You are hereOpen Source

Open Source

FOSDEM 2009 approaching

FOSDEM 2009 is approaching very fast. The dates are set on the 7th - 8th February 2009 with on the 6th the usual beer event.

It's time to start again with the I’m going to FOSDEM, the Free and Open Source Software Developers’ European Meeting

Metasploit 3.2 released

Quote H D Moore:
Austin, Texas, November 19th, 2008 -- The Metasploit Project announced today the free, world-wide availability of version 3.2 of their exploit development and attack framework. The latest version is provided under a true open source software license (BSD) and is backed by a community-based development team.
Get your update here, and don't forget to read the release notes.

Exploring Zivios

Zivios in 3 lines

Zivios is a web based control panel which brings together vital open source technologies needed by medium and large enterprises. At it's core, Zivios provides identity management, single sign-on, user, group and computer provisioning, as well as remote management of services.

Check the screenshot and features page for more details.

Installation

The wiki of Zivios contains a manual for the Automated Webbased installation. Don't let yourself be fooled by the word 'automated', the installation is indeed trough a webbased wizard, but before getting that wizard some manual steps are required to handle the dependencies. The manual is very clear about all the steps, it's mainly copy paste and common sense. Once these manual installations (apt-get) have been performed the next steps are web-based.

I got into contact with mhashmi, the guy responsible for the webbased installer. He confirmed that they plan to "have packages for ubuntu, debian and possible the rh family of distros for 0.6.0". That would indeed be better than right now where the webbased wizard compiles loads of stuff. Personally I'm not pro on having a compiler on a production server.

The web interface

Before clicking everywhere a Zivios-novice should read the Getting Started With Zivios tutorial.

Fill in the information correctly as it looks like the current version (0.5.1) has no support for editing the objects you created. You will get the 'not-so-comic' message: "Why didn't you enter everything right the first time?".

While continuing playing around with this software I came across many unimplemented features and quite some bugs (they have been reported of course).

Conclusion

Zivios has a promising future if they implement what they say they will.
But currently it's very far from something usable.

Open Source ERP event

Quote Raphael:
Hi all,

Just a little notice that the first part of the event on open source ERP systems organised by Profoss will take place on 18 november in Brussels.
I have just published interviews of the speakers, which are specialists in Adempiere, Compiere, OpenERP, OpenBravo and ERP deployments.

All details are on http://www.profoss.eu/events

As the event needs promotion, don't hesitate to spread the new around!






The profoss website also lists the schedule:
Time Title Speaker
14:00 How to choose an open source ERP system Pierre Spillebout
14:50 AdempiereNorbert Wessel
15:40 OpenERPFabien Pinckaers
16:30 OpenbravoRon Kramer
17:20 Panel Discussion

5 years after a change in attitude

It has been approximately 5 years I finished using stolen or pirated software. I must admit: I love it!
I love the look on the face of others when they hear I have no illegal software on my machine.
I love the feeling of being legit with all that software.
I love to help others do their first steps in this uncommon world.
And no, I love my money and don't spend it when it's not necessary.



It's all about the attitude.

The most difficult part is the attitude that needs to change.
My previous attitude was to look for a well known brand, download the software, crack it and play with it. If it could do what I needed it for I kept using it. But what with all the unused features? What with the price of this software? That's not important, it's "free" says the thief.

Like with everything in this world there are different options you can choose from. But do we have the choice with software?

Sure we have. I usually see two different options: a) use open source software or b) find an alternative that is worth it's price.
Many (almost all) open source software packages are available for free. Many are even of a great quality, but finding the right packet is difficult. There is a great site around called osalt. It's a huge list with well known commercial software and their similar alternatives in the open source world. There is a short description and a list of supported operating systems. Be sure to check out this site and find what you need.

In the rare case it is possible that you can't find what you need, just look around for other software that is less expensive. Dare to try free beta's, usually when pre-ordering you get a reduction.

aether - Mac OS X

On my Mac I have three commercial software packages that need to be payed for. The first one is Mac OS X, but this one I payed for when buying the computer.

The second one is VMWare Fusion. When I was in then need for a hypervisor on my Mac the only open source alternative was Q. Unfortunately it had a huge performance impact on my machine. So I tried Fusion's beta program. The product worked very well and a few months before the final release there was a 50% off from the price of $80 making it $40 or €30 (by then).
Right now you can use VirtualBox as alternative, but that wasn't available yet when I needed it.

The third commercial software is called Bibble. I couldn't find a good open source alternative that ran on Mac and Adobe Lightroom 2 with it's $300 is really to expensive for me. So I bought Bibble that delivers the required features for $130 or €83.

What about the rest? It's fairly simple here's a short list:

sws00448 - Microsoft Windows

This is the computer I have from my company. I'm 'forced' to use many commercial software but they do pay for it. So it's not really my problem. Let's skip that boring non-Office or administrative software if you want.

neptunus - Linux / Ubuntu

No need to make a list here. For all the software you want just got to the "Add/Remove Software" menu item. In contrary to some other Operating Systems you can really add software in this place.

Conclusion: I changed my attitude

Do I miss something on my machine? No, and I'm really happy with the things I use, and (almost) all for free.

Jump on the bus and try out free software.

OpenVPN with dynamic pkcs#11 ID.

You might have read my two posts concerning Belgian eID authentication with OpenVPN. ([1] and [2] .
There was a thing that bothered me: The pkcs11-id (eg: "Axalto/Belgium eID/6CFF2491AB111E14/BELPIC (Basic PIN)/02") that is hardcoded in the configuration file. To solve this issue I wrote a patch for OpenVPN (v2.1_rc7).

In short this is what I do:
- New pkcs11-match variable in the openvpn.conf. This is the substring of the key-id you want to match. It works with a 'first match wins' principle.
- options.c => I add the variable and the checks, as it's either pkcs11-id or pkcs11-match
- ssl.c => if pkcs11_match is set, do the checks and give error if necessary. Store the key-id in options->pkcs11_id.
- pkcs11.c => I copy-pasted some code of the find-pkcs11-ids(), refactored it and added a check for the substring.

This enables people to:
- deploy the same configuration on different computers
- log-in to the tunnel with different cards on the same machine. (different users that share the same computer)
With eID's the key-id contains similar characteristics. where 'BELPIC\x20\x28Basic\x20PIN\x29/02' is the end of the Authentication key.

Unfortunately some don't see the advantage of including this in the tree as the cvs/svn already contains code for certificate selection. But this certificate selection needs an extra UI (graphical or whatever).

My ideas about FOSDEM

A week after FOSDEM 2008 I have read many blogposts and the comments on the feedback form. It's really interesting to see what people think about the event; and this edition specifically.

Next saturday the staff will have the post-FOSDEM aka post mortem meeting.
We'll spend some time together and look back what went good and what went less good. We'll also look forward to the next edition(s) on how concretely solving those issues.
This meeting also means the official closing of FOSDEM 2008 for us. Or in normal language: "full rest".

I do have a few things I'm planning to work personally on:

  • Main track speakers
  • Location
  • Internal coordination and communication
  • Network
  • FOSDEM 2010 - 10th Bday
disclaimer: these are my personal ideas, they might not fit in the vision of the rest of the staff

Main track speakers

Finding the right speakers for the main tracks is not easy. First of all they must be technical, but not too much as they should attract a larger crowd. There is definitely some more work to be done for next year.

Internal coordination and communication

There are a few internal things that went wrong this year or could go better. I think we are certainly heading the right way with our ever growing documentation. By documenting many things organizing FOSDEM becomes easier for the boring part. This means we can spend more time on the fun part and on bigger improvements.
What I also didn't like was that the main tracks, the devrooms and the lightning talks were totally not aligned in their ending-time-schedule. I don't want to see this again next year :-)

Network

The network worked more or less fine this year. Great job Gerry & the Greenpeace guys!

But the hardware we are using as routers (Linksys WRT54GL) starts having issues with the amount of simultaneous connections it can handle. I think we need to invest into some more robust networking stuff and start using more directional antenna's for the WiFi. Do I hear money money money? :'(
Gerry, if you need some help with that don't hesitate to ping me.

10th edition of (F)OSDEM.

In two years (F)OSDEM will be at its tenth edition. In my eyes this is certainly a good reason to do something special.
I have a dream !

I have a dream on FOSDEM 2010 with not only European visitors; but also from the whole globe.
I have a dream on Friday evening with a lot of (almost) free beer.
I have a dream of another (almost) free beer party on Saturday
I have a dream of free food and drinks during the day.
I have a dream of free entrance for FOSDEM...hmm...this is already the case. Nothing new here.
I have a dream of many many well known speakers coming and giving lectures.
I also have a dream of those developers walking around discussing FLOSS things with the visitors.
I have a dream with many volunteers ;-)
In this beautifull dream, where sponsors give us even more money to help us pay for all these free things.







Do you think this is only a dream? Do you think this is feasible?
This is certainly not something we should prepare one year in advance, but we should start very very soon...

I Love Belgium... and you?

About Me
GnuPG Public Key Still More LinkedIn profile
Photos
Projects
WeIDS 2.0 Linux Lessons WiFi Auth Project
Documentation
Acer Aspire 2012 WLMi Acer TM 4002 WLMi IR-receiver (Win)(NL)
Links
Ubuntu Belgium Planet Grep
FOSDEM Profoss hacker emblem www.cacert.org
Get OpenOffice Get Firefox Get Thunderbird
What is OpenID?