Monday, November 05, 2007

Why I haven't joined MySpace, Hi5, Facebook, etc.

I don't use any of the normal social networking sites and I don't think I'll join any in near future. I possibly more or less not definitely reject the idea that I undeniably do or do not say that I'd never join. If that indeed wasn't what my stand isn't. Ok, apart from the dialogs from Shrek, I have a couple of reasons. If you are not happy with my first reason, then read the second which is the main point. I you are not happy about that either, ........... and then they lived happily ever after! :)

First thing, I don't like to share too much personal info including a list of my friends in a place where all people can see. It's may be not much of an issue for some of you, but I'm going to stay slightly paranoid and steer clear. At least you don't think everyone out there is not as sweet as they pretend (same in the real day to day life), ...... or do you? I noticed that some people tend to reveal,... may be a bit too much personal info (including photos) in social networking sites. Some of these might sound like "STALK ME" to certain individuals. I have seen and heard (at least on the Net) some pretty nasty cases about privacy. Thanks to my studies, lately I got to read about (actually research about) two more nasty cases related to two facets of on-line privacy. They are the infamous Shi Tao incident related to Yahoo (more reasons to not like Yahoo, but sadly Yahoo is not alone) and the Amy Boyer incident which ended tragically. No telling what kind of scum gets to see my personal information online, and what kind of nice people too. :)

I might sound too paranoid to some of you, but hey, it's just my 2 cents. I didn't ask you to do the same. :)

Second and the most compelling reason for me is, I don't feel like joining anymore social networks. :) I'm already a member of some tech groups. For example I'm a member of and of a couple of FOSS related mailing lists. Then I'm a member of deviantART art community too. Add it to my presence in the Blogosphere, I'll have to spend a tad bit more time than I like to manage my online presence. :)

Anyway, it's quite OK to assume that I'd not accept the loads of invitations I receive to join Hi5, Facebook, etc. anytime soon. Thanks you very much, you people (especially Yaj, Prasa, Yash (Yasa), Thiwa, Sibba, Kassa, Lalanka, and the all the others) for sending me invitations. If I decide to sign-up for social networks, you'll be the first to know. There I go..... preaching about privacy and jeopardizing privacy of people who were nice enough to send me invitations. :)

Saturday, November 03, 2007

Pirated Software has a Significant Negative Impact on the Local Software Industry?

Last weekend I came across this interesting article in Sunday Observer, titled "Nine out of 10 computers in Sri Lanka use pirated software". To read it online follow this link and scroll down to the relevant section. The newspaper article is about an IDC study about software piracy. It started like this.

"Nine out of ten computers used in Sri Lanka have pirated software, a global study on software piracy has revealed. Sri Lanka is ranked as the sixth highest country using pirated software in the world and the second in the Asia Pacific region.

These facts were revealed at a seminar on business optimisation with good governance and staying compliant with software asset management, jointly organised by Business Software, Alliance (BSA), Ceylon Chambers of Commerce, ICTA, European Chamber of Commerce of Sri Lanka and Intellectual Property Office.

The study was conducted by IDC, the IT industry's leading global market research and forecasting firm and the study for the first time covered Sri Lanka in 2006. "

Before I continue on, let me clarify that I do not promote or encourage Software Piracy. So please do not comment about how ethical or legal is pirated Software. I'm just going to point out and muse about a fact included in the article. Again, I have no doubt about the fact that most commercial Software are not affordable to average Sri Lankan PC user. $200 for an OS might me OK in USA, but in SL that's about the monthly salary of a junior executive or so. So please don't try to argue about that with me either. If you are going to say that price is affordable, don't argue either, because I don't like to waste time on a lost cause. :) End of rules and regulations.

One of the peculiar things mentioned in the article is "The software and additional services derive nearly another $1 of channel revenue and most of these additional service or channel revenue goes to local firms. Therefore pirated software has a significant negative impact on the local software industry, BSA said". Earlier in the article it was said "According to the study Sri Lanka has a 90% software piracy rate and the high piracy rate causes a retail revenue cost of US$ 86 million to the Sri Lankan software industry. The broader economic impact of software piracy is significantly greater than the retail value of pirated software"

So does this mean that Sri Lankan (and other) firms are at a mortal (yes mortal) amount of loss or impact because they don't earn from retailing and service providing? The numbers (oh, well everyone knows commercial vendors are good at this number game) seems to imply so.

Poor Microsoft and others (some say MS run the game at BSA, I didn't say so :), if their retailers and service providers are at a this severe lost, just imagine how much they are suffering?

Or............ are they? It's very very true that they are at a lost (in US$ millions). Then again, what about the effect of pirated software having on the software industry as a whole. Yeah, what about it?

People will use pirated software (like in SL). The home user will learn to work on MS Word, office worker will learn to work in MS Excel, university students will learn to program in Visual Studio, tech learners will learn to use SQL Server, IIS, ISA, Exchange etc. To put the icing on the top, they provide free/cheap subscriptions to academia as a goodwill. Great! All in all we'll have HR factor well capable of industry standard software. Isn't that what happens in Sri Lanka? What's wrong with it you might ask.

This is where I show you how deep the rabbit hole can go, to the other side of the paradise. It's like, they'll get you addicted to booze but then you'll have to BYOB. It's like they'll give free puffs, then you'll have to buy tobacco. Sounds familiar or still doesn't make any sense?

Why, the so called industry leader will have a fully grown and operational, healthy Eco system of their software well established for them to exploit. What will the users choose when they have to spend their precious bucks on software for their business? Just think how many companies in SL use commercial software (Eg: .NET based software)? Why did they choose those particular technologies? What were among the most compelling factors? Technological superiority? Unavailability of quality alternatives? Read ahead, don't mind me. I'm just ROTFL.

Then there's FUD too, which I'll not get started now. Just add FUD to the equation and I see the software industry as it is. :) One might claim I'm so paranoid, anti-MS and fundamentalist. Well, I'm so not. Maybe anti-MS :), but certainly not anti-commercial software, I'm just anti-dirty-business-model. If MS's business model happens to be uncannily similar what can I do? :)

Ok, ok, back to the course. I'm not by any means saying that local firms are not loosing a significant amount of revenue due to piracy of software. I'm just saying I can't agree to the fact that the negative impact for them is far more catastrophic than the revenue lost. The impact on the industry would be much worse should they fortify actions against piracy (I believe they should). Since big names have infiltrated the industry with pirated software, the big names will suffer more than the local industry in such a case. So I don't think that these big names have honest intentions to act against piracy at grassroot level. They are leaving the root causes and roots well intact and are beating around the bush, maybe because then they can hunt the rabbits which respond.

There goes my musing. You are welcome to comment, but don't expect me to reply if you are trying to woo me into an argument. I'd rather say vi is better than emacs or vice versa. :)

My Poetry on deviantART

Some of you might have been wondering where are all my poems, since I say 'poet' in my profile. Well, my poetry in Sinhala (my 1st language) are with me because I have a tiny idea of publishing a poetry book. So what about my English poetry? Here they are:

I don't write in English as much as I do in Sinhala, and it's only lately I ventured into letting anyone read my English poetry. However I knew about this great art site called deviantART. It's community of artists and those devoted to art (digital art, traditional art, photography, poetry / prose, skin art, themes, wallpaper art, Art prints, etc. So what else? I just created an account (which is for free) and posted some of my old English poems and a couple of new ones. I have to say I was satisfied with their privacy policy and copyright policy, but if you want to join don't take my my word for it, do your own reading.

Well, in deviantART I go by the handle/nickname of Anaron. I wanted to put my real name, but it was not available. So when I had to pick another name for my account, I just used a nick I've used for a while. For Tolkien fans, Anaron associates with the word Sun in Quenya (Anar). I'm not very good with Quenya, but I just coined a new name (wohooo!) to represent my real name which means "the Sun" (when taken 1st and middle names together). Did someone said 'what a geek!'? I'll just pretend that I didn't hear that. :)

That's it. If you'd like to read some of my poetry (English), go to my deviantART gallery. This blog will also list the 5 latest additions to the gallery. If I feel like it, I'll post some here too.

Friday, November 02, 2007

Back to School

1 comment
Well, not exactly. Most of my friends know that I never finished my bachelors. Some of my friends are now doing masters, so I thought that it's high time I finish my bachelors. So now I'm doing the top-up for a BSc (Hons) in Business Computing from University of Wolverhampton, UK. It's an in-country delivery program where lecturers visit us from the Uni. It's a good program and so far I've met a few interesting friends too. And just FYI it's a computer degree, not a management one. Can anyone picture me not doing a computer degree? If you could, you probably don't know me well enough. :)

Nadee always teases me that I could finish my bachelors with our children someday. That picture was not so funny, so I'm keen to finish this on time. For one thing she only entered Uni after I was qualified to do my finals. Now shes in her level 2, while I just started the finals. Hopefully by this time next year I'll be a graduate.

Tuesday, October 02, 2007

I'm a Git (User)

Ok, I'm not a git. At least I don't call myself so. I just wanted to say I'm now a devoted Git user (yet novice). There are quite a lot of articles about Git you can find by Googling, so I'm not going to give a detailed technical document. Instead I'll just say why I like Git and why I'm going to stick with it. Some of the things I state are features common to distributed Version Controlling Systems (VCS). According to my experience and according to what I've heard Git excells in these features in a way no other does. For example performance alone is enough to win over users to Git. There are quite a few benchmarks of Git compared to other VCSs.

I first heard of Git when Linus Torvalds announced that he was going to write a new Version Control System in 2005. A few days later the project was announced and in weeks it was out. After reading about it in the Net, I heard that it was aimed at kernel developers, to who I obviously had nothing to do with. Time passed and I never gave git a try. This year I got to see a speech of Linus for Google Tech Talks. After watching it I was really, really convinced that it was time I try it. After all , I felt great about the concept of a distributed version controlling system.

Distributed VCS concept was new to me. All I knew was I really liked Subversion (svn) which I felt was a lot user friendly than CVS. For that matter, it isn't only me. I know for a fact even the largest software firms in Sri Lanka use Subversion internally (yes, even with .NET development. :) More and more people are now switching to svn from cvs. So I was feeling good about it and I told a few people also to switch to Subversion. However Linus's speech sent shudders on my beliefs and understanding about VCSs. And then I started learning about distributed VCS. As you know that I can be obsessive when learning about new technologies, it didn't take me too long to learn about a couple of them. These included Git, Mercurial, Monotone and Bazaar.

After some more researching I realized that if I was to start using a VCS seriously, I'd choose between Git or Mercurial (hg). I cloned a few repos using both git and hg and started using them to see about branching and merging and so on. So here I am, in the Git camp today. Here's a few things why I like Git. Some are my own observations, and some are not thoroughly experienced by me, so I rely on Internet sources.


For one thing I can't help but to just admit that Git is blazingly fast. Not hyping you, go and see for yourself. After using Git, anything longer than seconds in a VCS looks pathetic now. :) If you love Linux and the command line, most probably you are going to love git too. For GUI tools, Git have gitk and git-gui among other things. Some Git GUI tools are even used with Mercurial, too.

Some degree of performance is contributed from the fact that some operations on Git are local oppsed to remote operations in centralized systems. But even among distributed systems like Mercurial, Bazaar, Monotone, etc. Git stands high with it's performance. See the above benchmarks for proof.

Work Offline:

With Git I can clone a repo and go home to work with it. There's no need to be connected to a server to see a log or anything else related to metadata. In Git, when you clone a repo, you literally clone it. Which means you have a complete repository with all the history and so and so. Which also means if I clone Linus Torvald's kernel repo on my notebook, it is no less than the official repo (not that I'm also a kernel hacker :)

Working offline is a huge thing for me. I can clone a repo go anywhere I want and continue using it.

Creating a Repository is nothing:

This is another big reason for me to love Git. To create a repo in a directory, I'd just

$ cd myproject
$ git init
$ git add .
$ git commit -a

Just like that I'm ready to go. No need to set up servers, no checking server/network configurations, no imports and no etc., etc. of grunt work. I can just jump in and start working.

Give this ease of creating and using Git repos, I pretty much create repos for anything I'm working on these days. For example if you are working on a research paper, you may well be able to take advantage of Git to keep track of the changes you make. It can be code, research paper, novel, etc. but Git will be able to create a repo to track your content in a snap.

No overhead for SysAdmins:

In a traditional VCS, there's a SysAdmin overhead for creating and maintaining a server, Then there are other important things like backups and security. But with Git you can create as much repositories for you without even thinking about the SysAdmin. You get to keep your repos behind several security measures. Backing up a repo can even be done by the developers.

Since all commits are stored with a SHA-1 hash, any corruption (due to filesystem corrution, hard disk failure, etc.) can be easily traced. Even if you get to loose a repo, most probably someone has cloned it already. Which means you have everything including history and metadata safe. Nice huh?

Branching and Merging a reality:

I have never tried to use branches on svn or cvs servers, mainly I never got the point of being eligible of doing it. :) But people say it's hard,.... I mean put a pen though your eye hard. I've actually tried a few simple things with svn and had no clue how to get past certain things. But with Git branching and merging (if you can't merge back, branches are not much of a use) is easy.

This means if I want to test something, I don't have to plan for weeks in fear. I just can create a branch, work on it and merge when it's ready, without being a nuisance to the project maintainer. I know for real projects this is a big factor.

Commit Access Always:

Although I'm not going to talk about the underlying project politics, I have to talk about how I feel about this commit access thing. It may be ot may not be good to have a separate group who have commit access. But as a developer what affects me most is the thought "what if my commit breaks things?". So I tend to keep my commits till I'm sure of it, and till I have something a little large to commit (that is, if I have commit access).

With Git I don't have to worry about that because I commit to my own repo. And I don't have to have special commit permission from a project leader. I just can commit and keep working. I can commit early and often. When I'm ready with my code I can ask the project leader to pull from my repo or I can push to her repo.

Distributed or Centralized:

Although Git is a distributed system, there's no restriction how you use it. It can be pure distributed or it can be used in the same spirit we use todays centralized systems, but with a twist. We get all the facilities of a distributed VCS, if we know how to use it. Many people believe that a centralized VCS is a must for their project. But after giving some thought I'm beginning to think that in most cases, they can switch to a distributed model without much fuss. This is no accident. If you give some thought, you might see that a centralized system is a special formation of a distributed system. So think again. :)

Lets consider a scenario. For this example lets say I started a project called RailzCRM. I'm the lead developer + maintainer. So I set up a public Git repository in somewhere like ShareSource (they are still working on to set up Git support). I have my working repository on my notebook PC and I can commit as frequent as I like to my own repo. I'll pull from my trusted fellow developers or they'll push to my repo. They in turn will work with their trusted sources and online contributors via push/pull, patches, etc.

When I think my repo is ready, I'll just push my changes to the public repo and then merge them. Then the public can get the latest code of our official development tree. This way a peoples hierarchy can be created if we want, but I can get the benefit of distributed development.

Interoperability with Other VCSs:

Git can work with many other VCSs without making any fuss. End users may most probably not realize that Git is involved. Git can work with CVS, Subversion, Mercurial among other things. For example git-cvsserver can be used to enable end users work with existing CVS clients without problem. Git can import from a good number of VCSs too.

A Brief History of Git:

Git is a version/revision control system software used in the process of software development. Git was started by Linus Torvalds (yes, the same Linus) when he had to stop using BitKeeper, a commercial VCS (Version Control System). BitKeeper was used by Linus and several other Linux kernel developers, to track the kernel source. However there was a fiasco (not a fiaSCO) about licensing which made the Open Source community crave for an alternative to BitKeeper (actually a distributed VCS).

They started considering the available Open Source tools. According to Linus it wasn't much of a trouble. Everything other than Monotone was ruled out early. I haven't heard about Bazaar, but looks like Mozilla people ruled it out later on performance issues. Even Monotone was ruled out at the performance. Then Linus thought that he could write something better than any VCS around, in 2 weeks. It looks like he was right, yet again.

Although Linus started the project, now it's under the patronage of Junio Hamano. Lot of fuss has been made about Git not being a general purpose tool in earlier days since it was started targeting the kernel. However Git has come a long way since and undoubtedly is one of the best VCSs around now.

The only major drawback there as I see is the lack of support on Windows platform (which I don't care much, but obviously not all people think so :). There already are ports for Windows which people claim they are using at their work without any trouble. Even it there are troubles coming up, I believe full Windows support will be available very soon. Anyway just to let you know, Git on Linux is blazing fast and way fast than any other option.

So..... that's all for now folks, on Git. I wrote this in a bit hurry. So I won't be surprised to find mistakes and things. Just let me know. I'll fix them later.

And oh........... I also hope that the projects I keep track of like Nmap and MPlayer will switch to Git. Yes, that's a hope. :)

Here's a basic diagram which might help you to grok the concept.

Monday, October 01, 2007 - The Next SourceForge?

Leave a Comment
ShareSource is a new site providing hosting facility to FOSS projects. As you might already know, SourceForge is the most popular choice for this type of service. SourceForge (owned by SourceForge Inc, earlier know as VA Systems) is without a doubt the largest FOSS hosting provider. It has been and still continue to be the trail blazer in FOSS project hosting. However I see a lot of promise and potential in ShareSource. Only downside I see is, the name reminds of a Microsoft license. :) ShareSource is maintained by Tim Groeneveld. I guess this is the same Tim Groeneveld who created AgeanLinux (never used it) because now points to It's still way too early to say whether ShareSource can be the next SourceForge, but it's definitely worth watching.

The first thing you'll notice is the faster loading of the site (compared to SourceForge). It's interface is simple and nice, and is fast. ShareSource provides many nice services such as VCS support for Mercurial, Subversion and to my utter happiness (very soon) Git. It provides a release management mechanism, bug tracker and so on. True, it has a lot to catch if it is to reach the SourceForge standards, but ShareSource is improving very quickly. It's only 3 months old roughly and already has more than 90 projects registered.

I liked the site and I'm hoping to give it a try. Honestly, I feel like continuing with ShareSource after seeing the nice and flexible features they provide. So I invite you, all the FOSS developers out there to try too. And let's not forget to give Tim a big round of applause for starting ShareSource where FOSS projects can find a (quality) home for free. Kudos.

Sunday, September 30, 2007

For the Love of Rails..

Most people who know me personally know that I'm an Open Source enthusiast. And they probably know that I'm more of a SysAdmin than a developer. Well, thats quite true. Eventhough I enjoyed programming, my main interest was always System (especially Linux) administration. However in the last 6-8 months aor so I've started getting more and more into Open Source development. A major breakthrough for me was getting selected for Google Summer of Code 2007, to participate in Nmap! (Nmap is much like a grail among SysAdmins :) Unfortunately my persoanl circumstances didn't allow me to finish the work with them. Family matters and other things piled up and I have to give up. Nmap people has been very supportive though and the same was true about the Google people. So after some weeks here I was trying to look more into Nmap, Metasploit and other things. Then I realized that I could give sometime to this Ruby thing which I heard was on Rails or something.

Here I am now, after a few months. Although my software developing exposure hasn't seen a lot more, I've ventured into it. And I have to admit, that Ruby as a language and Rails as a framework has changed my view about the whole software development arena. So what's new? Another fanboy article about Ruby on Rails? Not really. I just want to thank Ruby on Rails. :) If you are offended by Rails please skip this post. I promise there are couple of posts about other things coming up shortly. :)

First I thought of following J2EE and web services, because I knew virtually nothing about them. You know, I can't stop myself getting interested in new technologies. (For example I've started with the Xen tools in Linux and got to like it very much........ Ok, not so new :). But before I did that I gave Ruby a try, and started using Rails to create simple things (which is what I still do. :) And what else? I simply love it. Ruby as a language helped me grok more of OOP concepts. And when I got to try Rails, I just had to hold my breath in amazement (and amusement too).

I always felt that business application level programming was messy, tedious and boring, partially due to the way we were taught about them. However after Rails, I just feel it's not that bad afterall. I'm not saying that J2EE is a bad platform, not even being funny as RailsEnvy people. :) Just as a user, after using Rails I feel, "why the hell it has to be more obscure or tedious?"

Rails uses DRY and Convention Over Configuration concepts. DRY means don't repeat yourself. And Convention over Configuration means unless you make specific changes, there's no need to worry about grunt work in configuration files, XML and etc. Everything has a conventional way of doing it. And if you choose to differ you may well do it.

The scaffolding is great to learn Rails and also give a good idea of how to organize a web app. And migrations!!! Just have to say wow. With migrations one can use the database without worrying about changing database level things. Object-Relational mapping is implemented using a design pattern called "Active Record" opposed to the hibernate technology in Java. With these thing, a Rails developer don't have to worry about the underlying database or the DBMS for that matter. Now, doesn't it sound good? All in all, I've so far loved the learning process, and I have a feeling that I'm going to remain so. For Java, .NET and other framework users, I'm not asking you to throw away your tools. Just give Rails a fair try, totally worth it.

More I use Rails, more I realize that it isn't a toy. It's a serious framework which is giving other frameworks a serious run for their money. As far as I can say, you cannot appreciate the power and ease of Rails without getting your hands dirty with some coding.

For a quick peek of Rails try Rolling with Ruby on Rails short tutorial.

Saturday, September 01, 2007

MySQL and EnterpriseDB Launched in Sri Lanka

Leave a Comment
The two premier Open Source Database Management Systems were officially launched recently in Sri Lanka. While MySQL itself was launched, PostgreSQL availability was in the form of EnterpriseDB, which is not exactly PostgreSQL.

EnterpriseDB Corporation, the maker of EnterpriseDB DBMS (a commercial DBMS based on the advanced Open Source DBMS PostgreSQL), together with a new IT firm called Fossmart announced their partnership on 10th, May to provide EnterpriseDB Advanced Server to Fossmart customers. EnerpriseDB is well know for it's Oracle compatibly, which means applications written to work with Oracle DBMS (worlds leading DBMS) can be used with EnterpriseDB usually with no or little modifications.

MySQL, the popular Open Source DBMS was launched 31st, July in Sri Lanka by hSenid Software International. hSenid will provide MySQL Enterprise Server in Sri Lanka. MySQL, provided by MySQL AB is probably the more popular of PostgreSQL and MySQL.

I personally believe this expresses the awakening of the Sri Lankan IT industry to FOSS in the enterprise front. As people in Sri Lanka may be aware, there are more and more FOSS based software solutions appearing. I'm very eager to see the future and be a part of it.

Nmap is Ten

Leave a Comment
Nmap, the popular Open Source security scanner turns ten years old today (1st September)! Ten years ago, i.e. in 1997, Fyodor released first release of Nmap as an article with the Phrack Magazine. It has since come a long way from that humble beginning into one of the foremost network/security tools on the planet, and also was featured in a couple of movies, including "The Matrix: Reloaded".

Current Nmap stable release is 4.20 and it was released some months ago. However the Nmap developers have been very busy. Nmaps development branch includes quite a few hot and wonderful features including the NSE (Nmap Scripting Engine), a new GUI frontend (UMIT), and many more. You can download both the stable and development releases from the Nmap download page. For cutting edge development the Nmap SVN repository is recommended. The improvements made in the development include development contributions from the Google Summer of Code students (5 Nmap students and 7 UMIT students) also. The two major feature additions have already received a nice reception from the relevant communities. UMIT is full of wonderful ideas such as UmitMapper and other things. And NSE has already received attention of SourceFire, the SnortIDS people.

By the way Nmap still remains humble and excellent. Fyodors very pleasant leadership and the vibrant community has always been and will be a major factor in the Nmaps success. I have to say "very well done" to Nmap which is a true Open Source project, and which didn't give into commercialization. So lets wish Nmap Security Scanner a very happy B'day, one of many more to come.

Edit Note: Some details have been removed from the original post. This was done in order to correct the information I had put about a future Nmap release. I'm sorry for any inconveniences I caused by posting that incorrect information.

Monday, July 30, 2007

Ant Invasion

I'm being besieged by ants, constantly during the past couple of days. For some odd reason, ants in my home seem to find my notebook computer attractive. Whenever I turn it on and use it, ants (biting red ones, not the harmless black ones) come in a line, get through the space between the lid and the base, walk right over the power button (some over the speakers) and go in through the keyboard. First day I just blew a few. Then I realized that they were really determined. A fair amount of them started to crawl near the computer. The odd thing was they only tried to go in, when it was on. Whenever the computer was switched off, the few who made it in started resurfacing as the computer was cooling down. Was it heat (they should be nuts to seek heat in this climate :) or was it something else? I'm not sure. I was wondering whether it's because I blogged about SugarCRM a few days ago. :)

I've seen what they can do to a keyboard (they literally bites it and takes chews with them). After loosing a PC keyboard due to some spilled biscuit crumbs by a cousin, I was also determined not to let them damage my notebook. After a several tactical moves, and hard defending, I moved everything on the table away, and sprinkled the table with talc (not mine)! I also have a brush ready to defend, in the case of occasional break-ins. It seems to work. I only have a small half-circle shaped DMZ (De-Militarized Zone) around the computer to keep my hands, headphones ans external mouse. It's kind of cool, like working in snow :) when people are not telling me that I've got chalk on my arms.

Sunday, July 29, 2007

Fasten Your Seat Belts, IPv6 is Coming!

According to the researchers and technology experts, availability of IPv4 addresses will exhaust in 2010 at this rate, probably between march and may. Thats less than 3 years from now. Most probably the panic attack will come before that. So I guess it's safe to assume that migration to IPv6 is going to be big after around 2 years from now. So buckle up, road ahead is bond to be a bit edgy (at least for tech people).

Well, I'm not in a mood to explain what IPv4/6 addresses are for non-tech-savvy people. So I'll give a very simple (technically inaccurate) example. Your house is named "Big House", and people know it by the name. Your house also has a number to be refers by the town authorities 63/57. For people and for day to day use "Big House" is more easier and convenient. But the actual representation of your house is 63/57. Taxing and evaluating are done in association with it. Think of domain names (Ex: as "Big House" and IP addresses (Eg: as 63/57. An IPv4 address is a 4-segment representation where each segment can be a number between 0-255 (IE: - Each computer, router and any node directly connected to the Internet should have an IP address. In lay terms, IP address exhaustion means that by a certain date (Eg: march, 2010), there will be no more address available to be given to the new computers connecting to the Internet.

Even a kid can realize that this is a crisis. But unfortunately, most businesses who influence the IT industry didn't feel it was. They get the wake up call now. Comfort zone invaded, now they have to move to a new system to sustain the growth of the Internet. Solution: IPv6.

Back in early 90s, IETF (Internet Engineering Task Force), and other people foresaw the coming of the inevitable exhaustion. So in 1996, IETF released a set of specifications for the version 6 of the Internet Protocol (IPv6), starting with RFC 2460. 11 years later the industry has shown a terribly lukewarm attitude towards adopting IPv6. The concept has remained more academical than practical until recently. However with the predictions available, it can be expected to see more rapid adoption and migration to IPv6 from IPv4. The biggest pain, I guess would be to migrate business applications and legacy systems to IPv6. On system administration front, more and more IPv6 aware applications and tools are appearing.

I guess and hope that we are going to see the mass migration to IPv6 soon. Even the newly appointed IETF chair Russ Housley expects to see this sooner rather than later. He said this in an interview among other things. Russ being having a strong interest in security also expressed his eagerness to improve security of the Internet.

Friday, July 27, 2007

Open Source doesn't count..... Says Who? Not Microsoft anymore

This is for people who try to argue with me that Open Source software is nothing serious. So read the article, research the Net and save me from the arguments. Of course, anyone else is welcome to read this, too.

This isn't going to be yet another 'Open Source is the best' article, or another 'Microsoft is evil' article (for that matter I'm not Anti-Microsoft, though I don't, can't and won't accept certain aspects of their vision and practices. Let's just say I'm Pro-FOSS). However this is a sort of an answer to Microsoft fanatics (not mere fans), then people who develop allergies when they hear 'Open Source' and people who are ignorant enough to refrain from opening up their minds.

All of them have been saying Open Source doesn't count, Open Source is for hobbyists and Open Source is not for enterprise. They as hard as they, could have been denying the influence the Open Source movement has done to the software, technology and culture. I just wanted to write this since I briefly had the opportunity to be bugged by seeing a couple of know-all tech gurus giving degrading comments about Open Source.

Open Source is a real deal:

Before I go into more things let me answer a few FUD (Fear, Uncertainty and Disbelief) facts. Fist there are people who claims Open Source is only for hobbyists. Well, that doesn't explain why Apache is the most deployed web server, when so called industry standard web servers are there. I see no one putting million dollar marketing budget behind Apache. The claim doesn't also explain why Firefox has been downloaded several millions of times. It doesn't explain why operating systems like Linux, FreeBSD, OpenBSD, etc., server software like Postfix, Sendmail, qmail, Spamassasin, Squid, BIND, Snort, etc. and end user software like, VLC, MPlayer, Pidgin (Gaim), Thunderbird, Evolution, Wireshark (Ethereal), Nmap, FrostWire, Azureus, 7-Zip, TrueCrypt, GIMP, Inkscape, etc., programming tools like PHP, Perl, Ruby, Python, CVS, Subversion, gdb, etc., Database management systems like PostgreSQL, MySQL, etc. are so popular either. For people who haven't heard of any single thing in the list, I have to tell one thing. You have to use a computer if you want to see software. :)

And about lack of enterprise applications, well.... what should I say. I'll just give another list of names and leave you to check them out. These are Alfresco, WebGUI, Adempiere, Openbravo, Project Open, Pentaho, Jasper, SugarCRM, vtigerCRM, Scalix, Zimbra, Hyperic, Zenoss, etc., etc.

Open Source means business:

Which impact Open Source had on the software industry anf technology? None?

Wrong again. Although I may suggest that ambitious projects like Wikipedia are results of the inspiration, there are more solid examples that businesses and vendors are realizing what Open Source can do for them.

For example lets see a few projects and software which went Open Source after being closed source/proprietary. It includes Solaris operating system, Ingres database, Java programming language, Hyperic HQ IT asset management system, AOLServer web server, and even Quake (1/2/3) game engines.

The latest news about the battle for software freedom is surprisingly coming from the most unexpected source. It'll be interesting to see what the members of Anti-FOSS camp have to say about this.

Microsoft has launched an Open Source software site at
And they are going to submit their Shared Source License for the approval of OSI (Open Source Initiative).

I hope, after all they have taken one step towards understanding that Open Source is not a rival revolution, but a revolution they can also take part in. I really hope so. Then again, I also hope for peace on Earth. :) Let's see.

Truth Happens:

I'm going to end this post by quoting a little old video from Red Hat (markets leading Linux vendor) which in turn quotes from Mahatma Gandhi.

Despite Ignorance
Despite Ridicule
Despite Opposition

Truth Happens

First they ignore you...
Linux is the Hype du Jour
- Gartner Group [1999]

Then they laugh at you...
We think of Linux as a competitor
in the student and hobbiest market
but I really don't think in the commercial market
we'll see it in any significant way
- Bill Gates [2001]

Then they fight you...
Linux isn't going away
Linux is a serious competitor
We will rise to this challenge
- Steve Ballmer [2003]

Then you win.

Thursday, July 26, 2007

SugarCRM going GPLv3.... Others?

SugarCRM, probably the most popular Open Source CRM project has decided to release their upcoming SugarCRM Community Edition 5 under the brand new GPL version 3.

It was nice for them to move to a real OSI certified Open Source license, rather than sticking with their own. Wait a minute...... version 2 of GPL doesn't appear in the OSI certified list yet. Well, I guess it's going to make it there. I have yet to study the GPL v3, so I cannot comment on technicalities or personal views. Should be an interesting reading (now, don't look at me like that), after considering the controversies linked with it, Linus Torvalds not being happy about an early draft and all.

SugarCRM is a promising project, but it has a little rough memory regarding the flame wars with their vtigerCRM fork. I guess SugarCRM people will have to get used to being used (their code actually) in other projects, if they are switching to GPL (ie: they cannot claim I stole their code, if I use their codebase to create a new software). However SPL (Sugar Public Licese), their previous license also viewed as an Open Source license by some people, although not officiall endorsed by OSI. They claim that's why vtigerCRM could use the codebase in the first place.

Anyway it still means that SugarCRM Community Edition is fully Open Source. Their fork vtigerCRM is and was Open Source all along. They've put together a FAQ about their move to GPLv3. I also hope that companies who claims to be Open Source (and never feel like releasing the code) should consider being actually Open Source. If they are not going to do so, let the customers put pressure on them like SugarCRM customers did (or so I've heard).

Monday, July 23, 2007

Howto Migrate from Thunderbird to Evolution

I know some of you are asking why, rather than how, regarding migration from Mozilla Thunderbird to Evolution. Maybe that's why there are lot of Evolution to Thunderbird migration guides, but not many vice-versa. Fear not, here is a guide, to assist who dare to migrate from Thunderbird to Evolution. The techniques described here are tested with the newer versions of both the software, namely Thunderbird and Evolution 2.10.2. On higher versions also this should work without an issue.

I think Mozilla people are doing a wonderful job with both Firefox and Thunderbird. From my point of view Firefox is the best general purpose web browser around. It beats most proprietary browser in speed, stability, security, modularity, etc. (and don't start commenting the so and so browsers are greater or so and so is cool too. I know they may be, Fx is simply my choice. This also applies to any comparisons with Evolution too :) However Fxs' counterpart in e mail business, is not yet there at the helm. Thunderbird is a great application especially combined with Lightning addon, but from my point of view it's not there yet where Evolution is.

Evolution on the othet hand, has been the most popular Linux mail client during the past few years. It was started as a project of Ximian (later bought by Novell), but now a part of GNOME Desktop. Evolution now has a Windows XP version too (still in alpha stage as of this writing). To be more true to the point, Evolution is not just a mail client, it's a PIM application.

Evo comes very competitively on par with commercial applications like Microsoft Outlook. If you are looking for a replacement for Microsoft Outlook in a Linux environment, then Evolution is your best bet without a doubt. But on the other hand, I wouldn't use Outlook as an Evo replacement on Windows (if I have to use Windows that is. I don't hate Windows, I'm just Pro-Open Source).

Evolution comes with many rich features like calendar, appointments, tasks, memos, signature management, encryption, filters, Palm device support, developer platform, LDAP support, even Microsoft Exchange Server connectivity and lot more. Evolution is more feature rich, advanced, stable, less memory consuming than Thunderbird. One day Thunderbird might be "the" e mail client for Linux, but today Evolution is simply "the" client.

There are two methods. One is slower, proper method, good to learn more about the process and so. The second method is much quicker and great when you have a lot to migrate. So here are the steps first, then I'll describe each step more (I assume both Thunderbird and Evolution are installed. If not you might want to do it at this point. Most mainstream Linux distros ship with Evolution).

Method 1 (slower): General Steps:
  1. Backup your .thunderbird directory
  2. Configure Evolution
  3. Export your contacts from Thunderbird and import them from Evolution
  4. Import your mail archives from Thunderbird to Evolution

Yes, it's that simple. So let's now dig into details.

Method 1: Detailed:

1. Safety First (Backup your data)

Please backup the data before you try anything. Especially don't forget to get a copy of .thunderbird directory (located in the home directory, usually). All your current mails which you view withing Thunderbird are in this directory. So it is important to back this up.

(I'm not going to tell you how to copy a directory. It's out of the scope of this guide. Please refer to any documents on basic Linux operations.)

2. Configure Evolution

Create the necessary accounts in Evolution. How to configure accounts in Evolution is out of the scope of this howto. So I'll just assume that you created the desired accounts and relevant folders. For example I added my Gmail account and added several folder like Fun, Blog Comments, Personal, etc. to my Inbox folder. This is to organize your mails well. Now we are set to go.

3. Import Contacts

From Thunderbird you can export your contacts (Address Book) to several formats. Since our aim here is to import these back into Evolution, use either csv or ldif. This is how you do it.

In Thunderbird,
  • Go to Address Book
  • Select the address book you want to export, then
  • Click "Export" from "Tools" menu (Tools --> Export)
  • In the dialog give a name and a location to save the export
  • Select either "Coma Separated" or "LDIF" as type
  • Then click "save" to export

Now that exporting is completed, we can move into import these from Evolution

In Evolution,
  • Go to Contacts Window View
  • Click File --> Import
  • Go ahead and select "import a single file" option when asked
  • Select the file we created when exporting from Thunderbird
  • Then import the contacts
Note: It's better to create a new address book to import the contacts, but it's rather your choice.

Now the contacts are imported and ready to go. So let us move to the next step.

4. Import mail archives

Now let's migrate your existing mails to Evolution. Thunderbird uses standars "mbox" format for mail folder, which is the most commonly used format in Linux. Your Thunderbird mail archives are at ~/.thunderbird/xxxxxxxx.default/Mail/ (where xxxxxxxx will a different alphanumeric string). In this directory you'll have directories according to your mail accounts. In my case it's /.thunderbird/xxxxxxxx.default/Mail/Local\ Folders/Inbox.sbd/

There will be two types of files there. Files without an extention and files with .msf extention. What we need are the files without extentions. Eg: Fun, Tech, etc.

In Evolution,
  • Go to mail window view
  • Click File --> Import
  • Go ahead and select "import a single file" option when asked
  • Select the file (mail archive) you want to import and select a location to be imported. Eg: I imported "Fun" archive (not Fun.msf) into a directory named "Fun"
  • Repeat the last step for every archive you have

Done! Now you are ready to go. Your mails and contacts are now successfully migrated to Evolution. You might ask me why not straight away copy the mbox files? Why import them?
Well, actually I didn't try it. Anyone is welcome to try that and let us know. I've heard it worked for people. But personally I felt like doing this way because it is common sense, to carry out these general steps to migrate to any client using mbox format.

Method 2 (Easier):

Well, I know the above method works, but it's not going to be easy if you are to migrate a large number of mails, or many accounts. Simply the Method 1 is not scalable. :) So I've checked other ways to do this, without the hazzle of going through import and export steps. When you have more than a few folders to import this method should be much much painless and easier. But this method is only for mails, for contacts you still have to do import/export.

1. Create a folder to accommodate your mails.

You can do this either using Evo or by creating a directory under your Evo local folder directory. Better to create a folder and copy a message there (within Evolution), this will create the directory structure under ~/.evolution/mail/local/Inbox.sbd/

2. Copy the mail archive file to the new location in Evo local folder

Copy all the files in your Tunderbird mail directory into the newly created Evo directory. When you are copying files from your TB directory Eg: ~/.thunderbird/xxxxxxxx.default/Mail/
to the new Evo directory Eg: ~/.evolution/mail/local/Inbox.sbd/Thunderbird.sbd/ you only need the mbox files, there's no need to copy the .msf files.

If you don't want a separate folder for Thunderbird mails, you can just copy the files into ~/.evolution/mail/local/Inbox.sbd/

Note: There's a little tweak needed if your Thunderbird directories have spaces in their names. Eg: If your TB directories have a name like "archive prior 2008.sbd" copying it directly into Evo directory the mails would not appear as you would hope. This is because Evo doesn't use spaces in the mail directory names. So just rename them by replacing each space with an underscore ("_"). I cannot verify this note, as I haven't personally tested this. However it was reported by a user in the comments.

3. Restart Evolution

Done! Just like that, all your thousands of mails, hundreds of folders will now appear under the directory you created. Obviously this method is quicker than the previous one. You can consider the previous method a drill to learn the structure and workflow. :)

Whenever you want to backup your Evolution mail archives they are at ~/.evolution/mail/ How to completely backup Evolution data can be seen here. Newer versions of Evolution has a neet function integrated in menus which will allow to backup Evo with settings (File --> Backup settings) and restore (File --> Restore settings). I've used it a couple of times and it works fine.

This post is based on an article I've posted in Linux Tutorial section. It also has a discussion page. If you have Linux questions you can go and ask the wonderful online Linux community,

Sunday, July 22, 2007

Jotting the Google Way

Well, this isn't hot news for followers. But it's good news for Google Apps users.

In this ZDNet article, Dave Girouard, vice president and general manager of Google Enterprise claims that they plan to integrate Jot support into Google Apps. Google last year acquired JotSpot, who was one of the most innovative and advanced wiki providers.

I haven't actually used JotSpot, but I did look into it sometime ago. All in all Jot was quite a promising service. It had very useful features, including web application support, and claimed Jot is not a mere wiki, but an application wiki (if I remember correctly). However I required more flexibility than it was available with the JotSpots free plan. So I resolved to use a free, but not very popular thing called Schtuff. This year Schtuff dissolved their service and came to an agreement with PBwiki to host the existing users. So I also migrated from Schtuff to PBwiki which was more nicer. Since I was from the Schtuff migration, I have some bonus features which a normal (free account) user wouldn't have like larger spaces, page level access control.

Back to the story. I'm willing to see Jot integrated with Google Apps. In fact I've been wondering when they are going to do so, from the day I heard about Googles acquiring. It is however not mentioned exactly when it'll be available. I personally believe. This will enable GA users (especially small businesses) to be a lot more productive. It should cater their need of infrastructure at a fraction of the cost than if they plan to go for hosted things. They'll have email, basic collaboration with pages, docs and spreadsheets, etc. and now application wikis. However larger organizations might want to host their own, because the cost multiplies by the number of user accounts.

Sunday, July 15, 2007

Running Debian Etch on my Noebook with an ATI Mobility Radeon X1600

A couple of days ago I had a bit of a crisis when my Notebook running Fedora 7 refused to boot in the morning. It just hanged up after the line with 'Red Hat nash starting', after a package update. The update however, wasn't anything related to kernel, headers, nash or anything related. It was just a few regular package updates. The Fedora 7 crash was quite a disappointment as I was very impressed with how far Fedora 7 has come since FC3/4. I was using Fedora as my primary working distro, that was until the following incident.


So I was stuck with a crashed computer with all my e mails, svn check outs, bookmarks and so on. I tried with modified grub parameters (and various other things) without any success, before deciding to do a fresh installation. The real horror was there.

My Fedora 7 DVD refused to boot into the installer and hanged at Running /sbin/loader. Every time I tried to do an installation it just hanged the same way. By this point I wasn't even sure whether the crash was related to the updates I made. I was worried to see a working system just go out like that (not that I haven't seen anything like that). Even more frustrating was not being able to get the DVD to install. So I downloaded a rescue CD image using another computer and tried to do a Net install with it, still without any success. I will submit these issues to Fedora bugzilla, hopefully soon.

It was about midnight when I had to let go of Fedora, I had to use the computer someway. So I checked my Linux disks. Among old CDs, the only recent thing I could find was the Ubuntu 7.04 CD. I gave it a try. As I expected the X failed at boot complaining about my graphics. Being a Debian fan, I didn't worry much to get Ubuntu boot and then trying to install. After all I was tired with trying so many things.

So ....., I downloaded and burned an Debian Etch NetInstall CD image into a DVD (which was another cause for frustration in a Windows box). Around 4 o'clock in the morning I started my first ever Net installation of Debian.

I set the alarm to 6 o'clock and went to sleep.


A fresh day. A fresh OS. I got up (Nadee, if you are reading this, you just didn't see I slept only 2 hours...... Ok, I'm not doing that kind of things nowadays as often as I used to do. Really! Forgive? Yes, you do :). I had shiny Debian Etch installation (so much for the wait to download Debian DVDs).

Fedora and Debian are my favourite Linux distros for my Notebook. I have tried many distros for myself including Fedora, Debian, Red Hat, Red Hat Enterprise Linux, CentOS, Ubuntu, Vector Linux, Gentoo, Slackware, Mandrake/Mandriva, SuSE, Novell SuSE Linux Enterprise Server, Lycoris Desktop, Lindows/Linspire, etc. and even something called KateOS. I'm not going to list the Live CDs I've tried here, don't worry. After all these years trying and running all these things, I prefer to install Fedora or Debian on my working (desktop) PC.

Anyway, I got the Debian installed and working. First thing I did was to install the graphic drivers for my 256MB ATI Mobility Radeon X1600. Most of you might know that the driver is broken on Fedora 7 and not yet fixed by ATI (AMD). So I was keen to try it in Debian. After several weeks on VESA I wanted to use a proper driver. What was the fun of having a graphic card like X1600 if I couldn't use it?

First I added non-free to enable using non-free packages in the Debian official repositories.
deb etch main non-free
deb-src etch main non-free
deb etch/updates main contrib non-free
deb-src etch/updates main contrib non-free

Then I installed the driver packages,
# apt-get update
# apt-get install module-assistant fglrx-driver fglrx-kernel-src

(fglrx is the driver, module-assistant was to build the kernel modules from the driver package)

# module-assistant auto-install fglrx-kernel-src

This builds and installs the driver kernel modules

# aticonfig --initial
# aticonfig --overlay-type=Xv

Just like that I had my graphic drivers properly set up. So I gave it a run by running a few 3D FPS games like Nexuiz, Sauerbraten, etc. Worked fine. I'm happy and will try a few more games just to be convinced :). This is not to say that I'm happy with the driver scenario. I'm totally, utterly unhappy about the ATIs stand in Linux drivers. As a customer I can be unhappy.

So to finish up the thing. I'm now running Debian 4.0 (Etch) on my Notebook with ATI Mobility Radeon X1600 + 17 inch Widescreen graphics. I've lost my Evolution contacts list during the migration by mistake. I have to get them from Gmail again. I also have to install a few things from source. This include the things I usually install from source like MPlayer/MEncoder, ffmpeg, Nmap, etc. and a thing I usually don't install from source, Pidgin 2.

Altogether, Debian has slightly more things to configure than Fedora or Ubuntu which usually works out of the box. This may be credited to the wider scope of Debian. I can claim that I'm fairly satisfied with Debian Etch on my Notebook. However running Fedora on the Notebook was more smooth for me (I have a fair amount of memory and processor power to waste :). When Fedora 8 comes in a few months, I'll try it again if ATI people are nice enough to provide a working driver, otherwise I guess I'll stay with Debian.

Go Debian!
Note: I sincerely hope this little cheer will convince Debian people to do more frequent releases :) They are doing a great job of providing a stable, relatively less resource eating OS. But release cycle seems a little slower for the desktop.)

Ruby Rocks!, .. Ruby Gems!

Leave a Comment
I got Metasploit running ages ago as you may know, and as a result of the prolonged exposure to highly contagious Metasploit 3, I was attracted to Ruby more. I did the Ruby in 20 minutes, then run in the browser lesson. And lo! and behold, I was hooked with Ruby (well, if any of Nadees friends are reading this, I should inform you that Ruby is a computer language. Even she knows that :).

Anyway, I loved the language and the how the OOP concepts are implemented (though I haven't done much with Ruby yet). From what I've seen so far, I have to say,
Ruby Rocks! then I realize that Ruby is not a mere rock (alternate interpretation), then here we go,
Ruby Gems! I don't know how you interpret, but there's an alternate alternate interpretation because ruby has a package format called gems. So Ruby indeed does gem :)

I've found some good reading on the Net about Ruby and especially about web apps with Ruby on Rails. Anyway all of you are to make your own decision. After all I'm the guy who still think C is cooler than C++ (hmm.. perhaps it has something to do with me not being too exposed to c++ :).

Wednesday, July 04, 2007

I Know What Happens to Harry Potter

Ok, there's a lot of buzz going on about the upcoming Harry Potter book. And not so surprisingly, there are quite a few individuals who claims to know what happens in the book. And there are quite a few versions of the book out there in the wild. If you are someone who are unlucky (actually, lucky) enough not to get your hands on one of these fakes (my, they actually wrote complete books, fake or not), here's my version. Er.. actually a couple of versions.

l33t v3rs10n:

I hacked as fast I could into the Bloomsbury server (or whoever it was) just now. I used several advanced out of this world hacks and kicked the hell out of their server defense systems. And being one of the l33t (a Scr1pt K1dd13) it was nothing for me. So just hacked into their poor box and managed my way to their 3D display of the filesystem. From there on, it was just a few clicks away to navigate and get to their fileserver. I got to the file "HP_Deathly_Hallows.pdf" and downloaded it to my box. Then I replaced the original one with a file containing the "Sw0rdPh1sh wuz here!!!" text in bright red point 45 text. Then I got the hell outta there to enlighten you lay ppl with the new Potter story. So here's it.

While Ron and Hermione are fighting a deadly battle with the dark lords minions, Harry is confronted with the dark lord himself. Although he puts a valiant battle with him, it looks like the dark lord is about to over power the boy wizard. In a cruel irony of life and in that fateful minute Ginny comes to the aid. She saves her love but falls at last and dies on Harrys arms :-( Or was it Ginny kicking dark lords a**, um... I'm confused. Whatever it was, I once again proved I'm da l33t sup4 HaXXor. You better bow down to me.

Lay version:

I was chatting on Yahoo (gosh, I hate even to fake using Yahoo! mail) in this nice literature chatroom. There was this nice lady (identity withheld due to privacy reasons) from USA. We were having this mutual intelligent chat about British writers when I popped the name Rowling. She claimed "Oh, my god!" (it was O,mg!) "u also a potter
fan, I mean a Potter fan?". I said yes and asked why, casually. One thing lead to another and then to another. To make a long story short, that was when she told me how her neighbour bought a dog from an old couple whose daughter didn't have a child, so adopted a Tasmanian devil from a welsh locksmith who happened to be the friend of a friend of a person who was distantly related to a person who knew someone working in the HR department of Bloomsbury!

Wow! She told me very secretly (we had switched to private chat by then) how Neville dies protecting Harry and Ginny and how Luna becomes a professor at Hogwarts later. She was kind enough to tell me that Ron and Hermione marries and Harry has two children with Ginny. There were other yummy details which I'd withhold because I don't want to be such a spoiler. And please don't tell anyone about these things because it might jeopardize my friends situation.


I just can't believe I wrote all those. Well, I did and you might want to know why. Top reason is I'm sick of people forwarding fake books and jamming my e mail, and trying to show off saying "I got the leaked Harry Potter book, if you want I can give it to you. Don't give it to anybody else..... etc." Said that I'm not irritated, just amused.

Funniest thing with these Potter things was, when a self-claimed hacker (cracker) posted
a mail claiming about the ending of the book, apparently by hacking (more precisely, cracking) into a publishers system. This story was posted in (yes, the Nmap site) and was covered by popular media such as Reuters, BBC, NY Times, FOX News, MSNBC, Boston Globe and several others more. Fyodor (founder and maintainer of Nmap, and claimed jokingly "Muggles take over Insecure.Org!" on homepage. Now, don't you go there and add more traffic! :)

Well, that's it. But given the nature of the subject at hand I'd like to post a disclaimer.
(Whatever included in this post, is just imaginary and for pure amusement. Nothing in this is related to 'Harry Potter' titles, movies or non whatsoever. I have no relationship with J.K. Rowling or her publishers or anyone or anything associated with 'Harry Potter' material. If you think this is in violation of any legal aspects, please stop reading. It will work.)

Tuesday, June 19, 2007 Turns 7 and Member Count Hits 300,000

The popular Linux Community site (LQ) has turned 7 years old on 17 June 2007. "jeremy" the root annonced this officially on a forum thread. Just within a day, the member count has now reached 300,000!

That's a big number. Community driven sites with 300,000 members, isn't something you are going to come across daily. To be more amazing, the 300,000 count doesn't include members who have been staying with 0 posts. For example, the user 300,052 actually has the uid number of 349,117.

I (SkyEye of LQ) happened to be that enthusiastic member who kept counting (of course by looking at the counter) and announced both the 200,000 and 300,000 member counts. By revealing this I am practically giving up my anonymity on LQ. :) Anyway I'll consider it as a tribute to LQ.

However the distinction of LQ is not just in the numbers. LQ has always been know for the friendly Linux community which was always there to help. Started in 2000 by Jeremy Garcia who is more widely called just by his LQ username "jeremy", LQ remains one of the most popular and most active Linux communities in the Net. I wonder how many have noticed the link and description of LQ in Red Hat site. If the Big Red recommends it, it should be good enough, eh? :) I also bet some of you might have stumbled upon LQ threads while searching the web about your Linux questions. That's how I ended up being a member.

So I'd recommend this site for any Linux geek, wannabe and for people who want to believe. If you know how to ask a question, the answer is just a post away. For all sorts of Linux questions, there's

Tuesday, June 12, 2007

My Nmap Survey

Here's a chance to all the geeks who read this blog to contribute to your favorite Open Source security scanner. If any of you have used Nmap please take a couple of minutes to complete this survey I created to capture end user feed back of the new NSE (Nmap Scripting Engine). FYI: I'm working with Nmap as a GSoC 2007 participant. I've already contacted some SysAdmins regarding this and this is the turn for you folks of the Blogospere :)

Gaveen's Nmap Survey

Nmap, the popular Open Source scanner have seen significant and rapid growth recently. Nmap being always a buzzing, swarming active Open Source collaboration, always attracted many (great many) users worldwide from it's early ages. If you are a SysAdmin (I mean a real one :) most probably you have already used it and loved it.

As a GSoC 2006 improvement there's a scripting system now available for Nmap. If you want to taste the latest things, try Nmap version 4.21ALPHA4 or the latest SVN snap. The new NSE system will launch Nmap to a higher plane of existence with many advanced usage possibilities.

As a GSoC 2007 participant, I'm assigned to develop scripts for Nmap. This is where I need your help. If you have any feedback please let me know. (If you cannot take the survey for any reason, please be kind enough to leave your feedback at least as a comment here.)

Good Bye Prof. Samaranakaye

Leave a Comment
Here's my message in the electronic condolence book for Prof. V.K. Samaranayake. If anyone still haven't signed it here is the link. Come on people, show the respect he deserves, if this man was not there, most of you wouldn't even be reading this.

"Despite whatever some may say, this is the one who brought the Sri Lankan ICT to this light. Had it not been him and his inspirational presence, a great number of Sri Lankan ICT professionals including me, would not be what we are.

So may this be a tribute to he who spent a well spent live life, proactively shaping the Sri Lankan ICT; Prof. V.K. Samaranayake. Sri Lanka bows down to their ICT pioneer.

Good bye. May you attain the solace you deserve!"

Tuesday, May 29, 2007

Google SoC Launched on Fyodors B'day

Google Summer of Code 2007 which has the most number of Sri Lankan students in the 3 year history of the program, is now officially underway. It started on 28th of May which happened to be the birthday of the popular Open Source developer Fyodor. This reminds me that I haven't posted anything about me being participating GSoC. Well, in fact I am taking part in GSoC 2007, obviously with Nmap :) Sorry, I forget to post that. It has been a very hectic (yes, hectic) few weeks for me (about which I don't feel like writing right now :)

Ok, I know I have to slow down. Well, Google Summer of Code (GSoC or SoC) is a program where Google pays selected students who in turn will work for an Open Source software development project during 3 months of the summer (from end of May to end of August). It draws attention of thousands and thousands of students all over the world. I'm not yet aware if the number of applications received this year, but the number of selected students for this year is 600 according to an unofficial source. I went through the student list and found out that there are 30 (or 29) students from Sri Lanka which is 5%! The official statistics will be available after the program.

Then Nmap is arguably the most popular Open Source security/networking tool around. Nmap was founded by and still lead by Fyodor. To get a picture about the popularity I'll mention this. If you do a Google search for fyodor, the first hit you'll get is about this Fyodor. The very popular writer Fyodor Dostoevsky will come in second to him (who claims he in turn made his handle after Fyodor Dostoevsky :). Anyway, Fyodor of remains one of the most respected and most friendly developers around. So to me, it is a privilege to work with Nmap project.

As some of you may remember I applied last year also, but didn't make it there. However I wasn't discouraged by that. As you can see, I applied again this year for the Nmap Scripting Engine - Script Developer slot, and I made it. So now I'm working on creating an interesting set of plugins to utilize the new NSE system. So if anyone of you has ideas about this, please leave a message or try to contact me. Your ideas are welcome. If you are looking for more details about my GSoC work please refer to my Wiki site at Schtuff.

PS: My Wiki site is now moved to PBwiki.

Sunday, May 20, 2007

Just Another Week

1 comment
Just another week. Not with too many interesting things (except a lot of personal affairs), but some troublesome situations which I can smile at as usual. Well, as usual patchy telephones lines caused Net connectivity blackouts forcing me to stay offline much. This was the centerfold of my week.

There were some notable sports events with mix results from my perspective. Shahid Afridi leading Pakistan to victory against Sri Lanka with his impressive brute force :), wasn't my favorite sports event of the week, naturally. My favorite sports event was Chelsea beating Manchester Unites for the FA Cup yesterday. It was Drogba with support of Lampard, got the goal in the 116 minute of the game (extended time) and won the cup for Chelsea. Not to mention, Chelsea is my favorite Football (Soccer, if you prefer) team. United had already won the FA Cup for 15 times or so where this was Chelsea's 4th time. Chelsea is the winner of this years League Cup too. They also ended up the 2nd in Premier League table this year behind United (but with lesser number of lost games).

For anyone who's not familiar with Chelsea, it's a football club with a long history who has taken the domination in UK football arena lately. I've been following their games (whenever I could) since 2003/2004 Premier League which was roughly the time when it started transforming to the team which it is now. Frank Lampard (vice captain) is their super star player, while others like John Terry (captain), Michael Ballack, Hernan Crespo, Claude Makelele, Didier Drogba, Andriy Shevchenko, Joe Cole, Ashley Cole, Solomon Kalou and Glen Johnson are also popular for their brilliance in the field. If you watched Football World Cup (FIFA World Cup) you'll certainly find most of the names sound familiar.

Nothing much else (to include in a blog post) happened, of course other than me working on some software and ICT related projects (I'm going to put more details in a separate post) and Nadee's mother being hospitalized for some treatment (about which I'll not put anymore details :). Up to now her progress is good, so everyone in the families are happy about that. Her discharge from the hospital is expected on Tuesday.

So my personal front have been somewhat hectic (which got worse by catching flu). That may be excuses for my lower activities in Technology front and on the blog. I've kicked back into action since. So I'll post more about the tech stuff soon. I'm glad to inform that I've got some interesting work to do in Open Source software, on which I'm going to concentrate for the next couple of months (more details on a later post). So as usual, stay tuned :)

Friday, May 04, 2007

Bad Weather even for Ducks!

Leave a Comment
"Bad weather even for ducks" was the term which was used by Arun Dias, who was a presenter at yesterdays ceremony to receive the national Cricket team. He was describing yesterdays bad weather. It was said rain was 121mm during a 3 hour period in Colombo. I didn't think what Arun said was real, not just colourful presenting until I had to reach Colombo from outside today morning using public transportation. What a joy ride it was!

I was out of Colombo and today I had to reach there for some important matter. So I took a bus hoping to get to my destination. It was raining heavily (in fact very heavily) in Colombo. Even before we reached the city limits, we were diverted from the main road to take an alternative route. The reason we learned later was a caved-in on the main road which created a huge crater. So we took the alternative route and joined the traffic jam only to be greeted with frequent lightning. The rest is just history, at least for me :)

For your information I'll post a part of a text message conversation with a friend who asked about what it was like reaching Colombo today. Pardon me for the language here :)

Me: Brush up your swimming skills and prepare your amphibious kit :) It's raining cats & dogs out here.
Thila: You mean I'm screwed if I come there?
Me: If it rains like this.... yes.
Thila: Well, I'm on my way. Guess I'll be screwed then. Nice to know what that feels like :)
Me: :) It's like,... you are knee deep in filthy water, You can't see a damn thing because the heavy rain is beating your face. Traffic is jammed, roads caving in, trees fallen on roads, careless drivers splashing you,.. umbrellas wouldn't hold & you are in a flooded city street, nowhere to go for shelter. Hell, that's not so bad!

Well, that sums up most of the things :) Again pardon me for the language. I was feeling funny (humorous) after traveling 4 hours in wet attire. Anyway it is now known that this bad weather has caused more than irritation. There is a few deaths reported over the country. The most notable two are one lady getting killed by falling and downing in a manhole which wasn't seen because of the flooded road, and another lady getting electrocuted to death due to an electricity leakage into the water.

I usually love rain. But this kind of raining cannot be loved like that unless you are gambling something on it :) I hope the weather will get better soon (weather forecasts aren't too positive though) and life returns back to normal.

PS: By fifth of May disaster management authorities have announced the damage so far by the bad weather is 11 deaths and over 50,000 people displaced all over the country.

Thursday, May 03, 2007

Warm Welcome Home for the National Cricket Team

1 comment
"Before this battle is done, even a god king can bleed"
- quote from "300" the movie

I remembered this quote today when I tried to recall Sri Lankan Cricket teams feat at the World Cup. Some people thought of Aussie team as an invincible unit. Although they have been the most dominant team of all times they surely are beatable. Everyone watching the game felt that, when Kumar Sangakkara and Sanath Jayasuriya were going at Aussies before the officials claimed "mornie utulie" (darkness has come :) Anyway todays post is about the welcome home the Sri Lankan team received today.

"I've taken my bows and my curtain calls
You brought me fame and fortune and everything that goes with it
I thank you all but
It's been no bed of roses - no pleasure cruise
I consider it a challenge before the whole human race and
I ain't gonna lose

And we mean to go on and on and on and on

We are the Champions my friends....
And we'll keep on fighting till the end"
- quote from "We are the Champions" a song by Queen

Today morning the Sri Lnakan Cricket team arrived the island only to be surprised by the reception they would receive. They might not have expected such a warm welcome having reached only the runners up spot in the World Cup 2007.

The team was received with the red carpet at the Katunayake International Airport with traditional "mangul bera" even in the rain. They gave brief interviews to the media at the VIP area. All mentioned the teams gratitude to the Sri Lankan cricket fans for their support and enormous belief in them. They also thanked the cricket fans through out the world (especially from Caribbean, Indian, and other cricketing countries). One special thing to notice during the day was, different media and personnel requesting Sanath to play till the 2011 World Cup, to which he smiled and shook his head disapprovingly (but we hope that he'd stay).

They were scheduled for a grand state honored welcome at the Independence Square in Colombo, but ironically the rain had the final saying again. The ceremony was re-located to the Sri Lankan Cricket head office due to the very heavy raining.

They received welcome from thousands of the public awaiting by the roads from Katunayake to Colombo, despite the pouring rain. The team members (including the coach Tom, assistant coach Trevor, trainer CJ, physio Tommy, manger Michael and others) were seen waving and hand shaking from the bus.

They again received a grand welcome at the ceremony. There the captain Mahela spoke a few words representing the whole team. And several others made speeches. Most notable ones were of the Minister of Sports and the Chief Minister of Western Province. Eventhough everyone want sports kept away from politicians, what they said was agreeable this time :)

CMoWP (as a government representative for the occasion) said that the team achieved something which no president, prime minister or politician could ever achieve; the good name of the country. The team was popular for their sportsmanship, discipline and Sri Lankan style of Cricket in Caribbeans. And the MoS said that we only lacked the cup itself. The country considers our boys the champions, our champions!

Cricket has been the common religion of Sri Lanka and it remains so. Cricket has been the beacon of hope for Sri Lankans who are spending a not so luxurious life. It will remain so until there are people to love the game. May this blog post be a tribute to Sri Lankan Cricket (including the past and present players and fans).

PS: I didn't want to ruin the ending of my post. But I have to admit no Sri Lankan is thankful for the way Arjuna Ranathunga, the former cricket captain (who was the captain of 1996 world cup winning team) acted and commented during the past few weeks. He stated that India was going to win the World Cup. No offense to India (who in fact was a very strong team), but was it the appropriate way for a former captain to send off the national team to the World Cup, especially when they were doing so well? There's an even bad rumor that Arjuna verbally assaulted two of the most promising new players and called the Sri Lankan cricketers "hungers" in an TV show. If this is true it will be so bad even the fact that he lead the world cup victory will not compensate. We all know what guts Arjuna has (just imagine,... calling Aussies premier bowler "over-rated" before a world cup final and go with the bat to prove it), but if these rumors are true...... ?! Some people in SL have gone far enough to claim that Arjuna doesn't like to share the glory. I don't know about these allegations or rumors. So I'll just leave the time to reveal things.

Wednesday, May 02, 2007

Online on Vesak

Leave a Comment
To day despite being the May Day, is also the Vesak full moon poya day, a day with immense importance to the Buddhists all over the world. Think of it as the Buddhist equivalent of X'mas. To day Buddhists celebrated the birth, enlightenment and passing away of lord Buddha, the great one. Anyway, when all the others were out there in the streets and temples, I was right here because I had to try some software very urgently.

I tried Pentaho BI Server and Alfresco CM. Pentaho is the premier Open Source Business Intelligence product while Alfresco is its Content Management counterpart (WebGUI is a very close contender). I have tried Pentaho beforehand, but it was my first experience with Alfresco. Pentaho is a great product. Alfresco seems great, too. But it's too soon to comment on that.

Yesterday I've been playing with Nessus (after updating the plugin set) and Nmap, running them against my new Ethernet router. Results were amazing as usual. Other than that, yesterday was my first experience with so called WebOSes. I heard about Desktoptwo, YouOS and eyeOS. I got to try all except YouOS. It was a good experience and an introduction to a new realm. With all the Ajax buzz going on all around, I'm just beginning to see the possibilities of web applications. Quite a fun ride it was (eyeOS public server had pre-installed Sonic the Hedgehog and Aladdin for users).

Here is a few screenshots to whet your appetite.

This is Desktoptwo running several applications including e mail client, MP3 Player and IM client.

This is eyeOS with an opened window

For anyone interested in more screenshots please visit my Picasa Albums.

Monday, April 30, 2007

World Cup Concludes

Leave a Comment
It's not exactly the way I planned to write this post, but anyway the ICC Cricket World Cup 2007 is officially concluded by now. Congratulations for the world champions for the 3rd consecutive run, Australia.

While my favourite Sri Lanka ended up being the runner-up, they showed the unmistakable signs of another great team on the rise. If you are not down with my words Sri Lankan coach Tom Moody (probably the best coach we ever had) said in an interview that "I think we were only half-a-yard away from winning the World Cup. We were very close, so I think this team is capable of winning the next World Cup. There's no reason why Sri Lanka won't continue its upward curve."

Some people have already started trash talking about the loss of Sri Lanka, but I'd like to take this moment to knock them (on the head) and point what SL team been achieving lately. As for the final, I think the only thing we did seriously wrong was to let loose Adam Gilchrist. It was enough though :) When Sri Lankans came to bat we were not worried since we knew as long as Sanath was in there, he was in charge whatever the opposition was. Everything went fine until rain came pouring down again yet again and took away the rhythm of the game. Then the two most hated Englishmen (Duckworth and Lewis) had their saying. Game was still within our grasp until Chamara Silva was clean bowled by a part-time bowler. Anyway all the boys of our team made us proud throughout the tournament. They were nothing but phenomenal. Newer guys like Chamara and Lasith were outstanding. Despite falling just short, they have proved that they are probably better than the 1996 world champion team. This is just the dawn of the rise of a new Sri Lankan Cricket team.

For a brief history, Australia made it to the finals for the 4th consecutive run. Results: 1996 - lost to Sri Lanka, 1999 - defeated Pakistan, 2003 - defeated India, 2007 - defeated Sri Lanka. They even surpassed the feat of the great West Indies team of Clive Lloyd by becoming world champions for 3 consecutive runs (total of 4 world championships). However this 2007 World Cup itself was the biggest and probably the worst. Hosts and venues were great, but there were things which shouldn't be judged against the Caribbeans. For example the communication fiasco at the final, murder of Bob Woolmer are among other things. When Lasith Malinga got 4 wickets in 4 balls (with 5th ball just missing the stumps in the distance of a strand of hair), a feat that has never been done before in the history of the great game, and almost stole the victory from South Africa (then No.1 ranked team) people in concern didn't feel like this world record setter was the man of the match.

To make things worse a few of the cricketing legends said good bye to the field in this world cup. This includes Brian Lara, Glen McGrath and probably a few more (hope not!). It may be the last world cup for (again desperately hoping not) some living legends like Sanath Jayasuriya, Muttiah Muralitharan and Sachin Tendulkar.

Sri Lankan team is in great guns and doing truly amazing things which leave the world shocked. Recently they've been bettering what we crowned in 1996: playing the Sri Lankan style of Cricket! We refuse to go down just like that and will rise to be the champions in 2011. Veterans like Sanath, Vaas, Murali and Marvan will guide the new breed there. So if any Australian Cricket authority happens to stumble upon this blog post by sheer luck, be warned! Don't say we didn't warn :)

Thursday, April 05, 2007

Before I start ...again

Leave a Comment
I stated in my previous post that I'm going to be back. Anyway, before I start, I think it's better to give a brief description about what happened during the time I was not blogging and what I'm up to.

For the people who were [blank - fill to your satisfaction] enough to read my blog know that I bought "The Lord of the Rings" book trilogy. I am more than happy to announce that it was long ago I devoured the books. And about movie fests, what to say? We passed several movie fests of our own (in fact many, many) until movies became a Saturday night ritual. The movies we watched (quite a lot) deserve a separate post. So look forward to it. Other than that I've watched several TV serials on DVD including Millennium, X - Files, Friends :)

Our little effort to create a live Linux CD for computer forensic purposes didn't succeed, since we gave it up on other priorities. But that effort and several other things took me more and more close to Information and Computer Security. I have developed a strong desire for that area in ICT. In fact I've been following OSSTMM for sometime, and now feel like contributing to it. Other than that I'm paying close attention to what ISECOM is doing. So believe people I'm strongly into InfoSec.

As usual I've been playing with interesting tools. Some people who knows me will remember I've been using Nessus, Nmap, Metasploit and several other tools all along. Actually, I've been writing an article about Nessus called How Nessus Works from February. You can expect it any day after today. It spans around twenty pages in A4 formatted 2.2 Writer document. The document is almost finished and will be posted here once it's done. I'll also put a link to the PDF version. Thanks for the people who's been waiting for it.

I applied for the Google Summer of Code 2007. I applied last year too, but wasn't successful. My this year's GSoC application was for Nmap Scripting Engine - Script Developer. The PDF version of the application can be found in my Google pages. For the people who don't know what's been going on with Nmap, try Nmap 4.21ALPHA4. This version includes a nifty and very useful feature called NSE (Nmap Scripting Engine). It enables one to write scripts which can utilize Nmap in complex and advanced ways. More on Nmap, later :)

As for the year 2007, one of the very interesting things I had was the opportunity to attend a seminar on ISO 27001 ((Information Security Management), ISO 20000 (IT Service Management) and TR 19 (Business Continuity Management). It was a great experience. I was naturally attracted to it since I already had experience with ISO 9001:2000 (Quality Management System).

And the biggest thing till now in 2007 for me was buying a new Notebook computer. It's a Core 2 Duo 2.0 GHz (with 4MB L2 Cache) with 1GB (DDR 2 667MHz) of RAM, dedicated 256MB ATI Mobility Radeon x1600 GPU, 17 inch Widescreen XGA display, 100GB SATA HDD (5400 RPM), DVD Super Multi burner, Intel PRO Wireless 802.11a/b/g, Gigabit Ethernet, 56k integrated modem, 3 USB, 1 IEEE 1394, DVI, S-Video, 4-in-1 memory card reader (SD, MMC, MS, MS-Pro), PCI Express card slot amoung other things. As you can see, it was a big thing for me :)

I'm running a Fedora Core 6 Linux desktop on the machine. It was really cool to see CPU load balancing graph during the time we encoded 2 movies simultaneously using MEncoder (MPlayer's own encoder). With the x264 codec MPlayer/MEncoder can do magic (what a quality!) also. Many thanks to the FFMPEG team, too. And for the people who have no idea what MPlayer is (or who think it's Media Player), MPlayer is the best media player, the true universal player :) (Obviously I'm a big fan).

I also tried a few games in the new machine (wouldn't it be a sin, not to play any games in a machine with such power? :). I tried Doom 3, Quake III Arena, Quake 4, Tomb Raider - Legend, Prince of Persia - The Two Thrones, Unreal Tournament 2003. Anyway I don't have much time to play games, so apart from Linux, I'll be running OpenSolaris soon.

Nothing much to say about my academic things because there weren't much. I was much concentrated on my professional things. Since I have a plan where I'm going, that's what I was doing. Any way professionally, I was getting ready for the RHCE (Red Hat Certified Engineer) hands on lab test (RH 302) which is scheduled on 23rd of April. I've registered for the test and looking forward to it. I found a lot of interesting reading regarding Linux in IBM Developer Works Linux section, especially LPI certification article series.

Other than OSSTMM, RHCE, Nmap, Nessus, I have allocated some time here and there to watch the Cricket World Cup these days, which is getting hotter and hotter by match in the Caribbeans.

So that's what's about me. I'm living happily (with Nadee by my side :) Lot more things are there to say. But I think this is enough for you to get a picture of what I've been doing. So other info, later. Thanks for reading and look for the paper, "How Nessus Works".