Saturday, December 26, 2009

Merry Christmas! ¡Feliz Navidad!

I hope everyone is enjoying their time with their friends and family over the holidays, I know I am!

Speaking of holidays, make sure y'all (yep, it's a word!) stay safe while having fun!

And I'm sure all you people celebrating Christmas are enjoying the gifts you received!

This year, I didn't get much... Just a new Xbox 360 controller! However, I do not intend to use this controller with an Xbox 360. Rather, I intend to use it with my computer!

The Xbox 360 controller can be used with both Windows and Linux computers. With Windows Vista and up, the driver is automatically downloaded and installed via Windows Update when it is plugged in.

For Linux, the wired controller should have out-of-the-box support in the latest kernels, I haven't tried yet, though. There used to be a wiki article on Gentoo's wiki detailing how to manually set up the Xbox 360 controller for use on Linux, but it's gone now. I suppose evdev should actually be able to handle detecting and configuring new input devices like game pads, but I'm not actually sure of that. Well, we'll see!

I wish Case Closed: The Last Wizard of the Century hadn't been rescheduled for release on December 29th, then I would have also gotten that for Christmas. Oh well, I guess I'll have to buy that and Case Closed: Captured in Her Eyes on the 29th when they both come out! :D

Meriikrisumasu (メリークリスマス) !

Sunday, December 13, 2009

War over code... *sigh*

I don't like talking about this, since it seems to fuel the fiery pits of hell that flamewars come from. But, I'm extremely irritated about it, and some of the stupidity going on is ridiculous.

What am I talking about? I'm talking about the usage of Mono for Linux applications.

For years now, Linux software developers have been able to pick whatever language they want to write code in. If said developer chooses Python, C, C++, Perl, JavaScript, PHP, or even Java, people are usually fine with it. Granted, some people grumble about Java code because Java has the reputation of being rather slow, but other than that, it doesn't matter too much.

If a developer chooses to write software in C# or Visual Basic .NET, then people get up in arms about it. There are some developers that want to bring C# in as a core supported language for GNOME software, which would inevitably make Mono a required dependency of GNOME.

But there are a lot of 'freetards' (borrowing from Linux Hater, while I don't like a lot of what he says, the word is very appropriate) that believe Microsoft will kill us all through C# and patent attacks. Nevermind that a legally binding agreement exists that Microsoft will not sue us all to kingdom come.

A valid point is that the Winforms, ASP.net, and ADO.net stuff in Mono isn't covered. People seem to miss that all that stuff can actually be STRIPPED OUT of Mono. Mono doesn't have to use the .NET interoperability libraries. You could just use GTK#, IronPython/IronRuby, IKVM, etc. instead.

The technical aspects of Mono have also been debated. Here is a list of Pros and Cons for Mono by me, note that they are accurate as far as I can tell. If there needs to be a correction, let me know and I'll fix it.

Pros:
  • Works on x86, x86_64, PowerPC, ARM, SPARC, and other platforms seamlessly and without modification to source code.
  • Rather complete and mostly platform independent. The runtime itself can run on Windows, Mac OS X, Solaris, Linux, and FreeBSD. Mono is extremely portable.
  • Supports multiple programming languages. Mono nominally supports C#, VB.net, and Java. It can suppport Ruby, Python, PHP, etc.
  • Code from multiple languages can be mixed together.
  • Can be compiled ahead of time or JIT-ed depending on your needs.
  • Lets ASP.net web applications run on Linux servers rather than require Windows.
  • Licensed for usage with open source and proprietary applications. The core of Mono is under LGPL and most of the libraries I believe are MIT X11 licensed. There are also several libraries and toolkits licensed under the MS-PL, which is very similar to licenses like the Three-Clause BSD license.
Cons:
  • Rather large. The Mono runtime uses a lot of disk space, I think somewhere around 400MB?
  • Uses a bit more memory than conventional optimized C/C++ programs. Note the optimized bit. If the application isn't written very well, then Mono actually uses slightly less!
  • Does not integrate well into the application binary execution mechanism on any platform. This could be improved in a number of ways, but in order to remain compatible with .NET Framework, I don't think this will happen for quite some time.
  • Winforms is ugly on EVERY platform. This is the unfortunate consequence of trying to make Winforms work on any platform that Mono can run on. I think its supposed to support using Windows visual styles when run under Windows, but that doesn't happen.
  • GTK# doesn't quite play nice yet on Mac OS X. I can forgive this because GTK+ (which is what GTK# binds to Mono) only very recently stopped requiring X11 to work on OS X, it will take time for it to be adapted to work well under Mac OS X. Be assured that they are working on it though.

As far as I'm concerned, as long as your code is good, open source, and works, I'm happy. Try to write the best code that you can, and hope for the best. I'm not a fundamental open source purist. I understand that any system needs a mix of both to do well.


Mono is not the only issue in regards to the "war over code." There are issues within the community regarding the very idea of mixing with proprietary code. Much less talking about it, apparently.

Because of issues like these, however, projects are feeling a split in opinions. There's even somebody calling for GNOME to remove itself from the GNU project (If you want to read through the entire thread about it, here is a link.)

Another hotcake recently (one that personally affects me a great deal more than Mono does) is Oracle Corporation's pending acquisition of Sun Microsystems.

A reminder: Oracle Corporation already got the go-ahead to acquire Sun from the U.S. government. The European Commission is the one holding up the completion of the deal. In all practicality, they could just go ahead with the process. However, the result would be that EU would lock Oracle out of European markets, and that would be a Bad Thing(TM).

Personally, I have no feelings against Oracle Corporation. Heck, I once wrote a personal website that used Oracle DB several years ago (No, it was never online, this was before I had internet access. I experimented a lot with FrontPage and ASP back then. It was a lot easier to organize my music and videos that way) and I found Oracle DB to be quite reliable. And they do release and support open source work. But, I digress.

Oracle would be very stupid if they were to let MySQL fall to pieces immediately. I could see them transitioning people to their Express Edition for low to midrange stuff that MySQL targets, but I doubt they would kill it right away. I could even see them open sourcing the Express Edition, to assure people that it would be universally available. However, these holdups make me far more worried about MySQL's future than Oracle ever really could.

As a result of this mess, lots of forks of MySQL have shown up, each more worrying than the last. I'm not going to discuss the forks right now, that would be reserved for another time. But each fork makes MySQL's future a bit more uncertain. Nobody likes dealing with forks. Especially not CMS developers. Forks are hell to support, especially when some features are dropped just because they want to.

Now, its not all horrible. MySQL cannot be completely killed off until the last DB developer stops working on it. It is still licensed GPL. PostgreSQL, while usually overkill for low to mid range usage, is also an option. Even Enano CMS supports PostgreSQL as of 1.1.x. As far as developing MySQL, there is only so much you can do with it. Bugs have been mounting and its getting quirkier to deal with on some platforms. But it is preferable to set up over PostgreSQL, which can be difficult to set up properly, unless you use a pre-configured stack.

Michael "Monty" Widenius, one of the co-founders of MySQL AB and founder of Monty Program AB, is asking for people to help "save MySQL." He has stated before that Oracle would have a conflict of interest to develop MySQL and should sell it off. I don't know if he is right, but I personally don't think so... yet. We'll see about that. Eben Moglen from the Software Freedom Law Center believes that Oracle acquiring MySQL would not necessarily be a bad thing. Richard Stallman of the Free Software Foundation, unsurprisingly does oppose the acquisition. What is surprising is that he defended the dual licensing model.


This debate is ongoing, but I think the resolution will be very soon. Personally, I think that the best solution would probably be to have Oracle purchase Sun and spin MySQL off into its own Foundation, funded by Oracle. But, I don't think that would be the most economical solution. Quite frankly, I don't really know what would be the most economical solution.

We will have the wait and see...

UPDATE (12/14/2009 @ 12:43PM US/CT): Oracle posted a detailed set of commitments to supporting MySQL to "reassure the Commission." These reassurances are great, but they aren't in a legally binding form, and that will almost certainly cause several to worry. I hope that Oracle Corporation will offer a legally binding message to prove this reassurances.

Tuesday, May 26, 2009

SUCKAGE about Commercial Linux Software

Sigh... Somewhere in the back of my mind, I figured this would happen eventually. Bryan Lunduke of Jupiter Broadcasting has ended his experiment of selling commercial Linux software.

To sum it up:
  • The actual ratio of downloads to sales is fairly good (60:1)
  • Linux and Mac downloads are on equal footing, while Windows is three times higher
  • Ubuntu accounted for a majority (75%) of Linux downloads, distro neutral package accounted for 10% of Linux downloads
  • Bryan is bummed about the results and conclusions

Now, you can head to his blog and read about it in the link in the beginning of the post, but I wanted to add a bit about the results.

While it is true there are a segment of Linux users that want to support commercial efforts, there are many factors that hindered Bryan's experiment. Two major ones were press and economy.

What do I mean by press? I mean that in the Linux world, it is rather difficult to actually locate Linux software for anything EXCEPT the enterprise. This isn't a huge surprise to any seasoned Linux user, because there aren't really that many large commercial efforts for Linux at the direct consumer level. Of the top distros, only Ubuntu and Mandriva actually focus on the desktop. Fedora, while recently pushing for better quality desktop and more work is being focused on it at the community level, the company that actually funds and manages Fedora (Red Hat, Inc.) is ambivalent to the possibility of the Linux Desktop. Red Hat pulled out of that market in 2005, and according to their recent statements, they do not see a way to make money that way. At the opposite end, OpenSUSE has long been focused on desktop refinement, but their corporate backer, Novell, is pushing hard for a change in focus towards the enterprise. Novell still sells boxed SUSE copies at BestBuy here in the USA.

Now because of this focus in the enterprise, Linux news sites typically only focus on news relating three topics: innovative/new/featured open source projects, enterprise usage of Linux, and patent issues. Because of this, there is an inherent deficiency regarding stuff that affects direct consumers more: games and average priced consumer software (avg priced being $0.01 - $500). In the Linux world, it is very difficult to get the word out on games and consumer commercial software because those sites don't really care enough about it. Oh, a few do, but most don't.

The economy is another huge factor. Frankly, this economic crisis is both good and bad for Linux. It is good because people will take a harder look at open source and free software because of their increasingly constrained budgets, but it also means that commercial efforts are more likely to fail. The only ones that can afford to make commercial Linux software without sinking to their doom in the current conditions would be the big companies like Adobe, who won't do it unless there is a significant outcry for it.

Unfortunately, because of the vocal zealots in the minority who back the Free Software Foundation and try to make any decent commercial efforts redundant and useless, people become hesitant to make commercial Linux software. Now, if the software is already for no-cost, and it is problematic, like Adobe's Flash Player, then I can understand building an open source clone of it. But to try to replicate something like Flash Studio without making a significantly large effort to try to get Adobe to release Linux versions is just ludicrous and shows that the company's efforts would be wasted. Granted, nobody has actually tried to any significant degree to do just that, so Adobe still has a viable market in that.

A few exceptions to this rule are obviously possible, like the Wine project. It would be crazy to not be able to run Windows applications on Linux, especially older games that may not even work on Windows now.

But what is missing is a nice site set up just for reporting and indexing Linux shareware, commercial software, and games. Something focused on the consumer, not the enterprise. Also, we need to push for the Big Apps to be brought to Linux. If any of you real computer geeks out there remember your computer history, Windows did not really become relevant until Aldus PageMaker was brought to Windows, and was able to sustain its popularity because Adobe Photoshop 3.0 was released with Windows support. People will not consider Linux unless we have apps like these available on the Linux side.

As much as people want to say GIMP is just as good as Photoshop, it simply isn't true. GIMP is well suited for more casual usage, but real pros will absolutely need Photoshop. And Wine is only a stopgap measure.

We don't have a decent video editing and multi-stream manipulation package on Linux. The Adobe Creative Suite has been available for Windows and Mac for a long time. Windows also includes Windows Movie Maker for extremely rudimentary single stream video editing. iMovie is its equivalent on Mac OS X. If someone made a well designed and fully featured video manipulation package available for Linux (that is easy to use and reliable), that person would make a decent living off of it.

I could go on and on about the problems we have regarding Linux and consumer desktops, but Bryan covered that rather well.

In the end, Bryan Lunduke decided to make them all available for free. He even said that he plans to have a staggered release cycle for open sourcing each of the programs. I do applaud this, but it also shows how badly the pressure seems to kill commercial software.

Sigh... another nail in the coffin for commercial software on Linux....

I'm all for free software as much as the next guy, but any operating system needs a hybrid of both to truly succeed. DOS made it easy for homebrew development because of its BASIC compiler/interpreter included up to DOS 7/Windows 95. UNIX was generally too costly to consider for homebrew.

Linux would be considered the holy grail for homebrew development, if it were well known. As it is, many components from Linux are used for homebrew development, once they have been ported to Windows.

No platform can survive on only free software, nor can it only survive on only enterprise software being commercially available. Eventually costs outweigh the benefits and it will get dropped.

That is why I want to see more consumer-oriented commercial software for Linux. I want to see the superior platform succeed....

Sunday, May 17, 2009

W00T, school is out and Enano 1.1.6 is released!

Four years of school is finally done! I'm eagerly awaiting the start of my summer projects: lazing around, learning C#, and some more anime watching!

Also, a nice graduation present: Enano CMS 1.1.6 is released!

  • A new theme is set for default: Enanium
  • A new extra method of security is added to auth systems: Live-ReAuth
  • Enano now uses HMAC-SHA1 encoded passwords internally
  • External authentication is now supported, via plugins; through this, the Yubikey plugin works
  • A new simplified log interface
  • The dashboard in the administrative panel has been rewritten to be a little more friendly to new users

To get Enano CMS 1.1.6, head over to the downloads page! We are now using CoralCDN for instant mirroring of the downloads. It is somewhat experimental, so there might be issues. If there are any, please contact us in the forums.

Thursday, April 02, 2009

CMS Vendor Meme - Enano CMS

On behalf of Enano CMS Project, I plan to follow through the "CMS Vendor Meme" by responding to the following.

1. Our software comes with an installer program.

Enano CMS itself, once it is dropped into htdocs or equivalent, has a web based installer that can be used to configure Enano completely. Also, our efforts with the BitNami project allow us to say that we do have a regular installer application to run on Windows, Mac OS X, Linux, etc. for installing Enano CMS. In the future, we do plan to offer our own set of them on the project though. We also have a commandline based installation sequence that can be automated. Unless you use the BitNami installer, the only step needed to remove it is to delete the folder. The BitNami installer has a standard uninstall script/app depending on your OS. (3/3)


2. Installing or uninstalling our software does not require a reboot of your machine.


Absolutely not! Enano CMS does not require rebooting the machine because it does not have any system level components. Everything is implemented in the web script level. (3/3)


3. You can choose your locale and language at install time, and never have to see English again after that.


While Enano CMS does allow you to choose the locale and language at install time, and never require you to see English again after that, we cannot offer any languages other than English because nobody has stepped up to translate the strings. Give us a break! We are only two people and we started this project in 2006, adding translation support fairly late in the development. (1.5/3)


4. Eval versions of the latest edition(s) of our software are always available for download from the company website.


Enano CMS is Free Software and Open Source Software (under GNU GPLv2), as well as free as in free food. You can always get the latest version of Enano through our Mercurial repository as well. (3/3)


5. Our WCM software comes with a fully templated "sample web site" and sample workflows, which work out-of-the-box.


Well, not really. Enano comes with themes, yes, but that is it. Technically, Enano is a CMS with wiki features available. Enano uses the same workflow as MediaWiki, only slightly different in that it has Access Controls and other features to control what goes on. (2/3)


6. We ship a tutorial.


No, we do not. But we don't really need to either. Again, Enano is a wiki-based CMS, so anyone even remotely familiar with MediaWiki (the style of Wiki our wiki engine is based on) will be able to grasp it quite well. There is a "click here to get started" link on a fresh install of Enano though. (2/3)


7. You can raise a support issue via a button, link, or menu command in our administrative interface.


In Enano 1.0.x, no, but in our development version, 1.1.x, we most likely will. At this time, we are putting the final bits into place for 1.1.6, and a link to the page describing how to get support for Enano will likely be on the main page of the admin panel. (2/3)


8. All help files and documentation for the product are laid down as part of the install.


No way. It would make the install package way too large, and besides, Enano's documentation is also a wiki for people to contribute to. There is already a basic set of information there, but more good documentation is always appreciated (3/3).


9. We run our entire company website using the latest version of our own WCM products.


Well, we aren't a company, but we do run our entire website on the latest versions of our own software. Enano 1.0.6 is for enanocms.org and docs.enanocms.org, while nighthawk.enanocms.org and *.demo.enanocms.org use 1.1.x. When 1.1.6 is released, all sites will be upgraded to 1.1.6, even the main sites. (3/3)


10. Our salespeople understand how our products work.


Well, we don't sell anything, but we do understand how our own software works, after all, we use it all the time! (3/3)


11. Our software does what we say it does.


Absolutely! Enano doesn't claim to do what it cannot do. (3/3).


12. We don't charge extra for our SDK.


We don't charge anything for the software itself, much less the SDK, which incidentally, is part of the Enano sources. (3/3).


13. Our licensing model is simple enough for a 5-year-old to understand.


Definitely. You can get it for free and share to anyone you want under the same terms is pretty simple! Although it could be argued that five-year-olds don't know how to share ;) (3/3)


14. We have one price sheet for all customers.


Yep! We do for the software itself (FREE) and our support services (available here). (3/3)


15. Our top executives are on Skype, Twitter, or some similar channel, and: Feel free to contact them directly at any time.


Both developers of Enano CMS are available through Twitter, IRC, email, instant messenging, and support forums. (3/3)

Overall Rating: 40.5/45

Meme ID: 9c56d0fcf93175d70e1c9b9d188167cf

Tag!: Mambo, Joomla!, Drupal, PHP-Nuke, TikiWiki CMS/Groupware, TangoCMS, WordPress, BLOG:CMS, CakePHP

Thursday, March 19, 2009

YubiKing Contest is over

Well, Yubico has announced the winners of the YubiKing 2009 contest, and those were: Idoneus's Maventa, Collective Software's AuthLite, and KeyGenius written by Dain Nilsson.

Congratulations to the those threee!

Obviously Enano didn't win, but we did get mentioned in the SecurityNow! Podcast (ep#188 for future reference) so maybe more people will be aware of the Enano CMS Project.

More details on the now completed contest are available at the Yubico wiki.

Monday, March 09, 2009

LinuxJournal's contest - Prize: Free 1yr subscription!

If you follow the Linux world, then you will be aware of a few of the magazines out there dedicated to Linux enthusiasts. Linux Journal is the oldest magazine out there dedicated to the Linux system and opensource relating to Linux. It's very first article was an interview of Linus Torvalds in 1994.

Now, on to the good stuff! This week, they are running a contest. Watch the daily "TechTip" videos this week and identify and collect the secret letters that the hosts announce each day in each video. On Friday, unscramble the letters and reveal the secret word(s) and respond with what you believe to be the answer by 11:59:59PM US Central Standard Time and see if you win! The ones that guess right will get a free one year subscription to the Linux Journal magazine!

More information is available here.

Wednesday, March 04, 2009

The Linux Action Show! is BACK, and better than ever before!

Alright! The Linux Action Show! has returned! This is a great podcast. If you have never seen or heard of the Linux Action Show! before, let me give you a run down of the awesomeness of it!

Bryan Lunduke and Chris Fisher are the hosts of the show. They cover the news of the week/month/etc. since the previous episode, and comment on it. They give advice, they review software, and they also take questions from listeners/viewers and respond to them in the show. It is funny, informative, and a great quality podcast. 

Linux Action Show! is different because they are full of awesome! They are quite upbeat. Although they are a bit childish, the childishness helps make the show better, because really, who wants to listen to something that is droll and completely adult-sounding (like a board meeting)? Jokes are flung left and right, with a bit of seriousness speckled in the jokes. Bryan is often prone to rants that are surprisingly very informative, while Chris is good at analyzing the news he reads off the docket. Both of them are quite friendly, and I would definitely recommend this show to anyone!

Monday, March 02, 2009

Yubikeys and Enano?

Enano CMS, a project that I am involved in, has recently announced Yubikey support through a plugin in the latest development versions. Now, most people, if not all that read this blog may not have a clue on why Yubikey support is so special. After all, its just another authentication method, right? Wrong!

Let me start off this with a little history on Enano CMS for those who don't know what it is. Enano CMS is a CMS that was started with by Dan Fuhry to replace the antiquated web page setup on the Experience UI project. Well, he was also spurred on by me, who joined him later because I had some bad experiences with Drupal and phpBB, Fully Modded. Each of these projects had good and bad things, though. 

Drupal is incredibly modular, but it had a rather clumsy UI at the time. I am told that the UI has been improved since then, but I digress. phpBB Fully Modded was chock full of features. Too many, in fact. However, it was the only truly reliable way of getting all the features needed working together. 

phpBB, Fully Modded inherits all the security issues of phpBB, as well as some of its architecture faults. For example, in most web systems, people can write plugins to hook into the main software package to provide additional features. This has a limiting factor, but it is modular, allowing for easy removal and installation for testing purposes. phpBB does not have a plugin system. Developers of phpBB depend on a MOD extension system, which is quite literally what it says, modifying phpBB itself to add these features. Essentially, they were patches to phpBB. Dan and I saw a huge issue with this, especially after my phpBB site was literally destroyed by crackers over Thanksgiving day in 2006. 

Enano CMS was Dan's solution to these problems. He saw phpBB's inefficiency with security quite damning for it, but it was really the best supported solution out there as far as forums went. So, when he designed Enano, back then called Midget CMS (it was changed to Enano when it was discovered another CMS package with the name existed already), he designed it with modularity and security in mind. Originally, it used regular old hash signatures, but it did not sanction actual code modification to extend functionality. It had an incredibly flexible plugin API added to it for this purpose. Over time, the API was extended, and Enano's core was modified to increase security. For 1.0RC1, Enano's security was truly new. It used 192-bit industrial strength AES cryptography to secure logins. Diffe-Hellman was later added in 1.1.x development, and finally HMAC-SHA1. Both Diffie-Hellman and HMAC-SHA1 are currently in use in Enano CMS. 

Also, after the first rewrite of Enano, the administration was heavily cleaned up, and redone several times to make it simpler and much more intuitive to the new user. The resulting Admin panel is quite easy for a new user to dive right in and use it. Concepts from Wordpress and phpBB were borrowed for the design of the admin panel, which is evident in the style of the panel. I got more involved with the project around the time of 1.0RC1 and started helping Dan figure out aspects of theming and UI to make sure that it was aesthetically pleasing as well as having high usability. The result was a quite nicely done system that additionally doubled as a wiki that could be secured using ACLs or numerous management shortcuts in the page tools.

Where does the Yubikey come into play here? Unsurprisingly, the security systems employed in Enano CMS make the Yubikey a rather good fit for it. Yubico, the company that developed and is marketing the Yubikey, designed the Yubikey system to use HMAC system which Enano also uses. The result? Enano can take advantage of some of the more powerful features of the Yubikey One Time Password (OTP) system. Dan, the developer, fell in love with the idea of the Yubikey and the OTP system. I pushed him to implement support for the Yubikey into Enano's own authentication system. The end result? The smoothest and quite possibly the most secure way to log into a web system is available for anyone who uses Enano and owns a Yubikey. Enano, being as flexible as it is, can function as a blog, a podcasting publishing site, a wiki, and a traditional CMS, among other things.

The Yubikey is special because it is a one time password system that does not require ANY special software on the local machine. It acts like a HID USB keyboard that just inputs the OTP to log in. Since, to a certain extent, it merely is a validation tool, the OTP system could be used for numerous things. The most popular way is for logins, but it could be a good replacement for CAPTCHAs on a company site where full access available to everyone is not necessary. The sky is the limit with a Yubikey!

More information here.

Saturday, February 14, 2009

BitNami Releases First Externally Developed Stack Module

BitNami has released the first externally developed web stack module, Enano CMS. BitNami is a project by BitRock to release open source stacks to make it easy for development/testing/production systems.

read more | digg story