It has recently surfaced that an Israely company sold Internet control software to Iran. While the story has an ironic twist, it goes on to highlight some problems with the current trend to "manage" the Internet, detailing the possible adverse effects of such technology on Internet users (like facilitating their arrest and torture). Unfortunately, the article refrains from presenting the facts in a neutral way, but instead points fingers at supposedly rogue states while conveniently ignoring the fact that such technology would work just as well against citizens of Western countries, acting up on their respective governments. They might wake up to quite similar fates when eg. their governments become discontent with the Occupy movement gaining more traction (whatever you might think of that movement in the first place) - and you had your first impressions on that. See for example here, here, or here if you missed it so far. Instead of calling for more vendor-control over such software, the emphasis should be placed on generally banning such software in the first place.

As a techie, I can safely say that often, not having such controls to "monitor" and "manage" usage, but simply using larger, dumber pipes, would probably be equally cost effective, or even cheaper. The only adverse side effect, from the perspective of the carriers and the government, will be that they would have to loosen their grip on the populace (ie, you and me).

Which is basically a good thing, isn't it?

Der unten verlinkte Beitrag zur Finanzkrise verdient meiner Ansicht nach eine breite Beachtung. Wie man die Vorschläge daraus in dem aktuellen organisatorischen Rahmen umsetzen könnte, wäre noch zu diskutieren. Die Zeit drängt allerdings.

Attac: Stellungnahme zur Finanzkrise

Just today I had an experience about what it can mean to have no network neutrality, taken from my professional work:

A client wanted to check out his brand-new VPN gateway, utilising IPSEC from his road-warrior client and a mobile connection, but it just didn't seem to work. While testing, we found the following:

• The client could not ping his VPN gateway.
• No ISAKMP packet arrived at the gateway.

He then cross-checked with wireshark to see which packets actually leave the system, and found that the relevant packets were being sent out by the PC, but didn't arrive at his VPN gateway. This is a strong indication that the mobile carrier blocked his IP packets.

This is not the first, but only the latest such incident I saw in my career.

Needless to say, a carrier who blocks users' packets, is about as useful as a car without an engine...

I demand that carriers who call their service "Internet", be required to indiscriminantly allow all (halfway sane) packets through. I am almost comfortable with someone blocking packets that have no return route (ie., if someone spoofs their source IP number), but that's about all restrictions I can think off the top of my head that I might consider acceptable.

Für den kommenden Samstag ist ein weltweiter Protesttag geplant, an dem in derzeit 662 Städten gegen die derzeitige Politik, hauptsächlich im Zusammenhang mit der Bankenkrise, und für mehr Demokratie demonstriert werden soll. Alle Leute, die nicht damit einverstanden sind, daß unsere Steuergelder auf Jahre, vermutlich aber eher auf Jahrzehnte hinaus für - meiner Meinung nach - dubiose Bankenrettungen verpulvert werden, während ansonsten an allen Ecken und Enden gespart wird, sind aufgerufen, sich zu beteiligen. In Deutschland scheint Attac federführender Organisator zu sein, und man erwartet viele Piraten bei diesen Veranstaltungen.

Hier sind ein paar Daten zu den Veranstaltungen:

• Demo in Köln: 11 Uhr Chlodwigplatz
• Webseite: http://15october.net/ (deutsch: http://15october.net/de/ )
• Karte mit allen Veranstaltungsorten: http://map.15october.net/main

There are two web browsers, based on the Google Chrome codebase:

• Google Chrome (of course)
• Chromium

The latter is a free-software-only version of Google Chrome, having the spyware features of the original Google Chrome ripped out, and that can be eg. installed in Debian using apt-get.

Today, I wanted to try the extensions, since the original browser is suitable for not much more than simply looking at a web page. But if you want any kind of extensions, like eg. maybe AdBlock, or the SpeedMeter, or the SessionManager, or whatever else would benefit you as a user, you immediately find yourself locked out of Google's Webstore. By the way... the name is already giving away what the problem really is: Google, like about any other vendor I am aware of, wants to reduce you to a user, and cut down on your abilities to create, or use the software in ways you deem fit, instead of only ways they deem fit. So, there is eg. no simple way to download the extension to your hard disk drive, maybe for later digestion - no, you can, at best, install the extension online, into your current profile. And if you somehow lose that, you get to try again. So they can not only track every move of you, they can also manage the availability of their extensions to you as they choose. Like eg. Ad sales going down? Poof, no more AdBlock for you.

This way, you sell out your freedom and your privacy in the same way to Google than you probably did before, to Microsoft and Apple, and a plethora of other companies.

Now my question to you is: Are you prepared to accept that, and if so, why?

I've been asked to compare various issue trackers. While I don't really feel qualified do to so, I have an opinion nonetheless. So here are my two cents about it:

• There are trackers for various use cases, various technologies, and licenses (eg. Jira is imho mostly commercial software).

• I've not yet found a package which is equally suitable for handling customer (self-?) support tasks outside of software development, and software development tasks.

• I don't have real experience with Jira, and only a very cursory impression about eg. OTRS (Perl) and Mantis (PHP).

• From all trackers I have seen so far, OTRS, RT (Perl) and roundup (Python) are basically suitable to customer support tasks, but less suitable to software development tasks.

• OTOH, Trac and Redmine seem to support software development tasks much better (and Redmine, written with RoR, much better than Trac, written in Python, imho).

For me, so far only Roundup and RT mattered for the customer-support space, but I intend to take a look at OTRS, now that they claim to support ITIL-conformant processes (whatever that means, but it's a requirement of some potential customers). When I talk about RT, I mean RT 3.x, not RT 4.x. I also ignore all PHP stuff for principal reasons.

• Roundup's advantage, compared to RT, is that it is very lightweight.

• Roundup's permission system seems to be more flexible than RT's, but all-in-all, changing anything requires rolling out a new revision of the installation (eg. to include the new permissions). This stuff is highly intertwined with the rest of roundup, and I've yet to see (didn't try) how to eg. migrate the database from one version of the software to the next.

• RT's advantage is the much larger functionality out of the box, and esp. support for distributed workflows, with auto-escalation, re-assignment, hierarchical tickets with dependencies, statistics, multiple external authentication sources and what-not. It's much more heavy-weight, though, and the UI is clumsier, too. RT can be scripted, and the scripts seem to end up in the database, making it comparatively easy to migrate an instance. It's Perl, though, and the main author(s) are afaik on the forefront of Perl development themselves, so you frequently find that you have to pull in brand-new versions of modules from CPAN that you've never heard of, and that have had little exposure.

• OOTB, RT's permission system is much more powerful than what is distributed with Roundup, though.

• Roundup seems to be much more geared towards a "one customer project, one tracker" situation, where eg. general access control is of not very high importance.

In the software development space, integrating a tracker, a wiki, and a repository browser was popularized probably by SourceForge, and has led to the creation of packages like Trac and Redmine, the latter allegedly being a clone of Trac (imho it isn't, if you run the two side-by-side).

• Roundup has no integration with either a wiki or a repository browser out of the box, so one would have to do manual work to use it in that manner. One also has to find suitable wiki and repository browser software to integrate with, first, and except for the wiki (MoinMoin), there are imho no obvious candidates.

• Of the remaining two, Redmine imho has much better support for multi-project scenarios, seems to support a broader range of databases, and also provides much more functionality.

• It can also be much easier extended by Joe Average User because of a plethora of plugins, supporting popular use cases.

• Redmine appears to be easier to host than Roundup, using thin.

Links:

• Roundup
• RT
• Trac
• Redmine
• OTRS
• Jira

你好！

如果你知道一个工作有这个特点和供给够钱，请联系我。

谢谢！

As per the author's statement, using ZopeProfiler together with Plone4 is unsupported. It really is. First, get a current version of ZopeProfiler instead. Implement in your buildout as usual and run buildout. In the relevant instance's (eg. secondary) zope.conf, one has to enable it, too:

enable-product-installation on

You also need to fix the output from the pstats module. In Debian, this is located at /usr/lib/python2.6/pstats.py. Copy to your virtualenv's lib/python2.6 and manually apply the patch mentioned here: http://bugs.python.org/issue7372

After that, following the instructions generally works, except for that the site now runs orders of magnitudes slower, and (at least) I get this error when trying to view the stats (sample traceback):

2011-05-04 13:47:56 ERROR Zope.SiteErrorLog 1304509676.940.218731970327 http://localhost:9082/Control_Panel/ZopeProfiler/showHigh
Traceback (innermost last):
  Module ZPublisher.Publish, line 127, in publish
  Module ZPublisher.mapply, line 77, in mapply
  Module ZPublisher.Publish, line 47, in call_object
  Module Shared.DC.Scripts.Bindings, line 324, in __call__
  Module Shared.DC.Scripts.Bindings, line 361, in _bindAndExec
  Module App.special_dtml, line 185, in _exec
  Module DocumentTemplate.DT_Let, line 76, in render
  Module DocumentTemplate.DT_Util, line 202, in eval
   - __traceback_info__: stdnameRe
  Module <string>, line 1, in <module>
  Module Products.ZopeProfiler.ZopeProfiler, line 237, in getStatistics
  Module pstats, line 353, in print_stats
ValueError: I/O operation on closed file

I've seen the latter error on various other occasions as well, esp. when a long time has passed between the original activity and the display of results (eg. when running ExternalMethods). If someone has a fix for that, I'd highly appreciate it!