Just Uber

The world got a little less open today as Sourceforge announced that it is to ban users from Iran, North Korea, Cuba, Sudan, and Syria from using its open source software repository.

Using IP address based blocking, users from countries on the US Office of Foreign Assets Control sanction list will no longer be able to contribute to or use code hosted on Sourceforge.

It would seem that although Sourceforge do not support this move, they feel that as occupants of the ‘real world’ they must remain reticent stating:

“…in addition to participating in the open source community, we also live in the real world, and are governed by the laws of the country in which we are located. Our need to follow those laws supersedes any wishes we might have to make our community as inclusive as possible.”

In the meantime, freedom lovers can go here for a list of other open source software hosting facilities.

Google is currently in the process of enabling https by default on all Gmail accounts.

Gmail users have been able to use https since 2008, however due to performance concerns the option was disabled by default.

Users who wish to collect their email over plain old http can still do so by selecting this option on the Gmail settings page.

It seems likely that Google was spurred into action by the malicious access of dozens of Gmail accounts used by human rights activists by suspected Chinese hackers.

On a side note – anyone tasked with administering any type of Squid proxy using NTLM Auth should be pleased too. Accessing Gmail over https eliminates an irritating authentication error when trying to upload a file attachment to the webmail service.

Bonus!

For a suggested donation of a fiver the NSPCC will arrange for Santa to write a personalised message to a child of your choice and have it specially delivered by Rudolf.

Cheap at half the price.

What are you still reading this for? get over to www.nspccwishes.org.uk and order your letter now!

I just updated my Humax-HD Freesat box to the 1.00.23 firmware and decided to have a furtle with it. As this update is supposed to enable iPlayer (although it can’t be used until Freesat say so) I thought I’d try and see if anything funky was going on over the network to give me the opportunity to play with some security tools.

I used Nmap to scan the Humax and see if any ports were open. The scan didn’t return anything from TCP ports (so I’m assuming that they’re all closed), and returned unreachable for all but 10 UDP ports. The Humax didn’t send any kind of response to the scans on these 10 ports so Nmap considers them open|filtered. I checked the well known port list on wikipedia to see if any of them matched up.

1057/udp open|filtered unknown – No listing

5351/udp open|filtered unknown – Wikipedia shows as NAT Port Mapping Protocol (official). This is used to allow a NAT’ed device to communicate with devices outside of the private network. It looks to be used a lot in peer to peer file sharing.

16739/udp open|filtered unknown – Not listed

19935/udp open|filtered unknown – Not listed

20465/udp open|filtered unknown – Not listed

21625/udp open|filtered unknown – Not listed

22053/udp open|filtered unknown – Not listed

24606/udp open|filtered unknown – Not listed

47772/udp open|filtered unknown – Not listed

49187/udp open|filtered unknown – Not listed

I used ncat to send a few key strokes at each of these ports but got nothing back. Then again, not having a clue what could be sat behind most of them (if anything) I don’t know if I should get anything back anyway (or even if there is a service making a reply, would it reply to the same port that made the request?). A UDP service scan in Nmap also fails to get any further information.

The Humax box is connected to my home router via a powerline ethernet adaptor. As the powerline network connects into one port on the broadband router I figured that I should see traffic going between the Humax and the router from a laptop connected to another powerline adaptor using Wireshark. The scan shows that again, there’s not much going on. When the Freesat box boots up it requests an IP address using DHCP. That’s about it.

So all in all, not much info there. The only service that looks to be of interest is NAT-PMP. It makes me wonder whether or not the Humax box will try to engage in a peer to peer network when iPlayer is activated, or if the service is designed to allow the box to be contactable from outside of your home network. Who knows?

If you have any corrections, answers or suggestions then please get in touch. I’d be interested to hear your thoughts.

*UPDATE*

It looks like the BBC have kindly allowed the iPlayer beta test code to ‘leak’ out before its official release. Turn your freesat box over to BBC 1, press the red button and type 5483 to watch iPlayer…

Yes folks, it’s the craze that’s sweeping the nation (well the ‘tinterweb), it’s fun, it’s funky, it’s Spotify!

It’s like a version of Last.FM that plays the actual songs you want to hear and what’s more, the app works with Ubuntu.

OK, so it’s not a native app, but at least the developers haven’t totally omitted the good old Linux user. Until they see the error of their ways and release a Linux client, they have at least bothered to provide some pretty lengthy instructions here.

Want the simple version?

1. Download the setup file

2. Install Wine

sudo apt-get install wine

3. Run Wine Config wincfg

4. Click the audio tab in Wine Config

5. Click OK

6. Open a terminal and type

wine “Spotify Installer.exe”

Easy as pie.

An interesting Slashdot article about high altitude balloon photography just sparked my interest.

The first article tells the story of a group of students launching a balloon to a height of 20 miles, for just under $150 USD, using only off-the-shelf components. Using a cheap pre-pay mobile phone with GPS, a cheap camera, some hand-warmers, batteries and other odds and ends, these guys actually managed to get some pretty good pictures.

A little Googling brings up another project, this time by some Canadian folk who managed to do the same thing with a bit more tech, and which resulted in some pretty spectacular pictures. Check it out.

So, what’s the chance of this sort of thing happening in the UK?

I guess we’ve got some problems with overcrowding (i.e is the payload going to end up on someones head, in the North Sea, or knocking off a chimney pot in Milton Keynes?) and there would have to be some careful planning, but has anyone done this in Blighty?

Time for the first Ubuntu powered space project?

Answers on a postcard (or in the comments thread probably!) please.

Just logged into a Jaunty desktop machine over ssh and got a reminder to update:

8 packages can be updated.
16 updates are security updates.

Is this feature new? Has it been around for ages and I missed it? Whichever, nice one!

I’ve just installed the ‘email on three’ application onto my Nokia e71. It seems to be a rebranded version of SEVEN; a push email solution for various mobile devices including Symbian based mobile phones.

So far it seems to be pretty good, and although there are a few reports on the ‘tinterweb indicating poor battery life, later comments suggest that this has got better with recent updates to the software.

All of which leads me to the question of whether or not ‘email on three’ uses SMS messages to trigger email synchronisation or whether it keeps an data connection open back to three’s NOC?

Anyone happen to know?

Matt Cutts, head of webspam at Google, has written a couple of very interesting articles describing how to hook up Wii peripherals to an Ubuntu Pc over bluetooth.

The first article describes how to hook Ubuntu up to a Wiimote, followed by another showing how to build a working weight sensor and real time display with Ubuntu, a Wii Balance Board and a couple of hundred lines of Python.

Could this herald a new era of Wii type games on Ubuntu?

I hope so!

As you might have seen in the news, the UK Parliament has made available records of MPs’ expenses from 2004/05 – 2007/08.

Obviously these records can reach hundreds of pages for each MP and will take some time to sift through. It seems to me that by applying a bit of ‘crowdsourcing’ to the job might help us to pick out the more ‘interesting’ claims that our MPs have made.

Following that line of thought, I’ve had a look through the claims made by one MP and noted items that jump out at me.

If you’re interested in transparency in politics why not do the same? It’d be great if you could post a comment here linking back to your post so there is an easy to follow thread.

2007/08 – David Davis MP | Haltemprice and Holderness

David Davis bagged himself an 8GB iPhone along with docking station, remote and case at a cost to the taxpayer of £339.00. This is in addition to a monthly bill from Vodafone, plus a regular payment marked ‘Cellhire’ (no invoice I can see).

A 24″ HDMI LCD. Not cheap at £463.06

£100 claimed each month in petty cash.

£2820 to a paid to an invoice headed ‘People Innovation’. The only company I can find of this name is a company listed under the ‘Business and Management Consultants’ category in Horsham, West Sussex.

A claim for £705 was made for ‘data recovery’ which raises the question, why was important data not backed up or easily recoverable in the first instance?