Sunil Mohan Adapa’s Blog

Users’ privacy is being attacked vigorously by online services and entities with malicious intent. More and more of browser functionality which people thought was harmless is turning into a privacy threat for the users. Unwelcome technologies like Flash introduce more problems. Browsers don’t address these for various reasons such as loosing existing functionality, compatibility and difficulty in arriving at solutions. Over time, I have been doing some changes to the way I browse the Internet that makes me less prone to these problems even at the cost of losing some functionality, a price I am willing to pay gladly.

I knew about the CSS history attack which can be used by a website to determine which sites I have visited earlier. I just came to know that there are successful attacks using this vulnerability that can be used to reveal my identity on the web. So, in Firefox I disabled colouring the visited links with a different colour although this feature is a bit useful when doing web searches. For this, I set the an advanced preference called ‘layout.css.visited_links_enabled’ to ‘false’ in Firefox’s advanced preferences page. This page can be see by typing ‘about:config‘ in the address bar.

Then, in that advanced preferences page, I also disabled sending of the referrer header by setting the preference network.http.sendRefererHeader to ‘0′. Referrer header tells websites where you have come from. This is sometimes useful when sites highlight the Google search keywords on the page I am visiting. However, it has great potential of abuse.

I installed a Firefox add-on called Redirect Cleaner. This add-on prevents sites like Google from knowing which link you have clicked in the results page. Google tracks your visits to other sites by crafting a special website address which will take you to Google first and then to the actual website. When you visit first page, Google records what site you are going to visit. Removing the two step process and directly visiting the intended page also means that loading will be slightly faster.

Talking about Google, it has been quite some time I stopped using Google for search and started using a meta search engine called Ixquick which respects users’ privacy. Although at times I find the quality of search results to be a bit lower than that of Google’s, I am quite content with the results. I’ve installed Ixquick into Firefox searchbox with the Mycroft page. Also, I am using secure connection via SSL, even for search.

Flash is bad for the future of the Internet as it is not a openly developed standard and its fate is controlled by a single corporation. Flash websites are also very annoying and suffer many problems. More annoying and danger to privacy are the Flash ads on regular websites. I hardly ever require Flash. So, I installed the Flash Block add-on which makes sure Flash content is not loaded by default on a page. In a very rare situation where I want to use see a site or video in Flash, I simply click on the Flash Block’s icon and to start running Flash. This process make me highly immune to Flash cookies which are used by advertisers to track me.

I also use a fairly non-informative user-agent string by installing the User Agent Switcher Firefox add-on. I also sometimes use a user-agent string belonging to some search bot so that sites serve me data which they would not otherwise serve unless I registered an account with them.

Finally, I am considering using the NoScript Firefox add-on to prevent javascript and cookies wherever not needed.

As part of a course on Software Engineering, I gave a guest lecture to an audience at IIIT Hyderabad consisting mostly of the first year undergraduates. I tried to show FOSS development from typical software development life cycle point of view and highlight the differences. You can get the slides of the talk.

I am participating in foss.in along with Prasad who spoke about contributing to Spicebird. I was disgusted when along with the delegate kit, I was given a CDROM containing proprietary software from VMware.

Organisers, perhaps, are doing that because VMware is a silver sponsor. They are, in effect, trapping people into proprietary software. I have come to think that the organisers don’t give a rat’s ass about Free Software philosophy or at least the spirit of open source development communities. This is what happens when people get involved for petty/wrong reasons.

I returned the CDROM at the delegate kit distribution desk as soon as I found it in the kit. I even got some objection from across the desk when i was doing that. Next time, however, I will mostly certainly refuse Foss.in itself.

Update: If you happened to visit the VMware stall and give your contact details out of courtesy, you will also receive a recruitment offer from VMware. So, now, FOSS developers have cool venue to turn into proprietary software developers.

There is an article at law.com titled “Open Source Software Shows Its Muscle”. It has been quite some time I have seen a close to 100% pure FUD article. So, I decided to write something in reply.

1) “a round of lawsuits filed by the Software Freedom Law Center (SFLC) against for-profit companies using the software for commercial gain”

This shows that the author either has no understanding of Free Software principles or is maliciously trying to portray a bad image. Free Software community or Software Freedom Law Center has never objected or disliked companies for being for-profit. There are many for-profit companies that are considered a integral part for Free Software ecosystem.

2) The article is written to sound as if the “muscle-flexing” is recent activity. Free Software Foundation (FSF) and SFLC have been fighting GPL violations for a long time.

3) “For-profit companies using open source software should take notice and understand the risks.”

3.1 – The author fails to notice that using any software has risks in this exact sense. Every software (except one’s in public domain) come with a license agreement from the copyright holder and violation of copyright agreement is always a “risk”.

3.2 – The companies that SFLC has filed cases against are not companies that have simply “used” Free Software but built proprietary software with code from Free Software projects violating the terms GPL.

4) “The new lesson is that the freedom belongs to the software, not to users.”

If you read the GPL it will be very clear that GPL is trying to protect the freedom of the users of the software from companies that abuse it to turn Free Software into proprietary software. Whenever the companies take Free Software and turn them proprietary, like the companies in question did, the freedom of the users for software is hurt. This is despite the intention of the original author of the Free Software that his/her software users should receive all the freedoms that he granted. It also against his will that no one who wishes to deny this freedom to other users shall build software using his/her Free Software.

The newly added clauses in GPL v3 against patents, tivoization etc. clearly protect the freedom of the end user to use the software. Not to mention the additional advantage that many for-profit companies that “use” Free Software would get from these clauses.

5) “You are not free to do whatever you want with the open source software and may find yourself in a legal fight if what you do restricts the freedom of the software.”

With GPL, the user is free to do anything also long as he does not deny the same freedom to other users. Which I believe is completely fair.

6) “Any activity that leverages software for business advantage is likely to restrict the software’s freedom”

A company simply “using” Free Software for business activity is in no way restricting freedom. Further, there are many companies to prove that businesses can be built around developing Free Software without restricting users’ freedom.

7) “and the growing use of open source software by for-profit companies has been a growing irritant for free software advocates”

This is a baseless accusation. The community has been cheering the steady raise in the use of Free Software.

The rest of the article contains lot more FUD, but I feel its too pointless to continue.

Update: I meant accusation not acquisition.

Recently, I talked at a session to faculty and students of Vignan Engineering College, Hyderabad as a part of two day workshop on Free Software Technologies. I used Fedore Core installer as a means of explaining fundamental concepts like partitions, boot loader and user accounts that are a necessity for installing any GNU/Linux distribution. You can download my presentation slides (as ODP or PDF) which consists mostly of screenshots from OSDir. I demonstrated the installation process and using GParted LiveCD. After my session others have demonstrated the Ubuntu LiveCD.

I wrote an article on GNU General Public License to Prasakti Telugu daily newspaper last month. I did not write the introduction to it and I do not like it.

Sometime back, I gave a tutorial to branch managers at a divisional office of Life Insurance Corporation of India. The tutorial included basics of email communication and word processing in OpenOffice.org Writer. OpenOffice.org tutorials are not in plenty and I spent quite some time deciding the topics for the tutorial. Here is a list of topics I covered in the tutorial.

I went to my home town and there I helped a buddy install GNU/Linux onto his laptop. Even these days, you sometimes have to tinker with configuration files to get things working. So, I thought I should write it down.

Network card – No special configuration required. Goto System->Administration->Networking and specify the IP address manually if your network is not configured for automatic setup via DHCP.

Video card – No special configuration required.

Synaptics touchpad – No special configuration required. Synaptics driver is installed and Xserver configuraiton file was added an input device with synaptics as the driver.

Wireless lan card – For installing the drivers, there is no additional effort required. ipw2200 module was installed and automatically inserted.

Wireless configuration with PSK/TKIP encryption: The following configuration is required. First do:
iwscan list
This will give you a list of all the wireless networks scanned by your wireless card. Note your network name and then, using it, run:
wpa_password "your_network_name" > /etc/wpa_supplicant.conf
This will prompt you for the password. Here enter the password that has been set for you wireless network by your network administrator. This step will create the file /etc/wpa_supplicant.conf and write some barebore configuration into it. You need to edit this file and add more configuration to it. It should finally look like this:
ctrl_interface=/var/run/wpa_supplicant
network={
ssid="your_network_name"
key_mgmt=WPA-PSK
proto=WPA
pairwise=TKIP
group=TKIP
#psk="your_password
psk=a_hexadecimal_key_that_is_automatically_generated_in_previous_step
}
Now, run the command:
/sbin/wpa_supplicant -Dwext -i eth1 -c/etc/wpa_supplicant.conf -dd
Here eth1 is the wireless network card’s interface. Check that it did not give any errors. Once this step is successfully done, you need add this to your system so that this happens automatically everytime your wireless network is setup. Edit the file /etc/network/interface to make it look like this:
auto lo
iface lo inet loopback
auto eth1
iface eth1 inet dhcp
pre-up /sbin/wpa_supplicant -Bw -Dwext -i eth1 -c/etc/wpa_supplicant.conf
post-down killall -q wpa_supplicant
auto eth0
iface eth0 inet dhcp


Most likely, after configuring your network devices from System->Administration->Networking you just have to add the two lines starting with pre-up and post-down to the wireless networking intereface.

Wacom stylus eraser and cursor: All the configuration in the Xserver is done automatically only that wacom driver did not get inserted into the kernel automatically. To load this kernel driver everytime the machine boots, add the following line to /etc/modules:
wacom

Update (Sep 3rd 2006): The command for getting the list of available networks is not iwscan list. It is : iwlist scan

BIOS should be Free Software. The rush for it is ever greater with big hardware companies doing all the nasty things like Treacherous Computing.

AMD vs. Intel was always a close pick for me with both of them appearing equally nice or evil. AMD always won because it turned out to be a bit cheaper most of the time. These days after the 64-bit race and the dual core race I was considering evaluating both of them again. However, AMD just got a big plus. It supported the LinuxBIOS project by co-operating with the developers. Intel did not do so. So I will undoubtedly choose AMD for its a matter of who controls my computer: me or some big US company.

Support the FSF campaign for a Free BIOS. Pick AMD, write to Intel about your decision and annouce your support to bios@gnu.org.

I wrote to Intel and said this:

Dear Intel,

Being a software engineer, I take software freedom very seriously.

Intel has not been cooperative with the LinuxBIOS project which aims
at creating a free BIOS. AMD has been coorperative. I shall pick AMD
CPUs and other products over Intel for this reason and will also
actively pursue my collegues to do so.
(http://www.fsf.org/campaigns/free-bios.html)

Please reconsider your stance.

–
Sunil Mohan