OpenStack doesn’t need a leader, it just needs to evolve

Third, and perhaps the best argument against OpenStack needing a leader, is the open nature of the beast itself. It’s precisely because there’s no dominant leader that OpenStack remains so transparent and competitive – everyone’s contributions can be seen by everyone else, and this drives people to do even better.

Most likely, those who say that OpenStack needs a leader do so because of history – previous open-source projects like Java, Linux and Android have all had a ‘dictator’ at the helm, but that doesn’t necessarily mean it’s the best path for OpenStack.

via OpenStack doesn’t need a leader, it just needs to evolve | SiliconANGLE.

If you remember correctly, Linux's leadership and development model was largely dismissed by pundits, until it had 15 years of success under it's belt. Then it became gospel of how Open Source projects should run.

But everything evolves over time. It doesn't really surprise me that the pundits see OpenStack's leadership model as different, and immediately dismiss it. We've got 3.5 years under our belt. Maybe at 5 or 6 everyone will now say all Open Source projects need to run like OpenStack.

Which would of course be wrong. While there are certain common threads between different Open Source communities, every community is different. Why? Because Communities are made of real people. Real people with different passions, strengths, weaknesses, biases, loves, constraints, and moments of brilliance. This isn't something you can model with spheroid approximations of upstream developers. Replicating another project's leadership model might be easy, but in most cases isn't what your community actually needs.

Are there areas for improvement? Sure. There always are. But improvement is a watch word for OpenStack, something we apply everywhere: to code, to process, to communication.

So I agree, we don't need a single leader. And the evolution that continues in OpenStack will be a key strength, not a weakness as the project goes forward.

Why IBM Should Stop Buying Its Stock - WSJ.com

For the past 20 years, IBM has been an avid, methodical buyer of its own stock. In 1993, it had 2.3 billion shares outstanding. Today it has 1.1 billion, shrinking at more than 1% per quarter over the past few years. At that pace, there will be no more publicly traded IBM shares left by 2034.

via Why IBM Should Stop Buying Its Stock - WSJ.com.

This was a key reason that I decided to leave IBM. The current focus on earnings / share at the expense of all else isn't becoming of a company with a 100 year tradition of innovation. In the quest of this it also looks like there will be another massive layoff in the next couple of months.

Still makes me sad, as there are tons of great people doing great work at IBM. But it's more in spite of the executive leadership than because of it.

Newegg Patent Victory

Chalk one up for the enemies of patent trolls: The Supreme Court on Monday threw out a request for trial from alleged patent troll Soverain Software.

The case, called Soverain Software LLC. v. Newegg Inc., is one of three such cases the Supreme Court is expected to consider this year. While the Court will likely hear the remaining cases, which deal with finer points of patent law, its dismissal of Soverain speaks to the potential frivolousness of its claims.

via Supreme Court Sides With Newegg Against Patent Trolls | Inc.com.

Remember, Newegg took the hit to go and fight this in court, which very few entities have been willing to do, and that made the world better for all of us. Consider that next time you are considering purchasing computer equipment.

Stories from Detroit

I grew up in rural Michigan, 45 minutes away from any freeway. I’m the first male member of my family in three generations never to have worked in front of a lathe, and aside from one uncle, I’m the oldest with all of my fingers intact. The university had given me some grandiose ideas like “true solidarity with the oppressed,” and I figured “the oppressed” lived in Detroit, never mind the patrimony. I thought I was making a sacrifice. I thought moving here was staying home when everyone else was leaving the state. I thought I was going to change the world and had some vague notions of starting a school. I cringe at how naive I was. I first rented an apartment in the city, sight unseen, that didn’t have a kitchen sink, so I did my dishes in the bathtub.

Aside from bidding jobs, I spent my days like everyone else: sanding floors in cheap rentals for $8.50 an hour, which got me thinking: I could buy a house and fix it up myself. Not that I was sure how to go about buying, let alone renovating a house. It was just an inexplicit dream, some trick that would keep me from leaving like everyone else, make me a true Detroiter.

via Why I Bought A House In Detroit For $500.

A really interesting long read about a guy that decided to buy and fix up a house in Detroit. As we've now, as a country, expanded into all the places we can, our next century is going to be as much about rebuilding and reclaiming as anything else. This is a great micro lens for the macro picture of what that means.

SSL everywhere

One of my new years resolutions was to put more crypto into the world. Be it because of state actors, or rogue ISPs, I think the world would be a better place with a bit more cryptography in it.

As part of this, I just converted the two websites that I run, dague.net and mhvlug.org to SSL only. I'd had an SSL cert on the admin portion of dague.net for a while, but decided there was no reason to not make all traffic SSL.

Getting Certs

You can get certificates tons of places. I had bought a $12/yr cert for dague.net through namecheap. For mhvlug.org I used startssl, which provides free 1yr certs for individual hosts. They have a process for signing up, doing some automatic verification that you own the domain in question, and then you are off to the races. Their process is about as easy as SSL management tends to be, and there are good instructions for installing the cert into Apache.

IPv4 setup

SSL comes from a time when the IPv4 namespace looked small, but manageable. Before it became clear that the median # of IP addresses per human on earth would be 5 - 10. Oh how naive we were.

As such, the base protocol has no equivalent of vhosts, which means 1 hostname == 1 ip address. dague.net and mhvlug.org live on the same linode, which means I need to carry a second IPv4 address for compatibility.

In 2006 there was an approved extension to TLS call SNI (Server Name Indication), which would bring SSL to the world of vhosting. It's largely supported, however there are some substantial holdouts, including:

  • Android < 3 - there are enough Android 2 devices out there yet that I don't want to kill that off
  • Python < 3.3 - fixing this in 2.x was considered a "feature" and rejected, which means Python 2.x automation tools are directly an impediment to SSLing the web, as any python web service clients will fail unless they are on Python 3.3. (We seriously need a Python 2.8)

IPv6 setup

Both of these domains are IPv6 enabled. In Apache this means you need to duplicate the SSL configuration for IPv6 as well. Oh, and you need a couple more IPs (I only had 1 on the box). Linode helpfully allocated me a /64 for my box, so now I can IPv6 to my hearts content.

What stands behind us and an all SSL internet?

SSL setup is a little harder than just throwing up a web server. That being said, it's not that bad. I realistically think the IPv4 shortage and the failure by thing like python to fix the issue in the version people have deployed, is a real problem. Because basically bots won't be able to find these sites, they'll fail back to the default site.

At this point I'm not going to launch anything new that's not SSL enabled. SSL should be our default as the internet community, and right now it only costs a small amount of time and an extra IP address.

Thinkpad X1 Carbon - awesome Linux laptop

Note: this is in reference to the Generation 1 X1 Carbon which was available in 2012/2013. The new Gen 2 X1 Carbon has enough different hardware that this may not apply.

Thinkpad X1 CarbonThe Thinkpad X1 Carbon is Lenovo's stab into the ultrabook market. Made of carbon fiber (hence the name), it's very light. The last 6 months with my Samsung chromebook has made me appreciate lightness when it comes to laptops.

I'd been lusting after one of these for the last year. I decided with new job it was time to treat myself to one for my personal laptop.

A great Linux machine

First off, this is about the best experience I've had with a Linux machine. Everything works, and is completely rock solid. It showed up right before Christmas, I did an Ubuntu install with full disk encryption, then went about restoring my 50G home directory onto it (which takes a few hours even over ethernet).

The hardware is an i5 with Intel graphics. Over the years I had gotten so used to nvidia graphics, which are fast, but fail to suspend on about day 4. Which was typically fine, because they were work machines and Lotus Notes would crash Unity around day 3 anyway, so a restart was in order. But with Intel graphics this has been rock solid. I'm on my 3rd boot since I got it (did actually decide to take a kernel update the other day), with me suspend / resuming on average 6 times a day. Never an issue. Oh right, this is how a laptop is supposed to work. 🙂

Everything I've tried so far as worked fine. Displayport is fine, fingerprint reader has a pam module, which I used for about a week, then found it was requiring a few more swipes than I liked, so uninstalled it.

Battery

Battery life is consistently 5 - 6 hours. So my charger stays in my office, the laptop rarely does. What's even better is it's a new kind of battery tech which means it does a fast charge to 80+% in < 45 minutes. So when I'm actually down to less than an hour of battery I'll take it up to the office, and call it a break (or jump on my desktop).

Keyboard

The X1 carbon is the new style Thinkpad keyboard, which you'll also find in things like the T430. While it isn't the old reliable Thinkpad keyboard, I'm actually very happy with it. It has a slightly different feel, but you get used to it over time. It has nearly the same throw of the old thinkpad keyboards, not quite the same, but close. I find the feel on the individual keys is actually nicer than the old Thinkpad keyboards. The surface just feels nice.

It's still the generation that has real mouse buttons, which are actually now a think of the past, and a contributing reason to getting this versus a newer thinkpad.

Realize, I'm about as invested in Thinkpad keyboards as anyone. My desktop keyboard is the USB Thinkpad keyboard, and I just ordered 2 more of them as backups given that it's a discontinued item.

Screen

1600x900 at 14" is respectable. Importantly, it's a matte screen, which means it's usable around bright lights. It's not a great screen, especially compared to what I'm using on my desktop, however it's a comfortable one to work on. There are versions with touch screens, which would add weight and gloss, neither of which I was interested in.

Slightly Older Hardware

The X1 carbon came out about a year ago, so it's an i5 2 core processor. Ram is 8G max (it's soldered on, so you want to get the max). SSD maxes out at 256G. It's field replaceable, but not in a standard package, so max that out as well.

In an ideal world

This would have a better screen, and I could get it with speed and feed bump in the underlying hardware. That being said, I've got a nice new Haswell desktop with a ton of memory and SSD. This laptop is a joy to use, so I'm ok with slightly less speed on it. I did build a powerful workstation 6 months ago for a reason.

And then Lenovo went all Crazy Pants

At CES they announced a new X1 carbon. Faster processor, better screen... and a completely scrambled keyboard. No more function keys, instead a capacitive "touch region" . Caps lock removed and turned into a split home / end key. Tilda key moved over to between the right Alt & Ctrl keys. It also removes the mouse keys, which makes the touchpad non disableable. Complete crazy pants.

screenshot_113

Which blows my mind. When Lenovo got the Thinkpad franchise, they got a keyboard design which was loved by millions. There were reasons why they needed to touch the keyboard once, because the old one won't fit in an ultra book. It takes up too much depth. However the level of scrambling they are doing to it now is just out of control. It makes me sad.

But back to Linux...

As a Linux laptop, this is a joy. This generation of X1 carbon is going to disappear soon with the big windows 8 push on their new version. So if you were ever thinking about it, now is the time to act.

The NSA Bond Catalog

The National Security Agency’s sophisticated hacking operations go way beyond using software vulnerabilities to gain access to targeted systems. The agency has a catalog of tools available that would make James Bond’s Q jealous, providing NSA analysts access to just about every potential source of data about a target.

In some cases, the NSA has modified the firmware of computers and network hardware—including systems shipped by Cisco, Dell, Hewlett-Packard, Huawei, and Juniper Networks—to give its operators both eyes and ears inside the offices the agency has targeted. In others, the NSA has crafted custom BIOS exploits that can survive even the reinstallation of operating systems. And in still others, the NSA has built and deployed its own USB cables at target locations—complete with spy hardware and radio transceiver packed inside.

via Your USB cable, the spy: Inside the NSA’s catalog of surveillance magic | Ars Technica.

The whole catalog is amazing, especially if you have a basic handle on embedded systems. This stuff is pretty impressive for 2008, a time before we all pocket computers always connected to the internet. I found the GSM and firmware exploits to be not very surprising. The VGA cable which taps the red signal line and transmits it over wireless was neat. Also, the code names are kind of bizarre.

I will have to say I did like it a bit better when all of this was the stuff of fiction, and not was apparently just what's happening on a Tuesday.

23 and maybe me?

So I decided to read the tea leaves of my DNA. I reasoned that it was worth learning painful information if it might help me avert future illness.

Like others, I turned to genetic testing, but I wondered if I could trust the nascent field to give me reliable results. In recent years, a handful of studies have found substantial variations in the risks for common diseases predicted by direct-to-consumer companies.

I set out to test the tests: Could three of them agree on me?

The answers were eye-opening — and I received them just as one of the companies, 23andMe, received a stern warning from the Food and Drug Administration over concerns about the accuracy of its product. At a time when the future of such companies hangs in the balance, their ability to deliver standardized results remains dubious, with far-reaching implications for consumers.

via I Had My DNA Picture Taken, With Varying Results - NYTimes.com.

I actually think a more fascinating thing to do would be to submit the same DNA to one of them 3 times under different names, and see how repeatable they are. I bet that would even be interesting.