24 October, 2014

ownCloud stuck in upgrade?

That's what I saw today after trying to update Notes:

Not cool, that didn't seem to work too well. This can happen with third-party apps. But what to do? Just like with upgrades, you can call in the help of the occ command line tool which comes with ownCloud. Ideally, run it as user of your apache, something like this:
sudo -u wwwrun ./occ
It will give you an overview of what occ can do for you, looking something like this:
ownCloud version 7.0.2

[options] command [arguments]

--help -h Display this help message.
--quiet -q Do not output any message.
--verbose -v|vv|vvv Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug
--version -V Display this application version.
--ansi Force ANSI output.
--no-ansi Disable ANSI output.
--no-interaction -n Do not ask any interactive question.

And a lot more.
From there, you can start an upgrade with:
sudo -u wwwrun ./occ upgrade
which is nice when the ownCloud upgrade process doesn't work. This can happen because php has a time-out set and if the amount of work takes longer than that timeout - it won't finish. Which can happen for example on very big installations, or on very light hardware (raspberry pi!).
But that wasn't my problem - things just got stuck in maintenance mode. And that is one of the options in the list: turn maintenance mode on and off! So I just proceeded (on advice of Arthur here in the office) to turn that off:
sudo -u wwwrun ./occ maintenance:mode --off
Lo and behold, it solved the problem for me.
If it doesn't, there is the maintenance:repair option which might fix the problem for you!

Tip: log rotation

In other news, I discovered that my owncloud.log file (to be found in your data folder) was 5.9 gigabytes big. Yeah, 6318901632 bytes. ownCloud can keep that file in check, but you have to enable that by adding the following to your config.php:
'log_rotate_size' => '100 MiB'
Of course, other values work, too. You can find this and more in config.sample.php, be sure to go over that file to see what you can and perhaps should configure. I personally would welcome any effort to give that file a user interface, or make it easier to reach - even with a text editor built into the admin UI... Although perhaps a more subtle approach of picking what should be visible or not would be better. In any case - anybody up for that?

16 October, 2014

Release party time!

KDE Plasma 5.1

Plasma 5.1 was released yesterday and it is looking real good. I have been running the 'next generation' Linux desktop on my laptop, courtesy of openSUSE packages made out of regular git snapshots. It was surprisingly stable so I have little worries about the stability of the final 5.1 release and I recommend to check it out ;-)

Of course, we should have a Plasma release party! We haven't had release parties in our place for a while (can't believe that the last one is over 2 years ago...), so it's time to do that again.

Check the release party page for details. The short of it:
  • October 18, 19:00-22:00 or so
  • EldenaerStrasse 28a, Berlin, Germany
  • Bring Your Own Devices Drinks (there's a Sp├Ątie (24h convenience store) downstairs). Food is welcome, too.
  • Don't forget to bring your good mood and friends

Further notes:
  • I might do some demoing of what is new in Plasma 5.1, depending on interest.
  • Anybody is welcome, as always, irrespective of color, sex, occupation, shape - heck, even species - you're all super welcome! That means you have to play nice with each other, do I have to say that?
  • If you're afraid of dogs, Popcorn will teach you that you don't have to be. But really, if she freaks you out, we can put her in another room, don't say home out of fear for the hairy monster!
  • Let me know if you're coming - so we have some idea of how crowded our apartment will be!


For the geekos among you: 13.2 is coming SOON and boy, is it chock-full of awesomeness! I'm talking to the Berlin LUG, we will probably do a release party. If possible we'll do it on November 8, so keep that date free for now!

01 October, 2014

Security doesn't discriminate

Yesterday I published a long blog about privacy and why it matters. Unfortunately, as Commit Strip eloquently paints below, privacy almost always gives away to the same old arguments...
That was all too typical in Holder's call to tech companies to leave device back doors open to police. What Holder doesn't seem to get (or care about!) is that a back door doesn't discriminate who gets through. If you leave your door unlocked so the police can get in, do I really have to tell you it also means thieves can come in?

It is no different in 'cyberspace'. There ARE differences between real life and online life - but in this is not one of them. Security Ninja Bruce Schneier pointed out the effect of this reality:
"We are all vulnerable to everyone because the NSA wanted us to be vulnerable to them."
In his blog from 2 weeks ago, he continued:
"We have one infrastructure. We can't choose a world where the US gets to spy and the Chinese don't. We get to choose a world where everyone can spy, or a world where no one can spy. We can be secure from everyone, or vulnerable to anyone. And I'm tired of us choosing surveillance over security."

Me too, Bruce. Me too. And it's even more irritating that the people who are supposed to protect us keep lying about it all.

Later addition

October 3 Vox put the issue in a historical perspective. More details are in this New York Times article from 1994.

I spend some time collecting and commenting on the most interesting quotes:
"Wiretapping is among law enforcement's most cherished weapons. Only 919 Federal, state and local taps were authorized last year, but police agencies consider them essential to fighting crime."
We know things have changed, and not just in the US. In 2011, the Berliner police collected data from 4.2 MILLION mobile phones just to catch ONE group of car thieves... Shows how government surveillance has begun to spin out of control, if you ask me.

"Still, the effect of strong crypto on N.S.A. operations is not difficult to imagine. The agency is charged with signals intelligence, and it is widely assumed that it monitors all the communications between borders and probably much of the traffic within foreign countries. (It is barred from intercepting domestic communications.)"
Thanks to Snowden, we know that they're now heavily intercepting domestic communications. Some things have changed (guardian article on effects of the Snowden leaks) but we have a long way to go. If you want to know more about Snowden - this article on Wired is among the very best.

The article talks about introducing a security chip (Clipper) with a back door for Law enforcement, but correctly asks:
"What sort of nuclear terrorist would choose Clipper?"
"Some people criticize Clipper on the basis that truly sophisticated criminals would never use it, preferring other easily obtained systems that use high-grade cryptography."

"The Government understands the impossibility of eradicating strong crypto. Its objective is instead to prevent unbreakable encryption from becoming rountine. If that happens, even the stupidest criminal would be liberated from the threat of surveillance. But by making Clipper the standard, the Government is betting that only a tiny percentage of users would use other encryption or try to defeat the Clipper."
In other words, this would do the same thing as famously copyright protection on music CD's did: legitmate use (like copying the songs from the album you own to your iPod) was made impossible, but slightly more sophisticated, often professional music sharers had no issues with the 'protection'.

"This seems to be the Government's intent -- to encourage "crypto lite," strong enough to protect communications from casual intruders but not from Government itself."
Making us thus all vulnerable to hackers, foreign governments etc etc. Nothing new under the sun!

A quote from the documentation of PGP gives this same response:
"If privacy is outlawed, only outlaws will have privacy. Intelligence agencies have access to good cryptographic technology. So do the big arms and drug traffickers. So do defense contractors, oil companies, and other corporate giants. But ordinary people and grassroots political organizations mostly have not had access to affordable 'military grade' public-key cryptographic technology."

The Vox article also points out the Washington Post had to correct a op-ed by former FBI official Ronald Hosko who gave a specific example where encryption would have thwarted a law enforcement investigation and cost lives - but turned out to be wrong. Honestly, if the one example the FBI has turns out to be wrong, how much is there to say for their argument? I don't think encryption will do as much harm as they like to claim.

XKCD already comically explained this: the government has many means of getting information from its citizens, and encryption doesn't change that much.

EDIT october 6: I can keep updating this post forever, but I won't - only one more link: Bruce Schneier weighted in, calling it Return of the Crypto Wars - referring to the fight around the Clipper chip I described above.

EDIT 2: Rather than writing a new blog, I thought I'd add another piece here. I've made the point that the pervasive spying doesn't help. Just, for reference, some evidence in the form of a series of attacks where the perpetrators were known but the secret service simply lacked the resources or insight to follow and catch them:

Via a blog from Dutch journalist De Winter

Of course this is still all complaining in the margins, no matter how horrible 'terrorism' is, it isn't a cause for death which is even remotely relevant in comparison to serious threats to people's lives like smoking or car accidents... And indeed, as the word points out: it is about 'terror'. Making people afraid. Not actually killing or harming them - ISIS and friends don't have the resources to do any real harm. They can just scare us into changing our society. Which our politicians are all to happy to do, well supported by the media (see this video).