Loading...
 

No Food for Thought

Food is something you should provide to your brain long before coming to this blog. You will find no food recipes here, only raw, serious, non-fake news for mature minds.

XL-ent news: JPEG XL

admin Sunday December 15, 2019

Ever since I heard about JPEG 2000, I have been waiting to see a new, efficient image format replace JPEG (1992). Needless to say my wait is getting long.

But now a new format is promising even more than JPEG 2000. JPEG XL could replace not only JPEG 1992, but PNG, uniting both lossy and lossless compression into a single format. And according to an excellent presentation by Jon Sneyers, there's good reason to believe this time will manage to take photographic compression more than 2 decades forward! According to the latest press release, reference software should come in Q4 2019.

Crossing fingers Santa will be most generous this year...

2022-03-02 update: Santa has struggled in the last years :-(
And software patents may further prevent his work.

2022-11-19 update: JPEG XL has made great progress in the last 14 months. A first version of the file format was published in October 2021, and reference software was finally released in August 2022! JPEG XL provides an up-to-date slideshow about itself, which explains that the standardization process continues. Google's removal of (experimental) decoding support from Blink (affecting Chromium) has however created some confusion.

The Costs of Insecurity, The Costs of Fragmentation

admin Sunday December 15, 2019

A 1 million $ theft is the latest reminder of how easy social engineering remains, even in 2019. I cannot help but wonder how much more secure our technological ecosystem could be, if only all of the damages from security attacks could be invested in securing systems, even just looking at communication and authentication.
If only we could all work together...

Heartbleed no more - EU-FOSSA budget doubled

admin Monday December 2, 2019

In early 2016, I expressed some satisfaction and a touch of pride regarding the multi-million USD Core Infrastructure Initiative security effort. While the corporations behind the CII are extraordinary, the European Union's commitment to the EU-FOSSA is equally unprecedented.

Yesterday, the EU announced the free and open source software audit (FOSSA)'s budget was nearly doubling, to reach nearly 2 million EUR in 2017, adding a bug bounty programme. My initial reaction includes a tiny bit of extra pride, despite the reactionary looks of these projects ("initiative" doesn't sound like an accurate qualifier). But this mostly provides a lot of relief, and a remarkable example of the difference large unions can make.

I would like to thank MEP-s Marietje Schaake (Alliance of Liberals and Democrats for Europe), Julia Reda and Max Andersson (Group of the Greens/European Free Alliance), as well as the European Union as a whole for this extraordinary commitment. I apologize for not being part of your unique union.

Update: EU-FOSSA 2 is over.

Thunderbird "Authentication failure" popup trying to setup a Gmail account on a new OS install?

admin Sunday October 20, 2019

Are you migrating to a new operating system (Windows, or quite possibly any) and failing to setup your Gmail account in Thunderbird (version 68.1.2, and surely many more)? Getting a small popup which says "Authentication failure while connecting to server imap.gmail.com.", in the bottom right corner of the window, with only an 'x' to dismiss the message? Despite Thunderbird restarts? And even OS restarts?
If you're like me, you're in luck, the solution is very simple : just connect to Google. That's right - open a browser, go to Google, connect. And then just retry connecting in Thunderbird (or restart it).
And that is how intuitive it is to use a top 2 MUA with a top 2 mail service. An MUA from an organization who's done tens of millions of USD-s in business cooperating with that service's provider. Congratulations, Google
Welcome to 2019

P.S. For those less lucky, see the "Less secure app access" section in https://myaccount.google.com/security
I figured this one out thanks to this long thread (get ready to click "more" several times to reach a useful reply).

Celsius and School Degrees

admin Monday October 14, 2019

Temperature is the topic of much debate. Even inside temperature is a topic of disagreement.

But this disagreement has just gotten a lot less light, and should get much more heated. Indeed, inside air temperature no longer matters only for its ecological impact, but also for its direct economical impact, according to new study Battle for the thermostat: Gender and the effect of temperature on cognitive performance, as this TIME article reports.

Here's hoping that more research on this issue will come soon.

Switched to DNSEXIT

admin Friday October 4, 2019

My good old and short dynamic domain name ido.ath.cx which I used to point to my home PC stopped working after DynDNS stopped being free. Instead of looking for another free provider which could also stop being free at some point, I decided to use a subdomain of my domain philippecloutier.com, which I bought from GoDaddy. Unfortunately, GoDaddy does not offer dynamic DNS, so on my friend Xavier's suggestion, I signed up for free to DNSEXIT and changed my nameservers for DNSEXIT's.

I then simply needed to setup my router to update the IP. OpenWrt allows that using ddns-scripts. DNSEXIT's website is a little amateur, but configuration was not difficult. I was surprised to notice at the end that DNSEXIT asked for a link to its website since I use free DNS. I do not wish to make an electronic payment just for dynamic DNS, but I am not entirely comfortable using such a service for nothing, so... here is your link:
Image

The other surprise was to notice that OpenWrt's DNS update method for DNSEXIT appears to send the password unencrypted.
Meh. Not a panacea, but good enough for me.

Kryptonite Kryptolok Series 2 Standard Bicycle U-Lock Review

admin Friday August 30, 2019

I bought this U-lock last year to upgrade from a flexible cable lock. I expected the lock would be heavier, but I didn't expect so many disadvantages.

First, the mount bracket is really poor. I mounted it on the vertical bar, and it's at least the second time I need to reinstall it, since it's hard to tighten enough. The provided hex key is crap, even though Kryptonite claims it will do fine. The short segment is so short that it won't be possible to use the long segment as handle. One needs a real 3 mm key to install this properly. I even attached a rubber band to the frame to increase friction. Even though I tightened it more than once as hard as possible, I lost hope that it will even hold for good. Vibrations will eventually require a new intervention. Kryptonite warns you shouldn't tighten too much, because some frames are too fragile! Think you're lucky enough since your frame is not carbon? Still, tightening too much will cause the bracket to become distorted and the spline to get ten times harder to insert or remove. They advise to check tightness daily or weekly! Who has the time for that? If you install this vertically, expect to waste at the very least 1 man-hour on the mount over its lifetime.
Moreover, the spline provides flexibility, but it increases the space which needs to be reserved for the lock. In the end, with my bike (standard size for an adult male), I can't install this lock in the inside of the frame without losing the possibility of installing a bottle mount.

Then there's the lock's keys. The keys work fine, but they have a thick plastic "handle". This is not a problem if you have keys already, but if you have no other keys, the key means you have one more thing to carry in your pockets. It's hard to leave your house forgetting the door key, but if you just have a lock key, it's very easy to forget it, and obviously often quite a problem when it happens. It would be really simple to avoid that by keeping the key in your wallet, except since the key's maximal thickness is about 5 mm, that probably won't be an option. I believe Kryptonite should ship 1 thick key and the other key should be thin.

Finally, there's the cable. I chose this model because the cable reassured me that I wouldn't lose the flexibility of cable locks. The cable adds much flexibility, but its usability is bad. In real life, you won't use that cable often. But when you're rolling, where do you put it? Kryptonite has no answer to that. If you put it on the lock, it will slow you each time you need to lock your bike. But if you don't, good luck finding another place. What I ended up doing is tying it around the handlebar, but tying it there properly requires about 1 minute each time. It's not easy to avoid a conflict with reflectors and other stuff on the handlebar. So when you don't carry it tied to the U, most of the time you end up with an unlocked cable on a locked bike. I was lucky enough that no one stole it. Yet...

Ah, and that is probably not specific to this lock, but manipulating this is dirty. I wash the lock at least monthly, and I still check my hands after every time I lock it. Also not really specific to this lock, but you need space in your frame's triangle to fit such a U-lock. I was about to order a second bracket so I could use this lock with my Garneau Cityzen Sub-0 when I realized I would need a much smaller lock to fit such an open frame (and such a small lock would be even harder to use).

The only reason I don't recommend another lock is I've never bought any other U-lock. And unfortunately, I remember spending several hours, reading several reviews, before determining which model I should buy, so... good luck!

Méta-promesse

admin Thursday August 22, 2019

Il y a quelques semaines, j'ai eu le privilège d'assister à une promesse électorale plus grande que nature. Une promesse de la taille d'un rhinocéros en chef.

En effet, j'assistais au discours inaugural du chef du Parti Rhinocéros du Canada, Sébastien CoRhino Corriveau, dans sa circonscription de Québec, lorsqu'il promit que pour chaque promesse faite par un parti concurrent, le parti rhinocéros allait renchérir en promettant le double. Une promesse qui saura sans aucun doute attirer la clientèle la plus sélective.
Bravo aux rhinos, et que les résultats de la campagne soient à la hauteur de leur innovation!

No Green Light for Plenom (and other Busylight manufacturers) yet

admin Saturday August 3, 2019
 Not Fresh
I finished my mandate since I wrote this post and my new work environments have not been anywhere close to being as distracting. I am no longer looking for such a solution.

Reader wdmr has since helpfully pointed out BusyLight for Humans, a free software tool supporting several Busylight devices.


A couple of weeks ago I was disturbed by a colleague while debugging an amateur 15-year old document parser, equipped with a badly buggy debugger. I was very displeased, but I realized I couldn't blame my colleague; I rather realized that now that I work in an open office, I need a way to indicate to colleagues when they shouldn't disturb me.

So I searched for devices which would allow me to turn on some red light when I need extreme focus. I quickly found Plenom's kuando Busylights. The hardware seemed great, and the price was right. I was about to buy when I realized the lights had a single year of warranty. Which made me question durability. I can afford shopping and setting up a device once, but I can't do that every third year.

I saw that Plenom offers a manual color control application for Microsoft Windows and "Mac / OSX". But I realized there was nothing for GNU/Linux. In addition, the source for the application wasn't provided. At the bottom of the download page was a reference to an interface specification:

If you need to program the Busylight on USB level, please request the USB API description.

At that point, I was disappointed to see that Plenom didn't offer any code nor support for GNU/Linux, but thought that with its SDK and interface specification, Plenom was close to an acceptable level, and figured that if Plenom was OK with it, I could patch this small flaw by publishing the specification on this website. So I sent the following message to Plenom:

Hi,
I am interested in obtaining an availability device such as Busylight, but will not buy a product for which documentation is confidential. If you commit to offering a Manual changer for GNU/Linux or if you licence the USB API documentation as freely redistributable, please let me know.

Plenom courteously sent the following reply:

Hi Phillipe.

Thanks for your interest in Busylight.

I have attached the USB API documentation, as well as our SDK License Agreement.

While it isn't mentioned in the agreement, we consider the same terms and conditions to apply for the API documentation. That is, you're welcome to redistribute software made with the SDK or API as long as it's for use with the Kuando Busylight units.

If you ask for the API and I send it to you, you are welcome to share it with a friend. The reason we want people to write in first, is so that we can be kept up to date on which Busylight developments are taking place. This way, we can market our products to users of applications we haven't developed for, but third parties have developed for themselves.

Feel free to contact us.
Best regards.
Rasmus Sørensen, The Busylight Team

(The mail included documentation, but I cannot provide it here.)

I was disappointed that Plenom didn't offer redistributing, but found Plenom's concern justifiable, and its reply very courteous, so I tried finding a compromise with the following reply:

Thank you Rasmus,
I understand your concern.

My concern is to invest in a product, to have Plenom go bankrupt or otherwise abandoning Busylight, and to eventually end up with no controlling application supporting the system I will be using, and being unable to provide the necessary documentation to developers who would be willing to invest in the development of a new application, forcing me to write a new application myself.

Would you agree to making the API documentation freely redistributable, but with a usage requirement to inform Plenom of the development project before using the documentation, so that both of our concerns are addressed?


To my surprise, the next thing I heard from Plenom was a message in my voice mailbox (even though I hadn't provided my phone number), from Mitch Friend, president of Plenom Americas, who said he wanted to talk about my development project. Duh

I called back anyway and started by basically repeating my last message to M. Friend, explaining that I didn't work in a call center and would be paying from my own pocket. The funny part came when M. Friend reassured me that his company was in great health, so there was no reason to fear bankruptcy. He claimed I was the only one who had asked about this so far, visibly trying to convince me I was at the faulty end of the conversation. Then came the worst part. M. Friend asked if I would do the same with Microsoft and ask them to change their policies. I was caught off-guards and failed to point out that I wasn't asking Plenom to change its policies, or that most of Microsoft's hardware implements the HID protocol, or even that Microsoft had interest in keeping the cross-platform support of devices as low as possible.

The conversation certainly didn't help convincing me to get a kuando Busylight, but it had a bit of constructiveness when M. Friend mentioned there was some Busylight-related code available on GitHub.

Ultimately I didn't get any permission to redistribute the documentation, nor any further explanation of Plenom's apparent unwillingness to help itself. I even realized after that Plenom requests personal information just to let you download their end-user software. At that point, it seems safe to conclude that Plenom won't offer either redistributable source code or interface specification for kuando Busylight anytime soon.


After giving up on kuando Busylight, I searched a little for alternatives. I found a couple:

  1. Jabra Busylight
  2. Embrava's Blynclight

The first is not USB and apparently in a very different category, specific to phones, so not an option for me. As for Blynclight, it seems worse than kuando Busylight. There is visibly no support for GNU/Linux, no source for any controlling application offered, nor even any specification :-(

So, if you're aware of a well-working and reliable availability display device, please let me know. (Meanwhile, if you see me stepping through a stack tens of levels deep, feel free to find someone else to discuss your backyard.)

Fully Free

Kune ni povos is seriously freethough not completely humor-free:

  • Free to read,
  • free to copy,
  • free to republish;
  • freely licensed.
  • Free from influenceOriginal content on Kune ni povos is created independently. KNP is entirely funded by its freethinker-in-chief and author, and does not receive any more funding from any corporation, government or think tank, or any other entity, whether private or public., advertisement-free
  • Calorie-free*But also recipe-free
  • Disinformation-free, stupidity-free
  • Bias-free, opinion-free*OK, feel free to disagree on the latter.
  • Powered by a free CMS...
  • ...running on a free OS...
  • ...hosted on a server sharedby a great friend for free