th of that of the Linux Foundation. They only have one listed employee, Bradley Kuhn, with a reasonable salary of US$91K a year (with total compensation a little north of US$110K).

Who would you trust with defending your rights concerning free software? Eight people who together make more than US$2.5MM a year from corporate sponsors or one guy who makes US$100K?

It’s funny, I wasn’t very upset about this segment when I listened to it, but now that I’m investigating it more, it is starting to piss me off. I expect someone in the Valley to defend those high salaries for the Linux Foundation as part of doing business in that area, so I looked up a similar organization, the Wikimedia Foundation. Twice as large as the Linux Foundation, their Executive Director makes around US$200K/year.

Grrr.

I’m going to stop now since I’ll probably write something I’ll regret. For full disclosure I want to state that I’ve known Bradley Kuhn for several years, and even though we tend to disagree on almost everything, I consider him a friend. I also know that Karen Sandler has joined the Software Freedom Conservancy in a paid role in 2015, so their salary expenses will go up, but I’d bet my life that she isn’t making US$500K/year. Finally, remember that if you shop at Amazon be sure to go to smile.amazon.com and you can choose a charity to get a small portion of your purchase donated to them. I send mine to, you guessed it, the Software Freedom Conservancy.

Getting back to Bad Voltage, the show ended with a reminder that the “best Live Voltage show ever” will happen at the end of the month at the Southern California Linux Expo conference in Pasadena. You should be there.

Since the next show will be about predictions for 2016, I’m going to throw my two into the ring.

First, a well known cloud service will experience a large security breach that will make national headlines. I won’t point out possible targets for fear of getting sued, but it has to happen eventually and I pick this to be the year.

Second, by Christmas, consumer virtual reality will be the “it” gift. We’re not there yet, but I got to play with a Samsung Gear VR headset over the holidays and I was impressed. It is a more polished version of Google Cardboard although still based on a phone, and it is developed by Oculus, the current leaders in this type of technology.

While the resolution isn’t great yet, the potential is staggering. I watched demos that included a “fly along” with the Blue Angels, and although the resolution reminded me of early editions of Microsoft’s Flight Simulator, it was cool if not a little nauseating.

There was a Myst-like game called “Lands End” that was also enjoyable, although once again the low resolution detracted from the experience.

Then I played Anshar Wars. It was a near perfect VR experience. A first-person space shooter, you fly around and dogfight with the bad guys while dodging asteroids and picking up power-ups. No headaches, no complaints about resolution, it was something I could have played for hours. Note that it helped to be in a swivel chair ’cause you swing around a lot.

So those are my predictions. Since I doubt I’ll have the stamina to keep up with these posts, I’ll probably never revisit them, but the chance will improve if I’m right.

by Tarus at January 06, 2016 03:45 PM

January 05, 2016

Adventures in Open Source

♫ Don’t Call It a Comeback ♫

Welcome to 2016. My year started out with an invitation to join the AARP. (sigh)

As my three readers know, when it comes to this business of open source we are pretty much making things up as we go along. We are lead by our business plan of “spend less money than you earn” and our mission statement of “help customers, have fun, make money” but the rest is pretty fluid.

In 2013 we mixed things up and tried a more “traditional” start up path by seeking out investment and spending more money than we had. It didn’t work out so well.

Thus 2014 was more of a rebuilding year as we tried to move the focus back to our roots. It paid off, as 2015 was a very good year. We had record gross revenues, and although we didn’t make much money on the bottom line, it was positive once again. At the moment we are still investing in the company and the project so pretty much every extra dollar goes into growth.

And we had a lot of growth. The decision to split OpenNMS into Meridian and Horizon paid off in three major Horizon releases. Horizon 17 was an especially large and important release as it brought in the Newts integration. At the moment we are working with it on a customer site using a ScyllaDB cluster capable of supporting 75K inserts per second. The technologies introduced in 2015 will make it in to Meridian 2016, due in the spring, and it should solidify OpenNMS as a platform that can really scale.

In 2015 we also received orders from two of the Fortune 5 companies. I’ll leave it as an exercise to the reader to guess which two and you have a 1 in 16 shot at getting it right (grin). The fact that companies that can choose, literally, any technology they want yet they choose OpenNMS speaks volumes.

One of these days we’re going to have to figure out a way to talk about our customers by name, since they are all so cool. We are working on it, but it is surprisingly difficult to get permission to publicly post that information. Above all we respect our clients’ privacy.

I have high expectations for 2016 and the power of the Open Source Way. Thanks to everyone who has supported us over the last decade and more, and we just hope you find our efforts provide some value.

Happy New Year.

by Tarus at January 05, 2016 05:41 PM

December 24, 2015

Adventures in Open Source

The Inverter: Episode 56 – Moon Pigeons

A bit more navel-gazing than normal, the latest Bad Voltage clocks in at nearly 90 minutes. Whew.

It was nice that Jeremy was back, and I found it hilarious that in the past two weeks he hadn’t bothered to listen to the show he missed. Considering the fact that that show was one of the shortest of the year, I guess we know who is doing all the talking. Or, as Jono points out, Jeremy is the one who clutters up everything with facts. I thought Aq’s audio was a bit off at the beginning (it sounded like he was down a well) but it seemed to get better as the show progressed.

The first segment concerned the failure of open source mobile projects like FireOS and Jolla. I thought this bit ran long, but there were some gems to be had. Bryan was talking about running Linux on tiny mobile devices for which he was mercilessly teased, but I had to agree with him. While I would never want to be forced to run LibreOffice exclusively on a device the size of my Nexus 6, sometimes it would be nice to be able to do quick edits on the go. I hate using ssh on my handy, but when I need it, I need it.

Jono points out that a lot of people tie their personal identity to their mobile devices. A lot of the way people interact with each other these days is through SMS, Facebook and Instagram, and the constant use of an iPhone or an Android phone can cause people to get very attached to them. Any new challenger to the iOS/Android juggernaut has to not only support those apps, they have to overcome the fact that people (to some degree myself included) have strong ties to their technology choices. Unlike how OpenStack disrupted the nascent cloud market, it seems to be hard for open source projects to do the same in the mobile arena, and I had to laugh when Aq suggested replacing “disrupt” with “f*ck up”.

It was pointed out that if companies like Microsoft who can throw tens of billions of dollars at a market can only garner a little over 2% market share, it is doubtful that a new open source project would have better success.

On a side note, I just spend a few days up on the Eastern Shore of Maryland and the client liked to use Surface Pro tablets. I got to see them in action, and they are pretty amazing – for many they could be a laptop replacement just like the ads suggest. But I doubt that Microsoft is going to dent iPad sales just because of the brand Apple has built. Often it is not the superior technology that wins.

The second segment was a review of a couple of security cameras that Jeremy was trying out: the Arlo by Netgear and the Guardian DCS-2630L by D-link.

I have a couple of cameras at my place, although I don’t have the budget of these guys. Inside buildings I have the D-Link (DCS-5010L) which is a great little camera. It does pan and tilt and works in low light conditions. Since it wouldn’t do well outside, I have the Agasio A602W which is no longer available.

Why neither of them are totally wireless (i.e. you have to plug them in) they are both supported via open source tools like Zoneminder, although with the purchase of my Synology box I just use the Surveillance Station app that comes with that. It can continuously record, record only when motion is detected, etc., and you can set how much video to store per camera. I really dislike the thought of video from my house going “to the cloud” so I love the fact that I can control where it goes, and Synology has a mobile app that lets me access the video whenever I want it (plus, my DSL upstream would suck for constantly uploading video). The Arlo does seem to be compatible with the Surveillance Station, so as Jeremy’s pick I might have to try one out.

[UPDATE: WCCFTech is full of crap amd the Arlo is not compatible with the Surveillance Station]

One last comment from Aq brings up a coming issue with the Internet of Things. All of these toys should play nice together, but often they don’t. He calls it “IoT lockout” but I like “Internet of Silos” (i.e. Z-Wave vs. ZigBee). I do like how most of these cameras have a web interfaces where the video stream can be accessed by a URL, which means third party tools can access and integrate with them, but I can expect vendors to start locking stuff like that down to force people into their own particular cloud infrastructure.

The third segment concerned the “Luna Ring” – an idea started a few years ago by a Japanese engineering firm to ring the moon with solar panels and beam the energy back to Earth via microwave and lasers. I did laugh out loud at Jono’s comment that the name sounds like a contraceptive device.

Odd names aside, I think this is both a cool idea and one that will never happen. The guys point out some of the obvious flaws, but I can’t help but think of the resistance the world would have to high powered beams of light focused on points on the Earth. Sounds like something a James Bond villain would think up.

I did get embarrassed for my home state when it was brought up that the town of Woodland, NC, recently voted down zoning for a solar farm. The click-bait reason given was that one citizen pointed out that solar farms would “suck up all the energy from the sun”.

(sigh)

The actual story is a little more involved. There are already three solar farms in the area surrounding a local substation, so the town is obviously not anti-solar. Small towns like Woodland are getting hit hard with the decline of manufacturing, so I can see the residents there being frightened and looking for a scapegoat. Still, I had to be embarrassed by some of the comments, and it is obvious our educational system needs some work (but that’s a totally different topic).

One person commented that the solar panels were killing the plants. That reminded me of a project my friend Lyle produced called “solar double-cropping“.

As I write this, it is over 72F (22C) on Christmas Eve, the hottest Christmas Eve on record. Our climate is changing and plants that used to thrive are having issues. The idea of solar double-cropping is to use shade from solar panels to help those plants while generating electricity.

And yes, they came up with it in North Carolina.

The final segment was a “year in review”. The guys lamented the lack of innovation, but there were some good things, too. As a “freetard” (someone who runs open source software almost exclusively) I had to agree with Aq that those of us who feel this way are having to compromise less and less as the open source options get better (although I still have to tease him about the compromise he made for his closed source One Plus X phone).

We saw high definitions pictures of Pluto. I’m still amazed that nine years ago, we as a civilization chucked a bunch of metal up into space and it managed to rendezvous with a planetoid without major issues. We lobbed another piece of metal at a comet, and while not as successful it was still quite a feat.

In entertainment, the amazing Mr. Robot television series offered us a portrayal of hacking that wasn’t totally made up.

Speaking of entertainment, the show closed with a reminder that Live Voltage will be happening at next month’s SCaLE conference. If you can, you should go, and they are still accepting ideas for “upSCALE” talks. From their latest e-mail:

UpSCALE Talks: There is still room for an UpSCALE Talk or two – UpSCALE Talks are held in the style of Ignite presentations offered at various O’Reilly-sponsored events where participants are given five minutes with 20 automatically-advancing slides. Those interested in submitting an UpSCALE Talk can submit through the SCALE CFP system – https://www.socallinuxexpo.org scale/14x/cfp – and mark your talk with the UpSCALE tag.

So that’s it for 2015. I’m off to put on some shorts and sunscreen. ♫ Oh the weather outside is frightful … ♫

by Tarus at December 24, 2015 03:42 PM

December 10, 2015

Adventures in Open Source

Mint 17.3 (Rosa) on the Dell XPS 13 (9343)

I’m a big fan of the Dell XPS 13. It is the first laptop I’ve felt an emotional attachment to since my first Powerbook. The only issue is that I have not been able to run my distro of choice, Linux Mint, due to severe issues with the trackpad.

Mint on XPS

With the release of Mint 17.3 (Rosa) I decided to give it another shot. I burned the image to a USB stick and booted to it, and the trackpad issues were gone.

Yay!

So I based my system and installed Mint. I did have to use a wired network connection since the Broadcom drivers don’t seem to work on install (there is probably a way around that) but once installed they were easy to enable.

One thing I liked about Mint when I had installed it previously was that it recognized the HiDPI screen of the XPS right away. Even though the “What’s New” page says that HiDPI detection has been improved in 17.3, I found that it had regressed and I needed to squint to get the O/S installed. Once I did, however, I was able to go to Settings -> General and switch to HiDPI mode and everything was fine.

Mint HiDPI Setting

Now, the XPS hardware is so new that it really requires a 4.2 kernel. I decided to install it. No biggie, since I had to do it with Ubuntu 15.04, but I’ll be happy when Mint 18 comes out and it is supported natively (you have to do some apt magic to ignore kernel updates). Once installed, my wireless connection failed to work, and that’s where the fun began.

Usually, all I had to do was reinstall the bcmwl-kernel-source package, but this kept failing with an error. I even built the package from source but while it built just fine, DKMS would fail when installing it, complaining about “-fstack-protector-strong”. Turns out this was added in gcc 4.9 and Mint 17.3 ships with gcc 4.8.

(sigh)

Anyway, not hard to fix. I ran the following commands:

sudo add-apt-repository ppa:ubuntu-toolchain-r/test
sudo apt-get dist-upgrade
sudo apt-get install gcc-4.9
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-4.9 70

and now gcc 4.9 was my default compiler. I then rebuilt and installed the bcmwl-kernel-source pacakge and things were golden.

$ modinfo wl
filename:       /lib/modules/4.2.6-040206-generic/updates/wl.ko
license:        MIXED/Proprietary
srcversion:     D46E6565F844EFBD46CE0FC
alias:          pci:v*d*sv*sd*bc02sc80i*
depends:        cfg80211
vermagic:       4.2.6-040206-generic SMP mod_unload modversions 
parm:           passivemode:int
parm:           wl_txq_thresh:int
parm:           oneonly:int
parm:           piomode:int
parm:           instance_base:int
parm:           nompc:int
parm:           intf_name:string

Just like with Ubuntu Gnome, I did have to manually install the bluetooth driver, but at the moment everything seems to work: wireless, bluetooth, the touchscreen, the clickpad, sleep, backlit keyboard, etc.

Now I use a desktop as my primary machine, so I haven’t really taken the XPS through its paces, but I’m scheduled to travel soon and I’ll be sure to post if I have any issues. I did enable the screensaver and once when I came back to the machine my mouse pointer was gone (the mouse still worked, you just couldn’t see the pointer) and I was unable to fix it without a restart (I tried the suggestions in Google but it didn’t work). For now I’ve just disabled the screensaver.

All in all, great work from the Mint team, and while I actually enjoyed my time with Ubuntu Gnome I’m happy to be back. Looking forward to Mint 18 in the Spring which should require less effort to run on the XPS with built-in support for the 4 series kernel.

by Tarus at December 10, 2015 02:32 PM

December 08, 2015

Adventures in Open Source

OpenNMS Horizon 17 Released

I am extremely happy to announce the availability of OpenNMS Horizon 17. This marks the fourth major release of OpenNMS in a little over a year, and I’m extremely proud of the team for moving the project so far forward so quickly.

There is a lot in this release. One of the major things is support for a new storage backend based on the Newts project. This will enable OpenNMS to basically store unlimited amounts of time-series data. The only thing missing, which should completed soon, is a way to convert all of your old RRD-based data to Newts. Since it will take people awhile to get a Newts/Cassandra instance set up, we didn’t want to hold the rest of the release until this was done. If you are installing OpenNMS from scratch and don’t have any legacy data, the Newts integration is ready to go now.

The team is also making great strides in improving the documentation. There is a better version of the Release Notes there.

Horizon 17 will form the basis for Meridian 2016, which we expect in early spring. The next Horizon release will contain the completed Minion functionality, which adds the ability to distribute OpenNMS so that, along with Newts, OpenNMS will have nearly limitless scalability.

Not bad for a free software product, eh? Remember you can always play with the latest and greatest of any OpenNMS development branch just by installing the desired repository.

Anyway, enjoy, and I’ll be sure to post when the RRD converter is available.

Bug

  • [NMS-5613] – odd index "ifservicves_ipinterfaceid_idx" in database – typo?
  • [NMS-5946] – JMX Config Tool CLI is not packaged correctly
  • [NMS-6012] – Statsd randomly looks for storeByForeignSource rrds
  • [NMS-6478] – 'Overall Service Availability' bad info in case of nodeDown / nodeUp transition
  • [NMS-6493] – Running online report "Response Time Summary for node" produces Unexpected Error
  • [NMS-6555] – Outdated Quartz URL in provisiond-configuration.xml file
  • [NMS-6803] – Not evaluating threshold for data collected by HttpCollector
  • [NMS-6927] – test failure: org.opennms.web.alarm.filter.AlarmRepositoryFilterTest
  • [NMS-6942] – test failure: org.opennms.web.svclayer.DefaultOutageServiceIntegrationTest
  • [NMS-6944] – When building the "Early Morning Report" I get a "null" dataset argument Exception.
  • [NMS-7000] – Early Morning Report will not run correctly without any nodes in OpenNMS
  • [NMS-7001] – Availability by node report needs a "No Data for Report" Section
  • [NMS-7024] – Event Translator cant translate events with update-field data present
  • [NMS-7095] – Topology Map does not show selected focus in IE
  • [NMS-7254] – MigratorTest fails on two of the 3 tests.
  • [NMS-7407] – Inconsistent naming in Admin/System Information
  • [NMS-7411] – Fonts are too small in link detail page
  • [NMS-7417] – Fix header and list layout glitches in the WebUI
  • [NMS-7459] – Dashboard node status shows wrong service count
  • [NMS-7516] – XML Collector is not working as expected for node-level resources
  • [NMS-7600] – build failure in opennms-doc/guide-doc on FreeBSD
  • [NMS-7649] – etc folder still contains references to capsd
  • [NMS-7667] – Vaadin dashboard meaning of yellow in the surveillance view
  • [NMS-7679] – Audiocodes.events.xml overrides RMON.events.xml
  • [NMS-7680] – JMX Configuration Generator admin page fails
  • [NMS-7693] – Example Drools rules imports incorrect classes
  • [NMS-7695] – Logging not initialized but used on Drools Rule files.
  • [NMS-7702] – Problems on graphs for 10 gigabit interface
  • [NMS-7703] – Database Report – Statement correction
  • [NMS-7709] – Building OpenNMS results in a NullPointerException on module "container/features"
  • [NMS-7723] – PSQLException: column "nodeid" does not exist when using manage/unmanage services
  • [NMS-7728] – Add support for jrrd2
  • [NMS-7729] – Log messages for the Correlation Engine appear in manager.log
  • [NMS-7736] – bug in EventBuilder method setParam()
  • [NMS-7739] – Unit tests fail for loading data collection
  • [NMS-7748] – SeleniumMonitor with PhantomJS driver needs gson JAR
  • [NMS-7750] – Cannot edit some Asset Info fields
  • [NMS-7755] – c.m.v.a.ThreadPoolAsynchronousRunner: com.mchange.v2.async.ThreadPoolAsynchronousRunner$DeadlockDetector@59804d53 — APPARENT DEADLOCK!!! Creating emergency threads for unassigned pending tasks!
  • [NMS-7762] – noSuchObject duplicates links on topology map
  • [NMS-7764] – Error when you drop sequence vulnnxtid
  • [NMS-7766] – Incorrect unit divisor in LM-SENSORS-MIB graph definitions
  • [NMS-7770] – HttpRemotingContextTest is an integration test and needs to be renamed as such
  • [NMS-7771] – Fix unit tests to run also on non-US locale systems.
  • [NMS-7772] – JMX Configuration Generator (webUI) is not working anymore
  • [NMS-7777] – node detail page failure
  • [NMS-7778] – Measurements ReST API broken in develop (CXF)
  • [NMS-7785] – OSGi-based Web Modules Not Accessible
  • [NMS-7791] – OSGi-based web applications are unaccesible
  • [NMS-7794] – Cannot load events page in 17
  • [NMS-7802] – JSON Serialization Broken in REST API (CXF)
  • [NMS-7814] – Queued RRD updates are no longer promoted when rendering graphs
  • [NMS-7816] – The DataCollectionConfigDao returns all resource types, even if they are not used in any data collection package.
  • [NMS-7818] – Measurements ReST API Fails on strafeping
  • [NMS-7819] – Requesting IPv6 resources on measurements rest endpoint fails
  • [NMS-7822] – Remove Access Point Monitor service from service configuration
  • [NMS-7824] – The reload config for Collectd might throws a ConcurrentModificationException
  • [NMS-7826] – Exception in Vacuumd because of location monitor changes
  • [NMS-7828] – NPE on "manage and unmanage services and interfaces"
  • [NMS-7834] – Smoke tests failing because OSGi features fail to install: "The framework has been shutdown"
  • [NMS-7835] – "No session" error during startup in EnhancedLinkdTopologyProvider
  • [NMS-7836] – KIE API JAR missing from packages
  • [NMS-7839] – Counter variables reported as strings (like Net-SNMP extent) are not stored properly when using RRDtool
  • [NMS-7844] – Some database reports are broken (ResponseTimeSummary, etc.)
  • [NMS-7845] – New Provisioning UI: 401 Error when creating a new requisition
  • [NMS-7847] – Graph results page broken when zooming
  • [NMS-7848] – Parameter descriptions are not shown anymore
  • [NMS-7852] – UnsupportedOperationException when using the JMXSecureCollector
  • [NMS-7855] – distributed details page broken
  • [NMS-7856] – Default log4j2.xml has duplicate syslogd appender, missing statsd entries
  • [NMS-7857] – Cisco Packets In/Out legend label wrong
  • [NMS-7858] – Enlinkd CDP code fails to parse hex-encoded IP address string
  • [NMS-7861] – IpNetToMedia Hibernate exception in enlinkd.log
  • [NMS-7867] – Duplicate Drools engines can be registered during Spring context refresh()
  • [NMS-7870] – PageSequenceMonitor broken in remote poller
  • [NMS-7874] – The remote poller doesn't write to the log file when running in headless mode
  • [NMS-7875] – Distributed response times are broken
  • [NMS-7877] – HttpClient ignores socket timeout
  • [NMS-7884] – RTC Ops Board category links are broken
  • [NMS-7890] – Remedy Integration: the custom code added to the Alarm Detail Page is gone.
  • [NMS-7893] – LazyInitializationException when querying the Measurements API
  • [NMS-7897] – Statsd PDF export gives class not found exception
  • [NMS-7899] – Deadlocks on Demo
  • [NMS-7900] – JMX Configgenerator Web UI throws NPE when navigating to 2nd page.
  • [NMS-7901] – Incorrect Fortinet System Disk Graph Definition
  • [NMS-7902] – Pages that contain many Backshift graphs are slow to render
  • [NMS-7907] – The default location for the JRRD2 JAR in rrd-configuration.properties is wrong.
  • [NMS-7909] – Missing dependency on the rrdtool RPM installed through yum.postgresql.org
  • [NMS-7917] – Alarm detail filters get mixed up on the ops board
  • [NMS-7921] – Startup fails with Syslogd enabled
  • [NMS-7926] – FasterFilesystemForeignSourceRepository is not working as expected
  • [NMS-7930] – Heat map ReST services just produce JSON output
  • [NMS-7935] – ClassNotFoundException JRrd2Exception
  • [NMS-7939] – HeatMap ReST Xml output fails
  • [NMS-7942] – Apache CXF brakes the ReST URLs for nodes and requisitions (because of service-list-path)
  • [NMS-7944] – Jersey 1.14 and 1.5 jars mixed in lib with Jersey 1.19
  • [NMS-7945] – Incorrect attribute types in cassandra21x data collection package
  • [NMS-7948] – Bad substitution in JMS alarm northbounder component-dao wiring
  • [NMS-7959] – Bouncycastle JARs break large-key crypto operations
  • [NMS-7962] – Missing graphs in Vaadian dashboard when storeByFs=true
  • [NMS-7963] – JSoup doesn't properly parse encoded HTML character which confuses the XML Collector
  • [NMS-7964] – MBean attribute names are restricted to a specifix max length
  • [NMS-7968] – Auto-discover is completely broken – Handling newSuspect events throws an exception
  • [NMS-7969] – JMS alarm northbounder always indicates message sent
  • [NMS-7972] – Querying the ReST API for alarms using an invalid alarmId returns HTTP 200
  • [NMS-7974] – The ICMP monitor can fail, even if valid responses are received before the timeout
  • [NMS-7977] – JMX Configuration Generation misbehavior on validation error
  • [NMS-7981] – The ReST API code throws exceptions that turns into HTTP 500 for things that should be HTTP 400 (Bad Request)
  • [NMS-7985] – New servers in install guide
  • [NMS-7997] – Background of notifications bell icon is too dark
  • [NMS-7998] – Provisiond default setting does not allow to delete monitoring entities
  • [NMS-7999] – Upgrade to commons-collections 3.2.2
  • [NMS-8001] – NPE in JMXDetector
  • [NMS-8004] – Iplike could not be installed following install guide

Enhancement

  • [NMS-1488] – Add option to the <service> element in poller-configuration.xml to specify service-specific RRD settings
  • [NMS-1910] – Additional storeByGroup capabilities
  • [NMS-2362] – Infoblox events file
  • [NMS-3479] – Adding SNMP traps for Raytheon NXU-2A
  • [NMS-4008] – Add A10 AX load balancer trap events
  • [NMS-4364] – Interactive JMX data collection configuration UI
  • [NMS-5016] – Add Force10 Event/Traps
  • [NMS-5071] – Event definition for Juniper screening SNMP traps
  • [NMS-5272] – events definiton file for DSVIEW-TRAP-MIB
  • [NMS-5397] – Trap definition files for Evertz Multiframe and Modules
  • [NMS-5398] – Trap and data collection definitions for Ceragon FibeAir 1500
  • [NMS-5791] – New (additional) event file for NetApp filer
  • [NMS-6770] – New Fortinet datacollection / graph definition
  • [NMS-7108] – DefaultResourceDao should use RRD-API to find resources
  • [NMS-7131] – MIB support for Zertico environment sensors
  • [NMS-7191] – Implement "integration with OTRS-3.1+" feature
  • [NMS-7258] – Unit tests should be able to run successfully from the start of a compile.
  • [NMS-7404] – Create a detector for XMP
  • [NMS-7520] – Remove linkd
  • [NMS-7553] – Add Juniper SRX flow performance monitoring and default thresholds
  • [NMS-7614] – Enable real SSO via Kerberos (SPNEGO) and LDAP
  • [NMS-7618] – Create opennms.properties option to make dashboard the landing page
  • [NMS-7689] – Get rid of servicemap and servermap database tables
  • [NMS-7700] – Add support for Javascript-based graphs
  • [NMS-7722] – Dell Equallogic Events
  • [NMS-7768] – Persist the CdpGlobalDeviceIdFormat
  • [NMS-7798] – Add Sonicwall Firewall Events
  • [NMS-7805] – JMS Alarm Northbounder
  • [NMS-7821] – DNS Resolution against non-local resolver
  • [NMS-7868] – Recognize Cisco ASA5580-20 for SNMP data collection
  • [NMS-7949] – Promote Compass app when mobile browser detected
  • [NMS-7986] – Document how to configure RRDtool in OpenNMS

Story

  • [NMS-7711] – nodeSource[] resource ids only work when storeByFs is enabled
  • [NMS-7894] – Flatten and improve web app style
  • [NMS-7929] – Document HeatMap ReST services
  • [NMS-7940] – Cleanup docs modules

by Tarus at December 08, 2015 07:53 PM

December 07, 2015

Adventures in Open Source

The Inverter: Episode 55 – Faster than Lightning

I started writing these “inverter” posts because many Bad Voltage episodes would raise topics that I felt deserved commentary. By the middle segment in this episode I was screaming at the computer.

So, good show.

First, whoever decided on the cover art gets some points. It references a groaner of a pun Jono makes that gets dropped in the Intro.

Second, also in the intro, we learn that Jeremy Garcia will not be on the show due to jury duty of all things. While I’ve always considered Jeremy one of the calmer and more reasoned members of the team, since this show clocks in at scant 52 minutes maybe he’s the one who drags things out. They did stumble a bit on the whole “… and now, Bad Voltage” line so I do look forward to Jeremy’s return.

Okay, the first segment concerns the “new” economy of begging. It kind of focuses on what we would call “crowdfunding“, but as Stuart points out, crowdfunding usually means that you get something in return. However, with sites like “GoFundMe” the term has been expanded to include outright begging, as in “Dear Internet, help, can you spare a dollar for a sandwich”. A quick perusal of the site with a search in my local area brings up a number of articles ranging from a person who was defrauded by a builder, to two women who want to go to the ACC tournament, to another woman who needs help finishing her Ph.D.

I’m not saying this is a bad thing, as the sucker/minute ratio remains high, but it is a bit different from crowdfunding sites like Indiegogo and Kickstarter where the donors have a non-zero expectation of actually getting something. That is more along the lines of “new economy” than asking strangers to pay for your vacation.

So, let’s talk about those programs. I have to admit I don’t participate in them. Before you go and call me a cheapskate and a leech, I do donate a lot of money to local and free software causes, but I just don’t do it via these programs. I’ve participated in exactly two Indiegogo campaigns and one Kickstarter campaign. Let’s see how they went.

The first time was the Indiegogo campaign for the Ubuntu phone. While I am perfectly happy with my Android phone (more on that later) I support open source efforts and this seemed like a good thing. They were organized and they had realistic expectations for what it would cost. The campaign fell well short of their goal and my money was returned. All in all, I’m okay with that.

The next time was also on Indiegogo. It was for the Angel Sensor wearable health device. I have a keen interest in how my body is behaving as metrics are the key to making successful improvements. The problem is I don’t want to be sending my activity and sleep pattern information to some third party like Fitbit or Jawbone. I was very eager for an open source solution.

I’m still waiting.

Plagued by production problems and lack of communication, I have no idea if I’ll ever see the device on which I spent US$178. The one person I knew there is on “a well deserved leave”. Furthermore, I’m not sure if they are releasing the server and client code as open source, which I what I was lead to believe was the plan. Finally, the first app they wrote for it is for the iPhone of all things, which makes me think that their dedication to open source is a bit lacking. At this point in time I’ve written the whole thing off.

When the Mycroft project did the crowdfunding thing, I was sorely tempted to buy in, but my experience with Angel has made me cautious. I think a lot of technology-based projects severely underestimate what is needed to be successful. They aim low and then trumpet when their stretch goals are met, only to wake up later to the fact that it is going to be a lot harder to deliver than they thought, like the hangover after a big bender.

Please note that I’m not saying this will happen with Mycroft, I wish them all the luck in the world, it’s just that I’ll shell out a few extra ducats for the finished thing when it arrives rather than gamble.

Does anyone remember Diaspora? It was the open source, distributed Facebook. I thought the project was dead, but it is apparently still around, although the pressure of delivering on it is blamed for the suicide of one of the co-founders. Diaspora was one of the most successful Kickstarter projects at the time.

This isn’t to say that these things always fail. The “Exploding Kittens” project was phenomenal and while I haven’t played it I’ve given it as a gift and people say it is a lot of fun. This is where I think crowdfunding can shine – in creative projects where the sponsors have a huge amount of control over the product. I’ve heard of a number of successful movie, music and video projects that were crowdfunded without problems.

Which brings me to my one foray into Kickstarter. I’m a huge fan of the band De La Soul. To me they were the first nerdcore hip-hop group. When hip-hop seemed solely focused on “bitches ‘n hos,” De La Soul was delivering thoughtful, fun and energetic music. When they announced their Kickstarter for a new album, I signed up and ordered the album to be digitally delivered on a 1GB Posdnuos USB drive set for September delivery.

Well, it ain’t here. (grin)

I really don’t mind – I’d rather the album ship when it is ready (probably next Spring) than for them to release crap on time but I’m basically 0-3 on the whole crowdfunding thing.

I was thinking about this when the second segment started with Aq reviewing his new One Plus X (OPX) phone, giving it a 9 out of 10.

This is when I started yelling.

See, while I have zero experience with the OPX I bought a One Plus One (OPO) and I found One Plus to be one of the most horrible companies on the planet.

I was first introduced to the OPO by some friends in Germany. Here was a powerful phone in an attractive package at a reasonable price. It also ran open source software in the form of a version of Cyanogenmod, a packaged instance of the Android Open Source Project (AOSP). Finally, it was relatively inexpensive. Too good to be true?

It was.

They have an “invite” system in order to even buy the phone, but I managed to wrangle one. While I thought the phone was too big initially, I got used to it and soon I was telling everyone how great it was, just like Stuart does in his review.

But then things started to go sour. The upper half of the digitizer started acting up and so I opened a ticket with support. This is when One Plus started to lie and cheat, trying to wrangle out of the fact that they had a hardware problem. The problem has one topic on their forums that had 125 pages of posts before they closed it, and another that is at 305 pages as I write this. That’s 305 pages of pure horror stories.

So when I say lie, we all know that One Plus is a tiny Chinese firm, yet all of my support replies came from “different” people with traditionally English female names, like Kathy, Leah and Jessa. I think this was a tactic to make us more sympathetic to them since they knew they were going to provide crappy support.

When I say cheat, they refused to honor warranty support and kept asking me to perform a number of increasingly complex tasks culminating in disassembling my phone. When I refused, fearing I would damage it, they refused service, even when I offered to send it to them at my expense.

In my mind, One Plus is pure scum and no one should buy their products. I came extremely close to launching a class action lawsuit against them before I decided I had better things to do than to sue a company that won’t be around in five years.

Seriously, if I had to choose solely between an iPhone and a One Plus phone I’d grab the iPhone so fast I’d break my fingers. Finally, their new OxygenOS is closed source so you are up the same creek as if you had bought a Samsung or other closed Android phone.

So I’m screaming at the computer because I know Aq’s “9 out of 10” review will move people to consider buying one. Don’t! Aq has hooked up with the same skank that did me wrong, and while part of me wishes them well, I know it will end in misery.

But what are the options, you might ask. Samsung is expensive and closed, Google is getting more and more closed, and so perhaps One Plus is the least of the evils.

There are options, but Stuart’s will be pretty limited since he seems to have two huge prejudices. First, he expresses disdain for hold people who root their phones. This is odd, since I don’t think he’d have any issue with buying a laptop that shipped with Windows and putting Linux on it, and this is, after all, a podcast about things hackable. Second, he seems to dislike anyone with a “big” phone.

I love the alternative ROM crowd. These are the true AOSP disciples, and my favorite ROM is OmniROM. I love OmniROM so much that when I need a new phone I work backwards. I start with the list of officially supported OmniROM devices and make my choice from there. While I closely identify with the philosophy behind OmniROM (it was started as a fork from Cyanogenmod when they got tons of VC money and went evil), what I love are the options. You can choose just how many or how few applications you want from the Google ecosystem, which allows you to easily limit what to want to share (note that this is available with almost any alternative ROM), and they turn on a lot of things Google doesn’t, such as “shake to dismiss” in the alarm.

As for size, when I unpacked my OPO I thought the thing was huge. I was using an HTC One and it seemed tiny in comparison. It took me about two days to get used to it. When I replaced the OPO because they are huge douches (or whatever is Chinese for douche) I went with the Nexus 6. Now that is a huge phone, and I’m sure Aq will belittle it.

Know what? After about two days of using it, it felt normal. I love my Nexus 6 running OmniROM. The large screen allowed me to retire my Nexus 7 since I can comfortably watch videos on it when traveling. It has an amazing camera, is extremely fast and gets all the latest Android shiny. In fact, I was amazed that when the new Nexus phones came out I found myself asking myself why in the world would I switch? Plus the Nexus 6 still has wireless charging, which I’ve become used to.

I think Aq’s size issues stem from the fact that everyone thinks that if someone is using a phone bigger than the one they use, those people are crazy. If he spent a week with a Nexus 6, I’m sure his mind would change. Now, he’s given up freedom for a pretty face with a cheap price tag.

Now it seems like I’m picking on Stuart a lot, but I don’t mean to be mean. I love the guy and I want him to be happy, but that little tramp will only bring misery. Mark my words.

If One Plus did you wrong, let him know, but I think it is too late. As with every doomed relationship, when you are in it you can’t see it coming.

Whew.

After the first two, the last segment was pretty conflict free. It concerns the US Department of Justice wanting to force Apple to unlock a phone. I thought this case raised a couple of interesting points.

First the reason they want to force Apple to do it instead of the owner is to avoid the issues of self-incrimination. I never really thought about that before, but it is good to know.

Second, the DoJ is using the logic that since Apple still owns the software on the phone, they should be able to unlock it. Most people (well, non-software people) don’t know or realize that they don’t own most of the software they use. They have just been granted a right to use it. Now Apple (and Google) are taking steps to encrypt phones so even they can’t unlock them. This case involved an older iPhone, but it does make the case for using free software and kudos to Apple for fighting the order.

While there may be a fine line as far as “ownership” is concerned, free and open source software is much more in the hands of the user (you don’t pay for it) so you may have additional protections against self-incrimination when you use it. I am not a lawyer, but it is fun to think about.

The show ended with a reminder that the next Live Voltage show will be at SCaLE in January. I also learned why Bryan missed our little post-show gathering last year – he went to bed.

And here I thought he hated me.

by Tarus at December 07, 2015 04:41 PM

OpenNMS Foundation Europe

[Release] – Ubuntu Vagrant Box Update

We have updated our Vagrant box hosted on the Atlas platform with latest OpenNMS Horizon 17 pre-configured with RRDtool. This is also the first VirtualBox image which comes with a pre-installed Grafana 2.5 and has the Grafana OpenNMS Plugin as data source installed and is ready to be used. All you have to do is run

vagrant init opennms/vagrant-opennms-ubuntu-stable
vagrant up

If you run the default Vagrant box it uses a NAT interface. To have access to the running application from your box just add the following lines in your Vagrantfile:

config.vm.network "forwarded_port", guest: 8980, host: 8980
config.vm.network "forwarded_port", guest: 3000, host: 3000

You want to build the box for a different provider than VirtualBox with packer just fork or contribute to the opennms-packer repository.

We have added a also a quick install script for Debian and Ubuntu.

gl & hf

by Ronny Trommer at December 07, 2015 07:30 AM

December 02, 2015

OpenNMS Foundation Europe

[Release] – OpenNMS 17

We welcome our new release of OpenNMS Horizon 17 with code name Glen Moray.

Like a good single malt Scotch whiskey it took some time to get the release out – but we think waiting was worth it. The most obvious change is the a more slimmed down web app layout.

home-modified

We have added a new visual component to show alarms and outages in a heat map which can be used as an additional component on the start page or as a full screen view.

Screen Shot 2015-12-02 at 23.22.48

The JMX data collection configuration tool is reworked and improved. It allows to interactively create your data collection configuration for your Java applications with JMX.

Screen Shot 2015-12-02 at 23.26.03

The documentation is improved and we have removed unnecessary modules and focus on Release Notes, Installation Guide, User Guide, Administration Guide and Developer Guide.
We moved the content how to develop new documentation from the Documentation Guide to a Developers Guide section.

The distributed components with OpenNMS Minion is introduced in the admin area.

Important to notice Linkd with the SVG map is removed. Enhanced Linkd with Topology view is now the new default.

Otherwise real SSO via Kerberos (SPNEGO) and LDAP is enabled we integrate now with OTRS-3.1+ Ticket system.

We added a JMS Alarm Northbounder to make it easier to integrate OpenNMS in larger management application stacks.

A lot of improvements to the Grafana support was made. We support now the version 2.5.0 of Grafana. The OpenNMS Grafana Data Source allows filtering and trending performance data and the Newts integration is improved.

We have added support for following devices:

  • Added trap support for Infoblox devices
  • Adding SNMP traps for Raytheon NXU-2A
  • Add A10 AX load balancer trap events
  • Add Force10 Traps
  • Event definition for Juniper screening SNMP traps
  • Event definiton file for DSVIEW-TRAP-MIB
  • Trap definition files for Evertz Multiframe and Modules
  • Trap and data collection definitions for Ceragon FibeAir 1500
  • New (additional) event file for NetApp filer
  • New Fortinet datacollection / graph definition
  • Event and data collection support for Didactum Sensors
  • Add Juniper SRX flow performance monitoring and default thresholds
  • Dell Equallogic Events
  • Add Sonicwall Firewall Events

For more details you can go to our Release Notes.

Looking forward to upgrade my systems and Happy Upgrading

gl & hf

by Ronny Trommer at December 02, 2015 11:39 PM

November 21, 2015

Adventures in Open Source

2015 Open Source Monitoring Conference

Once again I got to visit the wonderful town of Nürnberg, Germany, for the Open Source Monitoring Conference.

OSMC - Badge

Hosted by Netways, the conference started out ten years ago as a Nagios conference. The name was changed due to an issue with the Nagios trademark, but it still focused heavily on Nagios. However, the organizers are pretty open to all things monitoring, so they started inviting projects like Zabbix and OpenNMS to come. When the Nagios fork Icinga was created, the amount of Nagios content dropped considerably, and out of 24 talks over 2 days there were only two that had Nagios in the title. Part of this has to do with Icinga 2 being a total rewrite and thus has started to move past its Nagios roots.

This year it was a cornucopia of monitoring choices. In addition to Icinga, Zabbix and OpenNMS, there was Alyvix, Assimilation, Heroic, and Prometheus. Grafana was popular and most tools are adding support for that data visualization tool, and it was nice to see talks on NSClient++ and MQTT. A little less than half the talks were in German, so there is a large German focus to the conference, but there was always an English-language talk available as well.

Nürnberg is a cool town. There is a big castle and lots of walls are left over from the original fortifications for the city. It is also home to SuSE Linux, and I made sure to swing by if just to get a picture for Bryan Lunduke:

OSMC - SuSE Office

Ronny and I got there on Monday. While the main conference is held over two days, this year there were workshops on Monday and a “hack-a-thon” on Thursday. The conference pretty much takes over the Holiday Inn, City Center, hotel. While the facilities are nice, it is right next to the city’s “eros center” which seems to creep closer and closer to the hotel each year I attend. It doesn’t impact the conference in any way, and those who might be sensitive to such things can easily avoid it.

There is always lavish catering and this year we had a nice, small crowd of OpenNMS enthusiasts in attendance, and we met up for the hosted dinner on Monday night. I had not seen some of the people since the OUCE, so it was nice to catch up.

My talk was on Tuesday, the first day of the main conference. The event was sold out, with about 250 people, and at times the rooms could get quite full.

OSMC - Crowd

The talks were all rather good. Torkel Ödegaard talked about Grafana:

OSMC - Grafana

which was a big hit with crowd, and as I mentioned before a lot of projects are leveraging his work to provide better data visualization, including OpenNMS. My talk went well (I think) as I went over all of the amazing things we’ve done since last year at the OSMC, which included four major releases of our application. I was stumped with the question “How do I get started with OpenNMS?” when I realized that I didn’t have an easy answer. I can tell you how to install it, but that doesn’t get you started. I need to work on that.

That evening we returned to Terminal 90, which is an odd place to hold a dinner but it seems to work. Terminal 90 is a restaurant located at the Nürmberg airport, and it does a good job of holding everyone. We have to take the U-bahn to get there, and at least this year there were no incidents (last year someone tried to hold open the doors, which caused the autonomous train to shut down and wait for human intervention).

OSMC - Terminal 90

The food and drinks were good, and toward the end of the evening they had woman impersonating German pop star Helene Fischer, which was lost on me but the crowd seemed to enjoy it.

I called it a night fairly early, but this is a group that tends to hang out until the wee hours of the morning. Although my room was on the first floor, I didn’t hear much noise from “Checkpoint Jenny” across the street, so maybe everyone is getting more mellow in their old age. (grin)

The second day featured a number of talks from different projects. Usually the Zabbix talk is done by Rihards Olups, but he was unable to make it this year so Wolfgang Alper did the honors.

OSMC - Zabbix

After that was a really good talk by Martin Parm on how Spotify monitors its music service.

OSMC - Spotify

It started out with all of the tools they tried that failed, and I kept thinking to myself “don’t let it be OpenNMS, don’t let it be OpenNMS” (it wasn’t) and ended with a tool they wrote in-house called Heroic. It is a time-series data store built on top of Cassandra, and it looks a lot like the Newts tool we built. Both are open source and Apache-licensed so I’m hoping to find some synergy between the two projects. There is another large music streaming service that uses OpenNMS, but maybe we can get all of them (grin).

OSMC - Prometheus

Then there was a talk by Fabian Reinhartz on a monitoring system called Prometheus. I had to joke that the name refers to the daily experience of most network managers of having their liver eaten out, but it seems like an interesting tool. Written in Go, it may find resistance from users due to the configuration being more like writing code, but that also makes it powerful. Sounds familiar to me.

I had to leave right after lunch in order to be ready to catch my flight home, but I really enjoyed my time there, even more than usual. Many thanks to Bernd Erk and the Netways gang for holding it, and they should be posting the videos soon. If you are interested in next year be sure to register early as it is likely to sell out again.

by Tarus at November 21, 2015 04:18 PM

November 16, 2015

Adventures in Open Source

The Inverter: Episode 54 – The Trolley Problem

Throw out the first segment, and this is one of the best Bad Voltage episodes yet.

It’s not that the first segment sucks (well, for certain values of “suck”), but it pales in comparison to the rest of the show.

That first bit concerns a rant, introduced by Aq, about a trend in programming to rely on “frameworks” instead of actually learning how to code in a particular language. It was set off, as I understand it, by someone wanting to know how to add together two numbers using JQuery, and the response was, uh, why don’t you just add the numbers together using Javascript?

I can understand the frustration. There was a recent rant by Linus Torvalds about a pull request submitted against the kernel that was unnecessarily obtuse. As the pressure mounts to get more and more code out faster and faster, not only are novice programmers being asked to do more complex tasks, they are relying more and more on frameworks and libraries to do them.

While I am not a coder, I do view the writing of code as an art form, and I like code that is artistic: beautiful, clever and functional. I can remember many years ago visiting an especially ugly page on a government website, and when I looked at the source I found it had been generated by Microsoft Frontpage. Yes, that tool would create a web page, but in no way will the code be beautiful or clever, or in this case, functional.

I was not sure if this rant applied to IDEs. Almost all OpenNMS code is done in Eclipse. I think I’m the only one who uses vi, along with healthy amounts of recursive grep. We also use a lot of libraries. Why reinvent the wheel? Of course, this has caused the size of the OpenNMS application to balloon, currently pushing more than half a gigabyte. But space is relatively cheap and time matters, so why not?

I thought it very telling when Aq decided he disliked code that involved any level of abstraction above what he was using. It reminded me of the old George Carlin joke that anyone who drives faster than you is a maniac, while anyone who drives slower than you is an idiot. I did like it when they reminisced about classic code that was very compact and just plain fast. These days we trade speed of completion for speed of execution. My own memory is of running Mac OS 6 on one double sided (800K) floppy. I could put the O/S, MacPaint, MacDraw and MacWrite all on one disk will about 100K left for my files. I couldn’t afford a Mac back then (they ran about US$5K) but the school had ones you could use and all I needed to carry was that disk.

The next segment talked about the Blue Yeti microphone. I bought one of these specifically for the time I was on Bad Voltage, so there must be something in the water about this show and owning one. I was a little confused, however, when the segment starts and Jono states he bought his as a travel mic. This sucker is huge, and as I like to travel as light as possible I can’t imagine dragging it around. However, as the segment continues, it is obvious we are talking about the same mic.

It is a great device. While I like getting input from the gang on which toys to buy, my go-to source for tech advice is The Wirecutter, and the Yeti is their microphone of choice as well. If you plan on recording for the Internet, you should seriously consider getting one of these.

It is the third segment that I thought was brilliant. I’m not sure who came up with the idea, but the discussion centered around ethics programming in self-driving cars. While I disagree with Jeremy that this is something that will need to be figured out before these vehicles become mainstream, it will be a question in need of an answer as they mature.

The scenario offered is this: You are in your self-driving car going along a mountain road. Suddenly, you turn a corner and there are five people in the way. Assuming the car can detect this, should it continue on, protecting the passenger but possibly killing the five people, or should it drive over the side of the cliff, killing the passenger but saving the people in the road?

Wow – what a neat question.

I have no idea of the correct answer. It did dawn on me (as it did the gang) that if the solution was to sacrifice the passenger that pranksters would be more than happy to jump in front of these cars just to see what happens, and I think in at least those models aimed at higher end consumers, they may tout that passenger safety has been programmed into the system to be paramount.

It was a real “grown up” question and I think spawned one of the better discussions ever done on the show.

I was surprised no one brought up Spock’s death speech, “The needs of the many, outweigh … (the needs of the few) … or the one” but Aq did reference the I, Robot movie so he gets points for that.

The final segment concerned the UK government’s decision to put pressure on technology providers to eschew strong encryption in favor of either weak encryption or some sort of back door. Apple has stood up and stated that, if enforced, they would stop selling their products in the UK. It was scary to think about this, since no elected official in any company would want to be labeled as the guy who stood in the way of someone getting an iPhone. Bryan pointed out that the market capitalization of Apple is roughly US$700B, putting it at about 25% of the UK’s GDP (with its fifth highest GDP in the world), and so that threat carries a lot of weight.

This was another “big boy question” and I liked the discussion. Should anyone announce that a back door exists in a popular technology, you can bet the bad guys will throw everything at exploiting it. It’s just not a good idea, although it isn’t surprising that it comes from the UK, a country known for the ubiquitous use of CCTV (on a side note, they have also started using traffic cameras that track you between points and if you exceed the posted speed between them, you get ticketed.)

Of course, there is the thought that a private company like Apple has the ability to sway governments, but no one minds the 800 pound gorilla when it is on your side.

During the outro the guys announced they are returning to SCaLE next year to do a Live Voltage show. These are awesome and shouldn’t be missed, and they have room for nearly 1000 people in the venue so expect it to be crazy. Plus, if you visit the site you’ll see Bryan Lunduke right on the front page next to Cory Doctorow – which I think is pretty cool. Outside of Live Voltage, he’ll be doing a presentation on why he hates freedom, I mean, why Linux sucks.

While we aren’t sponsoring that show, OpenNMS is a gold sponsor at the conference, so be sure to go and stop by our booth.

Anyway, the lads did a great job this week. If you have never listened to Bad Voltage, this would be a great one with which to start.

by Tarus at November 16, 2015 06:24 AM

November 15, 2015

Adventures in Open Source

Review: Signal by Open Whisper Systems

I like security, and one of the biggest security holes in my technology concerns text messaging and phone calls. While I can secure my data (for the most part), it is hard to secure traffic over the telephone network, especially with the proliferation of devices like the Stingray.

Awhile ago my friend Jeff introduced me to Red Phone by Open Whisper Systems, which was an app that would encrypt your phone calls. I could never get it to work very well, so I didn’t use it, plus Jeff was the only person I talked with who used it.

Flash forward more than a year, and I’m finding that I quite often don’t get texts from Jeff, while he gets mine just fine. He did some investigation and traced the issue to TextSecure, which was an encrypted text app also from Open Whisper Systems. Apparently I was registered on his phone as a TextSecure user, so it was trying to send text to me by that method. Since I no longer had Red Phone on my device (I play a lot with the software on my mobile devices and had not restored it after a clean install) I wasn’t getting the messages.

I went to install TextSecure and found that it has been replaced by Signal. My, what a difference a year makes. Not only was it easy to use, the app itself is pretty nice. It combines both TextSecure and Red Phone features, and is now the default SMS application on my handy.

Signal is 100% open source. The only way for true security is if everyone has the opportunity to examine the code and look for vulnerabilities. Plus, think about it, if you care about security chances are you want to send sensitive information using the service. Without open source you can’t be sure that information isn’t being intercepted by third parties.

This has resulted in some pretty high endorsements:

Quotes about Signal

Signal is available for both Android and iOS, Note that is uses a data connection to send encrypted SMS messages, so it will count against your data cap. I haven’t had the chance to try out the phone functionality as of yet, but it works fine as a normal SMS client as well.

It is nice to come across such a useful piece of software that is 100% open source, and if I happen to send you SMS messages, be on notice that I will be sending you an invite to Signal (grin).

UPDATE: This is so cool. Since the app uses data instead of the SMS protocol for encrypted texts, it works as long as the mobile device has data. Which means that I can get texts no matter what SIM card is currently in my handy. Cool! So I’m in Germany using my Ortel SIM and I’m able to get SMS messages from friends in the US who have no idea where I am or what network I’m using. Killer feature.

by Tarus at November 15, 2015 08:20 PM

November 14, 2015

Adventures in Open Source

Reflections on Paris and My Cowardice

I was on a bus in Ireland when I heard the news about the Paris attacks. I had gotten up early to head to the opposite coast as I wanted to see an Ireland that wasn’t Dublin, and I don’t think I could have picked a better spot than Doolin, in County Clare.

Today was to be a particularly gray day and it was dark when I started out. It didn’t get much lighter as we rode to Galway, and when I changed buses the driver was playing the news from the radio. Of course the only story was about the more than one hundred people killed in senseless violence overnight.

Peace Symbol by @jean_jullien

I have some friends in Paris and so I immediately reached out to them. As I waited for a response, I pretty much sat, stunned, as the Irish countryside passed by outside my window.

Once I got to my B&B, I dropped my bag and took a long walk, looking for lunch. The day reflected my mood perfectly. It was like nature itself was in mourning. At high noon the sky wasn’t much lighter than at dusk. A roaring wind came off the sea, churning up angry whitecaps. The clouds drizzled rain like tears.

By the time I was getting cold, I found the recommended pub and went in. It was packed, as this is a popular tourist location and they drop people off by the bus load. Since I was alone, I offered to sit at the bar to make room for the next coach, which arrived about five minutes after I did.

A boisterous crowd of mainly young people came in and crowded around the bar where I sat. They were laughing and joking, blissfully unaware of how quickly that can change. I took a little comfort in the normalcy of that moment: people ordered food, the Indian guy asked about vegetarian options, and drinks were poured (including an inexplicable request for a bottle of Miller beer).

As I ate my meal, a nice smoked salmon salad and a wonderful seafood chowder stuffed with mussels, I was reminded of the last time I had mussels this good, which just happened to be in a Belgian restaurant in Paris called La Gueuze.

And I struggled with a dilemma. The Paris Open Source Summit is next week and I am supposed to be there. Heck, I lobbied hard for the opportunity to participate. But while the chance of anything happening is very slim, I can’t say I’m eager to be in Paris at the moment, especially as part of a large crowd.

So I decided not to go.

There were a number of factors. Part of it was concern for my wellbeing. Part of it was concern for my family. I travel a lot and I know they worry no matter where I’m going, and they have been very understanding when I’ve gone to places that don’t exactly have a reputation for safety. I refuse to put my decision on them, but it did play a role.

But I think the deciding factor was actually how much I enjoyed Paris on my last trip. It is an amazing city, and I didn’t want that memory ruined by seeing soldiers on every corner or having to go through intrusive screening at every point of entry.

It makes me feel like a coward. The terrorists have won.

And I can’t understand it. Of all the countries in Europe, the French bend over backwards to be accommodating to different views and ways of thinking. The French motto “Liberté, égalité, fraternité” leads with the word for freedom, and they go to great lengths to explore all the weird corner cases to insure their society is as free as possible.

And that’s what makes me the most angry. I’m certain these acts are going to change that. Not only will it move France to be more restrictive, it will give the more aggressive countries reason to step up military action in the Middle East. A lot more people will die, and most of them will have darker skin. This will create more terrorists, and the cycle will continue.

I hope France and the rest of the world shows some restraint. I’m not, in any way, shape or form, suggesting justice not be sought out, but I’m reminded of something I saw many years ago.

I was living at my parents’ house and my two-year-old nephew was staying with us. It was a beautiful day and so the windows were open, and there was a gentle breeze throughout the house. One strong breeze caught the door behind the boy and slammed it shut. It scared him, so he reached out and smacked the door, as if to punish it. It struck me as a perfect example of a childish reaction – I’m scared and angry so I need to strike out at the nearest thing, whether is makes sense or not.

I hope the world remembers that we are not children.

I don’t have any answers on how to make things better. The best I can do is to promote free and open source software. I know it sounds silly, using FOSS to cure the world’s problems, but in every place I’ve visited (and I’ve been to 37 different countries) I’ve found like-minded people in that community with a strong desire to create new things through cooperation. It creates an environment where anything is possible. In a small way, it creates hope.

I am writing this sitting on my bed at the B&B. It’s cold, and the wind is whipping around the house, but I feel cozy and safe. Here’s a wish that everyone can find a place to be cozy and safe, as well as the hope that tomorrow will be a better day.

by Tarus at November 14, 2015 07:50 PM

November 13, 2015

Adventures in Open Source

Horizon 16.0.4 Security Release

In response to the vulnerability found in the vulnerability found in the vulnerability found in the vulnerability found in the Apache Commons library that Apache Commons library that Apache Commons library that Apache Commons library that OpenNMS uses, version 16.0.4 has been released to help secure against a remote exploit.

The exploit involves Java Remote Method Invocation (RMI) which listens on port 1099 by default. In my previous post I pointed out that if that port is inaccessible, then the exploit can’t happen.

What 16.0.4 does is limit RMI to only listen on localhost. While that will prevent remote exploits even in the event port 1099 is blocked via the firewall, it doesn’t completely solve the problem. To fix the root cause of the issue will require changes to Apache Commons, and we are ready to upgrade to the fixed version as soon as it is available.

We tend to be very internally critical of security issues within OpenNMS, and some people complained that my last post wasn’t technical enough. So I’m hoping to correct that with this one, but if you don’t care about such things you should probably skip it (grin). I have started updating the Security Considerations page on the wiki with details about securing OpenNMS in general, and that will have better information for people interested in security and OpenNMS than this blog post.

While blocking external access to port 1099 will secure OpenNMS against this attack for most people, it doesn’t prevent people who have access to the machine from exploiting the vulnerability. This is called a “privilege escalation” attack vs. a “remote exploit”, as a “normal” user can now have rights (i.e. root access) if they are locally on the machine. Most of our users tend to limit shell access to the server, so this shouldn’t be a problem, but in environments that rely heavily on directory services such as LDAP, the default may be to allow non-privileged access to certain users (say, the “IT Group”) that aren’t involved in maintaining OpenNMS.

And there is also the slim chance that there is a vulnerability in our webUI that could allow a user access to the system. We, of course, don’t know of any and we take great care to prevent it, but simply hoping to limit access to the server as a way to prevent this exploit is insufficient.

So, to prevent it entirely, we are removing RMI. It was introduced in the first iteration of the OpenNMS Remote Poller, but real world installation found that getting the proper ports open was a real pain. So instead the remote poller now talks over HTTP/HTTPS (with the latter being the most secure). Most networks have ports 80 and 443 open, so that made things a lot easier.

Until that is introduced (most likely with Horizon 17), it is still a good idea to limit access to the OpenNMS server to only essential people.

Note that Java Management Extensions (JMX) also use serialized objects and thus could be vulnerable. OpenNMS has a JMX port (18980) but it is bound to localhost by default. In fact, all ports are bound to localhost by default in 16.0.4 except for the webUI, port 8980.

There are a number of other steps you can take to harden your OpenNMS server. I’m planning on detailing them on the wiki, but start with only doing a minimal operating system install. The less software on the system, the smaller the chance one will have a vulnerability.

Also, OpenNMS currently runs as the “root” user. This is due to the fact that it needs access to ICMP traffic as well as port 162 for SNMP traps. Both of these require root by default. With some “stupid kernel tricks” you can run OpenNMS as a non-root user, but it has not been heavily tested. We have a detailed list of issues for running as non-root on our Jira instance.

Sorry to drone on about this, but we take security extremely seriously at OpenNMS. We also have to labor under the misconception that Java is inherently unsafe. It is not true, although people still have nightmares from the early issues with client-side Java applets. The Java in OpenNMS is server-side and we don’t use applets, and the language is used securely in a tremendous amount of software.

For comparison, WordPress, an application I love, is currently estimated to run 25% of the world’s websites. It is written in PHP, a language that has a huge track record of security exploits, and many of the spam e-mails I get link to compromised WordPress sites.

It is possible to secure WordPress (we use it for all of our websites as well) but it takes some diligence. We will remain as diligent as we can concerning the security of OpenNMS, and we will continue to take steps to make it even more secure.

by Tarus at November 13, 2015 04:57 PM

November 11, 2015

Adventures in Open Source

Dublin OpenNMS Meetup

I’m working in Ireland this week, and our UK/Irish Ambassador, Dr. Craig Gallen, used the opportunity to put together an OpenNMS meetup, featuring beer and pizza (grin).

We held it in an office space near Temple Bar thanks to Barry Alistair. Among his many talents, he is also one of the organizers behind IrishDev.com, an on-line community for the Irish Software Developers Network.

Ulf at Dublin Meetup

It was a lot of fun. We socialized for a bit, and Craig had arranged the pizza to arrive at the end of our talks in order to reward folks for listening to us hold forth on the wonders of OpenNMS (the beer was on offer first, ‘natch). Once again I ran long and the pizza was consumed between my introduction and Craig’s presentation. I did an overview of the history of OpenNMS and why using open source, especially for a network management platform, is a Good Thing™.

Craig at Dublin Meetup

Craig’s presentation was much better, and covered a lot of the new features that have recently been added to the application as well as the direction the product was moving (such as being positioned for SDN/NFV/Internet of Thingies). No one left or fell asleep and there were lots of good questions.

Events such as this are one of my favorite things to do, so I want to thank Barry and Craig for making it possible.

by Tarus at November 11, 2015 11:11 AM

November 10, 2015

OpenNMS Foundation Europe

[Release] – OpenNMS 16.0.4

We welcome a new minor OpenNMS Horizon release 16.0.4 with codename Doorman. This is a bug fix release and all solved issues can be found in the Release Notes.

by Ronny Trommer at November 10, 2015 11:41 PM

[Security] – Java RMI exploitation

We got noticed from one of mailing list readers about a security issue. This article explains this issue in all details.

The research shows that it is possible to execute code on the OpenNMS server remotely due to a bug in the Apache commons library, which OpenNMS uses. There are two types of issues, one is remotely exploitable code and the other is local privilege escalation. Firewalling TCP port 1099 changes the attack vector into a local privilege escalation. The issue with local privilege escalation has still to be investigated. Make sure you allow only IPv4 localhost and IPv6 ::1 to access TCP port 1099.

For security issues we have a contact address which you can find in the Contact Us section on http://www.opennms.org.

by Ronny Trommer at November 10, 2015 12:37 PM

Adventures in Open Source

The Many Uses of Grafana

One of the things I love about open source and OpenNMS in particular is watching what people do with it. We knew that we had a great data collector in OpenNMS but sometimes it was hard to display that data in a useful fashion.

OpenNMS is a platform and it is very broad. For example, we do log management, but that is only a small portion of what the application can do, yet there are companies who do nothing but that. So yes, we can display graphs but we don’t necessarily have the resources to focus on making a great data visualization tool.

Enter open source. Torkel Ödegaard has written a great visualization tool in Grafana, so it would be silly for us not to leverage it.

I was at a customer site I and I saw this cool graph:

Grafana Graph

I asked Patrick about it, and he said that he wanted to play with the OpenNMS/Grafana integration so he installed it and within a half hour he had it up and running. He created the graph as a version of the “stacky graphs” you can make in OpenNMS, but it was much easier to do and to maintain.

The name “stacky graphs” came from another customer of ours. They asked me if there was a way to put the bandwidth from all of their peer points on one graph. Now, in OpenNMS, it is easy to make a graph of data from a single device, and it is easy to group multiple graphs together, but it was not easy to put disparate data points on a single graph.

However, OpenNMS is a platform so I was able to find a way. When you create a graph definition in OpenNMS, there are two important fields, called “columns” and “type”. The “columns” value defines the file to look for, say ifInOctets.rrd and ifOutOctets.rrd, and the “type” value tells OpenNMS where to look for those files. So what I did was create symbolic links under the OpenNMS node directory named things like LAX-in.rrd, LAX-out.rrd and NYC-in.rrd, NYC-out.rrd that were linked to the interface RRDs of interest. Then I created a report of type “nodeSnmp” with column names like “LAX-in, LAX-out, NYC-in, NYC-out” etc. Then I could use AREA graphs to print out the data.

This was a pain for a number of reasons. First, you had to do a lot of configuration on the command line. Second, sometimes it is useful to delete .rrd files that haven’t been updated in awhile, but if you aren’t careful you’ll delete the symlinks. Finally, it is a lot of work to add new data sources.

Grafana Graph vs. RRDtool

In this picture you can see the Grafana dashboard in the lower left corner and the OpenNMS “stacky graph” in the upper right. Not only does the Grafana version look better, it will be easier to maintain moving forward.

I am eager to see what others are doing with this, so feel free to check out the integration on the wiki and let me know if you come up with anything cool.

by Tarus at November 10, 2015 11:58 AM

November 09, 2015

Adventures in Open Source

Open Source Software and Corporations

An interesting post caught my eye this week entitled “Corporations and OSS Do Not Mix” by Ian Cordasco. It was kind of depressing – here was a person who had spent a lot of free time contributing to open source code, but the actions of some users of that code had taken the fun out of it.

My only issue with it was the targeting of “corporations” in the title. At OpenNMS we have a large number of corporate customers and we get along with them just fine. I want to talk about that in a bit, but first I want to address some of the other experiences Ian had that were similar to mine.

When I became the maintainer of OpenNMS back in 2002, I would often get e-mails from people that would start out with “OpenNMS is good, but what you need to do is …”. I used to spend a lot of time responding to them, pointing out that it was open source and anyone can help contribute to it, so they didn’t have to wait on me to do anything, but it never really helped and it turned into a huge time suck. I started to send back a generic e-mail that went along the lines of “OpenNMS is an enterprise product and if you won’t take the time to understand it then you should try something easier like Nagios” which would usually result in a reply calling me an asshole, but it took little of my time and then conversation was over. Now I pretty much just ignore them.

When you create something and share it, you are putting a bit of yourself out there and there are bound to be critics. For the most part they can be ignored, and you have to develop a thick skin to be in this environment. I’ve found that overall the good far outweighs the bad, and if you can learn to brush off the bad you can be very happy working in open source.

People tend to forget that open source “business” is still “business”. People exchange money in return for services. If I had Ian’s talent I would simply set up various custom development options, so when someone complained about a bug he could just return an e-mail with a price list. If you don’t have time to do it, make the prices really, really large – large enough that you would make time to do it. It’s your life – you are in the driver’s seat. I used to give a talk on running an open source business and I always stressed that you should never compete on price, or at least you shouldn’t lead with “my solution is cheaper”. Sure, open source software can provide tremendous savings over the life of the solution, but that doesn’t mean the solution itself is inexpensive to get set up. Done right, it will be better than any proprietary solution, but that doesn’t mean it comes without cost.

Always remember: free software does not mean free solution.

Getting back to dealing with corporations, like any interaction between two parties is it extremely important to set up expectations. You need to clearly outline what the product the client is buying covers (response time, 24/7 support, etc.). If they aren’t buying anything, then you don’t need to worry about them. I chuckled when I read “Well if you’re not going to take this seriously, we’ll have to start using another project.” We often get the “use another project” line and my response is “knock yourself out”. If you want to take this seriously, then pay me for my work. It’s like going into a free kitchen and complaining the soup is too salty.

A more difficult issue comes when someone wants to submit substandard code. This does require a little effort, since you can’t be sure that this isn’t just an eager but inexperienced coder versus someone lazy. Again, expectations are important. If you publish what the base level of quality should be, such as “must include unit tests”, then you can point to that when you don’t accept a submission. Plus, git makes it very easy to track a master branch and just apply your changes, so some sort of reply about how to do that could deflect criticism about the speed in accepting pull requests.

Ian makes a lot of really good points in his post, but I think he misses a point that if you run your open source project like a business then corporations (i.e. other businesses) will respect you and treat you like a business. We have one amazing company that just hired four (!) OpenNMS developers to work on code that they need. While some of it, if not most of it, will address their particular needs, all of it will be put into OpenNMS and they are paying us (gasp) to help project manage that team. That relationship did not happen overnight, but was built on a series of successful projects where we delivered particular value in exchange for money.

Look, I love, by and large, the open source community and I like being a part of it, but that doesn’t mean that open source and business are mutually exclusive. Learning to deal with open source as a business not only insures more open source gets created, but it also keeps it fun.

by Tarus at November 09, 2015 03:50 PM

OpenNMS RMI Exploit

Recently, my RSS feed on OpenNMS stories turned up an article listing a possible remote code execution exploit in a number of applications, including OpenNMS.

In it, the researcher shows that it is possible to execute code on the OpenNMS server remotely due to a bug in the Apache commons library, which OpenNMS uses.

We’re a little unhappy that they published this without letting us know first (note that the e-mail address “security at opennms dot org” exists for reporting such things), but it is pretty easy to make sure that your instance of OpenNMS is safe. Simply configure the server’s firewall to disable remote access to port 1099 (it will need to remain for localhost).

I was happy to notice that the example he uses seems to be related to OpenNMS running on Windows. It can be a bit tricky to get OpenNMS to work on Windows, and perhaps the Windows default firewall doesn’t block port 1099 so that it why they noticed it.

It is a good idea to run something like iptables on your OpenNMS server and limit remote access to a minimal set of ports. Technically, the only port you really need access to is 8980, which is the default port for the webUI. I would assume that you would want port 22 for ssh access (unless you want to use the console for all configuration). In addition, port 162 should be open for SNMP trap reception.

That should be it. Now the application needs access to other ports (such as 5817 for events) so those need to remain accessible from localhost (127.0.0.1 or ::1) but that limits all exposure to only people who have shell access to the server, which we assume you limit to those people you trust. Remember to include IPv6 firewall rules if you use it.

An easy test to see if that port is remotely accessible would be to run:

telnet [IP or hostname of OpenNMS server] 1099

from a remote system to see if you can access the port. No connection should be made.

Sorry about this, but as I mentioned this wasn’t revealed to us until after the exploit was public. We are looking in to how we can better protect against this issue from a code change standpoint, but until then simply blocking access to the port will prevent most problems. We do plan to have a code fix in place soon.

by Tarus at November 09, 2015 01:12 PM

November 06, 2015

Adventures in Open Source

The Inverter: Episode 53 – They’ve Got a Flamethrower

Okay, so I’ve been slack at getting this review out, since by now they’ve already had the planning meeting for next week’s show. As they mention at the start of this one, both Jeremy and Jono were unavailable for the last planning meeting so Stuart and Bryan ran with it. It was a good show, but it kind of demonstrates that, like many of us, the guys are very busy and sometimes you just have to soldier on, which I think is a great set up for the quality of this blog post.

I’ve been traveling a lot and I’m about to head out again, in part, to attend two great open source conferences in Europe, but last week found me in Rochester, NY which was an easy drive to Buffalo, where I met up with a recovering Jeremy Garcia.

Jeremy Garcia at Buffalo Proper

Due to my fascination with classic cocktails, we ended up at Buffalo Proper, where it turns out they make great drinks. This was right after the taping of the show, so I heard a bit about it from Jeremy and then listened to it on the plane ride back home.

The first segment talks about all the new cool open source computing devices out there, and if they are just for über geeks or will they ever appeal to the masses. I love reading about all the new toys that are available, but unfortunately I’m so busy that I can’t ever find time to play with them. I bought a Raspberry Pi when it first came out, but after it sat on a shelf for six months I gave it away to someone who might actually have time to use it. It took me forever to get around to making an OpenElec/Kodi PVR and without a specific need it is hard for me to find time to just play. I think these things will become more popular, but it will take time as young people (who tend to have more free time) discover them and start coming up with ways to use them.

Think about Lego. When they just made generic sets of bricks, they were a well known company but not very large. Then they started making sets to build specific things, and the brand took off. We’re are the “generic brick” stage now, but I expect something to come along that will create a huge increase in what things you do with these devices.

I am often jealous of today’s youth. Back when I was in school we didn’t have the Internet, per se, but we did have access to a number of dial up services. I used to call into BBS systems a lot (mainly running WWIV) and even figured out how to dial in to the campus network and access the VAX (which was connected to the Internet). There I could use “talk” to communicate with friends. Now, kids today have access to orders of magnitude more information and more toys. Unfortunately, that comes with the risk of “cyber-bullying” and other problems, but still, for those so motivated the benefits outweigh those risks.

I was surprised they didn’t talk about the ruling by the Librarian of Congress that made it (more) legal to tinker with technology you buy, which I think is a great step toward opening up tinkering at all levels.

The next segment discussed “vigilante malware” which uses the same exploits as regular malware but does it in order to make things less vulnerable to attack. Is this a good thing? The guys all agreeded that having someone change things on your devices with out your permission was “bad”, but they differed on the level of bad. I take a different approach. I work hard to keep my equipment up to date, so my assumption is that I wouldn’t be affected. However, many geeks and most muggles aren’t so aggressive, and so they get owned. This results in things like my mailbox being hit by spam (I get around 150 spam messages a day – most caught and processed by our mail server). This wouldn’t happen if people were more careful, as most spam originates from infected PCs, so I’m all for vigilante malware. Think about it – malware isn’t going away so why not encourage more of the good kind? Think of it like “good” vs. “bad” cholesterol. The only real solution to both is better security practices and better code, and both types of malware are incentives.

I think there is a hole in my logic somewhere. It’s kind of like the joke that you should always take a bomb onto a plane. Because while the chance of there being a bomb on a plane is slim, the chance of there being *two* bombs …

Anyway, the third segment talked about the Owncloud application. I’ve been meaning to play with this for some time (see “no time to play” above) as it looks cool. Take all of the nice features of “cloudy” things like Dropbox, and put them on a server you control. I think this is a fine goal. Plus, Owncloud also includes calendaring and contact management (apparently). We currently use Sogo for that, but it would be neat to integrate that with other things.

The only thing that wasn’t clear to me was the business model. The founder Frank Karlitschek states that Owncloud is not “open core” (or as we like to call it “fauxpensource“) but I’m not clear on their “enterprise” vs. “community” features. My gut tells me that they are on the side of good. I can see having a different license for an “enterprise” feature such as Sharepoint integration, especially if Owncloud has to use a proprietary library in order to get it to work at all, and it doesn’t look like the “server” version is intentionally hamstrung in order to get more business. Only finding the time to play with it will let me know for sure.

The final segment concerned laws about open source. The thesis is that the open source community spends a lot of effort working against laws that limit open source, so why shouldn’t the proprietary software world have to fight against laws that would make open source the norm? From the example above, the Software Freedom Conservancy spent a lot of effort to get the Librarian of Congress to make an exception to allow you to examine the software in various devices you own – why shouldn’t other companies have to fight to keep their code closed?

I think the team got this one right – money. Proprietary software companies get an immediate financial gain when their lobbying efforts pay off, but it doesn’t work for free software. However, I am seeing in these days of cost cutting that there is a movement in some governments to promote open source, so I think it is more of a question of true education than lobbying. One of the issues is that it gets confusing when companies like Owncloud offer an “enterprise” version and it isn’t clear what that means. While it might be 99% open source, all a detractor has to do is say “look, Senator, you have to pay just like you do for our stuff, and you know our stuff”.

Overall, decent episode. I get a mention in the outro as Jono refers to Todd Lewis, one of the people behind the All Things Open conference, as the “Nicest Man in Open Source”. I once held that title, but I would happily cede it to Todd. He is a truly nice guy, and is always willing to give you a hug. I used hug too, until that time I hugged Jono in Munich and what happened next had to be explained to my therapist with dolls.

by Tarus at November 06, 2015 06:44 PM

November 03, 2015

OpenNMS Foundation Europe

[Release] – OpenNMS Grafana Datasource

We have a new release of the OpenNMS Grafana Datasource which is now compatible with Grafana v2.5.0. There are also some improvements regarding layout. Most importantly we have a now the possibility to add filters which can be applied on the data, e.g. Trend- and Peak filter. It is also possible to use Grafana templates to get whole dashboards more dynamic.

You can find some additional notes can be found on our maintainer and author Jesse White and his blog. If you want to get started go to the Grafana page in our wiki.

by Ronny Trommer at November 03, 2015 10:02 AM

OUCE 2015 – Videos and Slides

Thank you very much to all attendees and people who organized the OpenNMS User Conference 2015. We had a great time and for the ones who couldn’t be in Germany. We’ve uploaded all videos to a OUCE 2015 Youtube playlist for the OpenNMS community.

Some speakers added their slides and are archived in our conference system.

Additionally I have to give a big thank you to the Bad Voltage guys, they did such a great job entertaining the crowd and I recommend highly getting a Podcast subscription.

You can find the recording of the Bad Voltage live show on the Bad Voltage website.

by Ronny Trommer at November 03, 2015 09:42 AM

October 30, 2015

Adventures in Open Source

Upcoming Conferences

[UPDATE2: My whining paid off and I got moved to the first day at OSMC. At least one round is on me!]

[UPDATE: Yay! Daniel was able to contact the #OSSPARIS15 organizers and I am scheduled to speak.]

I just wanted to drop a quick note about some upcoming conferences. First off, the Call for Papers for next year’s SCaLE conference ends *today*. It’s a great show and they already have some amazing speakers on board, so be sure to get your paper topics in ASAP.

In November I’ll be attending at least one and maybe two conferences. The first is the Open Source Monitoring Conference being held in Nürnberg, Germany.

I love this conference as it really demonstrates the power of true open source communities. While it is mainly focused on Icinga (and you can hear how it is supposed to be pronounced, kind of like “eee-clinga” with a click, but a lot of people just say “eee-sing-ah”), it brings together many of the truly open source projects in the space, such as Zabbix and, of course, OpenNMS, and we all just get along. This year Torkel from Grafana will be there as well, and while I met him at All Things Open I didn’t get to chat with him much, so maybe now I’ll have the opportunity.

And by “get along” I mean drink heavily, and I’m unhappy that I’m speaking (again!) on Day Two as the evening of Day One has a tendency to become the morning of the second day. Luckily it isn’t the first talk of the day like last year so I guess I’ll deal with it (grin). The company that sponsors it, Netways, is actually in the business of hosting such events so it is always top notch.

The second “maybe” conference is the Paris Open Source Summit which is held the same week as the OSMC. This conference is put on by the people who do the Open World Forum, and unfortunately it seems to be plagued with the same lack of organization.

Since I speak at conferences a lot, I tend to run into all the other (more amazing) people who promote open source. Every one of them has complained to me about the lack of communication between the OWF conference organizers and the speakers. While most shows let you know months in advance, the team behind the Open World Forum tends toward the exact opposite. It is extremely hard to get any form of direct communication from them, and years ago I just gave up trying.

When Daniel, my friend in Paris, sent me the information about #OSSPARIS15, I figured I’d give it a shot. As expected, I didn’t hear from them. Not to sound all self-important, but I travel a lot, usually to work with OpenNMS customers, and I need to know as far in advance as possible if I’m speaking at a show. Usually this means I’m giving up some other opportunity, often one that would actually pay the bills. This time I figured that I would be in Europe anyway for the OSMC, so if I got accepted I would just change my return flight.

Last week I started seeing The OpenNMS Group pop up in press releases for #OSSPARIS15, and I found myself on the schedule for Thursday the 19th at 16:00. I wrote to the organizers to confirm and never heard back, but since I love Paris I made plans to be there.

Well, when I sat down to write this post I noticed that I had been removed from the program. (sigh)

This is very frustrating, as every spare cent we make at OpenNMS goes into the project and changes to flights can be expensive. We are investigating to see if this is just an oversight or if, even after the press release, they decided to remove me from the program. Perhaps it is because the website got hacked (grin).

OSSPARIS Website Hecked

I hope to see you at one of these conferences, or at another in the near future.

by Tarus at October 30, 2015 12:31 PM

October 27, 2015

Adventures in Open Source

First Look at Ubuntu Gnome 15.10

Back when I was an Apple fanboy, I would eagerly await the announcement of new products by Steve Jobs, with one window open to the live blog feed and the other refreshing the Apple Store page so I could be the first to order the new shiny. Steve Jobs made me fall in love with my technology.

I’ve rarely felt that since, but when the new Dell XPS 13 came out I became once again attached to a laptop and I was determined to make it work under Linux.

While it ships with the latest stable Ubuntu release, 14.04, there are issues. Now I often say that we in the open source community suffer an embarrassment of riches when it comes to choice. Since I’ve found that Linux Mint with Cinnamon works best for me I tried it, but I just could not get it to work with the XPS. To address the shortcomings in Ubuntu 14.04, I read Barton’s Blog and decided to upgrade to 15.04. That addressed a lot of the problems, and I used Ubuntu with Unity for awhile, and although Unity was my first real Linux desktop it doesn’t work as well for me anymore. I also found that its HiDPI support was not quite there. I also tried Kubuntu but its HiDPI support (in my experience) was even worse, and since I’d based my laptop I figured I’d give Ubuntu Gnome a shot.

Now I wasn’t one of those haters who just ranted on Gnome 3.0, but when it came out I couldn’t get used to it. However, when I went to install Ubuntu Gnome on the XPS, I was encouraged that the installer recognized out of the box that I was on a HiDPI screen. There have been a lot of changes since that initial release and I found myself warming to it.

I do want to note that while I found all the desktop options I tried to be pleasantly polished, and, well, “pretty”, I decided to stick with Ubuntu Gnome.

A pesky issue with the touchpad and the touch screen required the 4.1 kernel or later. For months I’ve been running mainline kernels, so when 15.10 was announced with the 4.2 kernel standard, I was eager for the upgrade, and I ran it as soon as it became available.

So what does 15.10 offer? All I can really say at the moment is that it offers a pretty painless upgrade process. I ran “do-release-upgrade -d” and after answering a few prompts it went on its merry way.

Wireless worked out of the box (I used to have to futz with the Broadcom driver when on mainline) and overall the system seemed to be pretty smooth. During the boot process I get this error concerning lvmetad which I think is due to the fact that my entire laptop disk is encrypted, but the boot completes without any other issue and I have confidence it will soon be addressed.

Speaking of boot, Ubuntu Gnome has changed the logo on the boot screen. Instead of the familiar foot:

Old Ubuntu Gnome Logo

You get this new one:

New Ubuntu Gnome Logo

Forgive the quality as I had to produce the second image by taking a picture of the screen. While I like that the colors have been softened from black to a gray, I don’t like the new logo, which looks like two U’s mating. I think it is supposed to represent “UG” but I still don’t like it (and I tend to embrace change). I’m hoping someone puts together a splash screen replacement.

The only real issue that is driving me bonkers at the moment concerns the touchpad. One thing Apple just nailed is the touchpad and the Synaptics one on the XPS is oh so close.

The problem I’m experiencing concerns the cursor jumping when I left click. There are no “real” buttons, so you left click by depressing the lower left corner of the touchpad (or clickpad, whatever it is officially called). Sometimes when this happens, instead of registering a click the cursor will jump to the lower left corner of the screen, and *then* click. It is real annoying in Thunderbird since the icon in the lower left corner puts it in offline mode.

I’ve tried most of the suggestions I’ve found in the t00bz but nothing has helped. I just found a reference to HorizHysteresis and VertHysteresis so I’ll play with those values and see if it helps (update – doesn’t seem to). Not quite sure what they do, however. I think the issue has something to do with a finger from my right hand still grazing the touchpad surface when I make the click.

On the upside, the palm detection issues I was dealing with seem to be improved. Not sure if they have been solved but I’m not noticing it as much. Could be that I’ve just modified my typing form to avoid the touchpad better.

Overall, I’m pretty pleased with the upgrade. It should set up a nice base for the next LTS release, 16.04. I’m not quite willing to give up Linux Mint on the desktop just yet, and I’ll probably try out Mint 18 when it is released next year, but Ubuntu Gnome 15.10 has at least made switching a possibility.

One final note, I like the new shiny and I’m willing to put up with a lot in order to play with it. I give money to Dell to encourage them to supply more Linux offerings, but the downside is that Dell leads with devices designed for Windows first. If you want a true Linux experience with zero issues, check out the offerings from System 76. Our Sable all-in-one desktops Just Worked™.

Okay, so that wasn’t the final note. While I doubt any of my three readers work for major laptop vendors, I really want to see a push for physical kill switches on things like the camera and the microphone, such as on the Librem 15. I considered getting one of those but they are a little sketchy on what “PureOS” actually is, and so I’ll wait to see what others think of it first.

by Tarus at October 27, 2015 11:37 PM

October 24, 2015

Adventures in Open Source

2015 All Things Open

I love going to open source conferences. Despite that I’ve decided to take a hiatus in 2016 so I can focus on some OpenNMS projects that have been languishing. However, I may need to make an exception for All Things Open.

One reason is that it is nearby. It was odd to wake up Monday morning and drive to a show. The other reason is that it just rocks.

Organized by IT-ology (the same people who do POSSCON), the show attracts nearly 1800 people to the city of Raleigh. Since Raleigh is also the world headquarters of Red Hat as well as being next to the Research Triangle Park, you get a great mix of attendees and speakers. It’s popular, so remember to get there early to avoid the registration line:

ATO Line

This year OpenNMS was a sponsor and we decided to have a booth.

ATO Booth

Come over to OpenNMS, we have cookies.

Well, not exactly. The cookies were a snack from the show, but we did have cool #monitoringlove T-shirts featuring Ulf:

ATO OpenNMS Shirts

Our booth was in a great location, right next to the opensource.com folks and just down from the Red Hat booth. On the first day Jim Whitehurst (the amazing CEO of Red Hat) was there signing his book The Open Organization. Afterward, he spent a few minutes talking with Todd Lewis, the main organizer of ATO, and Jason Hibbets let me photobomb the picture:

ATO Photobomb

I also got to meet this guy:

ATO Taras Mitran

Check out his badge:

ATO Taras Mitran's Badge

Yes, this is the fourth “Tarus” I’ve met, but the first who spelled it “Taras”. The first was a “Tauras”, the second a “Taurus” and the third spelled it like me, “Tarus”. I was named after the movie Taras Bulba so his is the traditional spelling (grin).

We had most of the local OpenNMS team there, and we would take turns at the booth and enjoying the conference. I was speaking on Tuesday, so I had Monday free (well, after I finished my presentation).

Monday night there was an event sponsored by GitHub followed by a Speaker/Sponsor dinner at the Sheraton hotel. At our table sat Gianugo from Microsoft (who helps out OpenNMS with an MSDN subscription) and Jono from Bad Voltage (who, well, we’re not sure what Jono does but we think it’s positive). When I met them earlier in the day I wanted to do that whole David Letterman “Uma/Oprah” bit from the Oscars: Gian … Jono. Jono … Gian.

ATO Gian and Jono

The next morning I gave my talk on “Living an ‘Open’ Life”. It was in a small room but it was full, and my only major mistake was that I thought I had 55 minutes and only had 45, so I missed finishing a chunk of the talk. (sigh)

While I spent most of the conference doing booth duty, I did manage to see the Lightning Talks. I’ve always wanted to do a Lightning Talk. These are short, five minute presentations on interesting subjects, and while they didn’t do this at ATO, I really like it when you get 20 slides that automatically advance every 15 seconds.

Whenever I mention my desire to the team to do this, they laugh and point out that I can’t even introduce myself in less than five minutes. I would disagree but as I demonstrated with my ATO talk, it is hard for me to keep things brief. (grin)

The hour started off with a video featuring an interesting story on the Enabling the Future project. I’m bummed that I can’t find the exact video they showed, as it was moving, but it demonstrated how a community of “makers” was helping to provide improved prosthetic arms to people using collaboration and 3D printers. It was exempted from the five minute time limit.

Then Rikki Endsley and Jason Hibbets from opensource.com took the stage:

ATO Rikki and Jason

They were the organizers behind the lightning talks.

I finally got to see Steven Vaughan-Nichols in person.

ATO Steven Vaughan-Nichols

He is a writer who I have been following for years, and I am disappointed that I didn’t get to meet up with him in person. In his presentation he talked about how he got into writing about open source software, as well as the early computers he used that ran Unix, such as the PDP11. My first experience with a PDP11 was one that ran, I think, RSX-11, but all I can remember is writing in FORTRAN on it.

ATO Jamie Duncan

I also enjoyed the talk by Jamie Duncan, who I had spoken with at the Speakers/Sponsors dinner. He is a delightful individual with wonderful stories, such as those involving his time working to fix healthcare.gov. The title of his talk, “Gleaming the Kube”, was a play on a skateboard movie from the late 1980s. He is very outspoken on the fact that containers, such as Docker, are basically made up of kernel tricks and to make them useful you need something like Kubernetes (hence the name of the talk).

ATO Sarah Kahn

There was also a talk by Sarah Kahn about Girl Develop It, an organization aimed at helping women interested in learning code development skills. It was nice to see a large turn out by women at the conference, probably more so than the others I have been to this year, and with kernel contributors like Sarah Sharp feeling the need to leave the kernel development team, women in tech is something that needs to be addressed.

ATO Charlie Reisinger

While all the talks were good, my favorite was from Charlie Reisinger of the Penn Manor School District. They gave students Linux laptops with full root access (gasp!) and were amazed and what they did with it. While technology can be a scary place for the younger generation, too often school overreact in trying to protect students, when in fact technology can be empowering.

ATO Jono Bacon

The final talk was from my friend Jono Bacon, who gets all the cool speaking gigs and makes me jealous. His talk was on the field of behavioral economics, which points out that most traditional economic theory is based on the fact that people should behave rationally when making buying decisions. Behavioral economics demonstrates that with the proper stimulus, people will behave irrationally. I was introduced to this concept through the book Predictably Irrational back in 2008 and even got to meet the author, Dan Ariely, in 2009, when we met for lunch and discussed the power and problems with the word “free”.

While Ariely is definitely an economist, Jono introduced me to Rory Sutherland, who is a prominent figure in the field of marketing. There is a great TED Talk by Sutherland who talks about marketing, influence and behavioral economics, and Jono covered some of the main points by him and others.

(Seriously, the TED Talk is brilliant, especially Sutherland’s take on wine that starts about 10:30, and his thoughts on understanding English around 20:00)

After the Lightening Talks I headed back to the booth. Apparently the Convention Center was hosting another conference that evening and we were asked to take down the booth around 3pm, so we did. Then we headed home, which was nice since I haven’t spent much time there recently and is one of the reasons for my hiatus, but missing ATO in 2016 will be hard for me to do.

by Tarus at October 24, 2015 04:19 PM

October 16, 2015

Adventures in Open Source

The Inverter: Episode 52 – Immensely Deft

For this episode, the Bad Voltage team returns to normal with a taped show clocking in at just over an hour. I really enjoyed this one and it made me remember why I started this little column in the first place. Most of the time they bring up stuff for which I have strong opinions, and these posts let me express my thoughts in some depth. Plus, my three readers don’t seem to mind, if they read them at all (grin).

So, if you haven’t listened to it already, please do so now. I’ll wait.

The first segment focuses on the Volkswagen software scandal where, as Jeremy put it, code was added that basically said “if under test, then lie”. I even came up with a joke about this while in Germany. How many VW engineers does it take to change a lightbulb? Forty, unless the emissions inspector is watching, then it is only one.

I had three main thoughts about this topic. The first concerns the US VW CEO Michael Horn, who blamed the whole thing on rogue engineers. Unlike the overall CEO (I found reference to a “North American” CEO, too, how many CEOs does this company have?) Martin Winterkorn who resigned, Horn is obviously taking the coward’s way out and looking to blame anyone but himself. It seems a little fishy – one would think that all the major engineering decisions would be made in Germany, so had Horn testified to that effect instead of trying to shift blame I would have been a little more comfortable with his testimony, but now it seems like he is trying to hide something, which would suggest he knew about the issue. Winterkorn stated “I am stunned that misconduct on such a scale was possible in the Volkswagen Group” which seems to indicate it was too large to just be confined to one or two “rogue” engineers, casting even more doubt on Horn’s account. But since Horn lives in the US of A it is doubtful anything will happened to him, and even if it did he could always find a high paying job in the financial industry. (sigh)

The second thing that bothers me is that this kind of cheating would not be possible if the code for the cars was open source. Heck, the DMCA specifically prohibits “anti-circumvention” which has been interpreted to mean that attempts to reverse engineer proprietary code are illegal, so even attempting to figure out what they are doing could land you in jail. With growing demonstrations of huge security issues in automobile software something needs to be done about it, and of course I’d like to see things become more open. I have been thinking about selling my car, a 2004, but one thing that has kept me from doing it is the thought all of the possible software holes in new vehicles.

Finally, as someone who once owned a 2002 Jetta TDI, part of the diesel ownership experience is the idea that you are helping the environment. I can run biodiesel in it, perhaps from recycled cooking grease, and the overall pollution equation is supposed to be close to that of a hybrid (when you consider the environmental damage used to make the batteries) or an electric car (the majority of electricity in the US is from coal, so add that to the damage caused by mining rare earths). To find that you have been lied to and are actually a huge polluter is quite a blow, and it is the one thing VW won’t be able to easily fix.

One of my team owns a later model TDI and I am very interested to see what happens. My guess is that a software-only fix will simply dumb the power curve down to the point where the car is unusable (and modern diesels can be quite peppy). Think about it: using Jeremy’s “if-then” analogy above, “set test=true” and bam, you pass emissions. Probably makes the car run like crap or they would have done it from the start, but that is an extremely easy software fix. My prediction is that it will take a class-action to get VW to address the problem properly, which will ultimately involve a car “buy back” program.

Anyway, I’m sure the guys will revisit this in the near future and I look forward to hearing more of their thoughts.

The next segment talked about a portable desktop/laptop thing from System 76 called a Serval Workstation. This is a monster device, weighing nearly nine pounds without the charging brick in the 17-inch form factor, that is meant to be a laptop that acts as a high performance desktop.

Several years ago I became tired of lugging even my small laptop around, and so I found a deal on Woot for a decent desktop and bought two of them. I added a couple of nice monitors and now I have one at home and one at the office. With everything I need being accessible from the network, I really didn’t see the need for a laptop (of course, I have one for when I travel).

I thought Aq hit it on the head when he mentioned all of the stuff you have to get for a desktop: keyboard, mouse, camera, speakers, etc., that just comes with a laptop. I especially like the built in UPS – as someone who lives in a rural area they are a must for the frequent power fluctuations. Laptops just come with them. Thus the appeal of this device is to create a portable desktop that is easy to move, trading size and battery life for power.

Also, I really like System 76. I tend to vote with my wallet, and when we needed to replace some aging iMacs I bought a bunch of Sable machines from them and we haven’t been disappointed. They “just work” with Linux, and they are both reasonably priced and pretty sharp looking as well.

The one thing I wish the guys had talked about is the anemic 1080p resolution. I hate the fact that so many laptop manufactures seem content with such a limited pixel density. Sure, 1080p on a 12-inch screen is fine, but on a 17-inch monster? My desktop monitors have a much higher resolution, and my latest laptop, the Dell XPS “sputnik” has even higher density. The HiDPI screen has caused some issues, so that could be one reason that System 76 opted for a lower density, but still it would be nice to have a HiDPI solution that just worked.

My final comment on this is that they are actually wrong when it was stated that the Dell Ubuntu version requires patches that must be installed via a Dell repository. I don’t run the Dell repos on my machine as most of the changes have been ported upstream and there was nothing in the repos I actually needed. Yes, it didn’t work out of the box – it shipped with Ubuntu 14.04 but I am running Ubuntu Gnome 15.04 with a 4.1 experimental kernel to address some of the more irritating bugs, but with 15.10 coming out in a week I am very eager to play with an O/S with the 4.2 kernel delivered as standard.

The third segment was on the idea of a “delayed public license” where code would be initially published under a proprietary license but at some predefined point it would convert to an open source license. While I appreciate the idea behind it, this is not a licensing issue that requires a new license. We really don’t need any more open source licenses. Instead, you could just publish it under a proprietary license with the terms that “on such and such a date” the license would become something else.

The idea is that a lot software has a limited shelf life, and once the immediate revenue opportunities have been exploited, there isn’t much need to keep software closed. Thus a small team of developers could monetize their work yet still add an open source angle to it. This isn’t a new idea, as mentioned in the show id software does this with a lot of its technology. First they opened their Doom engine, and a few years later they opened their Quake engine. Easy peasy.

My suggestion would be to promote this behavior versus coming up with a new license. Also, while I like the thought of putting the code up on something like Github on day one with a proprietary license so that it would be out there when the time came to open source it, I would recommended heavily against this line of action. We have been through a number of cases where people have appropriated OpenNMS code in spite of the license, and the discovery process can be quite expensive if not cost prohibitive. Since this method of starting out proprietary and moving to open source was aimed at small development teams, do yourselves a favor and just hide the code until you are ready to open it. It will work out better in the end.

There were a couple of bits at the end of the show. Jono did a quick “Hack Voltage” segment letting people know that many mobile carriers have the ability to turn e-mails into SMS texts. For example, if you are on AT&T, sending an e-mail to your number “@txt.att.net” will result in an SMS to your phone. We’ve used this a lot in OpenNMS (there is even a field called “pagerEmail” for the address assigned to each user) and it was nice to learn about the addresses for other popular providers. Note that if you have a need to send actual SMS messages (say, if your e-mail server or network is down) you can get an inexpensive device that will let you do it for the price of a SIM card.

They closed the show with a nice long “thank you” to us for hosting the Live Voltage show in Fulda. I was quite touched and I bet the rest of the team were as well, and I look forward to the next “hinted at” live outing of the Fab Four.

by Tarus at October 16, 2015 03:06 AM

October 15, 2015

Adventures in Open Source

The Inverter: Episode 51 – Live Europe 2015

What can I say? Best. Show. Evah.

(grin)

Of course, I might be slightly biased since I helped make this one happen. Every year we have an OpenNMS Users Conference and this year it was held in Fulda, Germany. In an effort to attract more people, I thought it would be cool to get some open source celebrities. That didn’t work out, but I found that most of the guys who do the Bad Voltage podcast would come out for the price of airfare and lodging. The fact that it coincided with Oktoberfest didn’t hurt.

The guys may joke that they just throw the show together, but I’ve gotten to see how the sausage is made and they do put a lot of effort into making an episode – especially a live one. With the help of the wonderful people at the University in Fulda, I think it went really well.

We had Jeremy Garcia, Jono Bacon and Stuart Langridge there in person, but Bryan Lunduke stayed at home due to the recent birth of his second child. Well, that and the fact that he hates me. He was there in spirit, however, via the “Bryan-o-tron” which was a large, red button that when pressed would produce Bryan saying a pithy quote. It worked out well and was pretty funny.

The first segment focused on Cybercrime and ways to stop it. I was in the camp that most “cyber” crime is actually old school crime just using computers. A lot of it still relies on people being stupid, naive and/or greedy.

For an example on how low tech crime still works, we recently had our car burglarized and they stole Andrea’s purse. About a week later we noticed nearly two thousand dollars missing from our account. The thieves had written a check from a stolen account and then used her ID to cash it. Even though we had changed our account number and we never withdraw large sums of cash, the bank went ahead and dispensed the cash (the person had gone through the drive through teller and used her driver’s license as ID). This despite the fact that we had reported the theft, changed our account and the signature on the back of the check wasn’t even close to her’s. Of course, they refunded the money to us (after about a week) but I was still amazed that, in this day and age, with debit cards and PIN numbers and multiple ways to ID a person, this actually worked.

The next segment was taken from the first Bad Voltage Live show at SCaLE and it was called “Wrong in 60 Seconds”. The idea is to give people 60 seconds to rant about something, and then the team would judge who did the best job. We were worried about this bit because Europeans tend to be more reserved than Americans, and even with a little bit of beer in them we weren’t sure what the participation level would be.

And our worst fears were realized. Only Ken Wimer volunteered to rant, and we needed at least two more people. Jessica saved the day by volunteering Antonio Russo (a great choice) and I immediately thought Ian Norton would do a good job, so I threw his name into the hat. They all agreed to do it, and it was a lot of fun. The lighting is kind of poor, so you miss the fact that Antonio actually threw his shoes before starting. Ken ranted in German, Antonio in Italian, and Ian in English.

It came down to a tie, with Jessica casting the deciding vote for Ian. The prize was a really nice tablet.

The last segment features Stuart talking about the biggest danger to open source being the people involved. This may seem a little counter-intuitive: open source is a movement made up of people, so how could they be the biggest danger to it? But he makes some good points, specifically you never hear someone in the Apple user community blasting someone because of their choice of application, but we constantly get factions up in arms about Unity vs. Gnome vs. KDE and Ubuntu vs. Fedora vs. OpenSUSE. Even in the opening parts of the show they joke about the three OpenSUSE guys (who came a long way to be at the show) being the *only* three OpenSUSE users. We laugh but it is somewhat endemic of open source culture and maybe we need to change it. It’s one reason we at OpenNMS strive to be both welcoming and tolerant of new users, as they will be the evangelists of the future.

Toward the end of the bit the Bryan-o-tron took a fearful turn as it was no longer static images and canned quotes, but Bryan himself via a Google Hangout. He unleashes his trademark vitriol and then manages to join the show via a DoubleRobotics telepresence robot.

While this worked flawlessly in rehearsal, we had some connection issues and Bryan’s face was missing from the screen. Here is what it should have looked like:

OUCE Robot

In any case, it was funny, and toward the end when he slowly storms off, the robot locked up in forward mode (I’ve had this happen to me) and slammed into the wall, falling over. No harm was done and it was a pretty funny way to end the segment.

That was pretty much it for the show. Clocking in right at an hour, I think it went well. I’ll be eager to see the next Live Voltage when they plan one.

by Tarus at October 15, 2015 04:16 PM

October 10, 2015

Adventures in Open Source

A Wonderful OUCE

Sorry for the delay in posting this, but the fourth quarter is always our busiest time of the year and I’ve been slammed. Plus, I’m still recovering from a great week at the OpenNMS Users Conference. You did go, correct? (grin)

We are always striving to find ways to bring more people to the conference, so this year I thought it would be cool to invite some open source celebrities, namely the guys from the Bad Voltage podcast. Plus, since this year’s conference was in September, we had the opportunity to make a side trip to Munich’s Oktoberfest.

We arrived in Fulda from Munich on Sunday night. Now in the run up to the conference the BV team would sometimes talk a little smack about Fulda (as in “where the hell is Fulda?”, etc.) but I love this town. It is a wonderful combination of old and new, with cobblestone streets and a beautiful cathedral. You can walk everywhere, and for us the fact that the university (the Hochschule) has great facilities makes it an awesome place to hold the OUCE.

Since we rely on the Hochschule we have to schedule the conference during a time when the students are not on campus. While it is usually held in the Spring, this year it got moved to Autumn. I think the weather is about the same, although we did have a snow storm during one OUCE.

The conference itself is two days long, but we put two days of optional training in front of it. I get to teach an OpenNMS “bootcamp” on Monday that attempts to cover most of the basics in a day. So fresh off of Oktoberfest I had to actually work on Monday.

The class went well, if a bit long. The students were some of the best I’ve ever had, and I don’t think we hit many snags except for the occasional typo. As much as I tried to hurry, it still took us about ten hours to cover the material. OpenNMS is such a huge platform that even the basics take time to go over, and perhaps next year I’ll ask the students to do some work before getting to the classroom.

We had about half of the team together for dinner that night, and I got to have some of the dark German beer I like (in this case, Köstritzer). I called it a night early on, although many of the guys headed to a small bar called “The Eck”, which was apparently a lot of fun.

On the second day of training, Jeff and Jesse discussed some of the more advanced features in OpenNMS. I slept in a bit and then worked with the Bad Voltage team to make sure everything was working for the show on Wednesday. This included making sure Bryan Lunduke could access and use the telepresence robot.

OUCE Robot

Normally when we hold the OUCE in Fulda we have access to a student run establishment called Cafe Chaos. Unfortunately this year it is being remodeled, so we had to make our own set up in Halle 8.

OUCE Room

It was pretty cool. We had a large refrigerator for drinks and they set up some couches in the back corner. Being at the University, the bandwidth was stellar.

On Tuesday night Nethinks sponsored a meal at the Havanna Bar. Most people had arrived by then, so it was nice to get together. Many thanks to Uwe and his team for putting this on.

Wednesday was the first full day of the conference. I kicked things off with a “State of OpenNMS” keynote, with an introduction by Alex Finger, the man who pretty much created the OpenNMS Foundation.

OUCE Alex

I thought the talk went pretty well, and thanks to the A/V team at the University you can see it in all of its glory:

After that I could relax and let the rest of the gang take over. There were plenty of amazing talks, and you can catch them all on Youtube.

Speaking of Youtube, Wednesday night was the Bad Voltage Live show. I plan to review that in a separate post, but it was a lot of fun. We ran a bunch of errands Wednesday afternoon in preparation, which mainly included buying a tablet to use as a prize and beer … lots of beer.

OUCE Beer

On Thursday we had more talks, and then, sadly, the conference had to come to an end. Those of us who were still around helped tear down Halle 8. It looked really empty when we were finished.

OUCE Closing

We then headed off to the Wiesenmühle for one final gathering before going our separate ways.

If you like OpenNMS then you really should make plans to come to the OUCE. Next year will be held at about the same time at the same place, so reserve space on your calendar now.

In the meantime, there are two more conferences left in the year where OpenNMS will be presenting. In a week you’ll find us at All Things Open in Raleigh, NC, USA, and in November Ronny and I will be at the Open Source Monitoring Conference in Nürnberg.

Hope to see you at one or all of these.

by Tarus at October 10, 2015 11:55 PM

October 09, 2015

Adventures in Open Source

GrafanaCon in NYC with Jesse White

Just a quick note to point out that GrafanaCon is next week in NYC.

Grafanacon

It’s a free, one evening conference that promises to be a lot of fun.

OpenNMS’s very own Jesse White will be discussing the amazing API he wrote to put OpenNMS collected data into the Grafana dashboard in a talk called “Tales of a Custom Data Source” at 6:45pm. If Grafana didn’t exist, we’d have to write it, and we probably couldn’t have done as good a job as they did.

If you want to see the future of data visualization, don’t miss this conference. Plus you get to see how we plan to display all of the billions of “Internet of Thingies” data points OpenNMS will be storing in Newts.

by Tarus at October 09, 2015 06:44 PM

September 23, 2015

Adventures in Open Source

The Inverter: Episode 50 – Automated

The latest Bad Voltage show, episode 50, was titled “Automated”. It marked a milestone, fifty episodes is a lot and the gang deserves credit for making it that far, and I was surprised they didn’t talk about it. That’s professionals for ya, just another show.

TL;DR: I didn’t really care for this show that much. Now, to me, Bad Voltage is like sex: when it’s good, it’s really good, and when it’s bad, it’s still pretty good, so please don’t tear into me too roughly for not praising it (see how I got “rough sex” into your brain and into the search engines?). This episode was a little more navel gazing than normal. They revisited the Mycroft Kickstarter (and now on Indiegogo), and then moved on to an interview that I thought was unnecessarily brutal. Many geeks are not the most socially gifted people on the planet and being on a podcast, even one like Bad Voltage, can make them extremely nervous and anxious. Considering that this was supposed to be a friendly interview I found it a little painful. Then there was a home automation “Internet of Things” discussion that I found too high level than I would of liked, and the episode ended with Jono’s review of a standing desk.

The show clocked in at seconds under ninety minutes. There is a large variation in times for these podcasts, and I’m happy listening to the team for as long as they are willing to talk, but the shows I like the most seem to be a little more focused, regardless of the length.

This episode started off with the announcement of the birth of Bryan’s second child, a boy named Solomon. It is the main reason he won’t be joining us in person for next week’s live Bad Voltage show, but congratulations are still in order.

The first segment was a discussion of the Mycroft project, which is attempting to create an open source Siri-like digital assistant. Yes, they discussed this on the last show as well, and while the Kickstarter has ended they have an Indiegogo campaign going on as well. I am eager to see what comes of this, but not willing to fund it at the moment. The last time I funded something, the open source fitness Angel Sensor, they took my money and it’s now a year overdue. Not really complaining (if I were complaining I’d be upset that the first app they plan to release is iOS only) but it kind of burned me on these kinds of things.

Still a cool idea, and it may be possible to eliminate any privacy concerns I might have. I need to help out by offering to read some stuff on Librevox as Aq suggests.

The second segment was an interview with Chris Waid. It turns out that the FCC is unhappy that, with software defined radios, one can increase the power in such a fashion that it violates the broadcast license for the device. For example, you could extend your WiFi range using the same gear through software. They want to stop this, but the concern is that the easiest way to do this would be to lock down the firmware for these devices, which would rule out things like installing alternative firmware on your home router, or perhaps even running free software on computers and laptops, as access to the WiFi and Bluetooth chips could be prevented.

While I’m in the camp that this is more a poorly thought out proposal on the part of the FCC than the FCC trying to be malicious, there is a chance this could be a Bad Thing™ and we should take steps to prevent it. However, in their zeal to get to the meat of this problem the team went a little overboard on poor Chris. Even when a guy in the room with Chris tried to help out, the immediate thought was that Chris was being corrected by one of his own guys (which wasn’t the case). Sure, it would have been funny, but Chris just got more flustered and the message got lost.

Now I’m all for skewering the bad guys, although I prefer it be done nicely as in the style of Jon Stewart, but this wasn’t a bad guy. At worst he is overstating the threat a bit, but compared to some of the jewels the US government has put forth in the past concerning technology, overstating the threat is worse than understating it. They do apologize, somewhat, at the end of the show, but the whole segment made me a little uncomfortable.

There was a short segment by Jeremy, resident home automation geek, about a project to mount a tablet inside a bathroom mirror. Not sure if there is a killer app for such a thing, but I have been in hotels with TVs in the mirror so it has possibilities.

The third segment was a discussion of home automation and “The Internet of Things”. A lot of it involved discussing all of the competing protocols and solutions, to the point where Jeremy needs several different hubs just to talk to everything. At the moment it is more like “The Internet of Silos”.

I was surprised no one mentioned X10. Any one of my three readers remember this? It was a home automation protocol that worked by sending signals over the home electrical wiring. I once had tons of the stuff: light switches, controllers, even a device that you could stick under your analog thermostat to turn on the air conditioning. It worked by turning on a small heating element that would make the thermostat think it was hotter than it was. Plus, no cameras or microphones phoning home with who knows what information to third party servers.

Those were the days.

The last segment was Jono reviewing a standing desk he bought. Standing desks are all the rage now, and he wanted to try one out so he bought one by LIFT. We got a bunch of movable desks from Varidesk at the office, and I quite like them. I do agree with Jono that if you are serious about them you need a floor pad.

While it wasn’t my favorite BV, I did enjoy it. It’s not like I want 90 minutes of my life back ‘n all. They also didn’t mention the morse code message from the previous episode and I’ve been too lazy to find out what was up with that. I like little Easter eggs. Perhaps they should come up with a contest where each week clues are hidden in the podcast, and if you put them together you win a laptop or something else cool.

Remember, the next show will be Live at the OpenNMS Conference in Fulda, Germany. We still have a few seats left, and if the 5€ fee is an issue, please drop me a note. We can work something out, and there will be beer.

by Tarus at September 23, 2015 12:22 PM

September 22, 2015

Adventures in Open Source

Review: Varidesk Standing Desk

Several years ago we did a lot of work in Sweden (Hi, Lasse!), and that is where I first saw some really nice standing desks. The first standing desk I ever saw was when I worked at Northern Telecom and it was for an employee who needed one due to health reasons, but it was fixed in place. The ones they had in Sweden (from IKEA, ‘natch) had a little switch that you could use to raise and lower it as needed, and they had places to mount a PC and run cables so they wouldn’t get snagged when it moved.

When I looked for them for the office, I was shocked by the price. A decent one with options pushed $900 and they could go north of $2000 fully loaded. While I’ve read a lot about the health benefits of standing I just couldn’t afford to get such a desk.

Recently I was on an American Airlines flight, and I just happened to see a small ad for something called a Varidesk in the in-flight magazine (and I’ve never bought something from the back of an in-flight magazine). This was something you put on an existing desk and you could use it to lift a monitor, keyboard, etc. to a standing height. It was manual, but it was considerably less than a dedicated desk.

Now, being the CEO of a profitable company it is required that I have the huge executive desk, so I do. Of course, mine was free from a business that was moving offices and all I had to do was go get it, and then repair all of the broken bits so I could put it back together. My monitor sits in one corner of this monstrosity, and I was happy to see Varidesk made a product that would fit perfectly.

Varidesk Lowered

First off, the sucker’s heavy. It cost a lot to ship due to its weight, but that translates to a lot of stability when raised. The unit I bought had a shelf for the monitor, speakers, etc., with a lower shelf for the keyboard.

In the upper shelf you will notice two holes. You place your hands through them to release levers which will allow you to raise the desk. It does take strength to get it started, but then it is balanced so that it becomes easier.

(Note: the little green light on my PC is my OpenNMS Blink notification)

Varidesk Raised

I love that everything comes up with it: the speakers, the monitor, the keyboard, my Yeti mic, etc. It will also go fairly high – I’m a little over six feet tall and I can get it high enough that I’m comfortable using it. It isn’t perfectly stable, if you are energetically pounding on the keyboard it will move slightly, but it is easy to get use to it. I did have to get some USB cable extenders to make sure things like my camera didn’t go flying off when I raised the desk, but outside of that it pretty much worked out of the box.

And, yes, when standing I like to crank the tunes and dance. You do not want to see me dance.

The Varidesk is well built and I did find myself using it, so some of the other guys in the office were interested. They don’t have fancy executive desks, so I got a slightly cheaper model that fit theirs better.

Varidesk Developers

We bought three more and everyone seems to enjoy them, although we probably don’t use them as much as we should. Because they are stylish and convertible, even in the down position they look good.

I found that after about an hour of standing my legs started to hurt. Our office, like many, is pretty much industrial carpet over concrete. There is little padding, so I bought a pad on Amazon that works well for me and I can dance longer.

It’s also cool to elevate the laptop for our daily scrum call:

Varidesk During Scrum

So, if you are thinking about getting a standing desk but already own a desk, consider the Varidesk. While it isn’t the cheapest thing out there, it is well made and will give you experience to see if you even like working standing up, which would be considerably cheaper than buying a new desk and finding you didn’t like it.

by Tarus at September 22, 2015 09:43 PM

September 16, 2015

Adventures in Open Source

Ad hoc Suspension of Polling Services

As I was reading through my RSS feeds this morning, I saw that a user named “Fredebben” had posted a neat find on the OpenNMS wiki.

I didn’t know this, but it turns out that you can temporarily suspend service polling with an event, and then resume it as needed. This is pretty cool, especially if you need to stop polling for just one service.

I once had a client with a requirement that there be a scheduled outage once a week for all services but ICMP. In their case I had them move ICMP into its own package, and then they could use a Poll Outage to suspend polling on the other services. That is still probably the best way to do it for a lot of services, but it is nice to know this event method works as well.

by Tarus at September 16, 2015 11:35 AM

September 15, 2015

Adventures in Open Source

The Inverter: Episode 49 – The Tapas of All Bananas

I am a fan of the Bad Voltage podcast, but as it is hard for me to listen, pay attention and work at the same time, I tend to listen to it on airplanes. A lot of ideas and comments come to me during an episode, so I’m going to start a new feature on this blog called “The Inverter” where I review and comment on each show.

TL;DR: This episode was well done. It was tight, it flowed nicely and clocks in at slightly over an hour. That is their target time but the average show is closer to 80 minutes. There was a cool little mystery at the front followed by a discussion of the Endless Computer project, which was deemed too expensive to succeed. They talked about the horrible Nest smoke detector, version one, and the much nicer version two. Aq reviews Gliffy, a web-based Visio-like application, and they end with a segment on Microsoft’s changing relationship with open source.

This week I’m on a flight to DC so it is time to pull out my copy of the latest Bad Voltage. After the intro, starting about minute three, you get two minutes of what sounds like Morse code.

Intrigued, I found an app that will decode Morse (this webby one didn’t work for me but the Android app did fine) and read the following message:

NEED TO GET THE WORD OUT STOP
BEST WAY TO CONTACT YOU IS THIS STOP
COLLECT INSOTS STOP
WILL PROVE MYSELF MONDAY 1500 UTC STOP
MY CALL SIGN FOR FUTURE MESSAGES IS COVIN END

Now, I’m not sure what “Insots” or “in Sots” are but I thought it was cool that they put this in the podcast, I probably would have added it after a delay at the end of the recording, as it was a little weird listening to two minutes of beeps (I thought my mp3 download was corrupt) but then only the hardcore listeners would have made it all the way through. Apparently you can find more about this in the t00bz but I’ve been too lazy. Cool addition, though.

The first segment was on the Endless Computer, which states it is building a “computer for the entire world” which brings to mind the One Laptop Per Child (OLPC) project. But there are a lot of differences, the main one being that Endless is a for-profit company (at least I think so – during my exhaustive, nearly 60 second perusal of their website, I didn’t find any verbiage to indicate that this was a charitable foundation versus a commercial enterprise).

As a for-profit company, their gear is not inexpensive, and most of the discussion on the show concerned the price, which is pretty steep for the hardware. There is also the issue that you still need to spend even more money to get it functional (as in buy a keyboard and a mouse). Jono, who was the only one who has actually played with the thing, pointed out that the user experience they have created is pretty nice, but the rest of the gang was still stuck on the price.

There is a $169 version, and a $229 version and they both have a funky look, something like an egg.

Now, I have zero experience with the thing but since that hasn’t stopped me from having an opinion before, here are my thoughts.

First off, I loved the OLPC project. I wonder what would have happened if the OLPC project started now, with the vast improvements in open source operating systems, instead of having to come up with their own O/S that was a little hard to understand.

Endless is not OLPC, and I think that’s the main reason for the price point – they need and want to make money.

If I really wanted to get computing power into the hands of the disenfranchised I would have gone with a tablet. For $229, you can make a decent tablet, which would remove the need to have a TV or keyboard/mouse. You could even add an option to charge it via solar cells. Heck, even the Endless website says “as simple as a tablet” which makes you wonder why they didn’t build one of those (margins, probably). With PC sales in free fall, starting a company to make a new one seems silly – like making a “VCR for the World”.

No, what I think happened is that someone found an investor in the Valley who heard “2 billion potential customers” and started seeing dollar signs. We can be the third world Apple! Simply make a funky design, hire a “Chief Growth Officer” and then … profit!

Another sign of impending doom is that they don’t even own the “endless.com” domain name. According to Paul Graham, it matters.

I’m willing to wager Endless is pretty much DOA, but then I guess I’m just bitter in that this pipe dream got funded and I can’t find decent investors for my company, which actually makes a profit. (sigh)

Moving on, the next segment was on the Nest “Protect” smoke detector. Apparently the first generation ones were crap, but Jeremy invested in the second generation and, so far, likes them. They have all kinds of whiz-bang features, such as two different sensors for various types of fires, and a networking feature so that in, say, a three story house like Jeremy’s, the detector on the third floor can set off all of the others.

I’ve avoided Nest products because I’m a bit of a privacy nut (odd, considering that I share most of my life on-line, I know). I don’t want microphones in my house. I don’t want things “phoning home”. Plus, my old smoke detector works just fine and alerts the nice people who provide my security monitoring when I cook bacon, so I don’t see the need to upgrade.

I did like hearing about the feature where the Nest can serve as a night-light and light up when people walk by it, sort of like the lights in a European hotel hallway. But I think I’d rather engineer that solution on my own then to buy something that is always talking to a third party, no matter how often that third party says I can trust them.

This episode the guys have introduced something called “Hack Voltage” in which one of the hosts will review something cool they’ve discovered. Aq did a short segment on “Gliffy” – a diagramming tool like Visio that you can run in a browser. As a hosted solution, you get some bits for free but then you pay a subscription fee for more features and storage. He seemed to like it, but for me I’d rather struggle with something open source, but if I ever have the need for such a tool I’ll check out the “free” version.

Android Wear Translate Screenshot

For my own version of Hack Voltage, the coolest new thing I’ve been playing with is Google Translate on my watch. I haven’t had time to make a video, but you set up your source and destination languages, speak into to the watch, and voilà, translation. When you flip the watch over (like you would when showing it to another person) it enlarges and displays just the translated text. I plan to use this a lot when I’m in Germany for the OUCE and Bad Voltage Live.

The final segment was on Microsoft warming to open source, which it once referred to as a “cancer”. The new CEO seems to be very open to working with open source projects as well as integrating with them, although certain things, like requiring Surface tablets to boot in secure mode, seem to harken back to the bad old days.

All I can say is that Microsoft has always treated OpenNMS well, including gifting us with an MSDN subscription so that we can improve OpenNMS support on Windows. Overall, Microsoft is much more friendly toward open source than they have been in the past.

That was it for this episode. Short and focused with a minimum of swearing and a modicum of mystery. Just one more show before they descend on the little town of Fulda, and I’ll probably listen to it on the plane ride over there. Hope you can make it.

by Tarus at September 15, 2015 12:13 PM

September 04, 2015

Adventures in Open Source

OUCE 2015: Fulda? Where is Fulda?

With the OpenNMS Users Conference less than a month away, I hope you have convinced your boss to let you attend. Ronny updated the website recently, the call for papers has closed and the schedule is being finalized.

With that in mind I thought I’d share a little about the town of Fulda (pop. 65,000) where the OUCE is being held.

The reason we are holding the OUCE in Fulda is mainly due to it being the home of the Hochschule Fulda, the University of Applied Sciences. This is where a number of OpenNMS contributors went to school and some of them still work there. The facilities are excellent, as is the bandwidth, and the town itself is pretty cool.

The city started in 744 when Saint Sturm founded a monastery there. For someone from the United States it is mind boggling to visit a place that is nearly a millennium older than most places in my country. Thus modern Fulda is a mix of old and new.

In addition to the university, the OUCE will visit a number of other places. On Tuesday night, Nethinks is hosting a dinner for the attendees at Viva Havanna, a Cuban style restaurant (I learned that in German, the extra “n” actually means the “n” sound is pronounced in a shorter fashion than normal). On Wednesday night we’re having the Bad Voltage team do a show, and afterward we’ll most likely end up at a biergarten called the Wiesenmühle.

It is easy to get to Fulda. If you are coming by air, the closest major airport is Frankfurt (FRA) and you can take a train from there to Fulda Station. The website has more details.

Fulda has some historic significance as well. Nearby is the Fulda Gap, an east-west route often used by invading forces into Europe and it was thought to be a primary route any Soviet invasion of NATO countries would use. Thus there was a strong military presence in the area during the cold war.

My favorite “Fun Fulda Fact” is that the monastery there was responsible for the survival of the book/poem De rerum natura (On the Nature of Things). Written in 100 BC by the Roman poet Lucretius, it was one of the first books to state that the world could be explained by natural phenomena versus gods, and includes such gems as all matter being made up of atoms. As you might imagine, there were those who disliked these ideas and thus all copies of the poem were thought destroyed.

De rerum natura image from Wikipedia

However, in 1417, ­Poggio Bracciolini found one at the Benedictine abbey at Fulda. He made a copy, and thus the book survives to this day. Author Stephen Greenblatt wrote a book called The Swerve about the impact of the poem. From the New York Times article “The Almost-Lost Poem That Changed the World”:

Titus Lucretius Carus’ “De Rerum Natura,” or “On the Nature of Things,” is a 7,400-line poem in Latin hexameters written in the first century B.C. It covers philosophy, physics, optics, cosmology, sociology, psychology, religion and sex; the ideas in it influenced Newton and Darwin, among others.

Cool, huh? Well, I have been to the abbey in Fulda, and you can too, if you come to the OUCE. Hope to see you there.

by Tarus at September 04, 2015 12:47 PM

September 03, 2015

OpenNMS Foundation Europe

Your ticket to OUCE 2015

Just a few weeks left to the OpenNMS User Conference in Europe. You are still not sure to go? – Check out http://ouce.opennms.eu.

by Ronny Trommer at September 03, 2015 08:55 PM

Adventures in Open Source

Send an SMS with OpenNMS

I thought I’d written this post years ago, but apparently I didn’t. Since my friend Salma asked about SMS notifications with OpenNMS I felt it was a good opportunity to document this process.

Of course, OpenNMS can’t send an SMS message without a little help. You’ll need some sort of modem that can actually connect to the network. We use one from the great folks at MultiTech.

Multitech Modem

It’s USB powered, so all you need to do is insert an active SIM card and plug it in. Here is the exact model:

Multitech Modem Back

and you can find more information on their products on their website.

For the SIM card, I just added a phone to my AT&T plan for a few dollars a month.

The next thing you’ll need is software to send the notices. I used smssend, which comes in RHEL/CentOS via the smstools package:

Name        : smstools
Arch        : x86_64
Version     : 3.1.15
Release     : 12.el7
Size        : 748 k
Repo        : installed
From repo   : epel
Summary     : Tools to send and receive short messages through GSM modems or mobile phones
URL         : http://smstools3.kekekasvi.com
License     : GPLv2+
Description : The SMS Server Tools are made to send and receive short messages through
            : GSM modems. It supports easy file interfaces and it can run external
            : programs for automatic actions.

This will install a daemon called smsd that is configured via /etc/smsd.conf. You’ll need to edit that file to set the path to your modem, in my case it’s /dev/ttyUSB0. Then start the daemon (via “service” or “systemctl”, etc.)

At this point you can test if it works by running:

smssend [number] "This is a test message"

Note that the number must include the country code, such as “+19195330160”.

Once you have that working, it is pretty easy to set up in OpenNMS. First, edit notificationCommands.xml and add the “smssend” command:

    <command binary="true">
        <name>sendSMS</name>
        <execute>/usr/bin/smssend</execute>
        <comment>Send an SMS</comment>
        <contact-type>mobilePhone</contact-type>
        <argument streamed="false">
            <switch>-mphone</switch>
        </argument>
        <argument streamed="true">
            <switch>-nm</switch>
        </argument>
    </command>

This configuration includes the full path to the “smssend” command, and I used the mobile phone “-mphone” field as well as the short message “-nm” field, which are the only two parameters required for the command.

At this point you’ll need to restart OpenNMS. It actually isn’t necessary to make this work, but it is needed to make the webUI know that the “sendSMS” command has been added.

The rest of the configuration can be done through the webUI. For every user you want to receive SMS messages, make sure that their mobile number (including country code) is configured on their user account page. Then you can just add “sendSMS” as a notification action on a destination path and it should just work.

by Tarus at September 03, 2015 04:48 PM

September 01, 2015

Adventures in Open Source

I, Robot

Today is the 11th anniversary of The OpenNMS Group. We started on September 1st, 2004 with little more than a drive to build something special, a business plan of “spend less than you earn” and a mission statement of “Help Customers, Have Fun, Make Money”.

Since I’m still working and people are using software other than OpenNMS to manage their networks, I can’t say “mission accomplished” but we’re still here, we have a great team and the best users anyone could want, so by that measure we are successful.

When it comes to the team, one thing I worry about is how to connect our remote people with the folks in North Carolina. We do a lot of Hangouts, etc, but they lack the aspect of initiative – the remote guys have to be passive and just sit there. Then I got the wild idea to investigate getting a telepresence robot. Wouldn’t it be cool if remote people could pop in and drive around the office, attend meetings, etc?

After a lot of research, I decided on a robot from Double Robotics.

Robot Tarus

The buying decision wasn’t a slam dunk. It is a very iPad/iOS centric solution which bothered me, and I had some issues concerning the overall security of the platform. So, I sent in a note and ended up having a call with Justin Beatty.

It was a great call.

Double is pretty serious about security, and assuming there are no firewall issues, the connection is encrypted peer-to-peer. While there are no plans to remove the requirement that you buy an iPad in order to use the robot, they are working on an Android native client. You can drive it on almost any platform that supports the Chrome browser (such as Linux) and you can even use it on Android via Chrome. There is a native iOS app as well.

What really sold me on the company is that they are a Y Combinator project, and rather than focus on raising more capital, they are focused on making a profit. They are small (like us) and dedicated to creating great things (like us).

Justin really understood our needs as well, as he offered us a refurbished unit at a discount (grin).

Anyway, I placed an order for a Double and (gulp) ordered an iPad.

It was delivered while I was away in England, but I was able to get it set up on Monday when I returned to the office. They have a number of easy to follow videos, and it probably took about 20 minutes to understand how everything went together.

You take the main body of the robot out of the box and place it on the floor. I had purchased an external speaker kit (otherwise, it uses the iPad speaker) which makes it look like a little Dalek, and you install that on the main post. Then you plug in the iPad holder and screw it to the post with a bolt. That’s about it for robot assembly.

The next step is to take the USB charging cable that came with your tablet and mount it inside the iPad holder. You then insert the iPad upside down and connect the cable so that the robot can power and recharge the iPad. The Double supports any iPad from version 2 onward, and they have a spacer to use for the iPad Air (which is thinner). Finally, you connect a directional microphone into the audio slot on the bottom of the iPad (or top, depending on how you look at it) and the unit is assembled.

Then I had to set up the iPad, which was a bit of a pain since I’m no longer an Apple person and needed a new Apple account (and then I had to update iOS), but once it was configured I could then pair the iPad to the robot via bluetooth. Next, I had to download the Double app from the App Store and create a Double account. Once that process was complete, I could login to the application on the tablet and our robot was ready to go.

To “drive” the robot, you log in to a website via Chrome. There are controls in the webapp for changing the height of the unit, controlling audio and video, and you move the thing around with the arrow keys.

It’s a lot of fun.

When moving you want to have the robot in its lowest height setting. Not only will it go faster, it will be more stable. This isn’t an off road, four wheeling type of robot – it likes smooth services. There is a little bump at the threshold to my office and once the robot has gone over that you want to wait a second or two because it will wobble back and forth a little bit. Otherwise, it does pretty well, and because the rubber wheels are the part of the robot that stick out the most in the front and the back; if you run into a wall it won’t damage the iPad.

I did have to mess with a couple of things. First of all, it needed a firmware upgrade before the external audio speaker would work. Second, sometimes it would keep turning in one direction (in my case, to the right), but restarting the browser seem to fix that.

You do need to be careful driving it, however. One of my guys accidentally drove it into a table, so it hit the table along the “neck” of the robot and not on the wheels. This caused the unit to shoot backward, recover and then try to move forward. It fell flat on its face.

Which, I am thankful, did no damage. The iPad is mounted in a fairly thick case, and while I wouldn’t want to test it you are probably safe with the occasional face plant.

I bought an external wireless charger which allows you to drive the robot into a little “dock” for charging instead of plugging it in. To help park it, there is a mirror mounted in the iPad holder that directs the rear camera downward so you can see where you are going (i.e. look at the robot’s “feet”). Pretty low tech but they get points for both thinking about it and engineering such a simple solution.

Everyone who has driven it seems to like it, although I’m thinking about putting a bell on the thing. This morning I was jammin’ to some tunes in my office when I heard a noise and found Jeff, piloting the robot, directly behind me. It was a little creepy (grin).

I bought it with a nice (i.e. expensive) Pelican case since the plan is to take it on road trips. I bought the iPad that supports 4G SIM cards so I should be able to use it in areas without WiFi. It’s first outing will be to the OpenNMS Users Conference, which is less than a month away. If you haven’t registered yet, you should do so now, and you’ll get to see the robot in action.

Robot Bryan

Bad Voltage will also be there, with Bryan Lunduke piloting the robot from his home in Portland. I had him try it out today and he commented “So rad. So very, very rad”.

At the moment I’m very pleased with the Double from Double Robotics. It’s a little spendy but loads of fun, and I can’t wait to use it for team meetings, etc, when people can’t make it in person. You can also share the output from the unit with other people with the beta website, although you could always just do a Google Hangout and share the screen.

Double Logo

I even like the Double Robotics logo, which is a silhouette of the robot against a square background to form a “D”. I am eager to see what they do in the future.

by Tarus at September 01, 2015 09:20 PM

August 27, 2015

OpenNMS Foundation Europe

OUCE 2015 – Hot Chicks

As you all know, we don’t spend a lot of time in marketing and I got a pro-tip to add hot chicks on the website. I don’t have any idea why but if it helps. JOIN OUCE 2015 NOW!
grilledchicken

by Ronny Trommer at August 27, 2015 10:20 AM

August 21, 2015

Adventures in Open Source

OUCE 2015: Bad Voltage Live

Every year at the OpenNMS Users Conference (OUCE) we have a good time. In fact, learning a lot about OpenNMS goes hand in hand with having fun.

At this year’s SCaLE conference, the team behind the Bad Voltage podcast was there to do a live version of the show. You can watch it on-line and see it went pretty well, and this gave me the idea to invite the gang over to Germany to do it again at the OUCE.

Since there may be one or two of my three readers who are unaware of Bad Voltage, I thought I’d post this little primer to bring you up to speed.

Bad Voltage is a biweekly podcast focused on open source software, technology in general and pretty much anything else that comes across the sometimes twisted minds of the hosts. They deliver it in a funny manner, sometimes NSFW, and for four guys with big personalities they do a good job of sharing the stage with each other. As I write this they have done 47 episodes, which is actually quite a nice run. For anyone who has done one or thought about doing a periodic podcast or column, know that after the first few it can be hard to keep going. It is a testament to how well these guys work together that the show has endured. Believe it or not, I actually put time into these posts and even I find it hard to produce a steady amount of content. I can’t imagine the work needed to coordinate four busy guys to create what is usually a good hour or three of podcast. (grin)

Bad Voltage as The Beatles

Anyway, I want to introduce you to the four Bad Voltage team members, and I thought it would be a useful analogy to compare them to the Beatles. As I doubt anyone who finds this blog is too young to not know of the Beatles, it should aid in getting to understand the players.

Bad Voltage - Jono Bacon Jono Bacon is Paul. If you have heard of anyone from Bad Voltage, chances are it is Jono. He’s kind of like the Elvis of open source. He was a presenter for LugRadio but is probably best known for his time at Canonical where he served as the community manager for Ubuntu. He literally wrote the book on open source communities. He is now building communities for the XPRIZE foundation as well as writing articles for opensource.com and Forbes and occasionally making loud music. He’s Paul because is he one of the most recognizable people on the team, and he secretly wishes I had compared him to John.

Bad Voltage - Bryan Lunduke Bryan Lunduke is John. He gets to be John because he has heartfelt opinions about everything, and usually good arguments (well, arguments at least) to back them up. He has passion, much of which he puts into promoting OpenSUSE. I’ve never met Bryan in person, but we’ve missed each other on numerous occasions. I missed him at SCaLE, he missed the Bad Voltage show I was on, and I missed him again at OSCON. And I’ll miss him in Fulda, as his wife is due to deliver their second child about that time, but he will be there virtually. He adds depth the the team.

Bad Voltage - Jeremy Garcia Jeremy Garcia is George. Although none of these guys could be described as “quiet”, he is the most reserved of the bunch, but when he opens his mouth he always has something interesting to say. You can’t be part of this group and be a wallflower. I’m not sure if he has a day job, but fifteen (!) years ago he founded Linuxquestions.org and has been a supporter of open source software even longer. He adds a nice, rational balance to the group.

 

Bad Voltage - Stuart Langridge Stuart is Ringo, known to his friends as “Aq” (short for “Aquarius” – long story). He is pretty unfiltered and will hold forth on topics as wide ranging as works of science fiction or why there should be no fruit in beer. He was also a member of LugRadio as well as an employee of Canonical, and now codes and runs his own consulting firm (when he is not selling his body on the streets of Birmingham). If there was a Bad Voltage buzzword bingo, you could count on him to be the first to say “bollocks”. He adds a random element to the group that can often take the discussion in interesting directions.

They have been working hard behind the scenes to plan out a great show for the OUCE. Since many of the attendees tend not to be from the US or the UK, it is hoped that the show will translate well for the whole audience, and to make sure that happens we will be serving beer (if you are into that sort of thing). If you were thinking about coming to the conference, perhaps this will push you over the top and make you register.

But remember, you don’t have to attend the OUCE to see the show. We do ask that you register and pony up 5€. Why? Because we know you slackers all too well and you might sign up and then decide to blow it off to binge on Regular Ordinary Swedish Meal Time. Space is limited, and we don’t want to turn people away and then have space left open. Plus, you’ll be able to get that back in beer, and the show itself promises to be priceless and something you don’t want to miss.

If that isn’t enough, there is a non-zero chance that at least one of the performers will do something obscenely biological (and perhaps even illegal in Germany), and you could say “I was there”.

by Tarus at August 21, 2015 04:35 PM

OpenNMS Foundation Europe

[Release] – OpenNMS 16.0.3

We are happy to announce the new stable release of OpenNMS 16 Horizon with codenamed Phillip Fathom. This is a minor bug fix release and the list of issues can be found in the Release Notes.

Happy Updating.

by Ronny Trommer at August 21, 2015 04:21 AM

August 19, 2015

Adventures in Open Source

Convince Your Boss to Send You to the OUCE

With this year’s OpenNMS Users Conference a little over a month away, I plan to be writing about it more in the run up to the event. I figured I should probably start on why you should go and, better yet, how to convince your boss to pay for the trip.

First off, if you aren’t using OpenNMS, why not? (grin)

In all seriousness, if you are happy with your network management solution you can stop reading now. But if you aren’t happy, are in the process of considering alternatives, or if you have a serious interest in discovering the benefits of an open source network management platform, the money you will spend to investigate OpenNMS through the Users Conference is a rounding error compared to the price of similar commercial solutions.

Second, OpenNMS is more of a platform than an application. I know of a number of organizations who manage billion dollar budgets using Microsoft Excel, but it didn’t work for them out of the box. They had to build the spreadsheets, integrate it with databases and other applications, but now they have a custom system that fits their needs. Most network management applications require the user to adapt their processes to fit the application. For most IT organizations those processes are what differentiate them from their competitors, so it makes more sense to use a platform like OpenNMS which can be customized to better complement them instead of the other way around.

Third, OpenNMS does have a steep learning curve. It is a broad and powerful tool but it does require an investment in time in order to realize its full potential. One way to get such knowledge would be to attend a week-long training class at the OpenNMS HQ. The cost would be US$2500 plus travel.

Contrast this with the OUCE. The full four day package runs 1000€, currently about US$1100, or less than half the price of the standard training course. Even with travel expenses (assuming you aren’t in Germany in particular or Europe in general) it should make more sense to go to the OUCE than to the usual training course (plus, the next one isn’t until January of next year). If you don’t have the need to go to the one day OpenNMS Bootcamp, it is even less expensive. It makes good financial sense.

Fourth, this is a *users* conference. If you come to training you will most likely get to listen to me for five days. At the OUCE you get to meet and talk with the people who *use* OpenNMS. Got a common problem? Find out how others solved it using OpenNMS. Got a weird problem? I can guarantee that someone at the conference will have a weirder one that they used OpenNMS to fix. The initial list of accepted talks is awesome and will only get better.

Fifth, a lot of the key people behind OpenNMS will be there as well (including yours truly) and so you can experience first hand what makes the OpenNMS community so special. Plus, since we don’t “unveil” new features, you can see first hand what is currently available in the development version of OpenNMS, including “big data” storage, new and improved graphing, elasticsearch integration and distributed polling via “minions”.

Finally, it’s a lot of fun. I can remember meeting Ian Norton during an OUCE several years ago. He had been forced to attend the conference by his (now previous) employer and was very unhappy about it. Not knowing who I was, he candidly ranted about issues he saw with the product. I assured him that we would work hard over the next two days to address them. Now he is one of our biggest supporters, and all it took was two days to “get it” and understand what makes OpenNMS so magical (in the interest of full disclosure, schnapps was involved).

In conclusion, if you are not using OpenNMS you are probably paying too much for a lesser solution. This may not be true in your particular case, but you should at least seriously investigate the possibility. It makes financial sense to do this at the Users Conference, even with travel expenses, plus you can see how real users, just like you, are getting the most value out of the tool. And even if you decide OpenNMS is not for you, you’ll have had some fun and can rest assured you did your due diligence when examining management options for your employer.

Hope to see you there.

by Tarus at August 19, 2015 09:14 PM

August 18, 2015

OpenNMS Foundation Europe

OUCE 2015 – Giggity support

Keep your schedule up to date with Giggity Schedule Viewer and add OUCE 2015 with the following URL: http://ouce.opennms.eu/en/ouce2015/public/schedule.xml. You can also scan the QR code.

ouce2015-giggity

by Ronny Trommer at August 18, 2015 10:14 PM

August 07, 2015

Adventures in Open Source

Case Study: Why You Want OpenNMS Support

I wanted to share a story about a support case I worked on recently that might serve to justify the usefulness of commercial OpenNMS Support to folks thinking about it. As always, OpenNMS is published under an open source license and so commercial support is never a requirement, but as this story involves commercial software I thought it might be useful to share it.

We have a client that handles a lot of sensitive information, to the point that they have an extremely hardened network environment that makes it difficult to manage. They place a separate copy of OpenNMS into this “sphere” just to manage the machines inside it, and they have configured the webUI to be accessed over HTTPS as the only access from the outside.

Recently, a security audit turned up this message:


Red Hat Linux 6.6 weak-crypto-key
3 Weak Cryptographic Key Fail "The following TLS cipher suites use
Diffie-Hellman keys smaller than 1024 bits: *
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (768-bit DH key) *
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (768-bit DH key)" "Use a Stronger Key If
the weak key is used in an X.509 certificate (for example for an HTTPS
server), generate a longer key and recreate the certificate. Please also
refer to NIST's recommendations on cryptographic algorithms and key
lengths (http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf
) ." Vulnerable

and they opened a support ticket asking for advice on how to fix it.

I had some issues with the error message right off the bat. The key used was 2048 bits, so my guess is that the algorithm is weak and not the key. The error message seems to suggest, however, that a longer key would fix the problem.

Anyway, this should be simple to fix. The jetty.xml file in the OpenNMS configuration directory lets you exclude certain ciphers, so I just had the customer add these two to the list and restart OpenNMS.

And then we waited for the nightly scan to run.

This fixed the issue with the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher but not the first one. Nothing we did seemed to help, so I installed sslscan on my test machine to try and duplicate the issue. I got a different list of ciphers, and since openssl uses different name for the ciphers than Java, and it was a bit of a pain to try and map them. I couldn’t get sslscan to show the same vulnerabilities as the tool they were using.

We finally found out that the tool was Nexpose by Rapid 7. I wasn’t familiar with the tool, but I found that I could download a trial version. So I set up a VM and installed the “Community Edition”.

Note: this has nothing to do with open core, which often refers to their “free” version as the “community” version. Nexpose is 100% commercial. They use “community” to mean “community supported”, but it is kind of confusing, like when Bertolli’s markets “light” olive oil which means “light tasting” and not low in calories.

I had to fill out a web form and wait about a day for the key to show up. I had installed the exact version of OpenNMS that the client was using on my VM, so my hope was that I could recreate the errors.

First, I had to increase the memory to the VM. Nexpose is written in Java and is a memory hog, but so is OpenNMS, and it was some work to get them to play nice together on the same machine. But once I got it running, it wasn’t too hard to recreate the problem.

The Nexpose user interface isn’t totally intuitive, but I was able to add the IP address of the local machine and get a scan to kick off without having to read any documentation. The output came as a CVS file, but you could also examine the output from within the UI.

The scan reported the same two errors, and just like before I was able to remove the “TLS_DHE_RSA_WITH_AES_128_CBC_SHA” one just by excluding it in jetty.xml, but the second one would not go away. I found a list of ciphers supported by Java, but nothing exactly matched “TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA” and I tried almost all of the combinations for similar TLS ciphers.

Then it dawned on me to try “SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA” and the error went away. I guess in retrospect it was obvious but I was pretty much focused on TLS based ciphers and it didn’t dawn on me that this would be the error with Nexpose.

It was extremely frustrating, but as my customer was being beat up about it I was glad that we could get the system to pass the audit. While this was totally an issue with the scanning software and not OpenNMS, it would have been hard to figure out without the help we were happy to give.

It may not surprise anyone that a large number of OpenNMS support issues tend to be related to products from other vendors. Usually most of them can be classified as a poor implementation of the SNMP standard, but occasionally we get something like this.

Our clients tend to be incredibly smart and good at their jobs, but having access to the folks that actually make OpenNMS can sometimes save enough time and headache to more than offset the cost of support.

by Tarus at August 07, 2015 03:46 PM

August 05, 2015

Adventures in Open Source

Welcome Costa Rica! (Country 28)

While I have never been able to personally visit Costa Rica (it is on my list) I am happy to announce that we now have a commercial customer from their, making it the 28th unique country for OpenNMS.

They join the following countries:

Australia, Canada, Chile, China, Denmark, Egypt, Finland, France, Germany, Honduras, India, Ireland, Israel, Italy, Japan, Malta, Mexico, The Netherlands, Portugal, Singapore, Spain, Sweden, Switzerland, Trinidad, the UAE, the UK and the US.

by Tarus at August 05, 2015 08:20 PM

July 28, 2015

Adventures in Open Source

2015 O’Reilly Open Source Conference

I think this year marks the eighth OSCON I’ve attended. I’m not sure of that, but I am sure that every year I can meet up with a number of interesting people that I just don’t see elsewhere.

I used to get the conference pass so I could see the presentations, and while they tend to be of a very high quality, I often found myself spending most of my time outside of those rooms, either on the Expo floor or just sitting and talking, so this year I just got the Expo pass.

OSCON 2015 - Entrance

I have a love/hate relationship with OSCON. It seems to be skewed toward large companies, and this year was no exception.

I got to see the jugglers at Paypal:

OSCON 2015 - Paypal

(Note: Jason, who used to work with us at OpenNMS, is now at Paypal and so I get to hear about some of the stuff they are doing around open source it is pretty exciting).

and Microsoft was back with the photo booth:

OSCON 2015 - Microsoft

There were also some smaller companies in attendance. I had to go by and say “hi” to the Atlassian team as we happily use a number of their products to make OpenNMS happen, such as Bamboo and Jira:

OSCON 2015 - Atlassian

and it was nice to run into Chris Aniszczyk, the open source guy at Twitter.

OSCON 2015 - Chris Aniszczyk

I had not talked to Chris since last year’s OSCON and it was cool to learn that he’s doing well.

One thing I’ve been looking at for OpenNMS is the best configuration platform with which to integrate. It is hard to choose between Puppet, Chef, Ansible and Salt (and we should probably do all four) but if the choice was solely based on the friendliest staff Chef would probably win.

OSCON 2015 - Chef

I never did get the full story on what happened with their booth.

Right around the corner was the Kaltura booth with its incredibly shy and withdrawn Director of Marketing, Meytal:

OSCON 2015 - Meytal Burstein

She was also at CLS and our paths crossed a lot, and I’m certain I’ll run into her in the future. Oh, and if you want her opinion, you’ll have to drag it out of her.

(Note: some of the above is not true)

OSCON 2015 - CDK Global

It was also cool to see a booth for CDK Global. CDK was formed by merging Cobalt and ADP Dealer Services, and the latter uses OpenNMS. Sam (the guy in the middle) was also a Frontalot fan, so we got along well.

I spent most of my time off to the side of the Expo floor on a row I called the “Geek Ghetto”. These are booths that OSCON offers to open source projects and organizations. It was cool to see that it was almost always packed with people.

OSCON 2015 - Geek Ghetto

I got to talk to the team at the Linuxfest Northwest. This is one conference I have yet to attend but I’m going to make an effort to get there next year. I’m hoping to convince the Bad Voltage guys to come along and do a live show (they will be with us at the OUCE this September in Germany)

OSCON 2015 - Linuxfest Northwest

Next to them was a booth from the EFF. Maggie, who was at the anniversary show in San Francisco, was also doing booth duty at OSCON.

OSCON 2015 - EFF

I believe in what the EFF is doing so it was nice to get to talk with them.

Last year I spent a lot of time learning about Free Geek:

OSCON 2015 - Free Geek

and it was nice to chat with them again. If you are in a Free Geek city, you should get involved.

It was good to see a large number of women in attendance, although it was still not reflective of the population as a whole. One group working to change that is Chicktech:

OSCON 2015 - Chicktech

Note that my picture got photobombed by “Open Source Man”.

Also in the Geek Ghetto was the Software Freedom Conservancy, run in part by Bradley Kuhn and Karen Sandler. I think highly of them both and enjoyed the time I got to spend with them.

OSCON 2015 - Karen Sandler

Now, I should probably explain my shirt.

Bryan Lunduke is one-fourth of the Bad Voltage team. While I have known Jono Bacon for some time, I didn’t get to meet Jeremy Garcia or Stuart Langridge until this year’s SCaLE conference. I never got to meet Bryan. To be honest, a lot of these “meetings” happened in bars and Bryan doesn’t drink, and I did try to get his attention on the show floor but he obviously didn’t hear me.

Then I was on the Bad Voltage podcast talking about OpenNMS. This was an episode where Bryan was ill, so outside of signing in to say he couldn’t do the show, I didn’t see much of him.

Finally, we are planning on having Bad Voltage come out to the OpenNMS User’s Conference this September. Bryan is expecting the arrival of his second child, so he had to beg off.

Now I just see these things as coincidences, but the guys in the office suggested the real reason is that Bryan hates me. Jessica, our graphic designer, took the bait and made up a graphic, and my friend Jason at Princredible printed a few really nice shirts.

I wanted to meet up with him in Portland, but he was only at CLS the second day (I was there the first). He was at OSCON on Wednesday. I wandered around the Expo floor trying to find him but we could never meet up.

It started to become amusing. People would stop me and say “Bryan was just here looking for you”. After awhile I thought it might be even funnier if we never met, just circled each other at the conference and to this day we still haven’t stood next to each other (he and Jono did call me later in the day, but I had already left).

Anyway, if you think Bryan Lunduke hates you too, you can get a nifty shirt just like mine. Jason will take orders until 10 August. These are high quality shirts that are actually printed – the image is dyed into the fabric and not screened on top were it is likely to crack and peel.

OSCON 2015 - Jono Bacon

Speaking of Jono, he did an “Ask Me Anything” session and I was very eager to get some of the burning questions off my chest. Unfortunately, it was subtitled to limit the questions to things like “community management” and “leadership”. Mine were, to a fault, all obscenely biological.

I want to end this note with a picture of one of my favorite people, within or outside of open source, Stephen Walli.

OSCON 2015 - Stephen Walli

I usually only see him at OSCON, and while in his sunset years he has quieted down a bit (grin), I always welcome the time I get to spend with him.

Hope to see everyone in Austin in 2016, if not sooner.

by Tarus at July 28, 2015 07:52 PM

July 25, 2015

Adventures in Open Source

Review: MC Frontalot with The Doubleclicks

Best OSCON after-party ever! – Satisfied Customer

Even though OpenNMS has been around for over 15 years now, a lot of people, including open source people, don’t know we exist. In an attempt to fix that, we’ve been experimenting with various marketing efforts, and in keeping with our mission statement of “Help Customers – Have Fun – Make Money” we also want them to be fun.

I have a love/hate relationship with the O’Reilly Open Source Conference (OSCON) but I can be assured that many of my friends who are into free and open source software will be there. This year I thought it would be fun to host a concert featuring MC Frontalot. Not only is his music awesome, it should appeal to many of the attendees. We lined up a venue (the amazing Dante’s) and an opening act, The Doubleclicks.

My one fear was that no one would show up, so I was relieved when I rushed from a previous meeting to Dante’s to find the place full, and by the time the show started it was packed.

Prior to setting this up, I had not heard of The Doubleclicks. Angela and Aubrey Webber are sisters who sing about geek things. Prior to the show I listened to a lot of their music, and since I was paying for this gig they even did one of my favorites, “This Fantasy World (Dungeons and Dragons)“. When they sang the lyric “and their primarily Windows-based computers” it got a big laugh.

The Doubleclicks

One thing we struggle with in the tech world in general and open source communities in particular is how to encourage more women to get involved. As a male dominated industry, women can face particular challenges. When The Doubleclicks sang “Nothing to Prove” I realized I couldn’t have asked for a better set list if I’d tried:

We read books, we played games, we made art, we watched Lost
We said things like “D20”, “shipping” and “Mana cost”
It felt good to be myself, not being mocked
Still self-conscious, though, we whispered things about jocks

But one day, you grow up, come into your own
Now geek’s not rejection – it’s a label I own
Then ignorant haters come to prove me wrong
Tell me I’m not nerdy enough to belong

I’ve got nothing to prove
I’ve got nothing to prove
I’ve got nothing to prove

This rang particularly true due to OSCON being hit with a “gamergate“-like attack for having Randi Harper speak. Considering the number of women at the show, I think we succeeded in promoting an all-inclusive environment.

After their great set, MC Frontalot and the band prepared to take the stage. This was the fourth Frontalot show I’d organized but the first with the band. The reason I hadn’t hired the whole band before was simple: it’s more expensive. Plus, from the videos I’d seen on the Intertoobz, I didn’t think they added all that much.

I was so wrong.

It’s hard to capture on video the energy these four gentlemen bring to the stage. The man driving the beat on drums is The Sturgenius (aka Sturgis Cunningham). Blak Lotus (aka Brandon Patton) is the whirling dervish on bass. I sat an watched him spin from stage left, often winding the cord to his bass around his legs and then unwinding it just in time to avoid tripping. Vic-20 (aka Ken Flagg) played wireless keytar, and while everyone was mic’d, turns out he has the voice of an angel and did the most duty on backup vocals.

MC Frontalot and Band

They played all of my favorites, such as “Critical Hit” and “Stoop Sale“, and while Front has always given 110% at my shows, being with the band brought out something more.

When I walked around OSCON inviting people to the show, a lot of people were psyched but I still got that weird “Nerdcore Hip Hop?” look from many. I don’t think that anyone who has seen them live could mistake them for anything other than truly original musical artists.

OCSON is moving to May and to Austin, Texas, next year, and my hope is to bring the band out again. And I do actually plan to write up my thoughts on OSCON itself, but as I got almost no sleep in the last week that will have to wait. The fourteen and a half hours I slept last night seemed to have helped a lot, though.

by Tarus at July 25, 2015 06:00 PM

July 23, 2015

Adventures in Open Source

2015 OSCON MC Frontalot and Doubleclicks Party

I just wanted to post a short note about tonight’s concert.

WHAT: MC Frontalot and The Doubleclicks
WHERE: Dante’s, Portland, OR, USA
WHY: To give back to our Free and Open Source Software Friends, and to promote OpenNMS
WHEN: Doors open at 8pm, Doubleclicks sometime after 9pm, Frontalot around 10pm

If you are still reading, OpenNMS has been able to get Frontalot to perform at a number of Linux conferences, but this is the first time we’ve been able to bring out the whole band (2015 is shaping up to be a good year). So in addition to the man himself, we have Blak Lotus on bass, The Sturgenius on drums and Vic-20 on the key-tar. This promises to explode with awesomeness.

Since this is Portland, we wanted to get a local group to open and The Doubleclicks were kind enough to join us. They are the sister duo of Angela and Aubrey Webber, who will entertain with their particular brand of nerd folk. I was introduced to their work just recently, and I think it will be the perfect way to start the evening.

We also want to thank O’Reilly for continuing to produce OSCON. In many cases, it is the only time in a year where I get to see friends of mine in person, and they bring together all different type of people from the free and open source community.

Finally, last but not least is Dante’s itself. The venue was kind enough to let us schedule this free event there, and while I’ve never been, I’ve only heard great things. The only downside is that I’ve been told it is somewhat small. Since we are not selling tickets, I have no idea how many people are showing up, but from the feedback I’ve been getting from OSCON attendees, we’ll probably pack the place.

To guarantee you get to see the show, doors open a 8pm, but since some of you might still be enjoying OSCON events at that time, please note that the show won’t start until sometime after 9pm, so we hope you can make it.

Oh, if you do come and like it, please give a nod to @opennms as we are working hard to correct the fact that it is the greatest open source project you have never heard of.

See you there.

by Tarus at July 23, 2015 07:19 PM

July 21, 2015

Adventures in Open Source

Solution for One Trackpad Issue for the XPS 13

My new laptop is the beautiful new Dell XPS 13 running Ubuntu Gnome 15.04.

It is not perfect, but it is getting close. Lightweight, beautiful screen and awesome battery life (nearly 8 hours the way I use it).

One thing that was killing me, though, was that after a certain amount of time (on the order of tens of minutes and not hours), the trackpad/clickpad thingie would start misbehaving under Gnome Shell, registering bogus clicks. There wasn’t an easy way to fix it outside of a) reboot or b) use an external mouse.

It seems that this issue has been addressed in the 4.1 kernel, so I decided to try it. I’m not sure if Ubuntu is going to support the 4 kernel series officially before 15.10 so I didn’t want to wait.

I downloaded the 4.1.1 kernel here (you’ll need three debs: the “all” headers deb and the image and headers debs for your CPU – I used “generic” and “amd64”), installed them with “sudo dpkg -i” and rebooted. The problem seems to be fixed.

But, my Broadcom wireless driver wouldn’t work. I had to download one more deb from here (via my phone – never play with kernels when you are on a long road trip), install it and now wireless is back.

Now if we could just get palm detection fixed …

by Tarus at July 21, 2015 01:03 AM

July 19, 2015

Adventures in Open Source

2015 Community Leadership Summit

I’ve been working full time with open source software for fourteen years, and I can remember a time when we were pretty much making everything up. No one had experience with this market which most of us now take for granted, and there were a lot of questions about dealing with an open source “community” versus paying customers for open source related software and services.

Out of this arose a role, for lack of a better word, called a “Community Manager”. It doesn’t quite fit since “manage” isn’t accurate. It is hard to apply old school management techniques to a group of sometimes anonymous volunteers, many of whom you might only know by a name such as “Zaxxon476”.

One of the first people to document this role was Jono Bacon. He was one of the leaders of the Ubuntu community, one of the larger of such communities in existence. He wrote a book called The Art of Community and he also founded the Community Leadership Summit (CLS) which meets the weekend before OSCON. Due to scheduling I have never been able to be there, but OpenNMS has been a sponsor every year it has been around.

CLS - Sponsors

This year I was finally able to attend, and I wasn’t disappointed. A large, eager group of people showed up, and I really enjoyed the diversity. Not only were women strongly represented (in both attendees and session leaders) there were many people from outside of the United States.

Jono kicked off the conference:

CLS - Jono Bacon, the delicious meat

with help from another amazing fellow, Stephen Walli:

CLS - Stephen Walli, the other white meat

The format was in the “unconference” style, meaning that the attendees set the agenda. After an initial group of planned 15-minute presentations, those people wanting to host a session would write a short description on a card, get up in front of everyone and announce the session, and then go post it on a large schedule “wall” in the main hallway.

I’ve been to a number of such conferences but rarely seen such participation levels. We actually ran out of Saturday spots, but in the true cooperative style a number of people were able to combine sessions so I think it all worked out.

CLS - Schedule

The whole event had a really good vibe. It wasn’t just open source people, either. The “open source way” can be applied to a number of different fields, and it had to be stressed that in any given session you couldn’t make assumptions about the open source knowledge of the people in the room. One woman discussed how she was dealing with mental illness, and an on-line community was key to her becoming healthy. Another woman was discussing how concepts from the formal study of psychology could be applied to make communities stronger. Even proprietary companies such as New Relic were there because the user community has become key to the success of almost any technology endeavor.

I got to make new friends and catch up with old ones, so I have to admit like many conferences I spent more time chatting in the hallway than in actual sessions (as some of those session were in the hallway, I had to be reminded that my voice carries. Ooops and sorry).

For high school I went to the North Carolina School of Science and Mathematics, and I constantly run into alumni in this field. OpenNMS’s own Seth Leger went there, as did Spot Callaway and Gina Likins from Red Hat. I got a cute picture of Gina (pronounced “Jenna”) with Ulf.

CLS - Gina Likins

It looks like the second day might even be stronger than the first, but unfortunately I won’t be able to make it. As OSCON is moving to Austin next year, it will be interesting to see how that changes CLS, and I plan to make every effort to be there.

by Tarus at July 19, 2015 06:02 PM

July 17, 2015

Adventures in Open Source

The EFF Turns 25

In 1990, when the Internet was much smaller and slower than it is today, a bunch of forward-thinking people realized that this new technological wonder would create some unique issues for our society, and they formed the Electronic Frontier Foundation to protect people from its negative effects.

I can’t remember the first time I got involved with the EFF, but for years I’ve followed their efforts and cheered them on. Before I wore it to shreads, my “Protect Bloggers Rights” T-shirt was one of my favorites, and I still carry my passport in an EFF-badged wallet that blocks RFID transmission.

Earlier this year, the animator Chad Essley auctioned off the chance to be added to his video for the MC Frontalot song “Shudders” with all proceeds going to the EFF. The result was that the OpenNMS mascot Ulf gets a few seconds of much deserved fame and I got an invitation to the EFF’s 25th anniversary party.

I wasn’t going to make it (I don’t live in the Bay Area) but when I decided to attend this week’s Community Leadership Summit followed by OSCON up in Portland, it turned out that it wasn’t much more expensive to fly here first before heading up to Oregon. I know several people in the area and I figured I could find something to do before the party, but then the EFF created a half-day “minicon” so I decided to attend that as well.

EFF - DNA Lounge

The minicon consisted of three panel discussions. It was held at a nightclub called the DNA Lounge and when I got there just before noon the line to get in was already stretching down the block. When I did get in, there was a stage set up for the panels (a moderator’s podium and a table with four chairs for the panelists) as well as two banners describing what the EFF does.

EFF Banner

I thought the left one was pretty succinct: Free Speech, Privacy, Innovation, Transparency, Fair Use, International. Yup, that about covers it.

I didn’t take any pictures of the attendees (this group does attract a contingent from the “black helicopters” crowd) so while I probably had the right to take pictures as part of a public gathering it would have been rude. It was nice to see a fairly even split between men and women, and for once I wasn’t the oldest person in the room. It was mainly Caucasian and Asian faces that I saw (hey, that’s pretty much Silicon Valley) and I did see people with colorful hair (bright pink, electric blue, etc.) That part was similar to the open source conferences I attend, but there wasn’t a single utilikilt. The vibe was also different. Whereas FOSS conferences also attract technical people with a strong libertarian bent, this crowd included a lot more people concerned with social activism.

Which brings us to the first panel: Activism.

EFF - Panel 1

Not only does the EFF identify threats to liberty brought on by new technology, one of their pillars is to mobilize people to effect change, so this panel discussed ways to more effectively do just that. Should you call your Congressional Representative or e-mail them? Is publicly tweeting about them better than a private correspondence? One panelist commented on the fact that you can’t A/B test reality so it can be hard to determine the best action. Plus, if a particular effort is successful, such as with SOPA, the bar is set high for the next one, which can cause its own problems.

It was the first time I had been introduced to Annalee Newitz, and I really liked her comments. Yet another person to follow on the Twitters.

They also announced a project by Sina Khanifar called democracy.io which is supposed to make it easier for people to contact those in government.

The second panel focused on Copyright.

EFF - Panel 2

I am not an anti-copyright person. Copyright law is what makes free and open source software possible. However, it is obvious that it is broken. As a process created to mainly protect things like the written word, it doesn’t lend itself well to computer code. Plus, some copyright holders have a track record of abuse. I’ve even experienced it in such things as bogus DMCA takedown notices.

Part of this discussion focused on the concept of “fair use”. If I am given something or I pay for something, does the person from whom I got that something have a right to set limits on what I can do with it? It’s a tricky question. If I use someone’s song in a television commercial, it seems obvious that I should have to pay the owner of that song, especially since it may imply that the creator of the music endorses my product or service. But what if I invite 30 people over for a party and put on some music? Does that count as a “public performance”? It’s tricky.

The EFF is very concerned with transparency, and quite naturally has issues with secret negotiations such as the Trans-Pacific Partnership agreement (TPP). Proponents of keeping trade negotiations secret will claim that they don’t want the discussion to disrupt markets. For example, if the discussion was about whether or not to place tariffs on corn exports, whether or not they would actually come about, this could cause undue fluctuations in the market for corn.

As one of the panelists noted: Copyright is not corn.

The TPP has a focus on intellectual property rights which will have far reaching repercussions for users of technology. Without oversight, the government’s zeal to protect, say, the movie and music industry, may result in actions that are detrimental to end users. People in government don’t tend to have strong technical experience, so it is important that these discussion take place in the open.

Privacy was the topic of the final panel.

EFF - Panel 3

This panel included Bruce Schneier. This was the first time I had seen him speak, and I was not disappointed. One of the questions was to predict privacy challenges due to technology 25 years from now. Bruce pointed out that it was harder to predict the impact of new tech on society than the tech itself. For example, we now have flying robots that kill people. On the one hand this is very frightening, and on the other hand, in a way, it is really, really cool.

He was referring to drones of course, and I couldn’t help but think of the trauma some drone operators are now facing even though they are thousands of miles from actual combat. Tech has also created an “interrupt driven” culture that may be fostering short attention spans. Heck, I’ll be surprised if even one of my three blog readers makes it this far in this long post, and we’ve had to come up with tags like “TL;DR” to deal with things like this. I can’t imagine what changes this will bring about in 25 years.

I was also impressed by panelist Parisa Tabriz. She is the “Security Princess” at Google and a solid public speaker. She pointed out that at Google they sometimes struggle with security versus privacy, in that certain security tech can leave a fingerprint that might weaken anonymity.

It is hard to talk about Google without bringing up Apple, and it was pointed out that Apple fails miserably on the transparency front but does do a good job when it comes to privacy. The argument goes that since Apple makes money on hardware (compared to Google’s model) they have less motivation to look at their users’ data. It would have been nice to have someone from Apple on the panel, but I’m not sure if they were asked. I did ask the EFF via a tweet, but didn’t get a response.

While most panel discussions suck, I enjoyed these, and I’m glad I went. The minicon ended around 4pm and since the party didn’t start until 8pm I decided to head back to the hotel, work on some e-mail and take a nap.

That was a mistake.

When my alarm went off at 7pm, I was so tired I considered blowing off the party entirely. I decided to go because Maggie had managed to find another RFID blocking passport wallet, as my EFF-branded one is pretty tattered, and I need another. It doesn’t have the EFF logo on it, but I hope they make more in the future.

EFF Passport Holder

My passport has had RFID technology embedded in it for years, but in all my travels it has never been legitimately accessed. It is just another example of technology being chosen because it exists without a firm plan on how to use it. I like knowing that I now can chose when to enable it or not (and yes, I know I could nuke it in the microwave but I’m not ready to go that far, yet).

Another thing I wish the EFF would do is advertise more about Amazon Smile. If you shop on Amazon Smile you can choose to have a portion of your purchase benefit a specific organization. It doesn’t cost you anything, and while I can’t find an actual total, since I shop on Amazon a lot I feel that I’ve probably sent a significant amount of money to the EFF. Of course, I can’t imagine that they are happy with things like Amazon Echo, so perhaps there is a conflict of interest, but I still wanted to make people aware of it.

EFF - Party Stage

So, I grabbed an Uber, went to the party, met Maggie and got my new passport holder. I then made a pass around the club but didn’t really feel comfortable. These were my people but then again not my people. It was obvious many knew each other, and while I’ve never been one to have a problem with a room full of strangers (in most situations I make new friends) the environment was pretty loud and not conducive to conversation. I just didn’t have the energy so I left.

This means I missed seeing Wil Wheaton and Cory Doctorow, two more people I’ve never seen in person but would like to one day. From social media it seems like it was a good time, but I just wanted to grab some dinner and sleep.

EFF - Wil Wheaton

Overall, I had a good time with the EFF. It is rare that I agree with everything even people I like do, but I can’t think of something the EFF has done in the last 25 years that bothered me or pissed me off. It is one of the few organizations that I regularly donate to, and I plan to leave them some money in my estate (if there is any left, I also plan to live for another 100 years and die after I’ve spent my last dime). If you haven’t supported them yet, I’d like to suggest that you do so.

Today I’m off to Portland for the CLS and OSCON, and these really are my people. I’ll let you know how it goes.

by Tarus at July 17, 2015 05:41 PM